I have this weird idea for a distributed and private Mastodon instance:

- the instance would be Tor-only
- anybody* could help host an instance they like by installing and running some software (let's say a "node")
- the nodes would connect with each other and coordinate which one should do what (storage, database, http, etc)
- by using OnionBalance one can split the traffic among all the "http" instances

*not really "anybody" because this would make it trivial to take down the instance

but if we change the trust model to a federation with a strong "leader", then it basically becomes pretty similar to what we have here today, with the added benefit that the admin doesn't have to carry all the costs of running the instance

if the traffic is sufficiently spread around, then it could potentially become feasible to host the entire instance outside of the cloud, avoiding any kind of "deplatforming"

@afilini pretty sure a kind of ddos protection is needed. Perhaps a lightning network integration?

@ikmertz it looks like tor has some nice dos protections built in, especially for v3 hidden services. ideally i'd try to use those instead of relying on external providers

@afilini @ikmertz not yet. They have improved performance but DoS protection such as anononymous tokens and PoW will come in the future

@gugou_daktulios @ikmertz are you referring to dos attacks towards the whole tor network or individual onion endpoints?

i'm not too familiar with those stuff, but i read the tor manpage and it had a few interesting options to limit bandwidth burts to prevent dos attacks.

plus, there's a way to kill circuits that spams too much, and considering that building a circuit is fairly expensive, this would limit the capacity of an attacker to take down an hidden service

@afilini @ikmertz individual hidden services. I guess those things can help, especially against unmotivated attackers, but they are not prevending DoS entirely. I am not entirely familiar with that world, but recently Dread admin threaten to boot from Dream all dark markets which will be discovered DoSing each other (as he/she was in the known that multiple markets where paying attackers to do that). So yes, it still a problem.

@Seccour that could help for some stuff, but it would mainly distribute just the http part, not all the other components of a mastodon instance (storage, background processing, etc)

still very interesting, i'll take it into account as well

@afilini Really only issue I can think of would be changing the dynamic of trusting privacy of DMs from one entity to multiple, but that's already kind of a problem cross-instance anyway and a general weakness of Mastodon.

@kekcoin @shinobimonkey yeah that's true, but again people should just avoid non-e2e dms anyway, regardless of how/how many people run the instance

@afilini @shinobimonkey Eh. It's just another visibility setting to your posts. As long as you take the limitations into account they are a reasonably fine tool (though, admittedly, their presentation is likely to give the wrong idea).

@afilini how about a message board client that reads/writes to IPFS? Someone has a project like this called "boards":

@rusticbison i'm not a huge fan of ipfs myself because it doesn't really replicate data unless many people download a specific file. i guess it would work, but I'd try with something else first if possible

@afilini from a UX standpoint IPFS is also really slow and often unreliable. Maybe webasm w/ local storage in the browser is better, especially if you don't try to persist content forever.

@afilini bitcoinhackers has nothing to do with what you are talking about. NVK said he’d do it. And if he needed money there are plenty of us who would fund it with him. No reason to try to make this political. Really uncalled for.

@hanakookie it's not political in any way. i'm just saying that hosting a large instance at home is not practical, while instead if you manage to split it up it can become feasible and increase the censorship resistance quite a lot

@afilini we understand censorship resistance. NVK took upon himself to do this. We have offered to compensate him. He said no or not now. I get your point but this isn’t intended to be an endeavor for grand pursuit. Calling concern is no better than saying it’s useless. Just chill and let it be. Be civil and respect those who are here.

@hanakookie i still think it's very important to point out potential attack vectors and try to, at least, theorize better alternatives.

i don't want to replace and/or compete with this instance, i'm just trying to think about how we could do better in the future if censorship from isps or cloud providers gets worse

@afilini do better. We practically just made this up 2 yrs ago just because. Pretty good is better than the shitcoin shill fest on twitter, Reddit and all the other places. It’s not that big of a deal really. If it was then 2 yrs ago we would have done it already. And if you want to create another instance so be it. I’ll be there if you like.

@afilini Could you tell me in which way this would be better than, say, all of those anybody*s just running their own instance?

@kekcoin I'd say for starters possibility of redundantly saving all the data for a single virtual "instance." Rather than having users/history black holed and vanish if one goes down.

@shinobimonkey @kekcoin anybody running its own instance would be ideal, but that's kind of unrealistic i'd say.

really what I'm trying to achieve is a way to distribute people who don't run their own instance across multiple smaller instances run by volunteers, making sure that none of them grows to the point where it can't be easily hosted "at home" anymore.

even better if those smaller instances can "look like one" (for the network effect), plus the benefits from replicated data

@afilini I just started work on something similar, calling them replicants, of the same instance, and they'd be synced

@jakub that's awesome, but it still doesn't solve the problem that hosting a large instance at home might not be that easy. i was thinking about *somehow* splitting up the instance mainly for that reason, to stop relying on cloud providers

@afilini Sounds like something a Start9 Labs Embassy could include.

@afilini does it make sense that users host their own data and perhaps "watch towers" that coordinate the threads. There's all sorts of costs associated with running a network as such, and self hostage would alliviate that. But then again imagining it like this sounds like it would be a complete mess of disappearing data.

@livestradamus yeah i guess people ideally should try to host their own instance if they can and/or care about privacy.

thinking about it, i guess what i'd like to achieve can be summarized to "a way to distribute people that are not running an instance to a set of small instances".

even better if this "set of small instances" is actually one big instance distributed on multiple devices.

@afilini Interesting idea - sort of a distributed RAID. Sounds very difficult to coordinate in practice though - is this not quite similar to what some of the shitcoins supposedly wanted to do(è.g. filecoin/golem)

@btcede yeah, but i guess the complexity can be reduced quite a bit if there's a trusted coordinator.

the goal here is not really to have an instance with no admins, more like to make a single instance more resistant to censorship from ISPs and cloud providers

@pete nope, first time i've heard of it. sounds very cool!!

@pete @afilini It was very nonperformant last time I played with it.

@pete @afilini Patchwork on desktop. Every time I wanted to see what's up in the neighbourhood my laptop started huffing and puffing like it was trying to crunch through the post-segwit blockchain.

@kekcoin @afilini Ah, so specifically high cpu usage? I could believe that: Scuttlebutt is blockchain based, er, hashed linked list based. :)

@pete @afilini Also lot of "this content is missing because it is outside of your network" notices in place of replies, seeing replies to nonexistent threads (without option to request them from the network), etc.

This place also doesn't show/know about everything, but at least if you want to get a full(er) view of a thread or profile you can view it on its "native" instance.

@kekcoin @afilini yup. That issue can be reduced if you are connected to more distribution servers. But overall I think for public social networking they could do better with having mastodon like URL lookups as a backup to their P2P scheme.

@pete @afilini That, or a combination approach of automatically connecting to servers that do have whatever content that can't be displayed, and lazyloading to take away the delay between starting up the application and being able to start browsing content. Load the stuff that I follow or tags I have favorited or whatever first, populate the reply threads second and then (optionally) load more content for me to discover.

Sign in to participate in the conversation
Bitcoin Mastodon

Bitcoin Maston Instance