Plebbit is a selfhosted, opensource, nonprofit social media protocol, this project was created due to wanting to give control of communication and data back to the people.

Plebbit only hosts text. Images from google and other sites can be linked/embedded in posts. This fixes the issue of hosting any nefarious content.

it has no central server, database, HTTP endpoint or DNS - it is pure peer to peer. Unlike federated instances, which are regular websites that can get deplatformed at any time,

ENS domain are used to name communities.

Plebbit currently offers different UIs. Old reddit and new reddit, 4chan, and have a Blog. Plebbit intend to have an app, internet archive, wiki and twitter and Lemmy. Choice is important. The backend/communities are shared across clients.

The code is fully open source on

https://github.com/plebbit

  • sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    English
    arrow-up
    14
    arrow-down
    3
    ·
    13 days ago

    Did they pay devs to build it for them?

    I’m working on a similar project, but I’m 100% bootstrapping it. I’m using Iroh (similar to IPFS, but hopefully faster), and there will just be the one UI until someone makes another. I haven’t done authentication yet, but I might end up using blockchain for that, idk, I need some form of trusted directory.

    I’m going to be looking through this, because it sounds very similar to what I’m working on, and I’d love to just join a project instead of doing all the leg work of getting traction myself. The things I’m particularly interested in are:

    • moderation - I plan to use something like a web of trust, but with transitive trust; you select people you trust, and whether you see something depends on how those users moderated
    • persistence when users go offline - I use a local first approach, so a post is cached locally if you either authored or viewed it, and peers will pull from you if you’re the closest source; caches would need to expire so we don’t blow up everyone’s storage
    • communities operate in a single namespace (so fix the main complexity w/ federation) - you create a community by posting to that namespace, and it gets mixed w/ other users who post to that same namespace

    I’m also interested in building an ActivityPub bridge, so this network can act like an “instance” of sorts and push/pull content from the rest of the Fediverse. This is mostly to seed content in the early days, and I’ll decide whether it’s worth it once everything else works.

    I don’t know if Plebbit does any or all of this, hence the interest. That said, someone spending actual money on it seems a bit… odd, since I don’t see how this could be monetized.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        9
        ·
        13 days ago

        Assuming you’re talking about authentication:

        • public key signatures - users sign every posts and broadcast their username/pub key combo
        • centralized (could be multiple) auth authority - openid, oauth, etc; posts signed by some unique key from that auth service

        I’m deciding if the first is sufficient or if I actually need some form of blockchain to prevent tampering.

        • sem@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          4
          ·
          13 days ago

          Thanks for your thoughts on this.

          I am not sure how Matrix handles keys but it is a real headache for end users. For me at least

          With openid, etc, it’s decentralized compared with centralized and distributed, so you wouldn’t get stuck with one openid provider.

          I don’t know much about any of these so thanks for developing for the rest of us.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            4
            ·
            13 days ago

            Yeah, I’m thinking of having a separate key per device, and there would be a registry that ties them together. Usernames would not be unique, so to tell two users with the same name apart, the app would check the post signature against the keys in the registry.

            This should prevent name squatting, but it would enable pretending to be another user. As long as user names aren’t very important (i.e. it’s closer to Reddit than Twitter/Facebook), this is probably fine and similar to what we have on Lemmy (only unique to your instance).

            If we want to guarantee unique usernames, we would probably need to use a consensus system like blockchain. But blockchain has other drawbacks and I’d really rather not go that route.

            Which one we go with doesn’t really impact my moderation plans, so I’m going with pub keys for now because they’re dead simple. It’s also nice that it’ll keep working if your country disconnects you from the internet, and someone could smuggle in data from outside if you really wanted to.

        • catloaf@lemm.ee
          link
          fedilink
          English
          arrow-up
          3
          arrow-down
          1
          ·
          13 days ago

          The first is sufficient. You only need to see someone’s public key once, then you cache it and can authenticate all future signed messages.

          • sugar_in_your_tea@sh.itjust.works
            link
            fedilink
            English
            arrow-up
            3
            ·
            13 days ago

            I just need to think about potential attack vectors. I think issues can be worked around, but I’ve spent most of my time thinking about how to create something and less about how to protect it from attack.

            But yeah, public key crypto w/o a central database is my first choice, blockchain is my second.

        • Cochise@lemmy.eco.br
          link
          fedilink
          English
          arrow-up
          1
          ·
          12 days ago

          Reading the white paper you find the “serverless” has servers. Each community needs to be always online to serve captchas to posters. The system is federated on community level, instead of instance level, and uses DHT instead of DNS.

        • sem@lemmy.blahaj.zone
          link
          fedilink
          English
          arrow-up
          1
          ·
          12 days ago

          I thought Blockchain was how the protocol knew how to federate, e.g. where to find other users. (?) I don’t really remember how Blockchain works but iirc it is a way to verify trust, e.g. this person really is /u/sem because our shared document says they are.

          I know DNS is an alternative but it kind of sucks. Bluesky is inventing it’s open DiD thing for identity and it is centralized in practice but might be a good system. And I have no idea how it works.

          • jagged_circle@feddit.nl
            link
            fedilink
            English
            arrow-up
            4
            ·
            edit-2
            11 days ago

            Projects with blockchains work like BITtorrent to find peers. That’s why bitcoin was called BITcoin.

            Federation doesn’t require blockchain. Blockchain was created for a very unique solution to storage of digital cash transactions that’s not relevant in almost any other system’s storage.

    • Plebbitor@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      2
      arrow-down
      3
      ·
      12 days ago

      They pay the devs via bounties and meeting milestones.

      We tried iroh but it wasn’t fit for purpose. We have tackled the moderation exactly how you’ve described it. Allowing multiple people to control a community. We’re in the process of implementing it. Our version of this allows people to create multicommunities where it shows similar communities in one sub.

      Activity pub would be interesting but plebbit is so technologically different were not sure it would be technically possible. We forgo the concept of instances entirely allowing Plebbit to work closer to Reddit, where you just search a sub. Global admins don’t exist on Plebbit. Subs can still share ban lists if they wish but its optional

      Plebbit is always looking for new devs, join our telegram group @joinplebbit to discuss with the main dev about joining the project.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        3
        ·
        12 days ago

        Ok, I read through the whitepaper, and it seems it works quite differently to what I’m working on. Main differences:

        • communities
          • plebbit - communities are public keys, and one person controls the private key, which basically makes them the admin (they choose the rules, moderators, etc); not sure why plebbit advertises it as “adminless”
          • mine - communities are topics, nobody controls them, so the concept of “rules” doesn’t exist
        • moderation
          • plebbit - looks like moderators can delete posts, I suppose through rights granted by the community admin (i.e. they trust the moderator’s public key)
          • mine - distributed moderation similar to a Web of Trust, but instead of explicitly trusting users, you build trust by moderating similarly to them; I’ll probably establish a default trust graph (the users and their trust weights) that new users can use, which will probably be based on popular trust graphs and will slowly go away as users participate in moderation; I’ll probably let users tweak the parameters to that trust model as well (i.e. how much weight to give votes vs reports)
        • spam
          • plebbit - captcha system between client and community admin
          • mine - relies on distributed moderation
        • how data is stored
          • plebbit - community owner has all the content for the community, and other peers may have the content as well
          • mine - unlikely for anyone to have all the data for a community, you’ll only cache what’s relevant to you, plus some random additional data depending on space to improve discoverability for your peers; in the beginning, I will have peers that cache all content until I figure out the right mix, but long-term, I intend to have most content live in someone’s cache through statistics, while very unpopular content (spam and whatnot) will disappear from the network

        And other notes:

        Browser users cannot join peer-to-peer networks directly, but they can use an HTTP provider or gateway that relays data for them

        Not exactly, WebRTC exists, so you only need an HTTP provider to initiate the WebRTC connection to peers. Look at WebTorrent for an example. I haven’t yet tackled the web on my own project, but I am building everything web-first (I’m using Tauri for my desktop app), and I intend to have it work on the web when I release.

        proof of balance of a certain cryptocurrency

        This seems odd to me. Why would someone holding an arbitrary amount of cryptocurrency have any bearing on their trustworthiness? Surely a bad actor could just move crypto around and spam as much as they like, no?

        Likewise, payment seems like a bad idea, because that would encourage exclusive groups that share illegal content (drugs, child porn, military secrets, etc).

        It would allow unlimited amounts of subplebbits, users, posts, comments, and votes.

        Aren’t posts, comments, and probably votes limited by the storage space available to the community owner? From what I can tell, they host everything, so once that storage space is full, things will stop working properly. The whitepaper isn’t clear here, so I could be mistaken.

        With my approach, there are no bottlenecks, and you can adjust how much storage you give to the app as you see fit, and the more storage you allocate, the better the experience for you and your peers (diminishing returns). But even if you set your persistent cache to zero, you can still use the service, though you’ll need to make a lot of DHT calls.

        That said, it seems like an interesting system and IMO a step up from Lemmy, because it reduces the cost to self-host (don’t need a copy of all data for every community you use, just the communities you own). I’ll certainly be tracking development, but I don’t currently use Telegram and want to work on my own project for now before getting involved in another project. Once I’ve proven the technical bits and feel comfortable sharing it, I’ll take a call on whether I’ll continue development or join some other project.

        Thanks for the offer, but I’ll stick to watching the project on Github for now, and maybe I’ll play with it a bit in my spare time. If you had a Matrix channel instead, I’d join and at least read through the discussion there.