Bluesky is on everyone's lips as the new frontier of decentralized social networking. But a close analysis of its AT protocol raises doubts about the true extent of its "structural freedom." Unlike platforms like Mastodon 100% based on ActivityPub1, Bluesky still retains much central control over user data and identity.
Its architecture imposes high hosting costs that hinder true federation. And Even direct messages go through Bluesky's servers. In other words, more than a revolution, Bluesky seems to offer a “credible exit” from world X. Which is no small thing, but it’s not the promised land either.
The alternative to X that many like
These days, Bluesky is getting a lot of attention as a potential alternative to X, the social media platform formerly known as Twitter. Since Elon Musk has hired control of Twitter, many users have become uneasy about what they see as too much tolerance for extremist content. Bluesky presents itself as an attractive option: a social network with similar functionality to Twitter, but based on a decentralized protocol called AT (Authenticated Transfer Protocol).
The basic idea is that, thanks to decentralization, no single entity can control the platform or censor content. Each user would have the possibility of a “credible exit”, that is, to take with them their identity, followers and content in case of disagreement with the policies of the platform. A nice contrast to the “walled garden” of X, where authority is concentrated in the hands of Musk.
“Shared Heap” Architecture: Decentralized? Ni
A closer look at Bluesky's architecture reveals that its decentralization It is much more limited than it might seem at first glance. Unlike protocols such as Activity Pub, on which Mastodon is based, Bluesky does not use a “message passing” architecture where messages are routed directly between recipient servers.
Instead, Bluesky is based on a “shared heap” (shared heap) where all public data is sent to nodes called “relays”. These relays store every single public post, mention and like. Then the clients, called “app views”, query the relays to get the relevant data to display to users. It's a bit like if, instead of sending letters directly to the recipients' homes, we piled them all up at the main post office, leaving the recipients with the burden of going to collect their own mail.
This approach has some advantages, such as avoiding the conversation lapses that sometimes occur on Mastodon when the servers are out of sync. But it also has some disadvantages. The main one is the costs of hosting a relay grow exponentially with the number of users and posts.
Already today, a few months after launch, a Bluesky relay requires about 5 terabytes of storage space. Tomorrow, who knows.
In fact, only a few entities with enormous resources will be able to afford to operate relays. A bit like what happens with search engines: In theory anyone can create one, but in practice only giants like Google or Microsoft have the ability to do so. In short, despite the premises, Bluesky has a topology that will allow only a few to manage its instances: the announcement of the creation of premium users It may alleviate the problem, but I wouldn't be so sure about it.
User Identity: A Matter of Trust
Another crucial aspect for a social network that defines itself as decentralized is identity management. Bluesky uses “decentralized identifier” (DID), which in theory should allow users to move freely between providers while maintaining their identity. DIDs are unique sequences of characters that point to documents containing cryptographic keys and metadata associated with the identity.
However, the DIDs currently used by Bluesky (did:plc and did:web) are actually quite centralized. did:plc in particular is a registry managed directly by Bluesky. The company holds the signing keys for most users and could therefore take control of them if it wanted. While Bluesky may move to more decentralized identity systems in the future, the fact remains that it currently relies on trust in the platform administrators. Just like a traditional social network.
Then there is the issue of privacy. Decentralized? Absolutely not!
Since Bluesky is based on the assumption that all data is public, a lot of information that would be confidential on other platforms is visible to anyone here. For example, the blocked user lists are public. If you block someone, anyone can find out by querying the blockchain (just kidding, there is no blockchain, but the effect is the same).
This is because Bluesky's entire shared heap architecture is optimized for public data. Private posts and direct messages are an afterthought, so much so that they are routed through servers operated by Bluesky itself. In short, anything but decentralized: For private communications, Bluesky is even more centralized than X. And to think that the architecture of the Fediverse, based on the exchange of messages between servers, would allow for easier management of private communications while maintaining the federated nature of the platform.
X is not hell (yet)
Let's be clear: Bluesky is an interesting and promising project. Above all, it offers users dissatisfied with X a valid and functionally equivalent alternative. A "credible exit", to repeat their jargon. A way to get out of Musk's "walled garden" without losing too much in terms of user experience.
However, there is a long way to go before we can say that Bluesky is truly decentralized. We are far from the level of decentralization and federation of a platform like Mastodon. In many ways, Bluesky looks more like an X with some concessions to portability than a true federated social network. And nothing prevents a future conversion to censorship systems like those adopted by Meta, or by Twitter itself pre-Musk which was certainly not a hymn to freedom of expression.
On the other hand, maybe it's not even fair to expect absolute decentralization from Bluesky. Its stated aim, I repeat, is to offer a credible alternative to X, not necessarily building the ultimate, perfectly decentralized social network. And in fact, Bluesky could actually be a compromise (read: a compromise) for those looking for an escape route.
If you want true decentralization, think of a purple elephant
For those who want to fully explore the potential of truly decentralized social networking, I recommend taking a closer look at the Fediverse and Mastodon. Despite its flaws and rough edges, Mastodon embodies a much more serious and mature federation model than Bluesky. A model in which servers exchange messages with each other on an equal footing, without depending on a central authority.
Even Mastodon has its problems of scale, security, usability, no one denies them. But its decentralized architecture promises interesting developments, starting with the integration of federated storage that would make the platform even more resilient and less dependent on individual servers. If Bluesky aims to replicate Twitter in a “Web3 but not too much” key, Mastodon aims to truly realize the dream of a social network without masters.
A difficult dream, perhaps impossible. But one that is worth pursuing without being distracted by political squabbles and role-playing.
I'm done, Your Honor!