FEP-ef61: Portable Objects

ArcJo · February 25, 2025, 12:02pm

@silverpill would it be interesting to discuss with the Mastodon team, or possibly with misskey or pleroma/akkoma, how to implement this in existing implementations? Or what/where is the progress on that?

silverpill · February 25, 2025, 1:59pm

Implementing the receiving side of this is not difficult. I did that in Mitra and my server now can receive portable activities from Streams. Mastodon and others could probably do that as well.

But the producing side is more complicated, because it requires changing the way we build ActivityPub apps. Most Fediverse services today are both ActivityPub Server and Client crammed into one application, and they manage cryptographic keys on behalf of a user. FEP-ef61 network will probably look like Nostr: simple servers that store and transmit messages, and powerful clients. There might also be identity providers that take care of key management.

I don’t know what is the best way to build all of that. More experimentation is needed. I am planning to build a simple FEP-ef61 server to figure out how storage is supposed to work before doing anything serious in Mitra. I am also working on a Rust library that can be used to build FEP-ef61 servers and clients.

silverpill · February 25, 2025, 2:07pm

Streams can produce portable activities, but I think they store secret keys on a server. This is fine if you host a single user instance on your own hardware, but in other situations this is roughly equivalent to status quo (trusting the server owner).

SorteKanin · February 26, 2025, 8:51pm

I think I’ve heard this idea before and I still don’t think I understand it. The problem as I see it is that there are certain use cases that are not feasible to implement in a client. For instance, I don’t see how you could implement a Reddit-like social platform with a “simple server” and a “powerful client”. You simply could not implement the required sorting algorithms as a client.

I feel that this “simple servers, powerful clients” idea excludes many potential use cases and I fear that this would essentially reduce ActivityPub to some kind of glorified email, or at least make everything but the microblogging use case into a second-class citizen.

silverpill · February 26, 2025, 9:07pm

I keep federated groups in mind when I am working on this. I don’t think it limits ActivityPub in any way, but I guess we will see once implementations begin to emerge.
In any case, the idea here is not to replace existing ActivityPub network, but to complement it.

helge · February 27, 2025, 7:43am

Can one use this combined with a HTTPS actor? e.g.

{
  "@context": [
    "https://www.w3.org/ns/activitystreams",
    "https://w3id.org/security/data-integrity/v1",
    "https://w3id.org/fep/ef61"
  ],
  "type": "Note",
  "id": "ap://did:key:z6MkrJVnaZkeFzdQyMZu1cgjg7k1pZZ6pvBQ7XJPt4swbTQ2/objects/dc505858-08ec-4a80-81dd-e6670fd8c55f",
  "attributedTo": "http://host.example/actor",
  "content": "Hello!",
  "to": [
       "http://host.example/followers", "https://www.w3.org/ns/activitystreams#Public"
  ],
  "proof": {"...": "..."}
}

would be a message (with corresponding Create). http://host.example/actor would acknowledge did:key:z6MkrJVnaZkeFzdQyMZu1cgjg7k1pZZ6pvBQ7XJPt4swbTQ2 by having it in its assertionMethod.

This would lead to portable objects without portable actors. In particular objects that don’t need to live on servers.

silverpill · February 27, 2025, 11:55am

Yes, I think it might work:

The did:key:z6MkrJVnaZkeFzdQyMZu1cgjg7k1pZZ6pvBQ7XJPt4swbTQ2 authority claims that object is attributed to http://host.example/actor
The host.example authority claims that did:key:z6MkrJVnaZkeFzdQyMZu1cgjg7k1pZZ6pvBQ7XJPt4swbTQ2 can sign things on its behalf.

Authorities agree, therefore this object can be trusted.

Why not make actors portable too? FEP-ef61 can work in compatibility mode, in that case the actor ID would look like this:

http://host.example/.well-known/apgateway/did:key:z6MkrJVnaZkeFzdQyMZu1cgjg7k1pZZ6pvBQ7XJPt4swbTQ2/actor

helge · February 28, 2025, 9:23am

It’s the entire evolution not revolution concept. Sending portable objects from an existing https actor is kind of an intermediate step, where one doesn’t have to change everything.

silverpill · March 19, 2025, 3:03pm

Update: #529 - FEP-ef61: Endpoints and services - fediverse/fep - Forgejo: Beyond coding. We Forge.

Preferred gateways can be declared in a DID document (as DID services), and maybe in actor’s endpoints mapping too.

I think using endpoints for that makes a lot of sense because according to the ActivityPub spec, this object “…maps additional (typically server/domain-wide) endpoints which may be useful either for this actor or someone referencing this actor.” In FEP-ef61 world, these endpoints are “DID-wide”.

silverpill · March 19, 2025, 3:14pm

This is somewhat similar to FEP-c390 Identity proofs, where two authorities, domain-based and DID-based, are coordinating to create a verifiable link. I added a new section to FEP-fe34 called “Cross-origin relationships”, where such use cases will be covered.

PoV · June 17, 2025, 2:24am

Hello! Just thought I’d share some early work I’ve done on adding FEP-ef61 support to my fork of Bluesky’s PDS server with ActivityPub support. More information on that project can be found here:

github.com/bluesky-social/atproto

PDS ActivityPub support 😉

main ← mikekasprzak:activitypub-mainline

opened 03:58AM - 09 Jun 25 UTC

mikekasprzak

+2269 -1

No joke, this PR adds preliminary ActivityPub (i.e. Mastodon) support to the PDS…. :exploding_head: **IMPORTANT**: You shouldn't expect full interoperability with this alone! At most, you should expect that your public posts get shared with your followers on Mastodon (i.e. an outbox). While it should be capable of receiving likes and replies, there's no current way to expose those to the Bluesky apps. --- ## :warning: IMPORTANT: THIS IS A PROOF OF CONCEPT/WORK IN PROGRESS :warning: Likes are appreciated, but please **ONLY POST** if you have something to say regarding this PR. :warning: No feature requests! No asking when it'll be ready! Be kind to my alerts, thanks! :warning: --- You might have seen [this skeet](https://bsky.app/profile/distraction.engineer/post/3lql7jiqaac2a): ![image](https://github.com/user-attachments/assets/8a37a773-159c-44f6-a167-bac865a0340e) At the time of this writing, you should be able to search-for and find `@chaos.distraction.engineer` on Bluesky and `@chaos@distraction.engineer` on Mastodon/ActivityPub. This is my modified PDS server `manhattan.distraction.engineer` that's able to communicate using both the AtProto and ActivityPub protocols... err, well the ActivityPub part is a work in progress. :warning: **YOU CAN'T CURRENTLY FOLLOW THE MASTODON USER, ONLY THE BLUESKY USER** :warning: This draft PR is a place for me to share my PDS changes thus far. This isn't my primary branch (that would be [this one over here](https://github.com/mikekasprzak/atproto/tree/activitypub)), but in that one I've had to break a number of things to make my own [docker images](https://github.com/mikekasprzak/pds/pkgs/container/pds) available for testing. **I DON'T RECOMMEND USING MY DOCKER IMAGES** ## How to build :warning: Advanced users only! Not recommended for production! :warning: * Install these codegen patches. These changes were necessary to author the Lexicon files correctly. * #3932 * #3938 * alternatively my [testing branch](https://github.com/mikekasprzak/atproto/tree/activitypub-testing) has these patches applied * run `pnpm install` to install the npm packages * run `pnpm precodegen` to build the codegen tool * run `pnpm install` to update the npm packages and point at our built version of the codegen tool * run `pnpm codegen` to generate code * run `pnpm build` or `pnpm dev` ### Testing Add an entry for `test` to your `/etc/hosts` file. It should look something like this: ```bash 127.0.0.1 localhost ::1 localhost 127.0.1.1 pop-os.localdomain mypcname 127.0.0.1 alice.test bob.test carla.test triage.test mod.test admin-mod.test 127.0.0.1 test ``` To confirm it's working, ping it. ```bash ping test # PING test (127.0.0.1) 56(84) bytes of data. # 64 bytes from localhost (127.0.0.1): icmp_seq=1 ttl=64 time=0.096 ms # 64 bytes from localhost (127.0.0.1): icmp_seq=2 ttl=64 time=0.090 ms # 64 bytes from localhost (127.0.0.1): icmp_seq=3 ttl=64 time=0.083 ms # ... ``` Start the development server. ```bash pnpm dev ``` Wait a while, as it needs to start and restart `dist/bin.js` several times before its happy. Then, to confirm that the local server is running, in a separate tab perform a webfinger request on one of the test users. As far as the development environment is concerned, the dummy user `alice.test` is considered to have the ActivityPub handle `alice@test`. ```bash curl http://test:2583/.well-known/webfinger?resource=acct:alice@test # Or the pretty version curl -s http://test:2583/.well-known/webfinger?resource=acct:alice@test|jq ``` If it's working, you'll get a response like so: ```javascript { "subject": "acct:alice@test", "links": [ { "rel": "self", "type": "application/activity+json", "href": "http://test:2583/xrpc/org.w3.activitypub.getActor?repo=did:plc:cltjd4ihxplfp76w3szxc5l2" } ] } ``` :warning: Not all endpoints work! See below for a list of what's working or not! :warning: ### Deploying :warning: NOT RECOMMENDED! ALSO NOTE: MY DOCKER IMAGES ARE NOT UP TO DATE! :warning: Deploy this as you would any PDS server (i.e. adding `_atproto` TXT records to your domain). Assuming you're not doing anything out of the ordinary (i.e. using names under a different subdomain), it should just work. :crossed_fingers: :warning: Right now ActivityPub support is always enabled, but it may not be if this is merged into mainline. :warning: If you want to change the root domain used by your users, you can set `PDS_HOSTNAME_ALT` in your `.env` file. Doing this will also require setting an HTTP 301 redirect for `newdomain.com/.well-known/webfinger` (or the whole `/.well-known/` folder). As an example, my PDS server is on <https://manhattan.distraction.engineer>. Typical users are created as subdomains, so `chaos.manhattan.distraction.engineer`. I set my alt domain to <https://distraction.engineer>, which is a regular static website hosted on Cloudflare. I was able to make my `/.well-known/` folder redirect by creating a file `_redirects` containing the following script. ```bash /.well-known/* https://manhattan.distraction.engineer/.well-known/:splat 301 ``` I then changed my PDS username from `chaos.manhattan.distraction.engineer` to `chaos.distraction.engineer`, which appears as `chaos@distraction.engineer` on Mastodon. :partying_face: ## Background This wacky ride started [at the end of may](https://bsky.app/profile/distraction.engineer/post/3lqdcxzzbw22j). About 3 days later I was able to make the skeet [snapshotted above](https://bsky.app/profile/distraction.engineer/post/3lql7jiqaac2a). While I originally planned to "staple-on" Mastodon-like endpoints to the PDS server, as I grew more familiar with the PDS internals, I realized I could make it work the same as the rest of the server: using `xrpc`. That's what I've been working on since, and what leads me to this PR. ## TODO * [x] Rewrite code to use Lexicons and run over `xrpc` * [x] Build core Lexicons for the ActivityStreams, ActivityPub, and JoinMastodon namespaces * [x] Webfinger (`/.well-known/webfinger?resource=`) * [x] Add `/xrpc/org.w3.activitypub.getActor` endpoint * [x] Return an `Activity#Create` document with an `Actor#Person` inside * [x] Use `icon` and `image` fields for avatar and profile image respectfully * [x] Add `/xrpc/org.w3.activitypub.getOutbox` endpoint * [x] GET version (public) * [x] When no page is specified, return an `OrderedCollection` * [ ] Use correct number of items * [ ] When page is specified, return an `OrderedCollectionPage` * [ ] Add Paging * [ ] POST version (private) * [ ] Add `/xrpc/org.w3.activitypub.getResource` endpoint * [ ] Allow fetching posts (Notes) by id * [ ] Allow fetching activities by id * [ ] TBD: Should this endpoint handle fetching collections too? i.e. likes, followers, etc. * [ ] If so, add Paging * [ ] Add `/xrpc/org.w3.activitypub.putInbox` endpoint * [ ] Accept follower requests. * [ ] Store followers ... somewhere * [ ] Add support for the `sharedInbox` endpoint (for delivering to all members of a server) * [ ] Send (forward) messages to followers * ~~[ ] Consider switching endpoints over to the `org.joinmastodon` namespace as TECHNICALLY I want to support Mastodon style ActivityPub, as that's the most popular. Mastodon isn't necessarily the most "spec compliant", and including "Mastodon hacks" in `org.w3.activitypub` doesn't feel right.~~ * [ ] Public and Private keys (RSA) * [ ] Generate keypairs * [ ] Import keypairs * [ ] Store and fetch your keys in such a way that they persist in your backups * [ ] Expose public key via getActor * [ ] Expose public key via webfinger? * [ ] Explore exposing the public key via https://plc.directory * [ ] Sign messages sent * [ ] [FEP EF61 "Portable Object" support](https://codeberg.org/fediverse/fep/src/branch/main/fep/ef61/fep-ef61.md) * [ ] AtProto DID to ActivityPub FEP DID conversion * [ ] `ap://` URLs * [ ] `/.well-known/apgateway` support * [x] Consider adding **Mastodon Client** endpoints for accessing your ActivityPub inbox, EFFECTIVELY turning a PDS into a ... well, a **Masttodon Client** :exploding_head: * [ ] TODO: task breakdown * [ ] ... ### Known Bugs * [ ] `/xrpc/org.w3.activitypub.getOutbox` unnecessarily includes at AtProto `$type` field * [ ] ... ## Wrapup I'll be updating this PR as I go, and expanding on things. It's a draft PR, so please cut me some slack. :wink:

Anyway, as for FEP-ef61 support, it’s not in my draft PR yet, but below you can find a few sample screenshots of responses. Notably, my in implementation I convert AtProto DID’s into ActivityPub DID’s by storing the AtProto DID’s in did:key’s with the MultiDID encoding (as a base58 string).

The first is my updated webfinger, and a placeholder apgateway showcasing DID conversion.

Second, an A/B comparison of what my standard actor profile response looks like, and what it looks like in “FEP ef61” format. It’s currently only available behind a query parameter, at least until I finish the gateway.

EDIT: Click the GitHub link above. I’m not allowed to post 2 images or more than 2 links as a new user.

silverpill · June 17, 2025, 5:02pm

Hello @PoV !

You can use ATProto DIDs directly, without encoding them with multiDID.

FEP-ef61 is compatible with all DID methods, and did:key requirement was added only to facilitate implementation convergence. But existing FEP-ef61 implementations support only Ed25519 did:key, so we won’t be able to interoperate.

What do you think about did:web? As far as I know, this method is supported by ATProto, and we also considered supporting it in Fediverse.

PoV · June 17, 2025, 5:44pm

That would be nice. As you’d expect, this lead me down this path:

DID Methods

Implementers MUST support the did:key method. Other DID methods SHOULD NOT be used, as it might hinder interoperability.

It might be worth clarifying that not using Multidid Ed25519 keys hinder interoperability, than simply not using did:key.

I’m curious what existing implementations use the Ed25519 keys for, besides unique identifiers? I do realize they’re also public keys, but I haven’t got to signing or validating yet in my implementation.

I’m indifferent as I haven’t personally used AtProto’s did:web support. That said, from my understanding, it doesn’t technically support the full did:web standard (domains and subdomains only, no URLs). Parts of the code support encoding URL slashes as :'s, which I’m not sure is the standard or not, but according to the team this isn’t the case everywhere. The only reliable part is the domain.

silverpill · June 17, 2025, 9:21pm

The recommendation to use Ed25519 is there too, it’s in the next paragraph:

DID documents SHOULD contain Ed25519 public keys represented as verification methods with Multikey type (as defined in the Controlled Identifiers specification).

Both are SHOULD, however. This is to say: we are exploring various DID methods, but did:key + ed25519 is what is currently used in production.

Those Ed25519 keys are used to sign ActivityPub objects. Here’s an example of an actor:

https://mitra.social/.well-known/apgateway/did:key:z6MknVmyPtQmD2SaGnqyGgTVEqfqkkJJnY3YVKBmbzSUNCcX/actor

The signature is in the proof object, produced in accordance with Verifiable Credential Data Integrity 1.0 standard.

PoV · June 17, 2025, 11:41pm

Gotcha, thanks for that.

Curiously, I noticed that document has no JSON LD @context section. While I realize JSON LD doesn’t necessarily require it, I just haven’t seen any “valid” documents without it. Is that at all commonplace, or just a fluke that this specific implementation doesn’t use them?

EDIT: Mmm… Is it omitted because the content type is application/ld+json; profile="https://www.w3.org/ns/activitystreams", thus "@content": "https://www.w3.org/ns/activitystreams" is implied?

silverpill · June 18, 2025, 7:01pm

It was a test, the @context is already restored.
ActivityPub says that “Implementers SHOULD include the ActivityPub context in their object definitions.” I think it means that @context could be omitted if you have a good reason do so. But Mastodon rejects actor documents without @context, so everyone includes it for compatibility reasons. Other implementations seem to be more forgiving - this is what I was testing