Comment

Comment on Why selfhosted social media protocols are hated ?

Plebbit is text-only, images are not hosted on the protocol anywhere. Although you can embed a link to an image within your comments or posts. Eventually we will think of a design for p2p image hosting but it’s not high priority right now, also it could be abused easily.

Locate bob given a name or some other ID At the moment we use key-value trackers similar to bittorrent trackers, Bob in this sceneario would post their content CID (content identifier, similar to hash) with addresses they can be reached through (quic, webtransport, websocket, https, etc).

If we assume Bob in this is a community with human name like cats, then the backend of Plebbit will resolve the text records of the domain to find its IPNS address, which then can be queries from trackers to find Bob, or anyone else who has the content of Bob’s community.

Verify that it is indeed Bob (and not someone pretending to be Bob)

Plebbit uses IPFS for its backend, which is based on content-addressing. You always get what you ask for.

Prove to Bob that I am indeed who I say I am Each comment/vote/edit published by users to communities is signed with ed25519 keys.

Send that cat picture without anyone in the middle snooping on it

Depending how you connected to Bob, if you connect over a websocket or any encrypted protocol it will encrypted and nobody can snoop on you.

source

Sort:hotnew top

savvywolf@pawb.social ⁨3⁩ ⁨weeks⁩ ago
It still looks like you’re relying on IP addresses, which means if you want to host a Plebbit server (sorry, “always on peer”) you need one of the following:

Use a hosting provider, which is something you want to avoid according to your pitch.

Serve it from your own personal network under your own IP. Given that you’re worried about censorship from even the DNS system, I imagine this is something you absolutely don’t want to do.
source
- rinse@lemmy.world ⁨3⁩ ⁨weeks⁩ ago
  
  if you want to host a Plebbit server
  
  Did you mean a community (subplebbit) here? Or did you mean running your own client instance, like Seedit?
  
  Use a hosting provider, which is something you want to avoid according to your pitch. Running a community is very cheap on terms of computing resources, it’s on par with running a bittorrent client, you can probably run 50+ communities on a single raspberry pi or a $5 VPS. No need for DNS/TLS, and I suspect many people will opt to host communities themselves.
  
  If you still wanna host it with someone else, you could have the address of the community be a blockchain name system tied to a wallet you own, and then give the hosting provider your database (which contains your IPNS private key). The hosting provider will receive and publish updates on your behalf, but in the case they went rogue, you can update the text records of your domain to point to a new IPNS you fully own.
  
  So even this way, the hosting provider doesn’t really have a lot of power over the community owner.
  
  Serve it from your own personal network under your own IP. Given that you’re worried about censorship from even the DNS system, I imagine this is something you absolutely don’t want to do.
  
  You can use relays/tor/vpn to obfuscate your real ip address. The peers in the network won’t know necessarily that IP address <x> is running these specific communities, just in the same way you don’t know if a random bittorrent seeder is person who originally created the file and uploaded it.
  
  source