What we think about Activity Pub

Activity Pub is the oldest and the most mature of all the decentralised social media contenders in this list. It powers the Mastodon instance as well as thousands of others. Activity Pub is a W3C standard.

The architecture of Activity Pub is simple:

1. Users open any Activity Pub client of their choosing.
2. Users choose an Activity Pub server and create an account there (using traditional OAuth2).
3. The user starts posting via any Activity Pub client and its posts land on the server the user is logged in to.
4. Servers are federated: each server is responsible for listing the other servers they want to synchronise with. Every time a user posts something on a server, this server pushes this content onto the other servers.
5. Each server administrator is responsible for choosing its moderation policy and its moderators. Each server can decide to federate or block another server. Each user can block another user so that their server won’t send the blocked user’s info to their client.

Activity Pub‘s underlying philosophy focuses on communities rather than isolated individuals, and Activity Pub creators consider that trust is necessary and good for cohesion in society. Therefore, Activity Pub builds upon communities by allowing them to co-run their own server and organise their governance off-band however they please.

(Source: W3C Activity Pub)

Advantages

• Mature, using battle-tested technologies
• Standardised
• Simple - so implementations are solid
• Non-profit: moderation is done server by server by people who truly care about it, and algorithms are not driven by the Attention Economy.
• Open-source
• Users are not tracked, their privacy is generally much more protected from profiling than on X for example: users see a simple timeline based on their following with simple filters, and that’s it, there is no enforced “For You” timeline.
• These acknowledgements by the Fediverse are refreshing in a field that’s largely dominated by either libertarians or ultra-capitalists:
  • Trust is necessary in society and even desired to increase its cohesion
  • Company business models designed to increase profit at all costs can be deterring to society (Attention Economy, Trolls, Disinformation…etc)

Limitations

• Users are locked in on the server they chose: server admins own their users' identity and posts, and they can technically ban them however they please. This is made worse by the fact that users cannot migrate their posts and social graph from server to server. This is mitigated if users choose to self-host their own server that they first register to. But this is a burden that most won’t do, and even so:
  • Larger servers can defederate or limit your small server
  • Reply visibility for your own post will be bad, so replies will be repetitive because people cannot see all the replies
  • Discovery will be bad, because the “federated timeline” which combines feed from everyone who is followed by someone on the server is identical to the “local timeline”
  • The moderation tools you would have would be limited: you could only either accept all the content from another server or ban the whole server entirely - no granularity would be possible.
• Users have to put a lot of trust in the server they choose. Servers are to be trusted to moderate according to their stated policy. Example: user 1 is registered on server A and sends “post 1”. If server A moderates post 1 and hides it entirely, it won’t show on the other federated servers as well, so user 1 cannot hold server A accountable for having moderated its posts. And even so - the moderated post that would have been pushed to the other servers is not cryptographically signed by user 1, so it could very well be forged. And besides, server A can still do whatever it pleases without user 1 having much recourse (such as migrating to another server with all the user’s data). Finally, servers can change their moderation policy over time, effectively trapping those who disagree with the new moderation rules, who become the target of bans or suspensions, while they would be welcomed in instances with other policies. This happened to Lefteris' account (privacy-preserving crypto tracker developer). He has been suspended from octodon.social for the sole reason that he would be “capitalist” with un-suspension possible in exchange for a bribe to the moderator. According to Lefteris, this instance was tech oriented when he joined years ago. It is now a far-left instance with clear moderation rules to “shoot on sight and without trial or warning or mercy” (see octodon.social/about), and there is nothing he could do to migrate his account while he was suspended.
• Activity Pub does not solve sybil attacks: anyone can create as many accounts as they want by registering with different email addresses each time.
• The downsides of servers being run by volunteers is that we can’t always expect the same level of high-availability as with for-profit companies. And besides, these servers may lack volunteers dedicating their free time to moderation.
• Users cannot moderate the content themselves, granularly. Users can block or mute other users, but they cannot simply remove specific comments instead. It is reasonable to imagine that every user on the same server (especially large general-purpose instances such as Mastodon) may have a different opinion on what they want to see on their timeline and what they want to ban. Popular centralised social networks (such as X or LinkedIn) solve this issue by providing the option to personalise their feed with the button “I don’t want to see this”.
• Mastodon provides a “Follows” feed as well as a “Discover” timeline which combines the posts from people that are followed by members of your instance. However, there is no algorithmic choice other than these two algorithms, which can make it hard to discover new content, especially when you have failed to choose a server with like-minded individuals. Each Activity Pub client app and server could theoretically innovate and provide more solutions. However, it is not implemented by the majority of apps. Because there is no user profiling, there is no “For You” timeline. Rather than a pure “disadvantage”, this is a conscious choice by the Activity Pub community, who believe that these “For You” algorithms create toxic environments based on engagement, which is precisely what they want to avoid, besides the privacy concerns.
• The protocol focuses on the traditional profile/follow/like/post/reply/repost mechanism, and does not innovate from a product perspective aside from the objectives and advantages exposed above, which are not enough to persuade most social media users to migrate their account from traditional centralised social media.

Could it be useful for our requirements?

Activity Pub account “lock-in” is an anti-feature for our Interoperability requirement. As a result, we cannot use Activity Pub for Decentralised Moderation.

However, allowing users to cross-post to Activity Pub can be useful.