Get started with Activity-Pub

Get started with Activity-Pub

This is the transcript of the talk by Nilesh Trivedi  presented at Git Commit Show 2020.

About the speaker

Nilesh Trivedi is an open source enthusiastic. He enjoys programming and Ruby in particular. He also likes to learn new skills, and that has been true for more than two decades. In this talk, he will be focusing on how to get started with activity pub, decentralized social networking protocol.

Transcript

I decided to talk about an activity pub. It's a relatively unknown protocol however I think it will be as important as something like HTTP it's a WTC recommended protocol. So the final status impressions have been completed. It is now 1.0. But many developers are still uncommitted. So I decided to take this topic and I have some practical experience with this so I can answer a lot of your questions. So as I said about myself, I like open-source software. I enjoy programming and Ruby in particular. I also like to learn new skills, and that has been true for more than two decades. So here is something that you might have noticed last year. Last year, Twitter ran into some controversy because they were censoring or they were refusing to censor certain accounts. And that angered a lot of Indian users. And they discovered this app called Mastodon Mastodon is supposed to be an alternative to Twitter. with a difference. Right. So the code is a centralized system. Twitter. Is a central entity where all the accounts are maintained and all the tweets are maintained The governments can go and force them to delete accounts and they can decide their policies. And somehow some in some situation that runs into difficulties because not everyone agrees on what the moderation policy should be. So mastodon suddenly became popular. And, you know, people it got coverage on BBC and all over the portals and then usage.
Well, thousands of people discovered mastodon and then switched to it. So what is this mastodon? Mastodon is an app that implements the activity per protocol. So it is a very, very simple explanation of the way you think about email for messages, activity pub achieve the same paradigm for social networking. And we have seen how email has stood the test of time. The email was invented in the 1970s. And today, you know, we are here in 2020, 50 years. If a protocol is standing 50 years of a test, that means that the architecture is really solid And the reason that works is that email is a federated protocol. You can have your email server. I can have my email server. I can create accounts on my server. You can create an account from your server. You don't have to be subject to the whims and fancies of each of them. And yet we can still communicate with each other. This has not been the case with Facebook and YouTube and Twitter and all this. Centralized platforms have taken up since the gunfight. I would say Gmail came along and sort of stuck at this time. But the email is still implementing a standard protocol. So the core idea here is. If we allow people to run multiple servers, which can synchronize with each other.

Though the risks that come with us, centralization of the moderation, the governance, and the policy are eliminated. If you don't like the emails the way you handle spam, you can go and open an account at mail.com or fastmail.com. And the protocol ensures that the identifiers that you use, your identifier is not just suggestive. It said that the issue with Facebook or Twitter and using that second domain part, we can actually resolve all the names, and then we can still communicate by running this undebatable service. But this is the central area. And the problem, as I said, is that centralization leads to censorship, filter bubbles, moderation issues, disputes and abuse, and a lot of things. And you will not always agree with what Twitter is good as policies. Therefore, you should be able to choose your server, your instance. And this is already working for email activity pub is an initiative that tries to bring the same paradigm to such a network. So what do I mean by federation? As I said, multiple agencies can synchronize with each other like email and you achieve decentralization of moderation policies so you can run your server if you don't like anyone, anybody. And it would be as good as anybody else. So the protocol does not differentiate, does not give any privileged status to any of the servers. So, yeah, activity pub is a very simple protocol. It's essentially HTTP plus JSON And it was in the works for many years. But around 2018, it is the final recommendation status. And like a protocol, like an email protocol, which has multiple implementations. The same thing is true for activity pubs. However, the schema and the objects that they define are quite flexible, which means that it is not just an alternative to Twitter which is a microblogging platform. But you can achieve the same sort of social networking broadcast, a follow model where users can follow each other. If I broadcast something, it gets delivered to all my followers. People can discover each other's content. The same paradigm is there in Twitter and YouTube and Facebook. All of those can be modeled on top of the activity pub And therefore, you will hear of it about multiple apps which implement activity pub as a protocol. So Mastodon is one of the most popular ones. Yep. But there are others like pleroma that appear to be again, decentralized as in multiple instances, which includes a little alternatively YouTube and. This has sort of now settled to be the dominant protocol. For a while, they were competing for alternatives. So there was GNU social, there was the Status and diaspora as a Project, and now activity pub has sort of turned out as the winner. Being recommended by W3C holds a lot of sways. So I'll try to get concrete details about why it matters and not just as a user. We are here as developers. So I'll make a case for that. It might be worth a while to implement pub in your protocol to become part of this larger ecosystem, which is called Festivus. So, yeah, how does it. So, as I said, there's a standard collectivity, stream 2.0. It is nothing but a combination of HTTPS and JSON with linked data that define our extendible vocabulary of activities. So while there might be an activity called to create a note, which is like saying I posted a tweet, but they also have objects defined for following and unfollow and groups. And, you know, I can post a review, I can upload a video, I can write a blog post, and each instance can determine its own rules. But the discourse remains shared. So when I say the reverse, I mean, there's a network of applications that all talk to each other via this shared protocol. So. Alternative for Twitter would be something like Mastodon or pleroma to be an alternative to YouTube, which is again, you can create your account anywhere. If you don't like anyone's servers, you can create on your server, right. Freely. There are alternatives, some medium. I am coming from a place that I want to build an alternative to Goodreads. And I'll talk and take a couple of minutes to talk about it. And this is my open-source project. It's called Learn Awesome. org. And the problem that I was trying to solve for myself and the people around me was that. This in this decade, we are not learning only from books. We are learning from courses. We have podcasts. We have newsletters. We had live streams and videos and books. And the discovery of such high-quality resources is still completely broken. It's completely haddock People are asking each other, what is the best course about JavaScript, What is the best way for me to learn it For me. And I wanted to build this learning map of learning resources where you can find learning resources along with the reviews from the people that you trust. So they might be experts that you trust or they might be your friends that you sort of trust in terms of their reviews will be high quality. So that's what I came from. And when I built and launched it, though, a couple of months ago, when I decided to implement activity pub it started synchronizing with the rest of the of us. And that's why it became very interesting. So activity streams, the protocol will define several models. So at the core level, you have objects. So like Tweet an object a video is an object. They have defined the schemas for this. So, for example, this object called a node, which is it could be somewhere between a tweet and a blog post because there's no limit on the characters. And it can have a material that that's so it can have an image or media attached with it. It can have a URL to go with it. And then using objects. Actors can have activities around objects. So Actos, again, is defined to be very flexible. It doesn't have to be a human person. It can be a company. It can be an app. It can be a service. And when an actor operates on an object, it produces an activity. So think of it as an event. So I create I posted a tweet, so I'm the actor, creating is the activity and the note is the object. So I might like your tweet. I might like your message that liking is an activity and that there's a posting of video activity and in learning posting a review of learning this. So I went to this course and I found it very high quality. That review is an activity and that gets posted across the festivals as a node. In addition to this, they also obviously defined collections where you can group things. So there could be a group of users that are all of them are following you and you are following all of them. So this is very similar to. I'll show you a screenshot of what's OK. So with activity pub, the only difference with email is not all of you are familiar with email before you sign up with our email providers like Gmail or fast email or hey. They will hold your inbox on a cloud. The rest of the world is allowed to put things in their inbox. That is called posting. We are inbox and you are allowed to get from that inbox and you can use any client app that you can use the gmail front end or you can use outlook or something else. Somebody might know something. However, the other way around, you don't have an outbox that remains on the cloud. When I'm talking about human activity, pubs simply add that capability. So along with our inbox, outbox also remains on a server of your choice. You are allowed to put things into the outbox and the rest of the world is allowed to read from it. And just by adding this simple missing piece, it opens up a lot of capability. Now you can implement things like broadcasts. I am posting things in my outbox, which is public. The rest of the world can read my blog. I can put a video in my outbox that becomes my YouTube channel. I can put an audio file in my outbox. It became my podcast. And by allowing this sort of double operations by you and the rest of the world on your server of your choice, we can implement several applications along with our shared identity, shared schema, and shared protocol of communication. It's such a simple model to understand. Think of activity as an email, but where your outbox also is on the cloud. And you can choose your server. So as I said, actors will post material with the outbox. That's a post SCDP post. And once it's there on the server, the rest of the world can read from it. And while putting things in the outbox you can specify constraints. So, for example, you can say that, OK, this tweet is for anyone to view. It is only selected for selected users. So I might have tagged only for friends. And that's a group that I'm posting. Or that this might be a direct message. If that person also has an inbox, I can directly put things in their inboxes. So just by adding this missing piece, a lot of the social networks that we have seen become possible could connect. So, as I said, now let's see how Lerna went about implementing it. So it's all open source projects that I have been, you know, holding on to in my nights and weekends for many months now. The idea is to create a learning map, and I believe learning 10x faster and more effectively on any topic is possible. I have data to believe this, but that's the motivation for me to start. So you guys can all check it out. This is how it looks like there are topics that format. So, for example, you can search like show me videos about machine learning, which are 30 minutes long and are entertaining. And all that metadata is available. However, no content is posted online or some of it is just a repository of links. But with this High-Quality metadata and around that collection of links, there's a social network. There's a community of learners that is built. They can post reviews just like Goodreads. They can discover each other. They can follow each other. You can gradually customize your dashboard for there you know, you are following certain topics and certain people and only high-quality material. As for those people who will show up on your feed So it's all functional. You can go and check it out. However, what I wanted here was. I wanted mastodon users or activity pub users to be able to consume my learning activity so my videos without signing up on learning awesome and with very much makes that possible activity pub makes that possible. So let's say I'm an awesome user of learning. I mark a book, as you know, five stars. It's a book about linear algebra that is high quality. I give it five stars. I will write a little. That review. Because every user on Learn awesome has an activity pub profile, which can be followed by anybody else. So when a person follows me here on learning awesome the record here, a list of my followers on activity. pub And whenever I do, I do some activity event will get posted, an activity will get posted to all of those followers, individual servers. So I just need a background job. And then it just integrates seamlessly that users don't even have to leave their favorite apps. They don't because of you. So if you want to implement similar functionality in a Web application, I highly recommend that you should consider it because privacy is getting better and better. There are all sorts of tons of applications, tons of amazing users saying they're sharing. It's like what Twitter used to be in the initial design. So if you want to implement this in your applications that are primarily 4 things that you need to implement. One is the discovery of users. So given a name at Domain, how do I find out where the rest of the And that is implemented in something called web finger So you implement this path in your app where anyone can query that given user name, address, domain. What are the things that you know about it? That webinar is a very extensible protocol. You can return a phone number, email. In our case, we will return the. URL of the user's actor and inbox and outbox. So any activity plan will make this call. They will figure out, OK, what is the actor you are supposed to get a public? Where do I read from? Where do I write from? Inbox and outbox And I'll show you the sample responses, which are very easy to implement. It took me three hours to implement an activity pub within my app. So. So here is the web finger response. Oh, for every user, I maintain an activity providing for me that mapping from my ID to Activity pub except that I will just replace with - an - and that JSON will say that, hey, this is user actor URL. So I can show this response. It is a response. So a query was made with this id at learning awesome.org and my server says, OK, you can find the actor information about this user at this link and then follow that link. That actor object will give the detailed is the user's name? What is the preferred user name or type? In this case, it happens to be a person. There's a short bio that I'm publishing. The most important things are the inbox URL, the outbox URL, and the public. So the public is important because if they are sending me a private message or let say my server is informing your server that this user has just simply posted this review? Your server wants to validate that the signature must verify and therefore there's a public key that we should publish. But yeah, the most important things are the URL for the inbox and outbox. So, as I said in my Rails application, this is the JSON that I built for the web finger query And when you come to the actor object, there are other things that I return So as you see, I am returning a type of preferred username and a name and summary an icon. Because if are building something like Twitter, a user, every user has a profile picture. And that's the image. In inbox and outbox and public. Now, when it comes to inbox, so as I showed in that in the diagram the rest of the world will be posting to a user's inbox on my end. So when I received that request my server when it receives that request, what I do here is I have a verified call. So I make sure that, oh, well, the message is signed properly. And in this case, I'm responding, responding to the following request. So this is a followed somebody, someone who just wants to follow me. And in that case, I will create an activity pub for the record in my database, and then I'll invoke a background job on it. We don't send an accepted response. Yes, I accept yours follow request. The in case the user wants to unfollow me, in that case, you can see that I just log it. I will remove the public. So this is the activity that I'm accepting as sync of events. Learn awesome is mostly a source of activity pub events, but it still needs to handle the incoming following and unfollow requests. They. And to verify this is probably the least easy part of this, I had to do a little bit of experimentation here to find out how exactly this was. But all that happens is there is a header called HTTP signature, and it's supposed to map out to match with the hash of certain parts. So the parts for KEy ID headers and signature and using those parts, if that signature matters, I can be sure that the request is coming from the server that it is coming from. So this is a verification part and. When something happens at my end and I have a list of followers for every user, I need to inform all their servers. Right. So I have all these methods of protecting people. All it does is. for every follower, it creates a signature header, and then it does an HTTP post. So it takes a document, which in my case is a review. In your case, it could be a video or a podcast, or audio of any of the existing types of support. I add those headers with a signature, and then I just do a report. So this happens in a sync mode so it happens in a background job. But it's fairly simple, as you can see. All I need to do is just give a timestamp and then sign the headers And the JSON that I need to send again, I need to map it to the activity schema. So I had a review. So in this case, as you can see, I am sending a create note activity. So as you can see, type is created but the object type is a node and not in that content field. I will send my message to and for me is impossible. It's a short enough text message that it has just completed reading this book. It is the image associated with it that he has given. Five-star rating to that. So all of that information goes into the message. And I just wrote a timestamp and created node Activity and then this is the one I send up posting to their servers. So once my server has put that message in their inbox, whenever they go online, whenever they come on now, they take that app, they will see the activity. At no point in time, they had to come to learn awesome things that they did not have a budget for. They do not even have to know about it.


All they needed to do was as a user, I shared my activity pub id which is usually the user ID and they just followed it within their client apps right so this works very seamlessly. And such a simple thing to implement as you saw that they are just for scrambling to implement a webbed finger to discover information about a user, that the response will have the link of that URL after you will return an object which has the inbox URL and the outbox URL where your inbox will be used, where your server can post to my server for each user. So to say that, OK, I want to follow this guy, I want to unfollow this guy and outbox is only necessary when you want to read from we want what you want to do up all from what this user has been doing. So. And in my case, what I'm doing is keeping a record of all the followers and when something interesting happens, when there is an event to publish. I just read through all the photos and I just pushed this activity, event to all of it. So using just these four routes in the right way in the scheme of complaint with your app will integrate with the rest of the world. And it has several apps that I've been using on my mobile. I'll be using this app ASCII. It's a Twitter equivalent, but it works with the server that I'm using for my microblogging, which is posted on dot org. And it's been working quite well. And I hope that you know, it seems like it's not tricky. The trickiest part is this signal fiction part. And as you can see, it's not many 10 lines of code. But once you do this, it only needs to be done once. Then your app is part of the entire ecosystem. And this is that. My main point is that this activity pub started as an equivalent for building a microblogging network. But if you just think about it, what is going on here? It's a distributed protocol for the entire Web. Apps can subscribe to each other across domains, across owners, across servers. Right. And something interesting happened. It can be a public broadcaster to all the subscribers. And they can do apps, can follow each other and the systems can follow each other. AWS can become a publisher of activity pub events, all your monitoring dashboards can become activity pub clients. So it opens up several possibilities. And I think as developers, we should look at activity as a generic powerful Blu It allows us to build far, far more interesting applications. And to them, we are also solving the problems like centralization and censorship and filter bubbles and other things. So this is all the introduction that I wanted to give for the activity pub on the defining part. Or when I'm sending a message of yea so when I'm sending a message to your server, I need to find it. And therefore, because everything that I do is a request order that I know that it's out of the four. And then those are the same things that they end up putting in the movie. So it's a fairly simple method. There are some things that I can share. I think I dislike showing it if we want information and that's it. A summary of what activity is, how it can be implemented. And I hope I'm able to get you excited about how your apps can fit into the rest of the ecosystem because that's where the true value will lie. So I'm here for any questions that you might have. Thank you so much for letting me speak. Amazing. Thanks a lot for this presentation. Nilesh, to the audience, you can ask the questions on the living git-commit show get there. It's a question-answer chat sections section on the right of your Livestream. So do use that to ask any questions you want to. And there is a button over that which you can use to show appreciation for the speaker. And it will give us feedback as well about the talk about the sessions that we are doing. So I have lots of questions. And Nilesh here Oh, it's wonderful getting to know about activity pub and our feeling that, yes, we can create our social network. Before that, it was complex and we needed to make lots of decisions. And I think the activity pub is cutting down that part. And we don't need to make so many decisions, rather focus on the best practices which have been put in in the form of protocol. So this is great to know. So the first thing that comes to my mind is that all the data is public. Is it so? Not really. But it was designed for social networking, and it's not a private messaging platform. But there is support base support for messages which are fully, fully end to end encrypted So if you want to limit your message to a certain group, maybe one individual or a limited number of users, you can do that. And if you have tried Mastodon, you can see that that's how it works. I can just quickly share my screen to show you again. Oh, sure. So this is my mastodon. As you can see, it looks very much like Twitter.But when I am posting something here I have an option. But I want the message to be public or understood or followed only. Now, this is not unique to mastodon This is all part of activity.pub And the protocol supports that level of granularity. Got it. So there are features of which there are some more data films probably, which define the privacy level of each content that we are sharing. Yes. And got it. So. But anyone can send a message that is for sure because we are making our ID public. Is it correct? So, yeah, again, as I say, a very simple way to understand this is like. You can host your email. If you don't like to host your email, you can subscribe to email. Hosting providers are in the worst case You can just sign up on someone else's server like Gmail Right. So you have this various levels of detail, whatever control you're comfortable with, whatever security that you want, whatever privacy that you want, you just choose what is appropriate. And if you stop liking someone's governance and governance behavior, you just move and port your account to another provider and will continue to work. Related. What do you mean by that? I think you mentioned that, so for example, right now, if you don't like what Twitter is doing, you don't have any choice at all. Your followers are on Twitter, but an activity pub that portability is there. So there's a seamless way of redirecting users from one server to another server, and you can just start publishing your new identifier of the new server. But anybody who still goes to your old server will automatically get to a new identity.


So it is designed to be very portable, very user-friendly. But yeah, just think of the way email works. I can host my email server. I can use SendGrid, I can do databases or I can use Gmail. All these possibilities are there. Some people are paranoid enough that they will run their email server inbox. And that also. So at the activity pub, I can give some insight as a mastodon is written on rails and it's slightly heavy on the memory side. But I was able to run on Raspberry Pi, so I was running a full-fledged activity pub network, which is equivalent to Twitter on my Raspberry Pi. It's like five hours of power of always-on connectivity. So multiple implementations exist. You don't have to be, you know, satisfied with whatever one vendor is providing. You can use any one implementation. You can try on or so similar to email. Are there any ways that this specification talks about how to deal with spam? So again, here, though, the spam can be controlled at each instance, a level that everyone who is running a server, they are the administrator of that server. They can declare certain policies. So an activity.pub a lot of servers have declared that they will be not accepting any messages from, let's say, oh, activity servers running in North Korea. Right. You can put a whitelist. You can put a blacklist, And at the admin level, there is a lot of management possible. And therefore, you are incentivized to just find the good elements that you can trust. Right. If your expectations are high and then you want a high level of control, then you run, your server with whatever places that you want. Or just so that it's not covered by the protocol, the other layer could be put on over this again. So it's the same idea as the email server will it inbox provider will control what is called spam, what is not called spam. Same idea. Or it could. So one thing I will get is before that. What type of content is supported, you shared out there is content specifically and you can put all your messages there So what kind of message is this? Just text or something else. So they have different types of text. There's audio, there's video, there are files that you can send. So people have using people are building Google Drive equivalent using activity.pub So there's a project called Next Cloud, and that implements activity pub And with it, you can transfer files that can be as big as you know. And so it's just a schema and schema can be made very flexible as long as you get the core concepts. And the core concept here is that every user has one inbox and one outbox in the cloud. And that just opens up several possibilities. So how you implement the content, it's up to the user whether you want to include it. And so the vocabulary like this is something of a note, the note is like a blog article. And that vocab is extensible. You can create new object types for tomorrow. You might say, I have an object type call app or I have an object type called course. And it's an open-source standard. So people will implement support for it and they know it can just get adopted. They are not bottlenecked by a single corporation. OK, so what you mean to say is that we need to add more of our fields on top of what has been specified by this activity protocol. So in most important native support, in most cases, you will not need to do this. So, for example, I had an object type called Libby, but I was able to leverage the note I because I did share that. Yeah. So, no, note type is essentially a text message along with a link. OK. And that's all you really need for sharing some text along with the link and then some data like it could have MediaLink images that would use a password. So in most cases, you will not need to extend the vocabulary. But if you need to, let's say, for example, you want to share places or calendar events, in that case, the open-source standard. Anyone can suggest ideas and they'll get an update. Is there any example that you want to show here about this? A good example, guy. I don't think I have an example. OK, cool. So what about this? So there is an RFC for this already, which has the proper specification, which has all the details that you have talked about. So I was just going through all that. All there are different kinds of details, over there As you have mentioned, this object is that actors are their collections are their client to server interaction, server to server interaction, then security consideration and all these things. So this seems like a very detailed document. So this reminds me of when I was reading RFC for this, also, I wanted to implement this authentication in my application, and I read at least 10, 12 different kinds of RFCs related to it. So I would say so. Auke is much more complex than activity pub but it turned out to be a fairly simple protocol to implement. I just had to implement, you know, inbox and outbox and it was done, you know, what is a beast? So one that's one thing. What it reminded me of is all those RFC documentation, I think we should read it. And that's the best place to go about it. But for the start, is there any easy way, like is there any library that we can use for activity pub? So libraries will depend on the language that they're working with. And that's a website that I took that image from. It's called Activity Pub. They have a very good question. What you can do is you can go to learn awesome and search for activity pubs that exist as a topic, and you'll find learning resources about active pubs Some of them are collectors. The collection needs to be improved, but still, there are some starting points out there. So activity pub says all the different kinds of libraries that are to do, all you have to do is go to learn awesome and search for activity pub. In fact. Got it. Good to know. Yes. About the authentication, U.S. sharing, that there is a signing mechanism to verify whether this server is from the website. So this is what can be called, let's say, a server activity. So, well, call it. So is there a way under a different road from the user to the activity pub? So I think it's okay to go a little bit into detail here. Yeah. Let's say you are a consumer of those events. You are using some activity pub app like Mastodon or something. And I am posting reviews. My server is posting reviews You and you want to be sure that this is correct. It has not been tampered with. It is not fake. There are two kinds of levels of security. One that it is coming from Learn Awesome. And second, it is coming from Milledge. So an activity pub lets you do either of those. What you need to do is decide in the implementation stage whether you want to maintain a key pair for every user separately or just want to maintain one single pair for people for the server alone. So the second choice is what I've made for something.
As you can see in the code, I was sharing a public key head that appears to be the same for all learning awesome users. But the protocol doesn't mandate that I could have maintained a keypair for each producer. And the message that your server would receive would be signed with that. So you would get a guarantee that yes this message is coming from the Nilesh only even learn awesome some server could not tamper with that. Now, in my case, I've sort of chosen a simple solution, which is, OK, one is good enough. But most implementation will achieve this, that every user will maintain a key pair on the server and each activity will be assigned, whether I like. Got it, so we can use this keypair for our different users, different keypairs Yeah, every user can have a separate keypair. Maybe your app your Web app can allow the users to upload their keys. This is what GitHub does. You can upload your keys like the public key and all the comments are signed by your private. You could implement something like that. It depends on what security versus convenient straight you want to achieve. Or so, using these libraries that we can find activity pub. How much time do you think it'll take? What I was going to take you to create a simple solution, as you have said, inbox outbox indicators analyst for me it took three hours.That's also like one and a half hours spent just figuring out the signature verification because Mastodon is there. mastodon is an open-source rails app that implements activity. So I got some ideas from there, but their code is very complex for like from my perspective, from what I wonder, what is a very simple implementation. So that makes it pretty easy to implement And you know, and just three hours without using any level, it is just using the stand-up. OK, I received this in this inbox, the route I have to publish. This is one of those outboxes and then I have to mix it up. So it's not a lot of effort, and yet it can unlock a lot of capabilities. So it's like machine learning in that regard. So, well, implementing this, did you find anything, any part that is missing there or any part which was the most challenging part? What was the most challenging part in creating a complete production-level app? Hmm. So I would say that for every language, we should start seeing ready-to-use libraries to, you know, just plug it in. And then, you know, the app is an activity pub complaint, we just map it to the right objects. I think they would help, but I don't think that's a very strong missing piece of it. As I said, it just took three hours. So without those libraries, you know, it's still only three hours of work, no matter what level you are at. So I don't I wouldn't say there's a big missing piece. But, yeah, it helps that all of us are reusing the same code. And it can be made sure that it's secure and it is up to date and it is a standard complaint. So those libraries will start helping. I think they do exist for many other languages. I could not find something for Ruby that was very actively maintained. So it was easy enough for me to just implement it on my own. The good part is that I started promoting activity pub or public only when it has reached the WRC recommended status, a protocol goes through a lot of iterations of alpha-beta and I and zero-point five-eight. But once it reaches that recommended status, you can be confident that, OK, now it is stable. Now it is not going to change in fundamentally different ways.So that stability is very, you know, it invokes confidence. And that's a very good sign that, OK, now it's ready. I think the Twitter CEO sometime last year said that they want to centralize Twitter because they are under tremendous pressure off, you know, from the government. And, you know, many people just recommended they know where to deposit money. That's what they should call it. We'll see what happens. But in the meanwhile, the alternatives are quite good, I would say, and of the communities are worth checking out actually for developers and technical people, at least while the masses are still taking time to come. But there's a lot of content. There's a lot of users posting regularly. So it does feel like, you know, Facebook in the early days. OK, so you said decentralized and decentralized requires a common specification, common data types. So that's what the activity pub is doing. But you also said that the user is free to customize it specifically. When we talk about major things like photos, videos, or some type of content, how do you implement that? If it is left open to the user to implement it the way they want it, will we have a Common data type over there, or what is the way to go about that for different content types? So, again, in that email analogy, the protocol is stable. The protocol tells you how the message can be sent and received. What filtering you want to implement is left to the implementation by the Mastodon is one of the implementations lobotomized and other implementation journalism is another implementation to be another one. And this implementation will make their own decisions. Some of them will say, OK, we'll give this control to the users. Some of those will say that, OK, we have we know what is good for you and we have made those decisions right. And that is space for all kinds of options. So, yeah, the filtering capabilities will boil down to the implementation, not to the protocol itself. So if you want to know how Mastadom does filtering, then we should check out most of them. Pleroma, for example, is supposed to report, but it is also compatible with mastodon. So I can sign up on some of the pleroma servers and subscribe to anybody who's using them. So, yeah, filtering is left out as close to the user as possible, because that is the way it makes sense.
The core protocols will be as dumb and they should be dumpsites like this if we feel like they should not have a lot of intelligence built into that layer. So it's an idea from a couple of times we are called to move the intelligence out on the edge, but not at the center. Also makes sense. So I think this is already useful information and helps people accelerate their learning in activity pub and on. I have one more question, which is related to more of a theme of the topic, which is the pursuit of mastery for the pursuit of must be is the theme of this conference. So do you have any thoughts on sharing about mastery, what you understand, or anything you would like to share? And at the same time, let me combine a couple of questions in this one only. So another question will be what uh, what ideas would you suggest for people to become fast learners? And then the third question, if you can answer all of those together, what is your favorite book? Hmm. OK, very interesting questions. I've done hiring for almost 10 years now, or I've seen lots of people grow and develop and become better at their jobs. And some of the learnings have come from there. One is, though, there is a very clear difference in mindset that makes a difference. So I think Carol Dweck talks about it as a growth mindset. And there is a fixed mindset that the people who have a growth mindset believe that, OK, I can learn this, but they are not afraid. They are not afraid of failing, but they are not afraid of trying. And that mindset is the number one key. That's why, though, if you sign up for Khan Academy, they spend a lot of time just giving you that mindset that, yes, I can learn this, I can learn this. So once you have that growth mindset, you will be open to challenge, Then don't look, you'll not look at failure as a failure. You'll see it. OK, well, now I know what doesn't work for me right now. I know what I'm not currently good at. And you just start that shift and then things make you think it makes a lot of sense to have a good attitude, how you approach work, how you approach learning, what you do in your spare time. So that is a number one thing. So this phenomenon is quiet, very well known. Writer Carol Dweck's book became very popular. The point that I would like to add is that if you have, let's say, 20 hours, a look at learning some new skill. I would spend at least four hours just researching the right material that is one-fifth of the time I'm willing to spend. OK, discourses taking this approach don't work for me. So, for example, when I was learning Jurf for a project sometime last year, and I've never done closure, I've never done any less. I came from Java. It'll be. But I'm kind of a beginner. But using the website that I found, it's called The Next Environment, it's better using that site. I was able to become, you know, like 50 percent productive within three hours. So it took me two hours to find that. But spending time on finding the model that works for you, for example, you might be more attuned to podcasts, because the only time for learning that you have is on the way to, you know, on your commute. So maybe a podcast is what you want. Maybe videos are what we want, maybe you want interactive exercises. Maybe you just want one hour of pairing their programming with somebody who knows his stuff. So I would say spend time, invest time into finding the material that works for you. And then you think that it does wonder. So these are the two things that come to my mind. And this sort of answers the second question, how to learn more effectively in terms of my favorite book. There are many. I would say one of the good books has been like any book because I tend to read a lot of analytical philosophy. So Bertrand Russell is one of my favorite authors because you know he's very courageous in his writings, but is also very clear. So this combination that I found very nice. So. Amazing. I still have a lot of questions, but I think that we are already over time and we will be waiting for the next speaker or so, we will have to fight always right now. And that will connect with you in one on one discussion. for more questions and you can share how other people who are seeing this, can connect with you or any last messages that you would like to share with them. Yeah. So feel free to connect me on Twitter or email or whatever you want. I'm going to find the message that I would say. So I think we need to continuously learn because the technology that we have gotten used to is still continually changing. So should it be known that, OK, how BCB and then Google came out with this theory and then I'll quit protocol and I'll be able to verse can push messages to the clients? A lot of capabilities that we have gotten used to in the last 15 years are now changing. So like who knew that website work websites will support push notifications, you know? So continuous learning is the way to go. But also, I would say that if you get out and make those decisions, which benefit the user of the other reasons why we exist, why we get paid, and where we should be trying to make themselves as their life-size. That's right. Great, thanks a lot for this wonderful talk and see you later. Bye-bye.