IRC channel logs

2025-10-28.log

back to list of logs

<jfred> https://codeberg.org/spritely/navi 👀👀👀
<dthompson>hehe we have a few little prototypes cooking at the moment, jfred
<jfred>:)
<jfred>I saw brassica-chat too :P
<dthompson>:)
<dthompson>that's the one I'm working on rn
<dthompson>I got it to a pretty good state this morning. the simulated chat demo works over ocapn and seems to converge to the correct state on all nodes.
<jfred>I should really read up on CRDTs at some point. They sound amazing from everything I've heard about them but I don't yet have a good understanding of what their uses/limitations are
<dthompson>ocaps and crdts are friends
<dthompson>crdts have a lot of limitations but I think they are neat!
<dthompson>my favorite resource I have found so far is https://mattweidner.com/2023/09/26/crdt-survey-1.html
<dthompson>it's a 4 part series but you can just read as much as is relevant to your interest level
<jfred>when looking them up I almost immediately saw a comment from someone saying "CRDTs don't really have a concept of access control"... which did make me suspect combining them with ocaps could be fruitful, haha
<dthompson>there are people working on access control + crdts but it's a tough problem
<dthompson>I want to figure out if there's a "good enough" solution that leverages both object and certificate capabilities.
<dthompson>encoding access control in the crdt gets tricky due to concurrent edits
<dthompson>I'm trying to see how much mileage I can get out of this: if you have a write capability to a peer's crdt then you can write to it. certificate capabilities can put some limits on that, but it doesn't change that fundamental truth.
<dthompson>I'm searching for the right balance and trying to emphasize the strengths of each paradigm
<jfred>Oh yeah, that makes sense... it's not CRDTs (I think) but my understanding is that handling access control in a system whose state can fork/resolve has been one of the most challenging things Matrix has had to deal with too
<jfred>of course they're all-in on ACLs
<dthompson>jfred: matrix might be using crdts, yeah
<dthompson>if not crdts then something similar
<dthompson>found this thread from 2022 https://news.ycombinator.com/item?id=29979752
<dthompson>seems that server-to-server communication uses a crdt-like thing
<av0n>re: crdts + caps, have yall heard of willow + meadowcap? https://willowprotocol.org/specs/meadowcap/index.html#meadowcap
<dthompson>av0n: I was reading the meadowcap docs just yesterday
<dthompson>I'm curious how it compares to zcap-ld
<av0n>between willow and automerge, the bar for crdt websites is so high now!
<dthompson> https://w3c-ccg.github.io/zcap-spec
<av0n>ooo interesting, ty.
<dthompson>meadowcap feels very limited but I haven't use it
<dthompson>used*
<av0n>fwiu the rust impl to actually use meadowcap is still in flight.
<dthompson>my general concern is that if all you have is certificate capabilities you're pretty limited in what you can do
<dthompson>meadowcap only has two operations: read and write. from there it seems you can constrain by "space" and "area".
<dthompson>and it has certificate chaining like zcap-ld for capability attenuation and delegation
<dthompson>I really like the little graphics on the willowprotocol site
<av0n>definitely feels like there's a ton of unexplored area in the ocap + crdt space. I kinda have similar gut feelings wrt meadowcap's limitations, but also feel that on paper willow'25 gives me a rich enough feature set to build all sorts of interesting local-first tools.
<dthompson>I'm a little concerned that their data model is open to confused deputy type attacks https://willowprotocol.org/specs/data-model/index.html#data_model
<dthompson>hard to say without using it, though
<av0n>in the off chance it hasn't been sent in here already, ink and switch has some nice notes on this intersection between certificate certs and ocaps here: https://www.inkandswitch.com/keyhive/notebook/
<av0n>idk how much of keyhive is actually being worked on in the automerge world though.
<dthompson>keyhive is very interesting. I read some of this notebook awhile ago
<dthompson>when you see a granovetter diagram on the page you know someone has read up on ocaps lol
<dthompson>"Concurrent access control will always have some tricky situations. The big obvious ones are what to do if two admins concurrently revoke each other, or happened if operations depend on others that were revoked, and how to handle maliciously back-dated updates. There is quite a lot to discuss on this topic, so we’ll leave it for a future post."
<dthompson>there be dragons
<dthompson>afaict there is a post that actually describes how some of these concurrent situations are handled
<dthompson>there isn't* rather
<dthompson>crdts are similar to the unum pattern and the propagator model in ways I can't articulate. I don't know if there is anything to be gained from this observation.
<dthompson>ACTION re-reads https://habitatchronicles.com/2019/08/the-unum-pattern/
<dthompson>"One obvious pattern to look into is a pure peer-to-peer model, where all presences are equally authoritative and the “true” state of reality is determined by some kind of distributed consensus mechanism."
<dthompson>yeah I'm thinking an operation-based crdt is an unum
<jfred>huh!
<jfred>ACTION starts reading through the explainer you sent before now that the workday's over
<jfred>also it's cool to see how navi's starting to shape up :) very early/experimental I know, but I like trying to figure out what's coming haha
<jfred>this feels like the biggest of rabbit holes though ^^; https://codeberg.org/spritely/navi/issues/10