Fediverse

Your last sentence is unclear, is that actually implemented?

I am trying the approach of just making multiple affiliated services, and forcing people to have consistent account names across each. See https://bestiver.se

Separating identity from instance was invented in 2011, first implemented in 2012, and it has been stable since 2013. Zot protocol, Red, Red Matrix, nowadays known as Hubzilla. It is called nomadic identity.

Separating identity from platform is a current WIP: Nomadic identity is to be introduced to ActivityPub and then made project-agnostic. The idea is to be able to clone your Lemmy account to Mastodon and Pixelfed and Mobilizon and Hubzilla and Funkwhale all the same. You won't be able to use all features of everywhere everywhere (go ahead, try to edit a Hubzilla wiki or article or webpage on Lemmy, haha), but it'll be the same identity. Still, it would require one account on each server on which you have an instance of your identity.

But what you're talking about is full, unlimited user write access to over tens of thousands of instances of over 100 projects. Like, visiting any one of these tens of thousands of servers and being able to do absolutely everything a locally registered user can do, no exceptions, right away.

Like it or not, but this will require a local account. Even OpenWebAuth doesn't grant you full local user write access, nor does it allow for drive-by, on-the-spot creation of full-blown local user accounts on any instance, regardless of registration of local user accounts is allowed or not. Like, you can't just visit hub.netzgemeinde.eu and, within a split-second, have a local user account with the same login credentials as on lemy.lol and a nomadic clone of matcha_addict@lemy.lol so it's the exact self-same Fediverse identity on Lemmy and Hubzilla.

So it's either this. Immediate drive-by nomadic cloning of your logged-in Fediverse to any instance that you visit for the first time.

Or every Fediverse user must have a user account on every instance of every project out there, and their Fediverse identity must be nomadic everywhere and cloned to everywhere all the same.

Like, you register an account on lemy.lol. Simultaneously, the same account with the self-same credentials will be created on all other Fediverse instances out there. Immediately afterwards, whatever will contain your identity on Lemmy will automatically be cloned to all these other instances of everything. That way, you can immediately use all instances of all projects of the Fediverse just the same.

Or the Fediverse has only one central login server which controls the credentials for all instances of everything out there. You don't register with lemy.lol, you register with this central behemoth. And all tens of thousands of Fediverse instances connect to this central server for login credentials. And, again, your identity with all your data will have to be cloned and mirrored all across the Fediverse.

By the way, I've cloned Hubzilla and (streams) channels before. One channel from one server to one other server. This can take multiple minutes even with not so much content. Guess how long it'll take to clone one identity container from one Lemmy instance to 20,000++ other instances out there.

My potential argument against it starts with asking where the credentials are stored for authenticating this identity.

Currently the home instance stores the hashed password and performs authentication.

In a way, the identity “belongs to” the place that does authentication, which now happens to be the instance.

If identity is decoupled from an instance, that means authentication decouples from an instance.

If the identity “belongs to” the fediverse as a whole, then that means the fediverse as a whole has an authentication mechanism.

Unless we can come up with a distributed authentication mechanism, that means the fediverse as a whole has some authentication service, as in one, which means centralized.

This therefore breaks decentralization, unless the authentication is somehow handled in a distributed way. Maybe consensus or something on a hashed password? But if those hashed passwords are stored in a distributed manner, then you’d need a super long password to prevent rainbow table attacks on the passwords, given the hashed values would essentially be public information.

Maybe public keys are stored in a blockchain? I don’t know this is beyond me in the details.

But to summarize the problem at a data model level, an identity belongs to an instance, because the instance can authenticate them. If the identity now belongs to the whole fediverse, then the whole fediverse needs to be able to authenticate them, which if not handled correctly could lead to centralized authentication, centralized banning, censorship, reddit, etc.