The best part of the fediverse is that anyone can run their own server. The downside of this is that anyone can easily create hordes of fake accounts, as I will now demonstrate.

Fighting fake accounts is hard and most implementations do not currently have an effective way of filtering out fake accounts. I’m sure that the developers will step in if this becomes a bigger problem. Until then, remember that votes are just a number.

  • sugar_in_your_tea@sh.itjust.works
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    That sounds a bit hyperbolic.

    You can externalize the web of trust with a decentralized system, and then just link it to accounts at whatever service you’re using. You could use a browser extension, for example, that shows you whether you trust a commenter or poster.

    That list wouldn’t get federated out, it could live in its own ecosystem, and update your local instance so it provides a separate list of votes for people in your web of trust. So only your admin (which could be you!) would know who you trust, and it would send two sets of vote totals to your client (or maybe three if you wanted to know how many votes it got from your instance alone).

    So no, I don’t think it needs to be invasive at all.

    • shagie@programming.dev
      link
      fedilink
      English
      arrow-up
      2
      ·
      2 years ago

      The single layer web of trust on the server wouldn’t be terribly difficult.

      A single layer web of trust on a client would mean that the client is getting sufficient information about all the votes to be able to weight them. This means that instead of “+4 -1” for the information that the client gets instead it would get that “shagie liked the object, JohnDoe liked the object, BadGuy liked the object, SomeoneElse liked it, and YetAnotherPerson disliked it.” That implies a lot more information being revealed to a client than many would be comfortable with.

      Granted all of that is available if you federate with a system and poke in the database. It’s there. But this makes it really easy to get that information.

      A transitive web of trust implies not only are you getting those votes and considering that “shagie liked the object” but also that you trust me and so that I trust JohnDoe is available to whatever is making that vote weighting calculation.

      And while that single layer on the server isn’t too eyebrow raising, getting the transitive listing gets into the Facebook level of social graph building - but for all to see. I’m not sure that people would be comfortable with that degree of nakedness of personal information.

      Consider also the data payload sizes. This post (rather mundane and not viral) has 243 comments. Some of them have over a hundred votes. How big of a payload do you want to get to send to the vote weigher (and back)?

      Consider the load for… say… https://lemm.ee/post/843533

      And for bad actors, all they have to do is cast a couple hundred votes on each comment (until they’re defederated and the database cleaned up by the admin) to DDOS the vote weigher.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        English
        arrow-up
        2
        ·
        2 years ago

        My point is you can have a mixed system. For example:

        • server stores list of “special interest” users (followed users, WoT, mods, etc)
        • server stores who voted for what (already does)
        • client updates the server’s list of “special interest” users with WoT data
        • when retrieving metadata about a post, you’d get:
          • total votes
          • votes from “special interest” users
          • total votes from your instance

        That’s not a ton of data, and the “special interest” users wouldn’t need to be synchronized to any other instance. The client would store the WoT data and update the server as needed (this way the server doesn’t need any transitive logic, the client handles it).

    • SQL_InjectMe@partizle.com
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      What if the web of trust is calculated with upvotes and downvotes? We already trust server admins to store those.

      • sugar_in_your_tea@sh.itjust.works
        link
        fedilink
        arrow-up
        2
        ·
        2 years ago

        I think that could work well. At the very least, I want the feature where I can see how many times I’ve upvoted/down voted a given individual when they post.

        That wouldn’t/shouldn’t give you transitive data imo, because voting for something doesn’t mean you trust them, just that the content is valuable (e.g. it could be a useful bot).