Technical details and the installer are in the GitHub repo https://github.com/bluesky-social/pds

And we're on Discord available to help: https://discord.com/invite/UWS6FFdhMe

Edit: now it has one! Thanks!

[0] https://www.npmjs.com/package/@atproto/pds

[1]https://www.emilydamstra.com/please-enough-dead-butterflies/

[2]https://news.ycombinator.com/item?id=14460013

[3]https://bsky.social/about/blog/12-21-2023-butterfly

I didn't know this (as most of us I'd guess). It was an interesting read though, thanks.

Are you joking? This is private enterprise we're talking about. We'll all die before this company or anything similar is built on "scientific rigor" unless it directly relates to their profit margins.

The on-demand TLS certificates with an "ask" endpoint is especially useful for the PDS use-case. Because there's generally a wildcard DNS name that is used to give each new user a domain handle (@alice.example.com) but we don't want to be vulnerable to a TLS certificate DoS/rate limit situation.

Love the fresh federated model btw!

And it's probably not niche if dozens of users are posting about it for years.

https://news.ycombinator.com./

If you want a link to a page with a link like this you can click on the github issue I referenced in my original comment as there are links there like that.

If you want a more natural page that is less meta with such a link

https://jameswillia.ms/posts/shortest-urls.html

>Also, the term ‘FQDN’ does not always imply the dot at the end?

Yes, but if there is not a . at the end then there is ambiguity of if it is a FQDN or not.

Does the AT Protocol only optimize for Twitter-like flows, or does it allow for other types of social applications to be built like Activitypub? For example a reddit-like social media.

Part of the change today is that the PDS and Relay[1] now support non-app.bsky record types. This is quite new, so there could be issues, but we're prepared to fix any issues that crop up.

1. https://bsky.social/about/blog/5-5-2023-federation-architect...

Would it be possible to use it for macroblogging, i.e. long posts with markdown markup, embedded images, etc? If so is there a python library tghat implements atproto?

Another really neat aspect of atproto, is that apps can interact theoretically. So you might create a blog system but use "app.bsky" (Bluesky) for comments.

OAuth support is coming soon as well, which is a big step in simplifying auth.

Yes, it's totally up to a PDS operator to decide how they create user accounts. It's also not required on the Bluesky PDS service any longer, in most cases.

By default the self-hosted PDS requires an invite code, to prevent random people from creating an account. Later other options will exist, including OAuth support which is coming soon.

> It's also not required on the Bluesky service any longer, in most cases.

That's also nice to hear - when last time I tried to register an account (shortly after the free registration launch) the phone number field in the registration form was marked as required, if I am not mistaken.

Why are Fediverse people only angry about it now? It's an open protocol. If you want privacy, don't publish something for the entire world to see. That's just basic common sense. At the very least, use Mastodon's privacy controls. The Fediverse is not special here, it doesn't get to destroy the open Web for everyone else.

As for the fediverse destroying the open web for everyone else, I think you’re hyperboling quite a bit, the fediverse has done mountains to make social media more open, probably more than everyone else.

Though I think "voicing concerns" is a bit of an understatement. I feel really bad for the developer of Bridgy Fed, working on their passion project and just getting caught up in all this heat and harassment.

And someone else will just go build an opt-out (or maybe even no opt-out!) bridge.

And again, it wasn't about Bluesky in particular. If Google announced that they were going to ingest all Mastodon content and post it in a new Google Groups kind of thing, they'd be pretty understandably upset about that, too.

In general, "if I wanted my stuff on Bluesky, I would have put it there". It wasn't the bridge creator's decision to make.

In general, "I want my stuff on Bluesky but don't want to deal with cross-posting to multiple different platforms and keeping up with responses on all of them"

And, "I want my stuff on whatever platform people want to read it on without having to individually approve each one" (which is quite literally the entire point of public posts on Mastodon).

OH - and it wasn't the bridge creator's decision anyway; it was the decision of people on Bluesky to follow you that would trigger your posts to be federated, so...

Similarly, I don't want my blog posts used to train LLMs. I know they're likely to be since they're published right there on the Internet for anyone to see and read. But my intent was for other humans to see and read them, not for someone to feed them into a regurgitator. There aren't technical means that let me allow humans to read my stuff without allowing LLMs to ingest it, and someone could make the (bad) case that if I didn't want my work to be used to train an LLM, I shouldn't have made it public. Maybe. However, I reserve the right to think someone's an ass for doing it.

Well, no technical hurdles kept the person from copying data out of the network people meant to post it to. It's probably not illegal. It's not a nice thing to do, though.

Except literally the entire design is for other Mastodon servers to bulk copy it en masse to somewhere else.

> There aren't technical means that let me allow humans to read my stuff without allowing LLMs to ingest it

Yes there are. Don't make it public.

> However, I reserve the right to think someone's an ass for doing it.

Of course! You can think anyone is an ass. You can think anything you want. That doesn't mean that person did anything wrong.

How about "If I wanted my stuff on the your Mastodon server, I would have put it there"?

"If I wanted my Mastodon content on your RSS feed, I would have put it there".

How about "If I wanted my stuff on the Internet, a publicly available internet, I would have put it there".

This tribalism around network/brands/protocols is beyond stupid. The thing that is killing Twitter is its closedness and the assumption that the means of communication is what matters. It's not. Let open protocols be open.

If people want privacy, then they should use a secure communication protocol and not a social media network.

Mastodon is an odd sort of network, there's more blocking than I expected and it somehow seems as if blocking is an intrinsic part of the design. In Mastodon, blocking looks like a choice one makes for whatever reasons, not an unloved measure needed for fighting abuse.

As if the design doesn't tell users "you can follow people in the fediverse" but rather "your ability to follow people in the fediverse is limited by you and three other parties and the software isn't among the three".

So… if the mastodonish idea of consent doesn't extend to all of the fediverse, what makes bluesky different from some unvetted mastodon site run by weird people? If the poster's/follower's/would-be follower's consent isn't taken for granted in one case and isn't taken for granted in the other, what makes the two cases different? There obviously is a technical difference, but what is the difference wrt. consent?

I thought that was the point of activitypub.

The whole point of a fediverse is it's a federation. Therefore there is implied consent to copying from one instance to another.

> but the intent of posting to Mastodon isn't to have it show up automatically on another network

Mastodon isn't a network, the network is the fediverse. Mastodon is some software that runs on the network.

exactly like they did with usenet without any issue?

To make it clear, for people who don't know:

Google Groups was originally Dejanews, which was a web based archive and front end to Usenet. Google started searching Usenet, but didn't have historical archives so they bought Dejanews.

Obviously no one who posted on Usenet got paid under this transaction.

It's like if Google bought a Mastadon archive off someone now: this argument seems to indicate that would be better somehow than Google archiving Mastadon posts themselves.

I don't understand why at all?

I'd imagine this use case is quite common for self hosters. If it can't operate alongside an existing, say, nginx on this port, are there recommended alternate practices?

I'm excited at separating identity from hosting, of which self hosting identity gets us closer.

There is a Docker compose file in the repo, and advanced users shouldn't have any problems running the code on another distribution or even without Docker if they prefer.

Advanced users can just view the installer script as documentation.

Very cool to see this available though, I might have to try it out later this week!

There's an (incomplete) list here: https://docs.bsky.app/showcase

And the protocol is documented here: https://atproto.com

My question was motivated by the fact that from the outside the AT proto ecosystem looks pretty monocultural, and personally I don't trust that. :)

Any chance the team could create a Home Assistant add-on for this? https://www.home-assistant.io/addons/

I think the Home Assistant community would go WILD for being able to self-host their Bluesky data straight from home with just a few clicks.

It's a pretty big crowd of people. https://analytics.home-assistant.io/ 327k willing to opt-in to analytics.

I know if there's one thing I'm eager to do it's to host even more stuff in that clunky piece of shit that has half a dozen main menu items for nonsense and buries everything of interest or value under "Settings"

It's wasteful to get an entire second machine for something that can use the resources available on the machine running Home Assistant OS

I use BSD, and all I see is a installer for Debian/Ubuntu.

No guide in sight for bare metal nor telling you what services/software are required.

I think the reason my friends did not join Bluesky despite me inviting them is that it just isn't as good of a product as Twitter. You can't post videos or DM.

I am not a tech executive and have no idea about corporate strategy, but it seems like Bluesky should focus less on technical differentiators and more on building killer features that have mass appeal and a community that people want to join.

IMHO this milestone, while cool, means absolutely nothing to people outside of the hacker news crowd.

I'm rooting for Bluesky, but it seems to me it will die without a critical mass of users.

Again, I'm kinda dumb, so this may all be wrong.

Calling it 'The Problem' like climate change or the national debt gives it too much power. Just use something else. People use group chats for real relationships now anyway.

So in practice you have to make choices, or you'll end up running the new 4chan and being sad about your life. As happened to the guy who ran the old 4chan: https://www.rollingstone.com/culture/culture-features/4chans...

The ideal, platonic version of this would be that moderators only see an "identity scrambled" version of each tweet/post when they make their moderation decision. Like a screen that blinds orchestra musicians when they audition, the human would see a statement like "I hate New Yorkers" and not know if the original message said "I hate New Yorkers" or "I hate Floridians." So they would have to make a decision based on the general principle of whether a statement of this form is allowable.

Anywhere you want to draw the line is fine with me, as long as you draw it consistently.

Take the use of reclaimed slurs, for example. When used against the discriminated group by a dominant group, their intention is often to cause harm. When used within the group, the intention is to reappropriate the term: https://en.wikipedia.org/wiki/Reappropriation

Similarly, harassers will use terms in ways that are plausibly read different ways depending on who they're talking to. So something that might sound innocuous or just odd when directed at me will be correctly read as a racist attack when directed at somebody else.

And that's not even counting when they'll just come up with new terms so they can be awful in ways that are novel enough that automated filters or out-of-date moderators won't catch. E.g.: https://www.vice.com/en/article/bv88a5/white-supremacists-ha...

In short, because there's a great deal of identity-based hate in the world, identity-blind moderation ends up being an aid to the identity haters out there.

That this moderation strategy would prevent the use of all slurs (even reappropriated ones) sounds like a feature to me, not a bug.

You're proposing erring on the side of censorship to avoid some gray areas. While this is a reasonable position, it doesn't satisfy some ideal of neutrality and won't really avoid the gray areas, and so still would require subjective judgement.

Congrats on launching! Excited to see what y'all do next.

We're thinking about Bluesky as both a product and a protocol (informing each other's design), and you're 100% right that for the end user, the product itself is what matters. Because we've taken on the decentralization constraint, we take longer to "catch up" to features that centralized platforms tend to have from the start, but it's definitely going to be a major area of focus for us going forward. (Ofc Mastodon isn't centralized, but note that it's had a few years of head start on feature development. We'll get there.)

For a decentralized protocol doing things right is much more important than doing things fast, it is very difficult (and in a lot of cases impossible) to break backwards compatibility.

If Signal releases a malicious update (and they don't provide reproducible builds), it is very much possible for you to know about it, as everything is on your device. Even if the binaries are different from the source code, decompilers, analyzing network traffic, etc. gives the community a good chance at catching malicious updates. Mastodon admins can simply pull up your plaintext DMs on their servers and no one will ever know.

If the protocol is not open, you have to rely in the clients provided by the vendor, and you can slip a backdoor throigh easily.

When did you last audit your Signal client? Where is “the commjnity” organizing this effort and publishing the results?

Debian shipped an entropy lowering in house patch despite the “many eyeballs” fos years (for OpenSSL). Don’t lure yourself into false feeling of security bevause of the “community” might be doing something. Only count on defenses surely in place, with traceable operation and output history, with responsibles who are allocated resources for the work and having stakes at its outcomes.

Well then I guess it's pointless because it doesn't accomplish that.

(The actual point, FYI, is that you don't have to trust all of: them, their hosting providers, your ISP, the ISPs between, the government, and their mom.)

> it is very much possible for you to know about it

"Possible" != "done"

> analyzing network traffic

How are you gonna do that? Surely if they wanted to sniff it would still just look like any other encrypted data

> gives the community a good chance at catching malicious updates

Sure, when the same application is used by everyone, which is not true in either the Mastodon world or the new Bluesky-small-instances world

And the linked privacy policy goes into further detail (at least on my instance, mstdn.io):

> Please keep in mind that the _operators of the server and any receiving server may view such messages_, and that recipients may screenshot, copy or otherwise re-share them. Do not share any sensitive information over Mastodon.

Overall, I think it's safe for most chit-chat, and for anything more serious you can add link to Matrix or your email and PGP key in your profile.

As a sidenote, I'd also like to point out that a lot of serious communication nowadays still happens over unencrypted email. You can consider it whataboutism, but it's still worth remembering IMO. (And of course, like others pointed out, DMs on Twitter aren't encrypted, too, so it's the status quo here.)

As it is, og-embeds do work for video and audio from a few different providers.

A size limit affects both equally.

> even relatively good ones like Cloudflare have particular payment shenanigans around video

That's only for the web service. Workers and R2 let you do video just fine. And small videos don't need any fancy logic, just toss them over http.

> Size uploads could help in that situation, but it's a bandaid on a bullet wound when the video still gets played a million times, y'know?

No, I legitimately don't know. Why is it different from an image that gets a million views?

It's not a good way to do it, though, and it's worse for Bluesky because it implies that in order to move your PDS (one of the best features of the design), you'd have to pick up the freight for video that already exists. If PDS mobility is important, attaching large economic strings to that is a big disincentive.

Never going to be taken seriously by the public.

If you want to be Twitter, you'll end up being Twitter. We already have one of those, it sucks, and we don't need another one.

Social networks go to crap above a certain scale. If everyone can see your posts, you'll write posts to be seen by everyone. Which, as it turns out, ends up benefiting no one. The magic comes when there is a community, where you give a shit about the people you're sending messages to, and they give a shit about you. If the community is too small, then nobody bothers with it and it dies. If the community is too large, then it ends up being old men screaming at clouds, and (see above) we already have one of those. So a platform that is good enough to use, but limits the number of disaffected members, is the only thing worth creating.

If something I'm saying requires a video, then I can always link to one. If something someone else is saying requires a video, and it requires the video to be immediately visible while I'm reading whatever they're saying, then there's a good chance I'm better off not seeing it anyway, even if I think I want to.

(Ironically, in this post I am an old man screaming at clouds...)

GIF support: https://github.com/bluesky-social/social-app/issues/1047

Audio/video support: https://github.com/bluesky-social/social-app/issues/1052

Still though, I get like Matt Gaetz' tweets recommended to me. Does anyone like that dude? How is this happening? Why on earth would I want that? I feel like all this conservative stuff is surfaced by the application to me.

[Proof](https://ibb.co/ypHS8fN)

I got notifications, on my dang phone, for the dumbest fucking takes. I don't get them for liberal people. Possible I am just in the demographic of people they think would swing conservative so they target me.

It’s absolutely conservative cesspool. Nazis can are literally posting 14 words propaganda all day long and there are no consequences.

In the face of current events though, that can be overlooked as it is not a narrative that serves western interest.

But to give an anecdote about an alternative, I rarely see any bigotry on Mastodon. Instances which allow that or don't moderate it correctly get block listed by instances I like. These instances may defederate into their own bubble in which they can still exist but cause no harm to the general timeline. Yet everyone still remains the freedom to express themselves. I like this because it's just a natural way of how to solve this problem for the end user.

If anything, my experience of Bluesky has been the inoffensive vapid thought leadering of peak Twitter alongside the playful air-headed liberal self-help that is also fairly reminiscent of peak Twitter. In one word: bland. Being able to paint over the offensive things like nazis and porn by sweeping them under your personal rug rather than blocking or banning them only adds to this impression for me.

Twitter, your breath of fresh air, on the other hand is overrun by ChatGPT spam bots and shovelware drop shipping ads worse than the crypto "giveaway" scams and paid tweets of the immediate pre-Musk days and every even moderately left-leaning political tweet is filled with replies describing the violent acts they want to do to that person in excessive detail by accounts that openly post literal neo-nazi propaganda videos of Adolf Hitler denouncing "degenerate art" as a Jewish plot to weaken the German volk and national spirit and going "I don't agree with everything he did but he had a point". Political discussions about the Middle East in turn are split evenly between right wing calls for genocide of all adults and children in Palestine and right wing defenses of Palestinians for being victims of the international Jewish conspiracy to exterminate the white race through mixed breeding with brown refugees.

We used to always call Twitter "the bad place", "hellsite" or "cesspool" before Musk but it certainly deserves those names now more than ever, arguably rivaling 4chan in its political takes although the depictions of gore are mostly limited to uncensored war footage and the porn is decidedly more tame.

The reason Twitter is called a "right-wing cesspool" is not because it's full of right-wing people (that would just make it a "pool"), it's because of the vicious explicit threats of violence and celebration of human suffering propagated by those people. For all its faults, the bland libs on Bluesky don't do much of that.

Granted, my experience of Twitter might be tainted by the fact most people I used to follow in the old days have either left or are no longer active and any time I visit the algorithmic timeline hits me at full blast. And a lot of the edgier posts (not replies) by right wing folks the avalanche of drama RTs throw my way are clearly created to farm engagement in the hope of striking it big if the bluecheck authors make the payout lottery.

The same is true about most so-called "left-wing" journalism. Some journalists may be true believers but the platforms exist to make money, not to be any threat to the systems those ideologies explicitly oppose.

Heck, this even goes for political parties like the Democrats: the Texas governor literally rejected the authority of the federal government and legislative system by deploying his military at the border and the Democrat president's response was to propose a bill that would have created a legal avenue for what the treasonous governor was trying to make happen. Decorum is used as an excuse to keep intentionally ceding ground to the supposed political enemy.

You'll want to read:

* "Composable Moderation," this is the core conceptual idea: https://bsky.social/about/blog/4-13-2023-moderation

* "Moderation in a Public Commons," which describes specific features that were added in pursuit of the previously-described goal https://bsky.social/about/blog/6-23-2023-moderation-proposal...

* "Bluesky 2023 Moderation Report," which discusses specifically how (what is now) the main instance was moderated last year https://bsky.social/about/blog/01-16-2024-moderation-2023

EU is moving towards requiring all social media obey EU laws, under loose notion that their laws is the least restrictive and most reasonable. No one is, and the sum of all ethical standards on Earth is not going to be something very popular, so that's nonsense. OTOH, it's perfectly reasonable that content served at scale in a region will have to be lawful; "this content you want removed is lawful in MY country" is sort of nonsense too. So moderation decoupling and, ahem, moderation localization is going to be necessary for social media. I suppose that's where they're going.

The problem with censorship isn't the enforcement of rules. The problem with censorship is the enforcement of rules the individual that has to enforce them doesn't agree with. Free speech absolutism on social media is often argued for with appeals to "the town square" but the difference between social media and an actual town square is that if you make a complete ass out of yourself in an actual town square, eventually someone will punch you.

Post 18th century world started with peasants beheading kings and gutting his body into pieces so no single individual shall have any meaningful parts of it. The fact that kings had the power to throw anyone out of "his" club, deemed no longer his simply by volume of peasants within, at his king's discretion without the newly established ultrabureaucratic people's approval processes, was the problem they had enough of.

I'm not even sure in which part in the history of humanity your definition of free speech and censorship problems could come from. I don't think even ancient Roman Senate honored that kind of view as I've never heard they held sessions with bags of stones around. That isn't an anarchist view either, since it will lead to their minority views alone justify such "consequences".

Just wtf?

I am not sure if it will succeed or fail, but I am interested to see how it plays out.

I don't believe I subscribe to any blocklists on BlueSky. If I end up doing so, it is much more likely to be one run by someone I trust than by a company. Having the option of either seems worthwhile to me.

I'm not sure this follows. There is a similarity to the reddit model of moderation. The host provides some base amount of moderation but supplemental moderation comes from members of the community. In the Bluesky model, a 'subreddit' is analagous to an indexer/aggregator (aka Relay/AppView) that provides a moderated and/or weighted feed of content. The same incentives for volunteer mods on Reddit will exist for volunteer mods on Bluesky.

My understanding is that each host has control over what they host and can subscribe to third party content filtering services to help do so.

Then various indexes/aggregators (potentially third party) crawl hosts and provide services to find content. This is where voting or toxicity checks can be applied to manipulate reach.

This content is also tag-able via third party services (and may be used by indexes/aggregators).

The user is then able to select/configure indexes/aggregators and filter based on tags.

ActivityPub (AP) felt a bit like "good enough to get something done", which is amazing on one hand - people can do a lot with it. But it also means some harder problems are totally ignored[2], so the landscape between instances felt rocky to me. I also heavily disliked how federation worked in AP, ie how the protocol felt like it favored centralized instances because small instances were less likely to be pinged, were lower priority, in general was very spammy, etc. Not that the AP proto did anything to cause that.. it just didn't do anything to address it in my view, it was just data.

Does AT fix my concerns over AP? No idea. But i appreciate a proto that had a bit more time in the oven and being used to (maybe) solve the harder problems that i experienced with AP.

[1]: https://arxiv.org/abs/2402.03239 [2]: These are only my opinions from a very brief stint in trying to write an AP client to federate with Mastodon, Lemmy and Kbin. I did not dive deep into AP, so please don't judge it from my experience.

Oh, so it's just hype.

For clarity: I'd love to see this comment and say "I was wrong" 5 or 10 years later.

You get something good system by sharing power, not by once again falling for "trust us bro." You get it by understanding power imbalances and avoiding them the same way my dog avoids objects with large amounts of potential energy, because they're predictably dangerous.

Sometimes I'm spot on, sometimes I stand corrected. The problem is, as time goes, your free time reserve starts to decline. You optimize things, consolidate services, etc., and these kind of migrations start to take tons of time.

Because of this, I gave "big web" up and moved to "small web", and always have plans to evacuate any service in a moment's notice.

It's like being a doomsday-preparer from a point, but at least I have backups and backup plans for everything.

Whether that works, we'll see. I for one just gave up social media about 8 years ago and, while feeling like I'm missing something flares up from time to time, it's nothing like the disaster my online life was before I gave it up. It wasn't a problem of missing federation or not being centralized. It was inherent to the way social media functions against my person.

I could maybe see an argument not based on technical premises, but instead something like "it will defacto become one because running a relay is too expensive" or such. Is that what you're going for?

I worry that Bluesky becomes the de facto central actor and, due to having no stated business plan and a countdown to repay the money they took, pulls a Google, leveraging its dominance to introduce proprietary, breaking changes.

Yes, right now, the tech, team, interviews, etc sound mission-driven, but "revenue is the dominant term"[2] in the equation of a company's life, and there's still a very real chance that Bluesky dominates whatever federated AT Protocol network ends up forming, then uses that leverage to walk back all this promised openness.

I'm cautiously interested in Bluesky, but I'm watching for this kind of de facto dominance and we're probably too early on to see where the AT network is headed.

- [1] https://somehowmanage.com/2020/09/20/revenue-model-not-cultu...

We don't even need the hypothetical "it will defacto become..." because Bluesky Social was, up till now, the ONLY way to participate in the community. They had 3 million users before federation, and now we can start to hook into what they've built, but the idea from the start was clearly not built around federation and decentralization, otherwise it would have been federated from day one, as Mastodon was. They can HOPE now, that people accept the federation concept, but there's enough gnashing of teeth around the pain of running Mastodon instance that it seems really clear that going from central to decentral is, if we're being intellectually honest, a bridge too far for most to cross.

Basically, until atproto is much bigger than bsky.app, the situation is not very different.

(https://github.com/did-method-plc/did-method-plc/blob/main/R... linked from https://docs.bsky.app/blog/self-host-federation)

This release, of federation, is in my mind a major answer to the real question you're asking, which is the same but with "the employees" instead of "Jack," as they have the equity stake.

Once things are federated, other folks gain power over the protocol, by virtue of usage. If Bluesky PBLLC starts to do shady things, the other instances can refuse to do so, and talk to each other instead.

This is why the split between AT and BlueSky is important, and why this news matters, as it is meaningfully delivering on the desire to protect against such a thing.

Email is open, but if GMail decides to block all email from you, you're toast. And while GMail is large, their percentage of email inboxes pales in comparison to BlueSky's percentage of AtProto users (which is near 100% at the moment).

Yes, once things are federated, other folks start gaining some power over the protocol by virtue of usage. However, if 99% of people remain with BlueSky, everyone else essentially has no power.

mastodon.social has around 15% of the Fediverse on its server and it means that it has a lot of power. Mastodon (the software) is around 72% of the Fediverse which means that other ActivityPub software essentially has to use Mastodon-flavored ActivityPub with whatever quirks might exist in Mastodon. But that's still way less power than BlueSky has in the AtProto ecosystem.

Open protocols are only good as long as there's enough reason for lots of different parties to keep those lines of communication open. mastodon.social needs to keep supporting ActivityPub because they'd lose 85% of their network if they stopped. Let's say it's 2030 and AtProto has 500M users and 99% of them are using BlueSky. BlueSky could simply turn off all the AtProto endpoints and make their web and mobile apps use proprietary endpoints. I'm not saying they'd do that, but they certainly could. Now, if 2030 comes around and there are 500M AtProto users and 10% of them are on BlueSky, then it wouldn't really be possible for BlueSky to turn off AtProto. They'd lose 90% of their network.

But we don't know if AtProto will catch on outside of BlueSky or if BlueSky will remain the vast majority of the network. If there isn't a lot of use outside of BlueSky, there could come a day when it's very tempting to turn it off - or do something that isn't quite turning it off, but would effectively accomplish it. Maybe they just start making breaking changes to AtProto, rolling it out, and documenting the change a week later and third parties just end up unreliable and people migrate off them. There's lots of options.

Five years from now, how is BlueSky making money? Are they just storing, processing, and serving lots of content without good monetization as third party apps start grabbing users and making money off their servers? I mean, we saw what Reddit and Twitter did. If BlueSky controls 99% of AtProto users, they can turn the firehose off. Even if they aren't trying to be evil or maximize their revenue, at some point they need money for all those engineers and servers. Maybe the official BlueSky app will be popular enough for them to get some ad revenue there and not feel the need to go after third party apps. Maybe a lot of things.

But until BlueSky is a minority of AtProto users/posts/etc., it's still something they have a lot of power over - including the power to pivot BlueSky off AtProto and make BlueSky a proprietary network.

Time will tell!