@mckinley@twtxt.net based on @falsifian@www.falsifian.org’s findings (something we have talked about before on IRC as well), because collisions can occur now, maybe what you describe might not happen. It will be sort of… chaotic, for sure.
@sorenpeter@darch.dk All valid points. Maybe the correct way to do it should be to start a new feed at the new URL rather than move the feed and break all the hashes.
switch a couple of twt timestamps
The hashes would change and your posts would become detached from their replies. Clients might still have the old one cached, so you might just create a duplicate without replies depending on an observer’s client.
add in 3 different twts manually with the same time stamp
The existing hash system should be able to keep them separate as long as the content is different. I’m not sure if there are additional implementation-related caveats there.
@prologic@twtxt.net @bender@twtxt.net As someone who likes cryptocurrencies for their utility as money instead of an investment, I’m glad to see the hype train start to move on to the next thing.
Also what are the change that the same human will make two different posts within the same second?!
Just out of curiosity, What would happen someday if I (maybe trolling) edit my twtxt.txt-file manually and switch/switch a couple of twt timestamps, or add in 3 different twts manually with the same time stamp?
@bender@twtxt.net Hahahahaha 🤣 Me neither 🤮
@prologic@twtxt.net oh, I am sure crypto is innate… for some people. Not me! :-D
@bender@twtxt.net you’re probably right, but by that argument, cryptocurrency should be innate too right? as we no longer hear about that gold awful hype, right? 🤔
@movq@www.uninformativ.de Thanks mate! 🤗
@prologic@twtxt.net when it becomes innate. There was a time, I am sure (but don’t know for sure, LOL), that all “we” heard about was electricity. No much these days, right?
@movq@www.uninformativ.de Haha same and I’m sick of it! It’s ruining innovation in anything else 🤦♂️
--fetch-context
thingy: It can now ask Yarn pods for twt hashes.
@movq@www.uninformativ.de Nice one 👌
@aelaraji@aelaraji.com it’s definitely your social bubble. 🤣 you need to use twtxt more as your daily driver 🤣
@aelaraji@aelaraji.com Must be your bubble. All I hear is “AI this”, “AI that”. 😂😭
--fetch-context
thingy: It can now ask Yarn pods for twt hashes.
@movq@www.uninformativ.de looks like a good compromise! Updating as soon as I reach home. Thank you!
@prologic@twtxt.net didn’t it already? or is it just me and my social bubble? 🤔
Keys for identity are too much for me. This steps up the complexity by a lot. Simplicity is what made me join twtxt with its extensions. A feed URL is all I need.
Eventually, twt hashes have to change (lengthen at least), no doubt about that. But I’d like to keep it equally simple.
Alright, I saw enough broken threads lately to be motivated enough to extend the --fetch-context
thingy: It can now ask Yarn pods for twt hashes.
https://www.uninformativ.de/git/jenny/commit/eefd3fa09083e2206ed0d71887d2ef2884684a71.html
This is only done as a last resort if there’s no other way to find the missing twt. Like, when there’s a twt that begins with just a hash and no user mention, there’s no way for jenny to know on which feed that twt can be found, so it’ll ask some Yarn pod in that case.
@prologic@twtxt.net Congratz 🥳
@falsifian@www.falsifian.org @prologic@twtxt.net @sorenpeter@darch.dk @lyse@lyse.isobeef.org I think, maybe, the way forward here is to combine an unchanging feed identifier (e.g. a public key fingerprint) with a longer hash to create a “twt hash v2” spec. v1 hashes can continue to be used for old conversations depending on client support.
@sorenpeter@darch.dk That could work. There are a few things that jump out at me.
- Nicknames on twtxt have historically been set on the client end. The
nick
metadata field is an optional add-on to the spec. I’m not sure it should be in the reply tag because it could differ between clients.
- URLs are safer to use, and we use them in the hash currently, but they can still change and we’re back to square 1. Feeds ought to have some kind of persistent identifier for this reason, which is why we’ve been discussing cryptographic keys and tag URIs in the first place.
- The current twt hash spec mandates collapsing the timestamp to seconds precision. If those rules are kept, two posts made within the same second will not be separate when someone replies.
The tag URI scheme looks interesting. I like that it human read- and writable. And since we already got the timestamp in the twtxt.txt it would be somewhat trivial to parse. But there are still the issue with what the name/id should be… Maybe it doesn’t have to bee that stick?
Instead of using tag:
as the prefix/protocol, it would more it clear what we are talking about by using in-reply-to:
(https://indieweb.org/in-reply-to) or replyto:
similar to mailto:
(reply:sorenpeter@darch.dk,2024-09-15T12:06:27Z)
(in-reply-to:darch.dk/twtxt.txt,2024-09-15T12:06:27Z)
(replyto:http://darch.dk/twtxt.txt,2024-09-15T12:06:27Z)
I know it’s longer that 7-11 characters, but it’s self-explaining when looking at the twtxt.txt in the raw, and the cases above can all be caught with this regex: \([\w-]*reply[\w-]*\:
Is this something that would work?
@prologic@twtxt.net When the next hype train departs. :-)
Crap, I can’t find how and why rdomain is not set using /etc/hostname.if #openbsd
That’s an interesting side effect to the new Discover feature that I added sometime ago that only displays one post per feed. That is when you’re not logged in and viewing my pod’s front page. You can pretty easily and roughly see what the monthly active view account is just by looking at the pager size. 🤔
Amazingly though it seems to be slightly better to VPN in. 🤔
But you know speedtest.net I believe is a bit of a liar and I’m quite sure they do something to make sure the speed test come up good even remote areas the real speed test my actual surfer infrastructure is quite piss poor 🤣
Even though we’re quite a ways from any suburban areas, even with the Internet access via cell towers this poor, using my pod is still very snappy. 👌
When will the AI hype die down?
@lyse@lyse.isobeef.org Thanks!
@stigatle@yarn.stigatle.no Yeah, the sudden drop makes it feel worse than it is. It made me wear a beanie and gloves on my bike ride on Friday evening. In a few weeks I consider the same temperatures not an issue anymore, maybe even nicely warm. ;-) The body is fairly quick to adopt, but not that fast.
I just saw that we’re supposed to hit 19°C mid next week again. Let’s see.
@off_grid_living@twtxt.net Oh dear, what an epic adventure! Terrible at the time, but hilarious to tell later on. :-D
I do like this photo a lot. It brings up memories of cool scouting trips.
@off_grid_living@twtxt.net Still a bit different, but this reminds me of the rusk boy on the Brandt boxes which is kinda iconic over here: https://cdn.idealo.com/folder/Product/2151/8/2151814/s1_produktbild_max/brandt-der-markenzwieback-225-g.jpg They should switch to this photo. :-)
@off_grid_living@twtxt.net It’s kinda cool to see how small cars were back in the days. Especially the left one looks really tiny.
Happy birthday @prologic@twtxt.net! :-)
@falsifian@www.falsifian.org TLS won’t help you if you change your domain name. How will people know if it’s really you? Maybe that’s not the biggest problem for something with such low stakes as twtxt, but it’s a reasonable concern that could be solved using signatures from an unchanging cryptographic key.
This idea is the basis of Nostr. Notes can be posted to many relays and every note is signed with your private key. It doesn’t matter where you get the note from, your client can verify its authenticity. That way, relays don’t need to be trusted.
@falsifian@www.falsifian.org One of the nice things I think is that you can almost assuredly trust that the hash is a correct representation of the thread because it was computed via our content, addressing in the first place, so all you need to do yes copy it 👌
@falsifian@www.falsifian.org I agree completely about backwards compatibility.
Well, we can’t have it both ways! 😅 Should we assume twtxt are read by clients, and not worry about something humans won’t see? 🤭
@falsifian@www.falsifian.org Yeah that’s why we made them short 😅
@falsifian@www.falsifian.org I think I wrote a very similar program and go myself actually and you’re right we do have to change the way we encode hashes.
@falsifian@www.falsifian.org All very good points 👌 by the way, how did you find two pieces of content that hash the same when taking the last N characters of the base32 and coded hash?
@prologic@twtxt.net earlier you suggested extending hashes to 11 characters, but here’s an argument that they should be even longer than that.
Imagine I found this twt one day at https://example.com/twtxt.txt :
2024-09-14T22:00Z Useful backup command: rsync -a “$HOME” /mnt/backup
and I responded with “(#5dgoirqemeq) Thanks for the tip!”. Then I’ve endorsed the twt, but it could latter get changed to
2024-09-14T22:00Z Useful backup command: rm -rf /some_important_directory
which also has an 11-character base32 hash of 5dgoirqemeq. (I’m using the existing hashing method with https://example.com/twtxt.txt as the feed url, but I’m taking 11 characters instead of 7 from the end of the base32 encoding.)
That’s what I meant by “spoofing” in an earlier twt.
I don’t know if preventing this sort of attack should be a goal, but if it is, the number of bits in the hash should be at least two times log2(number of attempts we want to defend against), where the “two times” is because of the birthday paradox.
Side note: current hashes always end with “a” or “q”, which is a bit wasteful. Maybe we should take the first N characters of the base32 encoding instead of the last N.
Code I used for the above example: https://fossil.falsifian.org/misc/file?name=src/twt_collision/find_collision.c
I only needed to compute 43394987 hashes to find it.
@off_grid_living@twtxt.net Aww thanks! 🤗
There are certainly improvements that can be made to this tool.🤞
And here the Tommos camp with Mum and Dad in the trailor at Myall Lakes.
Boy I could tell you some stories here, like the time we got dozens of spiders all in the tent one night, and the time Dad yelled to Bob to get the red belly black snake that crawled over Brains sleeping bag. Up I jump grab a shovel and cut the head off. silly me !! We camped out with all our partners too.
Karen was treated like family with the 5 siblings and Mum and Dad. It was a great time. Happy camping James on your birthday!
Here is a picture of me aged 1 yr in a bucket at Muttabun Sheep Station, a place near Goodooga in NSW.
And here is James with Emily as a very young boy