ActivityPub: Good Enough for Jazz

Kaniini, one of the lead developers of Pleroma, recently published a blog post called ActivityPub: The “Worse is Better” Approach to Federated Social Networking. It’s a critique of the security and safety of the ActivityPub protocol. They make some good points:

  • ActivityPub doesn’t support fine-grained access control checks, e.g. I want someone to be able to see my posts but not respond to them
  • Instances you’ve banned can still see threads from your instance in some ActivityPub implementations, because someone from a third instance replies to the thread and that reply reaches the banned instance

The post also generated an interesting Fediverse thread discussing the tradeoffs between proliferating the existing protocol versus making changes to it, and whether it would be possible to improve the protocol without breaking backward compatibility. It’s worth a read.

Here’s the thing: ActivityPub is a protocol, and protocols are only valuable as long as there is software out there actually using the protocol. At the end of the day, that’s the most important measure of success. Don’t get me wrong – protocols need to do the job they set out to do well. But at some point, the protocol works well enough that it becomes more important to foster adoption than to continue improving. I believe that ActivityPub has reached that point.

Now, I’m not suggesting that we stop development on the protocol. But future improvements to it should be iterative, building on the existing specification, and backward compatible whenever possible. For example, by all means let’s come up with a better access control model for ActivityPub – but we should also come up with a compatibility layer that assumes some default set of access capabilities for implementations that haven’t upgraded. This lets us move forward without leaving the protocol’s participants behind, preserving ActivityPub’s value.

We are in good company here. This model is exactly how HTTP became the protocol that powers the internet. If you have the time, check out this excellent (brief) history of the HTTP protocol. Here are the highlights: Tim Berners-Lee came up with HTTP 0.9, which was an extremely simple protocol that allowed clients to request a resource and receive a response. HTTP 1.0 added headers and a variety of other features. HTTP 1.1 added performance optimizations and fixed ambiguities in the 1.0 specification.

Critically, all of these versions of HTTP were similar enough that a server that supported HTTP 1.1 could trivially also support HTTP 1.0 and 0.9 (because 0.9 is actually a subset of 1.1). In fact, the Apache and Nginx web servers, which power most websites on the internet, still support HTTP 0.9! By designing and iterating on HTTP in a way that preserved backward compatibility, the early web pioneers were able to build a robust, performant, secure protocol while still encouraging global adoption.

If we want the Fediverse to be just as robust, performant, secure, and globally adopted, we should take the same approach.

Announcing Pterotype

In my last post, I wrote about an emerging web standard called ActivityPub that lets web services interoperate and form a federated, open social network. I made an argument about how important this new standard is – how it tears down walled gardens, discourages monopolies and centralization, and encourages user freedom.

I genuinely believe what I wrote, too. And so, to put my money where my mouth is, I’m excited to announce Pterotype! It’s a WordPress plugin that gives your blog an ActivityPub feed so that it can take advantage of all the benefits ActivityPub has to offer.

Why WordPress?

My mission is to open up the entire internet. I want every website, every social network, and every blog to be a part of the Fediverse. And WordPress runs literally 30% of the internet. It’s not my favorite piece of software, and I certainly never expected to write any PHP, but the fact is that writing a WordPress plugin is the highest-impact way to grow the Fediverse the fastest.

So wait, what does this actually do?

Great question, glad you asked. Pterotype makes your blog look like a Mastodon/Pleroma/whatever account to users on those platforms. So, if you install Pterotype on your blog, Mastodon users will be able to search for blog@yourawesomesite.com in Mastodon and see your blog as if it was a Mastodon user. If they follow your blog within Mastodon (or Pleroma, or…), your new posts will show up in their home feed. This is what I meant in my last post about ActivityPub making sites first-class citizens in social networks – you don’t need a Mastodon account to make this work, and your content will show up in any service that implements ActivityPub without you needing an account on those platforms either.

Here’s what this blog looks like from Mastodon:

The plugin also syncs up comments between WordPress and the Fediverse. Replies from Mastodon et. al on your posts will show as WordPress comments, and comments from WordPress will show up as replies in the Fediverse. This is what I meant about tearing down walled gardens: people can comment on your blog posts using the platform of their choice, instead of being limited by the platform hosting the content.

Sounds amazing! Can I use it now?

Yes, with caveats. Pterotype is in early beta. The core features are in there – your blog will get a Fediverse profile, posts will federate, and comments will sync up – but it’s a pretty fiddly (and sometimes buggy) experience at the moment. If you do want to try it out, the plugin is in the plugin repository. If you install it on your blog, please consider signing up for the beta program as well – it’s how I’m collecting feedback and bug reports so I can make the plugin the best that it can be.

If you’d rather just follow my progress and dive in when it’s finished, that’s fine too! I made my development roadmap publicly available, and the plugin itself is open-source on GitHub. I’m currently doing a major refactor, pulling out all of the ActivityPub-related logic into its own library – once that’s done, it’ll be back to business as usual adding features and stability to Pterotype.

If you’ve read this far, and this project resonates with you, then you might be interested in becoming a sponsor on Patreon. Pterotype is free and open-source, so this is its only source of funding. For moment-to-moment updates, you can follow me on Mastodon.

See you on the Fediverse!