Plebbit: A serverless, adminless, decentralized Reddit alternative (Whitepaper v0.3.0)

[estebanabaroa]

Plebbit: A serverless, adminless, decentralized Reddit alternative (Whitepaper v0.3.0)

Abstract

A decentralized social media has 2 problems: How to store the entire world's data on a blockchain, and how to prevent spam while being feeless. We propose solving the data problem by not using a blockchain, but rather "public key based addressing" and a peer-to-peer pubsub network. A blockchain or even a DAG is unnecessary because unlike cryptocurrencies that must know the order of each transaction to prevent double spends, social media does not care about the order of posts, nor about the availability of old posts. We propose solving the spam problem by having each subplebbit owner run a "captcha service" node over peer-to-peer pubsub. Peers who fail too many captchas are blocked from pubsub.

Public key based addressing

In Bittorrent, you have "content based addressing". The hash of a file becomes its address. With "public key based addressing", the hash of a public key becomes the address of the subplebbit. Network peers perform a DHT query of this address to retrieve the content of the subplebbit. Each time the content gets updated, the nonce of the content increases. The network only keeps the latest nonce.

Peer-to-peer pubsub

Pubsub is an architecture where you subscribe to a "topic", like "cats", then whenever someone publishes a message of topic "cats", you receive it. A peer-to-peer pubsub network means that anyone can publish, and anyone can subscribe. To publish a post to a subplebbit, a user would publish a message with a "topic" equal to the subplebbit public key (its public key based addressing).

Captcha service over peer-to-peer pubsub

An open peer-to-peer pubsub network is susceptible to spam attacks that would DDOS it, as well as makes it impossible for moderators to manually moderate an infinite amount of bot spam. We solve this problem by requiring publishers to first request a captcha challenge from the subplebbit owner's peer. If a peer or IP address relays too many captcha challenge requests without providing enough correct captcha challenge answers, it gets blocked from the pubsub. This requires the subplebbit owner's peer to broadcast the result of all captcha challenge answers, and for each peer to keep this information for some time.
Note: The captcha implementation is completely up to the subplebbit owner. He can decide to prompt all users, first time users only, or no users at all. He can use 3rd party services like Google captchas.

Lifecycle of creating a subplebbit

1. Subplebbit owner starts a Plebbit client "node" on his desktop or server. It must be always online to serve content to his users.
2. He generates a public key pair, which will be the "address" of his subplebbit.
3. He configures captcha options, like how often and what kind of captchas to show.
4. He publishes the metadata of his subplebbit to his public key based addressing. This includes subpebblit title, description, rules, list of public keys of moderators, etc.
   Note: It is possible to delegate running a client to a centralized service, without providing the private key, which makes user experience easier, without sacrificing censorship resistance.

Lifecycle of reading the latest posts on a subplebbit

1. User opens the Plebbit app in a browser or desktop client, and sees an interface similar to Reddit.
2. His client joins the public key addressing network as a peer and makes a DHT query for each address of each subplebbit he is a member of. The queries each take several seconds but can be performed concurrently.
3. The query returns the latest posts of each subplebbit, as well as their metadata such as title, description, moderator list and captcha server URL.
4. His client arranges the content received in an interface similar to Reddit.

Lifecycle of publishing a post on a subplebbit

1. User opens the Plebbit app in a browser or desktop client, and sees an interface similar to Reddit.
2. The app automatically generates a public key pair if the user doesn't already have one.
3. He publishes a cat post for a subplebbit called "Cats" with the public key "Y2F0cyA..."
4. His client joins the pubsub network for "Y2F0cyA..."
5. His client makes a request for a captcha challenge over pubsub.
6. His client receives a captcha challenge over pubsub (relayed from the subplebbit owner's peer).
7. The app displays the captcha challenge to the user in an iframe.
8. The user completes the captcha challenge and publishes his post and captcha challenge answer over pubsub.
9. The subplebbit owner's client gets notified that the user published to his pubsub, the post is not ignored because it contains a correct captcha challenge answer.
10. The subplebbit owner's client publishes a message over pubsub indicating that the captcha answer is correct or incorrect. Peers relaying too many messages with incorrect or no captcha answers get blocked to avoid DDOS of the pubsub.
11. The subplebbit owner's client updates the content of his subplebbit's public key based addressing automatically.
12. A few minutes later, each user reading the subplebbit receives the update in their app.
13. If the user's post violates the subplebbit's rules, a moderator can delete it, using a similar process the user used to publish.
    Note: Browser users cannot join peer-to-peer networks directly, but they can use an HTTP provider or gateway that relays data for them. This service can exist for free without users having to do or pay anything.

What is a "post"

Post content is not retrieved directly by querying a subplebbit's public key. What is retrieved is list of "content based addressing" fields. Example: latest post: "bGF0ZXN0...", metadata: "bWV0YWRhdGE...". The client will then perform a DHT (or Bittorrent-like trackers) query to retrieve the content. At least one peer should have the data: the subplebbit's owner client node. If a subplebbit is popular, many other peers will have it and the load will be distributed, like on Bittorrent.

Using anti-spam strategies other than the captcha service

The captcha service can be replaced by other "anti-spam strategies", such proof of balance of a certain cryptocurrency. For example, a subplebbit owner might require that posts be signed by users holding at least 1 ETH, or at least 1 token of his choice. Another strategy could be a proof of payment, each post must be accompanied by a minimum payment to the owner of the subplebbit. This might be fitting for celebrities wanting to use their subplebbit as a form of "onlyfan", where fans pay to interact with them. Both these scenarios would not eliminate spam, but they would bring them down from an infinite amount of spam, to an amount that does not overwhelm the pubsub network, and that a group of human moderators can manage. Proof of balance/payment are deterministic so the P2P pubsub network can block spam attacks deterministically. Even more strategies can be added to fit the need of different communities if found, but at this time the captcha service remains the most versatile strategy.

Unlinking authors and IP addresses

In Bittorrent, an attacker can discover all the IP addresses that are seeding a torrent, but he can't discover the IP address of the originator of that torrent. In Bitcoin, an attacker can directly connect to all peers in the network, and assume that the first peer to relay a transaction to him is the originator of that transaction. In Plebbit, this type of attack is mitigated by having the author encrypt his comment or vote with the subplebbit owner's public key, which means that while the attacker can know a peer published something, he doesn't know what or from what author.

Conclusion

We believe that the design above would solve the problems of a serverless, adminless decentralized Reddit alternative. It would allow unlimited amounts of subplebbits, users, posts, comments and votes. This is achieved by not caring about the order or availability of old data. It would allow users to post for free using an identical Reddit interface. It would allow subplebbit owners to moderate spam semi-automatically using their own captcha service over peer-to-peer pubsub. It would allow for all features that make Reddit addictive: upvotes, replies, notifications, awards, and a chance to make the "front page". Finally, it would allow the Plebbit client developers to serve an unlimited amount of users, without any server, legal, advertising or moderation infrastructure.

Please contact me on Telegram @estebanabaroa or Discord estebanabaroa#2853 to get involved, we hiring JS devs.

[RiordanIX]

Interesting. So can each node choose to duplicate different "subplebbits," or is each instance N number of "subplebbits?"

I could also see this as a way to aggregate RSS feeds, any thoughts on that?

[estebanabaroa]

Interesting. So can each node choose to duplicate different "subplebbits," or is each instance N number of "subplebbits?"

There's 2 networks, 1. the public key addressing network, which is used by the subplebbit owner to distribute the content of his subplebbit and 2. the pubsub network which is used by users to communicate their new posts to the subplebbit owner.

In both network, there's 2 types of peers, there's the owner of the subplebbit, and users of the subplebbit. Owners publish original content, and users download this content if they want. Users also become a "seed" for this content for a while, like in Bittorrent, to distribute the load. Both owners and users client instances can own or use any amount of subplebbits, like in a Bittorrent client you can download/seed any amount of torrents.

I could also see this as a way to aggregate RSS feeds, any thoughts on that?

I'm not sure what you mean by that, isn't a basic RSS reader already a way to aggregate RSS feeds?

[RiordanIX]

Ahh, I think I understand the first part then.

I mean the RSS feeds as a simpler way for non-techy people to get them. They understand reddit, but getting a link just seems to go over their heads. I'm envisioning something kind of like lobste.rs that shows the feeds and anything else the subplebbit owner wants.

[estebanabaroa]

I mean the RSS feeds as a simpler way for non-techy people to get them. They understand reddit, but getting a link just seems to go over their heads. I'm envisioning something kind of like lobste.rs that shows the feeds and anything else the subplebbit owner wants.

The way a user "reads" subplebbits is kind of like RSS. Instead of pinging an RSS feed, you ping a public key, then the DHT network tells you if it has any new content. But RSS didn't have upvotes and comments/replies notifications, but this design does, and imo those are essential for the app to be "addictive" enough to be successful.

[Poeticmind2475]

I pray it all turn out ease for lay man like me to understand and use

[selfagency]

FYI

[estebanabaroa]

Federated protocols are not as decentralized and censorship resistant as pure peer-to-peer protocols. They require DNS, public HTTP endpoints, servers, admins, moderators, lawyers, etc. You also usually don't own your identity, it's usually stored in someone else's server. They usually end up centralizing to only a few providers, like Gmail or Mastodon, that have strict content policies. Twitter used RSS in the beginning, until it had captured enough of the market, then it shut down RSS and killed it.

Pure peer-to-peer like Plebbit is more scalable, it doesn't require DNS, public HTTP endpoints, servers, admins, moderators, lawyers, etc. You own your identity and communities without having to run a server, it's just a public key pair. It could scale to 1 billion users with just a few anonymous developers working on the client, without any server infrastructure. It's also much harder to "embrace, extend, extinguish".

[selfagency]

It's funny, I just wrote a piece about the issue you raised regarding Twitter and RSS and Ev Williams responded.

[Aspie96]

@estebanabaroa I'd also like to add that both Mastodon and Lemmy are, unfortunately, quite politically biased.

In the case of Mastodon, this has lead to some instances with restrictive rules, to instances blocking each other and to unfortunately very few "free speech" instances (ofter blocked by others for expressly this exact reason).

This limits the freedom of end users, unless they create their own instance.

(Obviously admins have the right to do what they want, but users should chose platforms that limit them the least and empower them the absolute most).

[mjollnir14]

I'd suggest devs / project owners to consult a lawyer in their juridiction or to switch to anonymous developing. The earliest the better

[Poeticmind2475]

I agree with the last bracketed statement, some admins are annoyingly guilt here. They don't wait to understand the writer but just act on impulse or others push.

[festinalente]

Concerned by censorship, I built a proof-of-concept over the past couple of days that covers a little of what you are trying to do: It is a serverless, adminless, decentralized method of saving, editing and publishing content (not a plebbit, but a lame text only blog currently).

The idea that vexed me was to make it accessible to non-technical users particularly and addresses issues inherent to requiring users to run services.

Subplebbit owner starts a Plebbit client "node" on his desktop or server. It must be always online to serve content to his users.

My idea works as follows:

• We have the bones of a "server" built into our browsers, we are able to read and write data, make and serve requests,
• A seed server hosts a PWA that represents an interface, this PWA has no data, it's blank,
• A user "installs" or runs this PWA and can add content/data it,
• Content is saved locally in Indexed.DB which in effect gives access to the full scope of memory of a user's local environment.
• Content is publish to IPFS.

This machine relies on IPFS, while I have been following IPFS since its inception and initial design I am not fully familiar with it. But as far as I can tell effective clones where a

Problems I haven't considered or resolved:

• Persisting content on the network, if a users content is "pruned", can they pin it locally? Check it's been pruned from the network and resubmit?
• In terms of spam, my inkling would be to follow a design like substack whereby people request a subscription to a particular sub someone owns, rather than a captcha, their web of interaction (or threads if we're thinking of reddit) becomes visible to you.
• Democratic voting on a post does not guarantee the best content rises, or the content most interesting to a user, therefore a user can, via their subscriptions apply a rule whereby certain people they follow have a more significant vote on the content they see.

You can see my crude idea here: https://github.com/festinalente/spawnDotSocial

[Poeticmind2475]

I am it all in, interesting

[mjollnir14]

Interesting. Can you describe more pricesely how the Database part of the content is stored on IPFS ?
More generally my question: Is there really a viable solution for decentralized database?

[festinalente]

PWA stores the content in IndexedDB (in your browser), the table contains the CIDs and content. Onload, the app reads each post which seemingly "refreshes" the IPFS cache (re pins content) and adds the content back to IPFS if it has been garbage collected (if you've closed your browser window or closed the PWA if you have it installed. So this negates the need for a pinning service.

I got stuck trying to use ipfs.publish.name to create some sort of pointer for mutable content (a pointer to an index). It's super slow through go IPFS and doesn't seem to work at all IPFS JS, there are a few issues open on their Git relating to it, so I've shelved it for the time being and am following the issues. What this means is keeping an index of sorts with content from different places (comments on a post for example) isn't easy with IPFS. I had a brief look at pubsub too, but need to take another look. There are databases built with that already: https://orbitdb.org/.

Other issues reared their head when I looked into "chat". In terms of something directly P2P. It's not possible to completely do within servers, (ICE NAT, STUN... ) using WebRTC. However I think this is an acceptable design limitation, my intent was/is to just remove middle men from social transactions on the internet and make it as accessible as opening a web page.

[mjollnir14]

I think alternative solution based on Siacoin network (http://sia.network) implementations such as Filebase.com (S3 interface like but storing is done on decentralized Sia network) or other implementations might solve this. It needs experimentation tho

[mjollnir14]

This might be source of inspiration/collab: https://github.com/freenet/locutus

[fluksurasak]

Good

[nosalistic]

Cool

[JosephFrusetta]

I was recently banned from Reddit for saying genocide is bad. Reddit's admins decided not to reverse the ban.

Please keep moving forward with this idea. Reddit has become inundated with terrible people that think they're good moderators and administrators. We need a fair and decentralized community.

[CarlosLugo]

I was recently banned from Reddit for saying genocide is bad.

This is believable.

[mjollnir14]

Reddit has become a cesspool, they will reach Twitter levels soon

[Hueristic]

I got banned for calling Ulvadi cops Cowards!

[TkKonstantin]

Let me know if you need any help from IPFS/Filecoin side!
Would be happy to find answers and/or resources if needed for further project advancement.

[TkKonstantin]

Btw, @estebanabaroa have you looked into IPFS grant program already? -> https://github.com/ipfs/devgrants
I believe this project could nicely qualify to microgrants followed by a dev grant as you already have a white paper and early functionality prototype

[CarlosLugo]

The user completes the captcha challenge and publishes his post and captcha challenge answer over pubsub.

I'm curious what this would look like from a security standpoint. Each user's client would have to essentially make their public IP address identifiable to, at a minimum, the subplebbit moderator (via his node) for the initial post creation.

That could create an environment where subplebbits hold onto IP address information, and use that information to attack or dox users later on. Without an anonymity layer built into a protocol, it sounds like a significant privacy+security risk that could be exploited at any point by an attacker via a user's home internet connection.

In the case of Reddit, this is obfuscated by a permission layer (ie, only Reddit admins have access to a user's IP address information, not subreddit moderators, etc).

[CarlosLugo]

An attacker can know the IP addresses of all peers, but he can't know the IP address of the peer who published something first, ie the originator.

He can if he's the plebbit creator. Unless I'm misunderstanding your white paper, all publish requests, including the captcha, go to the plebbit owner's peer before becoming seeded. That means every publish request has non-anonymous communication during

1. the captcha submission, and
2. the published content to the owner's peer.

At both points, the plebbit owner can capture the publisher's IP address and potentially unmask the user's identity.

This won't be an issue for subsequent attackers once the published content is seeded, but that initial push to the subreddit owner is not anonymous. And, in fact, the earliest users would also have an idea of who originated the content.

Without an anonymity layer, this seems like a concern.

[estebanabaroa]

all publish requests, including the captcha, go to the plebbit owner's peer before becoming seeded. That means every publish request has non-anonymous communication during

They don't go to the subplebbit owner directly, they go to the peer to peer pubsub network first. The subplebbit owner doesn't "receive" messages per say, he just listens to the pubsub like any other peer. The owner is a regular peer in terms of listening. But only he can publish "challenges" and "challengeverifications", because those must be signed by his private key.

The only way to eventually know the IP address of the originator in a P2P network is to be an attacker who is directly connected to all peers at the same time, and stay connected for a while, or permanently. And while the attacker would know with good certainty your IP address, he couldn't prove it, because he can't prove that he was connected to all peers, nor that he received a message first from some IP address. All he can do is tell people, and hope people believe it without proof, just based on his word. This is how Bitcoin and Bittorrent work right now and it seems to be doing OK.

But because of this attack, people who are at risk should probably use a VPN or Tor.

It might be possible to add more anonymity at some point when the project is more advanced, like for example we could encrypt the message and author information with the subplebbit owner's public key, this way only the owner would be able to do a "connect to all peers" attack and link IP addresses with authors.

[CarlosLugo]

Ok, I understand your layout better now. When I read the white paper, I interpreted what you wrote as the initial messages went to the subplebbit owner directly.

This makes much more sense, thanks for clarifying.

[mjollnir14]

What about authenticating thru Web 3.0 / Web wallet / Hardware wallet? With minimal fund value of $x to allow posting/voting. On an expensive network such as Ethereum to prevent bots from splitting into many small wallets to reach the minimal posting value, or at least to render spamming too expensive. Just throwing ideas here

[estebanabaroa]

What about authenticating thru Web 3.0 / Web wallet / Hardware wallet?

It's theoretically possible to sign with any crypto wallet, it's just a matter of implementing it. We will support signing with popular wallets like Metamask. In this case your crypto address (or some crypto domain) becomes your username.

With minimal fund value of $x to allow posting/voting.

We plan on supporting all useful spam prevention mechanisms eventually, like staking, paying, burning or just holding some token. But captchas will be the primary way most people use the app for a long time, at this moment in time, most people still don't have crypto and don't want to be bothered managing a wallet with a few dollars on it just to use a social media app.

[mculp]

My two cents: I think for something like this to truly thrive, you need to incentivize running nodes, which takes us back to blockchain land. Nobody wants to run their own node.

[estebanabaroa]

The desktop client is a direct p2p full node/peer. It's an electron app, like Discord, and only uses a few hundred MBs of bandwidth per month and even less of storage. It doesn't require any incentive. If you're an active desktop user, using the desktop client instead of the browser client (which is not a full node) will be faster and smoother.

It's not a blockchain, you're not syncing the entire network, you're only syncing the newest posts of only the subplebbits you follow. A full sync will take 2-10minutes, and a few MBs of bandwidth. Running a "full node" is as effortless and requires less resources than using Discord or a Bittorrent client.

[estebanabaroa]

Can I setup a node server

There will be a CLI client, desktop client (Electron), web client and maybe at some point an Android client. So yes you can run a node on a server.

[stemid]

@estebanabaroa Admittedly this is very impressive but I don't see it catching on because most mainstream social media users want to use the most simple method possible.

Running a special desktop app is not desirable. Most users want a website to go to.

Even joinmastodon is confusing to people, they can handle one domain and usually pick the first instance they find on that domain.

If this works then I believe you will either be aiming at a more technical demographic, or the black market.

[estebanabaroa]

Running a special desktop app is not desirable. Most users want a website to go to.

You don't need a desktop app to use it. There's a web client, and eventually a native android client. You just need a browser.

You do need a device (server, desktop or 3rd party service to do it for you) to run a node 24/7 in order to run your own subplebbit, and there are no penalty for downtime. You don't need to run your own subplebbit to use plebbit. Most people don't run any subreddit. You can still be a mod without running a node 24/7, you just can't be the owner.

Plebbit will be as easy to use as reddit if you don't run a subplebbit, and only slightly more difficult if you run your own subplebbit. But running a subplebbit will be 100x more valuable than running a subreddit, since you actually have full ownership of it. You can resell it or monetize it any way you want, and nobody can ever seize, block or delete it. So it will be worth the effort to run one.

[babuloseo]

Rust.

[dcatki]

@estebanabaroa have you checked out Holochain?

[Ray-Hughes]

Could it be possible to have a wallet that holds your key for signing instead of a captcha? Also, it seems like you could utilize a blockchain in that way to share a node with users that don’t want to spin one up? Could also implement a token for tipping, rewards, etc similar to Reddit awards?

[estebanabaroa]

Could it be possible to have a wallet that holds your key for signing instead of a captcha?

We will support signing with Metamask and other wallets. Maybe Bitcoin. Also if your subplebbit or username is a crypto domain, like john.eth, there's no risk of you losing your domain, if you lose your plebbit private key, you can just change it in your crypto domain settings.

Also, it seems like you could utilize a blockchain in that way to share a node with users that don’t want to spin one up?

It's possible to create a "subplebbit as a service" product and host subplebbits for people, and they don't have to give you their private keys, so no decentralization is lost.

Could also implement a token for tipping, rewards, etc similar to Reddit awards?

We plan on supporting any token/nft/coin for tipping, awards, curating, less captchas, etc. Each subplebbit owner should be able to create their own tokens or nfts to monetize their effort and incentivize their users to participate. Avatars will also be curated NFTs.

[Ray-Hughes]

Awesome. Looking forward to seeing more. Thanks for the detailed reply.

[Aspie96]

Note: I haven't read the whitepaper yet, but this is important.

Many decentralized open source projects that I've seen have two issues:

• Not fully open source. I think it is important to check that the license of every dependency is a FLOSS one, as this forsters adoption (obviously this only applies if open source software is the intention here. I believe it's ideal for a decentralized platform).
• Non GDPR-compliance. The GDPR needs to be read in full in order to be understood. "Good privacy" is not enough for GDPR-compliance because there are some specific rules about how the privacy policy should be and what it must say. This is unfortunate because it can hamper (legal) adoption in Europe, as well as endorsement by some parties.

Taking these two points into account since the very beginning can be quite helpful.

[estebanabaroa]

Not fully open source

Plebbit is fully open source, it doesn't use any central server, central database, DNS, or public HTTP endpoint. It doesn't have a website or interface served by a central party, it is a pure peer to peer protocol. Each user downloads a client and runs it locally. There is a web client, but it doesn't use DNS or a single public HTTP endpoint, the web client is a static file served over IPFS gateways using ENS.

Non GDPR-compliance

Plebbit has no central entity that can be regulated. There are no central servers, central databases, DNS, website, public HTTP endpoint, intermediary etc. As a whole, it cannot be regulated or shut down, a government must find and penalize each peer individually.

[Aspie96]

Thank you, @estebanabaroa.

I was not talking merely about the protocol itself, but rather the software licenses of the main implementations and how the protocol and the functionalities support GDPR-compliance by services based on the protocol.

[yeehi]

Floodnet?
Instead of nodes connecting to other nodes, which is expensive, have you considered having the nodes connect to neighbourhoods of nodes, which are in synch at that time? This would help with anonymity too, as it would be less easy to distinguish which node is transmitting the information. Aether, a privacy focused peer-to-peer social network uses this principle: https://getaether.net
Please take a look and see what you all think!

[estebanabaroa]

Instead of nodes connecting to other nodes, which is expensive, have you considered having the nodes connect to neighbourhoods of nodes, which are in synch at that time?

Plebbit has no syncing, consensus, or ledger. You don't need to waste any time syncing to use it, you just join a P2P swarm, and you get the latest posts (or just the post you want) on the very first query (in seconds), and you can determine that it's correct because they are signed and timestamped by the subplebbit owner's private key.

This would help with anonymity too

Plebbit is anonymous for authors, publications are E2E encrypted between authors and subplebbit owners. The only IP address that can be discovered is the IP address of the sub owner, and to do so someone needs to connect to every peer and calculate time. It's not anonymous for readers, if you read a subplebbit your IP address will be part of the P2P swarm for some time, like bittorrent.

Aether

From their documentation Aether uses hashcash/POW for their spam resistance. This fundamentally cannot work, spammers will pay a few thousand dollars a month in POW and overwhelm the app with spam, with so much spam that moderators will be overworked. If you make the POW too difficult, then you can't use it on mobile phones. Their mod election system can also be manipulated since it has no spam protection other than POW. It's a fundamentally flawed design (as it is described on their website).

Plebbit has strict and deterministic spam protection, which is the one and only fundamental problem of all decentralized social media designs. Either your comment/vote is signed by the subplebbit owner, or it's not. If it's not, you're a spammer and you get blocked from that subplebbit's P2P swarm at the IP level. Each subplebbit owner can implement any challenge they want, if a subplebbit is heavily under attack from an attacker who figured out how to solve his captcha, he can switch to a more difficult captcha, or to something else impossible to bot, like only allowing users with X amount of karma from his own subplebbit, or requiring some proof of stake, proof of humanity, etc. He can even implement centralized solutions like manual KYC/whitelisting if he wants.

There's no way to "vote out" a subplebbit owner by doing some sybil attack like on Aether. It's like Bitcoin, no one can vote to spend your balance. But subplebbits are represented by either public keys or crypto domains, like "memes.eth", which means that a DAO could own "memes.eth", so the subplebbit would be controlled by that DAO, and DAO participants could vote out the creator/moderators. Any smart contract can own a subplebbit, so democratic governance is possible, but not forced on the user.

[yeehi]

Thanks for your work and reply. Couldn't an early lurker arrive at Plebbit, and as soon as inhumanly possible, the very moment a new Sub is created, start working out who the owner is, since at that time there would be only the Sub's creator in the Sub?

It is great that you are using IPFS for Plebbit, but since that publishes one's IP address too, is there an anonymity concern there?

Plebbit is a fun name, which catches the spirit behind your project, I think, but I think at the moment, most people who hear "Plebbit" mentioned, think only that it is a joke name for Reddit, and not a real project that has genuine potential.

I hope you manage to launch this soon and would like to participate in early testing, if I may.

[tknx]

I ran across this because this is super timely for now with what is happening.

The solution is that each of enduser client is running the blockchain while in use. The user pays for their access in helping out the network. As long as this is aboveboard and legit and not used for profit taking, it would be pretty ethical.

Anyway did this ever go anywhere?

[stemid]

All cryptocoins will always be for profit of the early investors. And the early investors have a financial incentive to keep driving new investors to the platform in order to maintain their profits.

This is inherent in all cryptocoins, my suggestion is to stay well clear of such solutions. They're mostly used for scamming people. Even if one or two might have good intentions, the whole ecosystem is tainted.

The only solution to big corp social media is to continue working with decentralized user-driven solutions such as the fediverse. And even then we'll never get rid of centralized social media, merely offer an alternative.

[estebanabaroa]

we are 4 people working on it full time since this whitepaper.

there's 2 demos https://plebbitapp.eth.limo/ https://plebchan.eth.limo/

you can follow the progress on our twitter https://twitter.com/getplebbit telegram and discord

[tknx]

The real issue is how do you run a decentralized serverless solution that isn't still at the mercy of hosting.

[stemid]

The key word there is serverless, if that is truly your goal then you must use the most common of serverless offerings so that you're not vendor-locked. Cloud services have become more common lately so things like S3-compatible storage for example can be found at any VPS provider.

Serverless is a noble but a bit far fetched goal for now though. Either way this is off topic.

[estebanabaroa]

The real issue is how do you run a decentralized serverless solution that isn't still at the mercy of hosting.

our design isn't at the mercy of hosting, you can install the desktop or mobile app, and there can be infinite amounts of mirrors for the web client, it's just static HTML.

[ProgrammerWhoPrograms]

Can someone explain to me how this is supposed to be "adminless"? Looks to me like the "subplebbit owner" has pretty much all the same powers as an admin (apart from useful ones like being able to style the UI, delegate power to moderators in more complicated ways than those provided by your protocol, block IP addresses and perhaps ranges used for abuse, etc).
There's no such thing as admins for an entire site like Reddit with subreddits, instead each subplebbit is autonomous. But if you wanted that, why not create software that sub owners can run on their servers?
Yes, it distributes load but personally I think if someone wants absolute power over something, they should have the responsibility of maintaining it and hosting it as well.

[ProgrammerWhoPrograms]

you don't need to use .eth, you can use any name system, or no name system at all, this is a community with no name

I meant plebbitapp.eth
I didn't know you could assign a name to individual communities.

How do I use a different Ethereum API on Android?

the apps are kind of buggy right now

I'm talking about Thor. It doesn't have a standard address bar that you can type a URL into. I have no idea how I'm supposed to use Plebbit and other decentralised sites/apps outside of eth.limo etc.

I can't find any other Android clients on F-Droid or elsewhere.

[estebanabaroa]

How do I use a different Ethereum API on Android?

If you're talking about plebbit, most of the clients have a settings page where you can set your ETH provider URL (and your IPFS node/gateway URLs)

https://plebbitapp.netlify.app/#/settings/plebbit-options/
https://plebchan.netlify.app/#/p/all/settings
https://plebones.netlify.app/#/settings

We haven't tested the android app that well, it might or might not work with your own node because it might block some http header setting, but it will work eventually.

I'm talking about Thor. It doesn't have a standard address bar that you can type a URL into.

plebbit clients don't need a URL bar to work. if you want to know the CID a .eth name you can use https://legacy.ens.domains/name/plebbitapp.eth and check the content field. We should probably start adding the CID of each release

I have no idea how I'm supposed to use Plebbit and other decentralised sites/apps outside of eth.limo etc.

you don't need an IPFS browser to use plebbit. You can download the plebbit apps from any website that host them, though right now the only sources are github releases because the project is still in demo mode, list of clients right now:

https://github.com/plebbit/plebbit-react/releases/latest
https://github.com/plebbit/plebchan/releases/latest
https://github.com/plebbit/plebbit-cli/releases/latest
https://github.com/plebbit/plebones (no app yet, only web)

I dont recommend you try the plebbit apps right now, they are still pretty buggy, I recommend you use the web clients, the cli client or try again in 6 months when things are more stable.

plebbit is its own app, you don't need to use an IPFS browser or IPFS app to use it. Plebbit uses IPFS inside the app, but you don't need to install IPFS yourself or do anything IPFS related, all the IPFS stuff happens under the hood and is hidden from the user. The user can run their own IPFS node if they want but they don't have to. And the IPFS node can only be run from linux/windows/mac, not android as far as I know.

[ProgrammerWhoPrograms]

You can download the plebbit apps from any website that host them

plebbit is its own app, you don't need to use an IPFS browser or IPFS app to use it

That's cool. Do the CLI and Android apps connect to any server (such as eth.limo, eth.link, or Ethereum API such as Infura)?

[estebanabaroa]

That's cool. Do the CLI and Android apps connect to any server (such as eth.limo, eth.link, or Ethereum API such as Infura)?

the CLI bundles an IPFS client (kubo), so when you start it, it also starts kubo, so it's not making an non P2P requests like .eth.limo. It does need to use an ETH RPC url to resolve .eth names of communities, so if you use .eth names with plebbit (which is optional), you either have to run your own ETH node or use a service like infura. to prevent ETH RPC censorship, the CLI uses several providers at once, including one we run ourselves, and you can add your own.

the android app is the same as the web client right now, it just runs the react app in web view, at some point we will add more native stuff to the android app, like the android app could even run a kubo node, though it would take a lot of battery and bandwidth.

neither the plebbit cli or android apps connect to .eth.limo, .eth.link, but both use ETH RPC urls to resolve .eth names of communities (which are not required to use plebbit, they are not part of the plebbit protocol). but only the android app uses IPFS gateways, the plebblit cli bundles a kubo node and does everything P2P

[ProgrammerWhoPrograms]

That's good. But I currently don't have a PC, only a phone. Though IPFS has never really been usable for me on a phone, so I guess I'm just consigned to using a gateway anyway. Still, I think you should steer users towards the more decentralised option rather than the less.

[ProgrammerWhoPrograms]

I quite like the look of the upcoming new version of Freenet (codenamed "locutus") for making decentralised apps.

[OleGrim]

Questions:

1. Where, by whom and for how long is the full content of the subplebbit stored (IPFS)?
2. How to conduct a search in the full content of the subplebbit?

[estebanabaroa]

Where, by whom and for how long is the full content of the subplebbit stored (IPFS)?

The sub owner must run a plebbit node 24/7. The node doesn't need to sync anything, it just needs to store the sub's posts, so if your sub has 100 posts, it might be 1mb in size. The plebbit node bundle an IPFS node (kubo) and automatically pins each comment. Plebbit also has mutable content, which uses IPNS, for the subplebbit data, the comment replies/vote counts/edits and the subplebbit pages which are regenerated every x minutes to include the newest submissions. You can check all the data structures here https://github.com/plebbit/plebbit-js#schema . Everything in plebbit are JSON files over IPFS/IPNS.

how long

The content must be pinned forever by the sub owner, and is temporarily seeded by users who read it. If the sub owner stops seeding, and no other users are seeding, the content disappears. Plebbit is not optimized for archival, it's optimized to be able to access new content extremely fast, without any transaction fees, scale to billions of users, and completely P2P (no RPC providers, everyone is a full node, like bittorrent clients),

How to conduct a search in the full content of the subplebbit?

The only way to search plebbit is to index all the content, and then search it. Just like to search the internet, you need to be google, you need to index all of it, and then search it.

People will want to search plebbit at some point though, and it will happen in those 3 ways:

1. You have some centralized server that indexes all posts, like warosu.org (or google basically), then you search it. This could be federated, you could have more than 1 provider that offer this service using some open RPC standard, and quorum them. This method is centralized, they can hide search results.

2. P2P: the search function scrolls every page of the subplebbit in the background, which might take 6 seconds per page, at 100 posts per page, that's 10 minutes to search a sub with 100k posts, and this doesn't deep search within the comments, it only looks at the top 100 comments of each post, to deep search inside comments, you have to add another 6 seconds for each comment page you search, so deep searching a post with 1k comment would take 1 minute, deep search 1000 posts with 1k comment each would take 2 hours.

3. P2P: it's not implemented yet, but at some point the community owner will probably be able to (optionally) share his entire raw DB over IPFS, so you'll be able to download the entire DB and search it locally, a big sub will probably be GBs in size, so it wont be a quick search, you'll need to download the entire file.

[ProgrammerWhoPrograms]

The content must be pinned forever by the sub owner

This is basically a server architecture.

[estebanabaroa]

This is basically a server architecture.

in client/server, the client makes requests directly to the server. it cannot trust random peers to give them the content

in a p2p content addressing, the client discovers peers somehow, usually DHT, then it asks all these peers for pieces of the files, and it doesn't have to trust any of these peers, because the address of the content is a hash of the content, so the client can verify that peers aren't lying

plebbit is fully p2p content addressing, the "client" never needs to make requests directly to the community owner, any peer can serve the content. it's required that the content be pinned by the community owner in case there's literally no other peers than the client and the community owner, in this case yes the client makes a request to the community owner directly, but the client actually doesn't know that this peer is the only peer or that he's the community owner. in the P2P swarm the community owner just appears like a regular peer.

when it comes to downloading a specific comment from a community, the community owner has no more privilege than any other peer, he is a random peer.

when it comes to publishing content, the community owner can reject publications in their own community via the challenge exchange protocol. but this challenge exchange also happens p2p, all peers propagate all messages, so the publisher client is not required to connect directly to the community owner client. peers only connect to a subset of all peers and all messages are propagated to everyone. even the publishing process is not client/server. the publisher might never directly connect to the community owner peer, and even if it did, it wouldn't know that they are the community owner peer as it just appears like any other peer.

[ProgrammerWhoPrograms]

Can someone explain in clear terms what problem this is trying to solve?

[estebanabaroa]

reddit/lemmy/mastodon ban communities and users. indie forums get deplatformed by their hosting providers, anti-ddos providers, payment processors, governments block domain names/ips from being accessed within their country.

on plebbit, your community literally cannot be banned or blocked by anyone, even a government.

we solve that problem.

[ProgrammerWhoPrograms]

But admins of communities (who are still admins btw) still have to host a "captcha service peer", which is basically a server despite being accessed over IPFS, and therefore can be blocked by ISPs and hosting providers. Right?

This just feels like fake decentralisation.

[estebanabaroa]

which is basically a server despite being accessed over IPFS

no, a server is a machine that serves you data directly. with plebbit, you receive the data from any random peer that has the data, you don't know the IP address of the community owner, you dont know which peer is the community owner. all peers are seemingly equal to you. in a popular community, you would likely never even connect directly to the community owner.

also setting up a server with ssl is something out of reach from most people, and you usually need to pay for the server and sometimes KYC.

whereas with plebbit, you just double click some .exe GUI app, and that's all you need. No ssl, no payment, no KYC, no command line. and if your ISP decides to shut down your access because you use IPFS, you can use a VPN, your neighbor's wifi, go buy a new sim card, rent a VPS, etc.

can be blocked by ISPs and hosting providers.

ISPs can try to block IPFS, just like they sometimes try to block bittorrent or bitcoin, but these blocks often don't work because of encryption (IPFS is E2E encrypted) and VPNs. And even if they sometimes succeed to block bittorrent or bitcoin, it's still considered decentralized.

[ProgrammerWhoPrograms]

It would be cool to have something like Aether with it's decentralised moderation.
In fact, that's where I heard of this from. A thread on the Aether forums about where to go next after the abandonment of Aether by it's founding dev.

[estebanabaroa]

how would decentralized moderation deal with sybil resistance? you could make infinite accounts and elect yourself as all the mods. even if you used proof of work, it wouldn't stop spam, the spammers will pay the cost of the POW.

something like web of trust would take too long to sync, you'd have to download the entire web of trust, and it can still be sybil attacked, just make an entire fake web of trust. also it takes too much effort for the user to browse through infinite spam to bootstrap his own web of trust.

[Hueristic]

Redditt is bootlicker central.

Having an alternative that doesn't have gagging tools would be nice but its specifically became so huge because of those tools.

I have watched communities move there to "avoid trolls" which is really just their way of controlling the narrative.

I think the issue would be how to attract users and already established communities once it is built.

And I'm talking about communities that are purported to be open and independent like Monero that moved from bitcointalk and now hide behind all reddit moderation tools.

[milahu]

how is this better than zeronet?

ipfs is just a slow version of bittorrent, zeronet is based on bittorrent

[milahu]

this is a specific site unmanaged by manipulating moderation.

unmoderated forums will NEVER work, they will always drown in spam and abuse.
such unrealistic expectations are a guarantee for frustration.

what we need is transparent moderation, aka transparent censorship,
so that censored content leaves a trace, and can be requested from other publishers.
see also my notes in p2p-killerapp#transparent-moderation and https://github.com/nostr-protocol/nostr/issues/102#issuecomment-1920725541

because there are no "neutral platforms",
there are only publishers, and every publisher has his bias

[Hueristic]

Looks like your just here trying to throw shade without even doing the appropriate diligence first so go on a fishing expedition with someone else i'm not some yahoo. As I stated I've only done a cursory glance and thought you needed a hand on basic reading comprehension but if your here to explain to everyone why this will not work then your barking up the wrong tree.

[milahu]

Looks like your just here trying to throw shade

in other words: "someone should censor your comments."
thanks for proving my point : )

[Hueristic]

Looks like your just here trying to throw shade

in other words: "someone should censor your comments." thanks for proving my point : )

Someone should censor my comments because they are not to your liking?

I think this interaction has proven the entire point of this project.

You have the option to not engage with me if you don't like what I'm saying but I have every right to say it.

I took the time out of my day to try to help you but your obviously here with an agenda.

Try that on someone else, I don't fall for these tactics.

And this is my last interaction with you so if your the type that thinks because they got the last word then they won a disagreement then feel free to reply rather than just being an adult and moving on.

[milahu]

Someone should censor my comments because they are not to your liking?

no.
you hate my "negative" comments, so youre downvoting me to oblivion,
so that others dont waste their time with my stupid comments.
just like the typical 6 year old "think positive" redditor...

in other words:
if you were a publisher with limited resources, you would not publish my comments,
because your audience would also hate my "negative" comments.
(a publisher and his audience have a similar bias.)

youre looking for some centralized free-speech "platform" (gab.com? bitmessage?) with "no censorship",
im looking for a p2p federation of publishers (similar to nostr),
where censored content leaves a trace, so it can be found at other publishers

I think this interaction has proven the entire point of this project.

yes.
you blocked me on github, so i cannot laugh at your comments any more.
thanks for admitting that you love censorship as long as your "enemies" are censored.
just the usual hypocrisy, nothing new here...