Comments
go1dfish OP wrote
Really there is very little of my own code driving this, it took me about a week to build this out.
Gun db is doing most of the work, and porting that to python would get you 90% of the way to having a python peer for notabug.
Really for the purposes of providing hosting, you'd only be missing notabug's schema validation code.
emma wrote
I wasn't sincere about the Python thing. It's the #1 most common feedback I hate to get being the maker of a reddit clone myself.
go1dfish OP wrote
Yeah I figured, but I was :) If this thing takes off I do hope there will be multiple implementations.
Some people are already doing some forks with changes, but they are mostly UI differences.
go1dfish OP wrote
So TIL there IS a (wip?) port of gundb to python:
https://github.com/xmonader/pygundb
So now you have no excuse ;)
ziq wrote (edited )
The reddit redesign could easily be the death of it. You have a real opportunity to seize some of their monopoly with this. People abhor change to their ecosystems.
Postmill is still much cleaner and efficient than any reddit clone tho.
retiredshared5 wrote
Postmill is still much cleaner and efficient than any reddit clone tho.
I think this is one key part; I opened this site and immediately noticed it felt sluggish compared to Postmill, and it felt off.
go1dfish OP wrote (edited )
It's currently massively unoptimized.
Voting is intentionally slow and cpu heavy as it is a proof of work problem.
In some respects it will feel faster as it manages data locally.
The communications are real time, you can have live chats in threads.
It's p2p by design and right now there are no escape hatches. Your browser is sorting and counting votes, things that will eventually be more federalized and handled at the server level.
It will likely always be more heavy than postmill, but with that will come some additional benefits. Software is always about tradeoffs.
go1dfish OP wrote (edited )
Yeah I'm hoping for that. I'm aiming to have full compatibility with existing subreddit styles when I add community features.
Other clients can do what they want though, at least one other user is working on a leaner UI rewrite using jquery.
boringskip wrote (edited )
you are the ancap go1dfish from reddit?
Pop wrote
Seems likely given the post history
go1dfish OP wrote
Yes, though I prefer to use the term voluntaryist as I believe it more accurately describes my philosophy and tends to make the AnComs less angry about what they perceive as an appropriation.
ziq wrote (edited )
go1dfish OP wrote
Glad you find it useful, more likely it is the reddit admins that are to blame and the sub would be banned entirely if the mods did not intervene for such comments.
Similar thing led to the shutdown of r/uncensorednews
ziq wrote (edited )
Nah the mod censoring and banning everyone for being anarchists also keeps threatening to shoot them. It's great as a propaganda tool. Gets more people to see how fucked communists are so they come to anarchism instead, and learn to forever distrust power fetishizing ideologues.
GrimWillow wrote
There is that, but isn't /u/go1dfish the one that is responsible for snew? The uncensoring tool that highlighted reactionary bigots as if they were "free speech" martyrs. While I have often used the tool and found it useful, I am suspect of their motives and who they support in this political climate. This is just something I remember being discussed from months ago, so forgive me if I got it wrong and I'm thinking of someone else..
ziq wrote (edited )
Idk their motives for making ceddit, but they're a volantaryist so that says it all.
I'm just glad they don't call themself an anarchist.
libre_dev wrote
Requiring jabbascript is not very Tor friendly
go1dfish OP wrote
This is a known issue.
If you want to stay safe and anon while using nab the safest option is whonix or qubes which will allow you to run the JS in a vm that if compromised still shouldn't reveal your network location.
In the future, serverside rendering could could be provided by peers but that requires trusting the peer.
libre_dev wrote
I still don't see why a link aggregation site should require me to run harmful bloated code. A promiscuous browser culture encourages tracking
go1dfish OP wrote
Because in your setup you must trust the site fully anyway.
This is not necessarily the case with the notabug approach if you can trust the code instead. You can run your own local copy of the js app, and/or you can verify in the browser that the app is not talking to or saying anything it shouldn't.
It's totally a valid concern, but the reasoning behind this approach makes javascript a necessary evil at this stage.
Other distributed aggregator projects like aether require software downloads, and I think that is a heavy barrier to entry.
Notabug users still have the option to use local software and if the gun protocol is ported to other languages it should be possible for different client builds to interact.
libre_dev wrote
I may have glossed over the part where there's an actual protocol involved. That changes things. I'm very much in favor of moving things toward protocols rather than siloed implementations
go1dfish OP wrote
Currently the only implementation of the gun protocol is the javascript implementation of gun.
NAB doesn't really have a protocol beyond that as much as it has a data schema it enforces on top of the database arising from that protocol.
go1dfish OP wrote
Turns out I was wrong.
There is a (WIP?) python implementation of gun
https://github.com/xmonader/pygundb
So nab support would be making sure that was complete and then adding code to do the schema validation like this:
https://github.com/notabugio/notabug/blob/master/src/lib/nab/validate.js
Fossidarity wrote
I like the idea of this very much, can you share some information about the technology behind it?
go1dfish OP wrote
Sure.
The core of nab is the gun database system:
It's a distributed p2p graph database in javascript.
It handles real time replication of data and changes.
Nab is built by defining additional validation rules for the incoming gun data to define a schema for the data that clients/peers enforce on each other.
Part of this schema is that the identifier for post data is based on a cryptographic hash of the post data, this and the validation makes post content effectively immutable. (For legal or other takedowns peers can replace their local data, but other peers can recognize the tampering since the hash wont match)
Voting is accomplished by a proof of work problem on those identifiers + "ups" or "downs" or whatever type of vote you want to track (nsfw marking will likely work similarly)
The most interesting code is here:
https://github.com/notabugio/notabug/blob/master/src/lib/nab/validate.js
https://github.com/notabugio/notabug/blob/master/src/lib/nab/read.js
https://github.com/notabugio/notabug/blob/master/src/lib/nab/write.js
All the details of the networking and replication are handled by gun, which is what made this so simple to develop.
Currently gun has some pretty major performance issues serverside, but the dev behind it is working hard to address.
goodjobbusorryz6p5rz6p5r wrote
I will never use a site that doesn't work without Javascript, good job (I gave an upvote) but sorry.
go1dfish OP wrote
I can totally understand this perspective and it's why I do want to explore serverside rendering.
But it does mean a tradeoff in this case, espescially once I support logins.
With the thick client approach, the logins I plan to use happen entirely client-side and your password is never transfered to the server at all.
This isn't possible with static web pages, you have to trust the web frontend you use to not steal your password.
That's just one example, but there are others.
Right now to the nodes it is much more difficult for a node to tell who is reading what (once the app is running) than if requests were coming in through a traditional url structure for every request.
The whole point of nab is putting as much choice as possible in the hands of end users and I do hope to eventually give users the option to make the above trade-offs as desired if someone else doesn't beat me to it.
martasultan wrote
This software works really badly; it needs to be lighter and have no JS reliance. It logs me out every time I try to comment, and often doesn't load pages.
go1dfish OP wrote
Thanks for the feedback, things should have improved a good bit if you want to give it another try.
It is lighter; but still not possible to contribute without JS yet and logins are still a bit buggy.
Constantly working to improve the software and PRs are welcome.
DissidentRage wrote
Pure front-end Javascript is bad for accessibility and security. Cool exercise in ability, but the approach is fatally flawed.
go1dfish OP wrote
It's generating the same dom as reddit in the end, it should be easily adaptable to a js-free serverside rendered approach.
Another approach to mitigating these issues is a locally installed application.
I'll admit to not being an accessibility expert, but if frontend JS can be accessible at all, then notabug should be roughly as accessible as reddit.
DissidentRage wrote
Front-end JS is not accessible because it requires that the client both has it enabled and runs it properly. There are many reasons why this would not be the case.
F3nd0 wrote
“NotABug” is the name of a git hosting site; you should consider whether that might have any implications for either of the projects or not. You could also have Notabug.io hosted at NotABug; how cool would that be‽
go1dfish OP wrote
Yeah I'm not sure how to handle that, nab the hosting site is obscure enough that it didn't seem like too big of a deal. I'm certainly not attempting to feign any association with them but I kinda like the irony of hosting nab on notabug if it wouldn't cause too much confusion.
I call it not a bug as a callout to Aaron Swartz.
I think all censorship should be deplored. My position is that bits are not a bug.
Not a bug was the name of reddit's parent company while Swartz was a founder.
arduinna wrote
What's the difference between the peers?
go1dfish OP wrote
Currently the main difference is that the other peers are outdated software wise relevant to mine; none has set out to strongly differentiate itself on matters of policy yet.
https:///blubit.space has focused on a reimplementation of the UI not using any reddit code.
ConnieCommie wrote
lol you peddled this on voat, aka Nazis; The Site. Fuck right off.
go1dfish OP wrote
I'm not playing favorites.
ConnieCommie wrote
you're playing nazi sympathizing
go1dfish OP wrote
I have a soft spot for commies too when it comes to freedom of speech.
ConnieCommie wrote
how the fuck is this seriously upvoted
ziq wrote
Ikr? It's almost like people would rather tolerate a diehard capitalist that hangs out with nazis than you...
thepasswordispassword wrote
well some people understand that free speech is nessary, even if that means a few nazis will have to get it as a sacrafice.
An_Old_Big_Tree wrote
"I'm not a racist, I just think racism should be allowed!"
You're in the wrong place for that kind of statement.
thepasswordispassword wrote
but notice how even you do not outright say it is a wrong statement, just that I should not say it here.
An_Old_Big_Tree wrote
Do you know what it means to imply something?
ziq wrote (edited )
Free speech doesn't exist. There's nothing free about a violent state granting you the right to say certain things. That's controlled speech.
emma wrote (edited )
Can you rewrite it in Python? I swear I'll totally commit myself to helping out if it's written in Python!
In all seriousness, good job. Looking forward to studying the inner workings of this.