Source: https://hackmd.io/KNQenk_IRZSrphXuj_6GNA?edit
Prior art: https://hackmd.io/3g17VjtwRx6OkU0nGqku1w?view
ask later:
groups only, is private chats extended different?
flowchart TB;
root-->groupsRootX
subgraph groupsRoot
direction LR
groupsRootX[.]:::invisible
announce1([meta/add: Lobby])
announce2([meta/add: Bats]):::encrypted
end
subgraph lobbyFeed[Lobby]
lobbyFeedX[.]:::invisible
group/addMember[group/addMember: Bob]:::encrypted
end
subgraph batsFeed[Bats]
batsFeedX[.]:::invisible
group/init:::encrypted
%% group/add
end
announce2-->batsFeedX
announce1-->lobbyFeedX
classDef rainbow fill:#faf,stroke:#a7a;
classDef encrypted fill:#faa,stroke:#a77;
classDef invisible fill:#fff0,stroke:#fff0;
Actors:
- Alice - starts a group
- Bob - is invited to the group by Alice
metafeed/add/derivedon root: groupRoot- groupRoot is the feed for all group coordination messages
metafeed/add/derivedon groupRoot: Lobby- "lobby" is the feed for all group invitations and applications
metafeed/add/derivedon groupRoot: Batts- encrypted to.... groupKey (:question:)
group/init
group/addMemberencrypted to group and Bob message on lobby feed?
- Bob is replicating Alice, so gets:
- her root feed, which announces a groupsRoot
- replicates her groupsRoot, which announces a "Lobby"
- replicates her "Lobby" and discovers a
group/addMembermessage for him
- read the
group/addMember, loads the groupKey, and re-indexes the groupsRoot messages from Alice...- NOTE if alice invited but did not start the group... then we have to re-index ALL groupsRoot messages
- decrypts alice's
meta/add: Batsmessage
- Bob now replicates Alices' Bats feed
- Bob sets up his own Bats feed (encrypted meta/add)
- Alice is replicating Bob, and sees he has a
meta/add: Batsannounce - she starts replicating Bobs Bats feed
fin
same as (1), except after inviting Bob, Alice invites Cherese
group/addMemberencrypted to group and Cherese message on lobby feed
- Cherese is replicating Alice, so gets:
- her root feed, which announces a groupsRoot
- replicates her groupsRoot, which announces a "Lobby"
- replicates her "Lobby" and discovers a
group/addMembermessage for her
- read the
group/addMember, loads the groupKey, and re-indexes the groupsRoot messages from Alice...- decrypts alice's
meta/add: Batsmessage
- decrypts alice's
- Cherese now replicates Alices' Bats feed
- Cherese sets up her own Bats feed (encrypted meta/add) from Alice
- Cherese re-indexes Alices Lobby feed, and discovers Bob was invited <<< only difference
- she then replicates Bob (root, groupsRoot, lobby, bats)
same as (1), except after Bob joins, he invites Cherese (non group-creator invites)
group/addMemberencrypted to group and Cherese message on lobby feed
- Cherese is replicating Bob, so gets:
- his root feed, which announces a groupsRoot
- replicates his groupsRoot, which announces a "Lobby"
- replicates his "Lobby" and discovers a
group/addMembermessage for her
- read the
group/addMember, loads the groupKey, and re-indexes the groupsRoot messages from Bob...- decrypts bob's
meta/add: Batsmessage
- decrypts bob's
- Cherese now replicates Bob's Bat feed
- Cherese sets up her own Bats feed (encrypted meta/add) from Alice
Problem:
- cherese does not know that Alice is in the group
Possible solution:
- when Bob is accepting he may need to point to his inviter...
- Bob inviting Cherese could encrypt
group/AddMemberto[groupId, Alice, Cherese]- mix: ❤️ very elegant
- if Alice is already in FOAF range, then Cherese could discover she is in the same group by re-indexing all her contacts groupRoot feeds....
- In Ahau, we only (currently) have "apply to join", and this is a form set up by Alice. i.e. to apply to join a group you already have the group initiator, which means we're never in this scenario.
Another possible solution:
- Bob could have a sub-subfeed dedicated to "people who I think are in this group" => [Alice, Bob, Cherese]
- Alice would have a sub-subfeed dedicated to "people who I think are in this group" => [Alice, Bob]
- Cherese would have a sub-subfeed dedicated to "people who I think are in this group" => [Bob, Cherese]
- PROS
- CONS
- A group with 100 members would require you to replicate 100^2 messages
Counterargument: we could replicate them in memory
- A group with 100 members would require you to replicate 100^2 messages
-
root size 4
- main
- groupsRoot
- v1
- lobby
- battsRoot
- v1
- indexes
- v1
- indexPost
- indexVote
- indexAbout
- indexContact
- v1
- apps size N
- twitter size 4
- post
- v1
- vote
- v1
- post
- games
- chess
- v1
- chess
- fart
- gathering
- twitter size 4
-
root
- main
- we think we have a decent architecture
- replication schedular is gonna get a workout
- we must add "implicit replication" with groups
- have to replicate everyone in the group
- knowledge of this replication is "private" - i.e. different to public follows
- unsolved
- Scenario 3 needs a solution (new member invites a new member)
- teach replication scheduler about this groups pattern
- consent after receiving
group/addMember- we want to add this so that we can send people invite+key (fast) but not fall into the abuse path of people getting randomly added to "NaziPedophile" group
- consent could be.... you announce your Bats subfeed
- tie in with replication scheduler
- What about versioning? (oops we made a mistake in the design of these subfeeds, so here's v2 that you should replicate instead of v1)
- There is a tradeoff between "too many feeds to ask during EBT" and "too many messages to replicate" => DESIGN CAREFULLY
- What is the worst case scenario for the size of a metafeed? What if someone joins 1000 groups or invites 1000 people?
- What about subgroups?
- mix: there are actually no "subgroups" in the encryption
- What if we "sympathetic replication"
- mix: we could have an encrypted "content" in a message but also a public "content2" which tells what the subfeed id is so that anyone can replicate it
- mix: OR we could have a subfeed dedicated to announcing the feedIds that other people could help me replicate
- Look into prior art for "designing subfeeds"
- Discuss "v1" and domain splitting with arj