History of ActivityPub

Hi everyone, I’m going to share the concept and implementation of AcitivityPub at an annual open source conference (COSCUP 2023) in Taiwan. Among other things, I would like to introduce the history of AcitivityPub and its origins, so that the audience can understand that free social media is a long term effort.

I made the following simple timeline (it is still a draft).

Xnip2023-06-26_20-12-101972×810 141 KB

In this diagram, the open source protocols are listed at the top, and the main applications are listed at the bottom. For the open source protocols, I use version 1.0 as the time stamp. For the application part, I have listed the approximate start time.

My understanding is that OStatus was the most well-known early free social media protocol, adopted by StatusNet and gradually replaced by the Pump API, which can be considered as the successor of OStatus. At the same time, at the source, OStatus, Activity Streams 1.0 and Pump API are all origins of ActivityPub.

In the application part, GNU-social and Pump.io are the successors of StatusNet, and Mastodon also used OStatus in the early days, but then completely switched to ActivityPub.

I would like to know everyone’s opinion on this discourse and timeline. Because there is not much information, my organization is likely to be problematic. I would also like to ask if there are any applications or protocols related to the origin of ActivityPub that I have missed in this historical overview.

A good overview of Fediverse history can be found here: The Federated SNS Timeline (Fediverse History)

Thank you so much, you provided exactly what I was looking for!

One small question is, I see that the article says ActivityPump, not Pump API. is this the same thing?

I’m not sure. I heard somewhere that early drafts of ActivityPub standard used the name ActivityPump. Perhaps @eprodrom could elaborate on that

There is a social/political story about ActivityPub that is MUCH more important than the technical side, good to touch on this not to miss the things that matter http://hamishcampbell.com/?s=activertypub

This value is from before this mess

ad2adff55ae910231002×943 107 KB

And what we build after this mess on the #4opens #KISS social tech path http://hamishcampbell.com/2023/02/10/lets-take-a-fresh-look-at-openweb-history/

Thank you very much for your reply. I agree with your statement. In fact, I originally wanted to present ActivityPub from a more internal perspective of community and value, to avoid it being misunderstood as just a technical protocol. But unfortunately, I couldn’t find much information. Many active activists mentioned just a few words, but it was too hard for me, a newbie, to sort out. I am reading your articles and trying to understand them.

In the meantime more people are welcome to contribute to this topic. I’m also trying to understand the socio-political implications behind the shift from OStatus, Activity Streams 1.0, ActivityPump to ActivityPub.

It has an interesting history of being an" accidental" openweb reboot, it exists because the #dotcons turned up at the #wc3 meeting and did not find anything useful for them so left the “weirdos” to get on with building a #4opens aproch. The “weirdos” manage to hold things together long enough to get the #activertypub standard through the open but burocratic process and pushed it out to the world.

Sadly the last few years we have fallen into the normal “libertarian cats” path, and it’s looking like this openweb reboot will be devoured… not a BAD outcome as they are eating a piece of openweb that will become a part of the needed shift in #mainstreaming.

But it’s not an outcome meany of us like, who wonted to building real alts.

The #mainstreaming needs composting rather than reforming

This is interesting because it provides insights into the dynamics and challenges of the openweb movement. It highlights the tension between #mainstreaming platforms and grassroots efforts, showcasing the passion and dedication of communities working towards an open and decentralized web. The accidental nature of the ActivityPub reboot adds an element of serendipity to the story, emphasizing the power of #DIY culture and the resource constraints faced by openweb technologies. The recent shift towards a “libertarian cats” path and the potential consumption of the openweb reboot raise important questions about the future of alternative platforms and the need for continued resistance against “common sense” #mainstreaming.

something that people implementing fediverse servers and clients frequently mention is that the de-facto activitypub standard is what has been implemented in the mastodon api. the precise differences don’t seem to be documented

I think Mastodon API is only for client2server part, but server2server is still a ActivityPub implementation. Is it right?

OStatus had no support for privacy and limited conversations; although in the last years of OStatus Evan added support for DMs – but only if the recipients were on the same instance (like the early OStatus groups). They didn’t federate.

There were some later changes around 2011 to allow “targeted pubsubhubbub” but by then things had changed and OStatus was already on its way out. AS2 incorporated “targeted PuSH” natively via its addressing fields.

The shift from AS1 however was mostly because JSON is a lot easier to deal with as a serialisation format than XML and in 2011/2012 a large part of the technical world tossed XML and moved to JSON. ActivityPump used a very early draft of what is now AS2, combined with basically the C2S part of what is now ActivityPub. Servers exchanged messages via OAuth2 using an extension to generate OAuth2 tokens dynamically. Everybody exchanged messages via JSON over OAuth2.

ActivityPub basically added the S2S bits to ActivityPump so that existing communication servers could use ActivityPub without requiring OAuth2 - which was already turning into a compatibility nightmare and has only gotten worse since then. I believe this is also when the “public inbox” was added to address the fact that AS2 only had a concept of privacy and had no concept of something being ‘public’ or available to the public stream.

Signatures is/are where ActivityPub failed everybody. LD Signatures were always a disaster, and Eugen dug up an early draft of http-signatures which we’re still using even though it is now technically obsolete. LD signatures were retained purely for third-party signatures.

The Mastodon API has absolutely nothing to do with ActivityPub. It’s just a representation of Mastodon’s internal data models. My software doesn’t use it because we have radically different internal data models; even though we provide a very complete ActivityPub implementation. Instead we support ActivityPub C2S because it’s generic - it isn’t a vendor specific implementation like the Mastodon API is.

I concur with your sentiment on ActivityPub’s shortcomings concerning signatures. My original conception revolved around a “semantic inbox” inspired by FOAF principles. The aim was to implement a web-like email system where data could be posted via HTTP, and the user would have an inbox of items to manage.

This idea was incorporated into Solid (originally FOAF+SSL) and, due to various influences, was included as a linked data notification inbox. From the beginning, the intention was for the data sent to the inbox to be signed. However, it’s taken over two decades to design a universally accepted canonicalization and signing system for linked data, and the process is still ongoing.

In Solid, I had envisaged including signed payments as part of the social web, but this never materialized. Nevertheless, such signing has been successfully implemented in nostr.

LD Signatures branched off from the same group (WebID) but ultimately took a separate path.

Signatures can be intricately complex or remarkably simple, with a spectrum of variations in between. Emphasizing developer experience (devX), I believe that a straightforward “sig” field in a simple JSON blob, preferably with minimal or no nesting, is an effective approach.

I suggest considering the inclusion of open microblogging, which could be viewed as a precursor in this context. Although a decent project, open microblogging attained a substantial prominence in the open social web landscape, potentially due to effective lobbying efforts. There was initially a drive to rival Facebook and its application ecosystem, encompassing open social. However, these endeavors seemed to be relegated due to the strong promotion of open microblogging. To this day, the lack of a robust open social graph and a viable competitor to Facebook is still apparent.

It could be argued that OStatus may have inadvertently delayed our progress by around a decade. However, I believe it was the combined influence of Open Microblogging and an emphasis on micro blogging in general that have eclipsed other use cases in the open social web.

You might find it beneficial to explore linked data, FOAF, FOAF+SSL, the foaf-protocols mailing list, and Solid (social linked data). AS 1.0 evolved into AS 2.0, adopting linked data after AS 1.0’s moderate success. This change was driven largely by IBM, within the W3C social web working group.

FOAF (Friend of a Friend) gained traction around 2004 when the open social web began to flourish, and its creator eventually developed schema.org. The fundamental idea is the web as a social, interconnected graph of data. Enhancing the web slightly could allow for a browsable network of profiles. This could then anchor various applications, including inboxes/outboxes, profiles, followers, friends, activities, and more.

Regrettably, the OStatus and FOAF (linked data) branches became competitors rather than collaborators. This has resulted in two parallel, yet incompatible efforts. ActivityPub partially adopted linked data in a somewhat confusing manner, leading to considerable overhead with limited advantages. We are still attempting to navigate through these complications today.

Interesting to read through this history

One thing we don’t touch on is that most of this thried is inside the #geekproblem of #4closed thinking. This “common sense” is likely a part of the problem we should be talking about, but can’t.

We mix up open and closed, we mix up media with personal. We develop inside this mess and push noise over signal to not have to think about this.

Not blaming anyone, it’s just were we are.

Ideas to move tech Dev away from this mess please?

We have good #UX encrypted #FOSS chat, one on one and group. We have working #OMN (open media networks) in our ActivertyPub codebases and networks. We are in a relatively good place compared to ten years ago.

What we don’t currently have in this subject is an understanding of the different paths of media and private communication. They are different paths, yes the #mainstreaming has made a social mess by mixing these up, we don’t have to, and we should not.

Hope people can understand how this fits into the history of ActivertyPub, to give you a hint it’s CLEARLY on the #OMN path, this is a good path.

Yes, indeed. Sometimes closed masquerades as open. Sometimes centralized masquerades as decentralized. As the Fediverse grows in user base, it becomes increasingly appealing for proprietary interests to channel these users towards their gatekeeping structures, using specification changes, FEPs, or venture capital. Currently, we lack measures to resist this.

Some of the material in Mastodon: a partial history might be useful – there’s a section on ActivityPub with links out to various more detailed discussions.

I forgot to post this too. It was the group that lead the the chartering of the WG which made activity pub

In some sense OStatus was an input. But OStatus itself was just one paragraph in one section in a wider part of the whole social web.

https://www.w3.org/2005/Incubator/socialweb/XGR-socialweb-20101206/

Fediverse history nerd here, and author of a hastily drafted blog post on the subject, which still gets referenced occasionally. I know your presentation was probably ages ago @phx, but for the record…

Love the diagram! Although I would put GNU Social and pump.io in the opposite order. It was partly due to Evan and identi.ca switching to pump.io that the GNU social project emerged, to continue an active fork of StatusNet (getting ahead of myself, see comments below).

Just for clarity, OStatus was developed by the same company as StatusNet, as a replacement for OpenMicroblogging. Not adopted from elsewhere.

Call me a completist, but I’d love to see both OM and Laconica in that diagram too. As mentioned by @melvincarvalho (and in my blog piece linked above), OM was the first protocol developed by Evan and his team, before they changed the name of their software from Laconica to StatusNet. It makes sense to me that the protocol change was the motivation for the software rename, to avoid any negative associations caused by the limitations of the older protocol.

It’s true that Evan developed the Pump API to replace OStatus. But AFAIK, it’s only ever been used in the pump.io software. Most notably when Evan used it to replace StatusNet on Identi.ca.

OStatus remained the dominant protocol in the fediverse until it was superseded by ActivityPub. After Evan pivoted to pump.io, StatusNet continued in maintenance mode until it was merged in with two of its forks - Free & Social and GNU social - into one project under the name GNU social. Pleroma, postActiv and Mastodon all used OStatus so they could federate with the early fediverse, formed mainly by GNU social servers.

Quite so. ActivitySteams is a social data format, which was used as the standard data format in the AP spec. The 1.0 version of AS used XML (as do XMPP and RSS) and preceded the Pump API, which as @macgirvin says, used a JSON version of AS as its data format. If memory serves, this work formed the basis of AS 2.0 and was standardised by the same W3C working group as AP (can anyone confirm or correct?).

One of the events leading to the ActivityPub standardisation was the decision by Christine Lemmer-Webber and the GNU MediaGoblin team to implement the Pump API, aiming to create something like PeerTube. Since Matt Lee of GNU FM and the rest of the GNU social team were still using OStatus, it seems likely that people from all 3 GNU projects (and maybe others) would have talked about cooperating on one social federation protocol. Christine and Jessica Tallon from MediaGoblin ended up doing a lot of the drafting work as part of the W3C working group on standardising AP.

I would add that the Diaspora project - both the app and the variant of OStatus developed for it - were also important precursors to AP, and deserve a place in your diagram. See my comments on Diaspora below.

Yes. As I say, pump.io replaced StatusNet on Identi.ca (which AFAIK still runs on it), and GNU social was a fork of StatusNet, as mentioned above.

Indeed. This is why Diaspora created their own variant of OStatus, to add support for federated DMs and the ability to add accounts from different servers to “aspects” (these worked kind of like “circles” in Goggle+ and might be where that idea came from). Diaspora is the only surviving fediverse project that has never implemented ActivityPub. It only connects to the rest of the fediverse via apps like Friendica and Hubzilla (both founded by @macgirvin’s), and SocialHome (founded by @jaywink), which I believe reverse-engineered Diaspora’s APIs before they were fully documented (can anyone confirm or correct?).

Yes. I believe Gargron originally set out to design a new web app for Mastodon.social, to work with a GNU social backend. As Hannes had done with Qvitter for the Quitter instances (I believe Maiyannah Bishop created postActiv by forking both GNU social and Qvitter). But I suspect Gargron found the GNU social client-to-server API too limiting, so he ended up writing a whole OStatus server backend from scratch in Ruby-on-Rails for Mastodon.social.

Gargron caused some panic early on when he didn’t consult other OStatus developers about adding Direct posts to Mastodon, resulting in Direct posts appearing on non-Mastodon servers as normal, public posts This created a perception that Gargron doesn’t care about privacy or user safety, which persists in some corners of the fediverse to this day. However, a lot of people liked the Mastodon.social web app so much that lots of independent Mastodon servers were set up. Especially after the first big influx of non-geeks from Titter in 2016 (which prompted my brief history blog piece).

Mastodon was the first fediverse project to implement the AP server-to-server API, which only helped it leave GNU social in its dust. But as @macgirvin mentioned, Mastodon continues to use its own AP client-to-server API, and Gargron has never implemented that part of the AP spec. With Mastodon servers dominating the fediverse since AP was published, the “Mastodon API” has become a de facto standard for apps due to network effects.

I’m not sure if @SeriousFun01 was referring to this, or the fact that smooth server-to-server federation with Mastodon requires a lot of extras to be implemented on top of the vanilla AP spec. Such as WebFinger for account searches, and the obsolete http-signatures that @macgirvin also mentioned. But either way, on top of the Direct post debacle mentioned above, all this has created a perception that Gargron doesn’t care about technical standards or cooperation with others implementers, which persists in some corners of the fediverse (like here) to this day.

I have thoughts about this, but I’ve done my best to report the history here, and keep the editorialising to a minimum. So I’ll post them in their topic ; )

Thank you so much for your reply; it reminded me of the days when I was preparing for my presentations. In fact, I later gave presentations in both Taipei and Bandung, Indonesia, although they were very basic, aiming to spark more interest in Fediverse. The information you provided has given me a clearer understanding of some of the processes, which is very helpful. At the time, I wanted to introduce some history because I saw the great potential in Fediverse. However, it’s a pity that now, it seems the situation for Fediverse is not as strong as it was last year. I’m not too familiar with the English-speaking community, but in Asia, only Chinese users have maintained a relatively high level of interest, and even that interest has rapidly diminished over the past year. But I believe it will continue to exist and develop.

Welcome back : )

Please don’t be disheartened by the perceived drop off in interest. This is the way tech industry hype cycles work. Every time the fediverse gets a big boost of interest (as it did in 2016 for example), it never drops back to being smaller than it was before that boost. A lot of people dip their toes in and move on to other novelties, but the increase in awareness remains. Some will go back to the DataFarms, remember how awful it is there, and wander back.

Anyway, this drop off in tourist numbers is actually a good thing for us. The people who stick around through these ‘winter months’ are the ones who really grok what we’re trying to create together, and want to contribute to its evolution. Whether as software developers, testers, documentation writers, community developers, usage evangelists, and so on.

With the tourists moving on to the next hype cycle (IoT! Crypto! BlueSky! AI! Lions and tigers and bears, oh my!), this allows things to calm down. Both in the fediverse itself, and in the development communities around it. Allowing both the veterans and the new recruits to get to know each other, and get on with our work.

Exactly

You may not have been around in the 1990s when people thought the web was a passing fad, but I was, and they did. I remember MTV billboards that said “www.thenetsucks.com”. Pretty sure the joke is on them