On the Subject of Feed Identities; I propose the following:

1. Generate a Private/Public ED25519 key pair
   
2. Use this key pair to sign your Twtxt feed
   
3. Use it as your feed’s identity in place of # url = as # key = ...
   

For example:

$ ssh-keygen -f prologic@twtxt.net
$ ssh-keygen -Y sign -n prologic@twtxt.net -f prologic@twtxt.net twtxt.txt

And your feed would looke like:

# nick        = prologic
# key         = SHA256:23OiSfuPC4zT0lVh1Y+XKh+KjP59brhZfxFHIYZkbZs
# sig         = twtxt.txt.sig
# prev        = j6bmlgq twtxt.txt/1
# avatar      = https://twtxt.net/user/prologic/avatar#gdoicerjkh3nynyxnxawwwkearr4qllkoevtwb3req4hojx5z43q
# description = "Problems are Solved by Method" 🇦🇺👨‍💻👨‍🦯🏹♔ 🏓⚯ 👨‍👩‍👧‍👧🛥 -- James Mills (operator of twtxt.net / creator of Yarn.social 🧶)

2024-06-14T18:22:17Z	(#nef6byq) @<bender https://twtxt.net/user/bender/twtxt.txt>  Hehe thanks! 😅 Still gotta sort out some other bugs, but that's tomorrows job 🤞
...

Twt Hash extension would change of course to use a feed’s ED25519 public key fingerprint.

@aelaraji@aelaraji.com My work has this thing called “compressed work”, where you can buy extra time off (as much as 4 additional weeks) per year. It comes out of your pay though, so it’s not exactly a 4-day work week but it could be useful, just haven’t tired it yet as I’m not entirely sure how it’ll affect my net pay

@bender@twtxt.net Yes, they do 🤣 Implicitly, or threading would never work at all 😅 Nor lookups 🤣 They are used as keys. Think of them like a primary key in a database or index. I totally get where you’re coming from, but there are trade-offs with using Message/Thread Ids as opposed to Content Addressing (like we do) and I believe we would just encounter other problems by doing so.

My money is on extending the Twt Subject extension to support more (optional) advanced “subjects”; i.e: indicating you edited a Twt you already published in your feed as @falsifian@www.falsifian.org indicated 👌

Then we have a secondary (bure much rarer) problem of the “identity” of a feed in the first place. Using the URL you fetch the feed from as @lyse@lyse.isobeef.org ’s client tt seems to do or using the # url = metadata field as every other client does (according to the spec) is problematic when you decide to change where you host your feed. In fact the spec says:

Users are advised to not change the first one of their urls. If they move their feed to a new URL, they should add this new URL as a new url field.

See Choosing the Feed URL – This is one of our longest debates and challenges, and I think (_I suspect along with @xuu _) that the right way to solve this is to use public/private key(s) where you actually have a public key fingerprint as your feed’s unique identity that never changes.

@aelaraji@aelaraji.com Join the club! 🤣 How about more days in a weekend?! 😱 Bringon #FourDayWorkWeek !!! 🤣

Where do I download more hours for my days? not having more than 24 hours a day S U C K S !

@prologic@twtxt.net do the existing major clients today perform that verification, or is it simply “hey, there is that thingy let’s use it for reference!”?

@bender@twtxt.net Haha, easy to demonstrate. I’ll start an email thread with myself, then you see if you can join in 🤣

@prologic@twtxt.net about this:

“I think Email Message-Id(s) only ever worked because typically you are exchanging emails with recipients you know and vice versa […]

Absolutely not! Maybe this is something best talked. 😅

We can also make use of comments in the feed to build support for detecting/declaring Twts(s) were edited in a feed that are ignored by clients that don’t understand the comments. By design clients ignore comments anyway, but the parser we build for yarnd (which I’d love to turn into a C library that others can just import) can do some interesting things here. @xuu can probably talk more on this…

I think Email Message-Id(s) only ever worked because typically you are exchanging emails with recipients you know and vice versa. It’s much easier to cope with the problems above, because you just ensure your client preserves the Message-Id. Email is a federated system, but by no means is it “decentralised”. You still have to send your email somewhere, not just post it on a website on your own server like Twtxt 😅

There are some subtitles differences like this that makes Message/Thread Id(s) not really that suitable IMO.

@bender@twtxt.net The problem with the approach Email clients do things is;

• How do you come up with the message/thread id in the first place? I’m pretty sure most clients just use a UUID.
  
• How do you know what you’re replying to if you don’t see the message/thread id in the first place?
  
• How do two different users that don’t know each other, but follow the same feed (say /.) make two independent responses forming a thread? What message/thread id do they use? (see above)

@bender@twtxt.net Sorry, trust was the wrong word. Trust as in, you do not have to check with anything or anyone that the hash is valid. You can verify the hash is valid by recomputing the hash from the content of what it points to, etc.

@prologic@twtxt.net I kind of want to think of twtxts as chalk text written on a board hanging in front of the user’s house. As the user is in full control of their own board, they can erase, and rewrite it as they deem fit.

So, how to reply, and engage with something that can potentially change? I think the email based message-id, and in-reply-to would work best, without the rigid boundary of a hash that’s bound to break on edit.

@prologic@twtxt.net you wrote:

“[…] they can trust that the hash is a cryptographic representing of the thread they’re replying to, no matter what.”

It isn’t about trust, is it? There has to be some kind of check to verify the hash is valid, no?

@falsifian@www.falsifian.org Yes;

I don’t think twtxt hashes are long enough to prevent spoofing.

The current spec needs to be updated to expand the hash length to 11 characters to avoid hash collisions (which will happen at some point with 7, if not already).

The issue isn’t dealing with “spoofing”, it’s about solving how clients in a decentralised model agree on the threading model and identity of a thread. Message ID(s) suffer from the fact that as @movq@www.uninformativ.de points out, clients have to “obey” this unwritten rule, but they’re otherwise just arbitrary. Whereas Twt Hashes (I didn’t come up with the idea originally, some smart fellow in cryptography did) are content addressable, meaning that clients don’t have to agree on anything, they can trust that the hash is a cryptographic representing of the thread they’re replying to, no matter what.

@falsifian@www.falsifian.org I like this idea actually for edits.

@movq@www.uninformativ.de @prologic@twtxt.net Another option would be: when you edit a twt, prefix the new one with (#[old hash]) and some indication that it’s an edited version of the original tweet with that hash. E.g. if the hash used to be abcd123, the new version should start “(#abcd123) (redit)”.

What I like about this is that clients that don’t know this convention will still stick it in the same thread. And I feel it’s in the spirit of the old pre-hash (subject) convention, though that’s before my time.

I guess it may not work when the edited twt itself is a reply, and there are replies to it. Maybe that could be solved by letting twts have more than one (subject) prefix.

But the great thing about the current system is that nobody can spoof message IDs.

I don’t think twtxt hashes are long enough to prevent spoofing.

@movq@www.uninformativ.de Care to share your thoughts here?

I don’t know what happened behind the scenes that killed off twtxt (I have a few guesses, though), but the sad truth is that it’s gone.

@prologic@twtxt.net @lyse@lyse.isobeef.org Yeah, same. They say:

If you post quality content and you’ve developed a loyal audience, you should be able to ask your most passionate followers to support you with a premium subscription.

You already can ask your most passionate followers to support you: You can ask for donations.

I regularly donate to people if their content is great and if they actually ask for donations (many just don’t). The platforms for that already exist, I think. 🤔

I’m not interested in the slightest in stuff that has a paywall. “Subscribe for more content!” No, why, go away. Pages that do this immediately feel shady and not trust-worthy. 🤔

Agreed

@prologic@twtxt.net I simply have absolutely no interest in selling my thoughts to others. I don’t like things behind paywalls. Each to their own, but I’m not gonna contribute to that.

(Let’s not rush things, obviously. Such a change would have to be well thought through and actually be worth it. It’s not like the current state of Yarn/twtxt is completely unusable.)

@lyse@lyse.isobeef.org @prologic@twtxt.net Sorry, I have hardly slept last night. 😅 I probably didn’t chose the best words to describe this. 🥴

Yes, I’m all for dedicated message IDs. That would be a whole new format then. But I would be fine with it.

Honestly, me too. When Yarn originally showed up, I was concerned that it would extend twtxt in dramatically incompatible ways or, worse, change it in a way so that you needed server software. 😅 The latter would have ruined it for me. A major reason why I still use twtxt/Yarn is that it’s still just a file you put somewhere. If there was the need to run a daemon, I’d give up and just use some ActivityPub thingy instead.

What I did not expect, however, was that the original twtxt itself would just … die. There has been no development in the original software anymore and virtually all the original feeds are dead. Some feeds are left, but they’re just used as an alternative to Atom/RSS for some blogs. I don’t know what happened behind the scenes that killed off twtxt (I have a few guesses, though), but the sad truth is that it’s gone.

So, yeah, maybe this gives us the freedom now to break with the original twtxt spec (if needed) and come up with a format that fixes the issues we’re seeing.

(Oh god. Are we re-inventing Usenet then? Again? 😂)

@prologic@twtxt.net https://lyse.isobeef.org/tmp/hashes.png Yep, broken hashes. I just fixed them after refollowing on the new URL (my client doesn’t know metadata fields).

@prologic@twtxt.net Yes, that’s when I noticed. Luckily, I had another knive in my bagpack. But I cannot find the folding one at home either. Damn. I already lost my other knive at the flea market in May this year, now the next one. This sucks.

@bender@twtxt.net A Fred changed its url metadata field 🤣

@prologic@twtxt.net “I’m now 100% certain this is what happened”, what exactly happened?

After unfollowing and refollowing on the new feed URL, I’m now 100% certain this is what happened for @cuaxolotl@sunshinegardens.org 🤣 The real problem is really this:

How do we identify a feed?

It cannot be the URL, because the author could change where they serve it from. This was as “good” as we could get it, but time and time again this has proven to be problematic for, well, a few folks that change their mind, which frankly should be allowed 😅

For supporting edits, I was thinking more along the lines of: If a client edits a Twt already published, it should put the hash of the previous Twt. Something like:

2024-09-05T13:37:40+00:00   (edit:mp6ox4a) Hello world!

To be honest, I don’t really see “editing” as a problem. I see that as a natural behavior of “forking” in the first place, that just forms a. new sub-tree. What’s really problematic here is when a feed author changes the “identity” of their feed and changes the # url = metadata field, which is what I believe @cuaxolotl@sunshinegardens.org has just done, though I’m not 100% certain, I’m like 98% sure haha 😝

@lyse@lyse.isobeef.org Did you check your pocket? 🤣

@movq@www.uninformativ.de It sounds complicated. After reading it only twice, I haven’t gotten it. :-D

Yes, I’m all for dedicated message IDs. That would be a whole new format then. But I would be fine with it. The only thing is that all our clients have to be touched. At the moment, I do not worry about spoofing (however, I definitely should).

Fuck, I lost my pocket knive somewhere.

@movq@www.uninformativ.de Sorry but what’s a partial hash exactly? 🤔

All this hash breakage made me wonder if we should try to introduce “message IDs” after all. 😅

But the great thing about the current system is that nobody can spoof message IDs. 🤔 When you think about it, message IDs in e-mails only work because (almost) everybody plays fair. Nothing stops me from using the same Message-ID header in each and every mail, that would break e-mail threading all the time.

In Yarn, twt hashes are derived from twt content and feed metadata. That is pretty elegant and I’d hate see us lose that property.

If we wanted to allow editing twts, we could do something like this:

2024-09-05T13:37:40+00:00   (~mp6ox4a) Hello world!

Here, mp6ox4a would be a “partial hash”: To get the actual hash of this twt, you’d concatenate the feed’s URL and mp6ox4a and get, say, hlnw5ha. (Pretty similar to the current system.) When people reply to this twt, they would have to do this:

2024-09-05T14:57:14+00:00	(~bpt74ka) (<a href="https://txt.sour.is/search?q=tags:hlnw5ha">#hlnw5ha</a>) Yes, hello!

That second twt has a partial hash of bpt74ka and is a reply to the full hash hlnw5ha. The author of the “Hello world!” twt could then edit their twt and change it to 2024-09-05T13:37:40+00:00 (~mp6ox4a) Hello friends! or whatever. Threading wouldn’t break.

Would this be worth it? It’s certainly not backwards-compatible. 😂

@cuaxolotl@sunshinegardens.org Did you recently change the url metdata key of your feed?

# url = https://sunshinegardens.org/~xj9/twtxt/tw.txt

Was this at one point # url = https://sunshinegardens.org/users/xj9/twtxt/tw.txt?

@lyse@lyse.isobeef.org Please for the love of god, elaborate 😅

@lyse@lyse.isobeef.org da fuq?! same here, what did you just reply to?! 🤔

@lyse@lyse.isobeef.org da hell are you replying to?! 🤣

Offline backups currently cost me around ~$2.00 AUD per month.

Spent the day performing backups (hadn’t done it in a while 😱) and wrote a full backup definition internal document that defines my backup process, scope, security, frequency, backup locations, capacity and backup and restoration procedures. Very happy with the doc and the updated (now fully documented) plan and scheduled backup frequency (once per month, which I’ll put into my calendar as it’s done by hand for now, with tools). So far backing up ~410GB out of a possible ~12.8TB worth of data in two locations – I deliberately don’t backup everything as much of the data can be re-created (music, videos, tv shows, etc). #Backups #Data

@cuaxolotl@sunshinegardens.org Yes, that’s how it works. It never occurred to me that I just start changing things without a plan first.

@cuaxolotl@sunshinegardens.org Hahahaha! :-D

@prologic@twtxt.net Not my cup of tea.

I’ll share my opinion on this later 🤣

What do we think about this? 😅

Swa this pop up in my Github news feed today 🤔

Which links to https://github.com/musingstudio/go-subclub

A Go (golang) library for interacting with the sub.club API.

So I got curious and had a peek 👀

Let’s fund the Fediverse

Posting or hosting on the open social networks no longer means you have to do it for free. Developer Preview now available.

And further down:

Monetize your feeds

If you post quality content and you’ve developed a loyal audience, you should be able to ask your most passionate followers to support you with a premium subscription.

That’s a promise not available on the Fediverse …until now.

Hmmm 🤔

@slashdot@feeds.twtxt.net I can only see a mass exodus of uses fleeing telegram as the service becomes less secure or less privacy focused and basically more shit.

@quark@ferengi.one cheers 🍻

it might have made sense in the days of hose and buggy and smoke signals to centralise everything, but these days we have a globalized interconnected society with fast transport and communications. There is no reason for this model anymore 🤣