@bnewbold@social.coop
@bnewbold@social.coop avatar

bnewbold

@bnewbold@social.coop

dweb, cycling, free software, snow, wiki, hardware, big cities, symbolic systems. I love speculating about found objects.
Working at https://blueskyweb.xyz/ on atproto (a federated social media protocol). Formerly built https://scholar.archive.org; scientific instrumentation for observational cosmology; open hardware
#seattle

This profile is from a federated server and may be incomplete. Browse more on the original instance.

arcanicanis, to random
@arcanicanis@were.social avatar

I guess I successfully created a did:plc and have it published to (sorta) Bluesky's backend did:plc registry: https://plc.directory/did:plc:s2m7kbq2unki7rager5aw6sw/log

Instead of endorsing any sort of a ATProto PDS or anything, I instead have it pointing to my ActivityPub (and other) identifiers in varying forms.

I'm probably the only [non-employee] user (or at least: one of very few) on Bluesky's infrastructure that has full custody and control over their own private keys for their did:plc identity, and yet I don't even have a Bluesky account. Unless I'm just uninformed of something buried somewhere allowing you to export at least one of your rotationKeys (not the signingKey, which is just for signing posts, etc). Because without that, you don't really control your identity at all, only Bluesky exclusively does.

Meanwhile, in this endeavor, I "only" had to:

  • Write a DAG-CBOR and CIDv1 encoder
  • Write a Multibase and Multikey encoder and decoder
  • Write a base58btc encoder/decoder
  • Write a base32 encoder
  • Write functions to compress and decompress a secp256k1 public key (involves crypto maths, for decompression)
  • Write some very adhoc ASN.1 DER encoding/decoding functions (just to encode a raw secp256k1 public key into PEM encoding, to feed to OpenSSL; and then extract the r and s values from the outputted signature from OpenSSL)
  • Write a function to generate a did:plc identifier, from the genesis operation
  • Write a lot of test code

With how scarcely some topics are documented, and how scattered many tidbits of info is: I swear some of this is almost intentionally a trap to sell consultancy.

bnewbold,
@bnewbold@social.coop avatar

@arcanicanis congrats! that is a whole lot of code to write from scratch. we would definitely recommend starting from an IPLD library (giving multiformats, CID, dag-cbor), and probably not using OpenSSL for the crypto bits. there are better or worse EC crypto libs, but encoding and low-S signature issues are common.

bluesky opened up self-control of PLC identities initially created through the app, including fully removing rotation keys. this was necessary to enable account migration.

bnewbold,
@bnewbold@social.coop avatar

@arcanicanis key mgmt can be risky and PLC updates mostly dev-oriented and disclaimed/scary; not very friendly or accessible yet.

curious if you have feedback, requests, or ideas! there might be small changes/additions to make the system more general purpose, or holes in docs/specs

  • All
  • Subscribed
  • Moderated
  • Favorites
  • random
  • Hentai
  • doujinshi
  • announcements
  • general
  • All magazines
    •