this post was submitted on 31 Aug 2025
86 points (92.2% liked)

Fediverse

36684 readers
215 users here now

A community to talk about the Fediverse and all it's related services using ActivityPub (Mastodon, Lemmy, KBin, etc).

If you wanted to get help with moderating your own community then head over to !moderators@lemmy.world!

Rules

Learn more at these websites: Join The Fediverse Wiki, Fediverse.info, Wikipedia Page, The Federation Info (Stats), FediDB (Stats), Sub Rehab (Reddit Migration)

founded 2 years ago
MODERATORS
ruud@lemmy.world
Xylinna@lemmy.world
MrCenny@lemmy.world
TragicNotCute@lemmy.world
automodbeta@lemmy.world
woelkchen@lemmy.world
86
Implementing Portable User Identities with DIDs (github.com)
submitted 1 week ago by muntedcrocodile@lemmy.world to c/fediverse@lemmy.world
50 comments fedilink hide all child comments
 

Here's an idea to make Lemmy even better: true account portability.

Right now, your Lemmy account and all your content are tied to one server. Moving instances or having one shut down means losing your digital presence. Frankly, the server controls your online identity.

But what if you controlled your identity?

I've opened a discussion on the Lemmy dev GitHub about integrating Decentralized Identifiers (DIDs). Think of a DID as a permanent, global ID you own, independent of any server.

Why DIDs are a game-changer for Lemmy:

  • Real Account Portability: Move your entire account – posts, comments, followers – to any new instance seamlessly. Your identity travels with you.
  • More User Control: Your online presence becomes resilient, managed by an ID you control, not governed by a single server's policies.
  • Proven Tech: It works. Protocols like ATProto (Bluesky) successfully use DIDs for portable user identities.
  • Full Fediverse Compatibility: We can add DIDs to Lemmy while staying fully interoperable with Mastodon, Kbin, and all other ActivityPub platforms. No breaking changes, just a powerful upgrade.

This is a big step towards a more decentralized and user-controlled fediverse. If you're interested in more control over your digital self, check out the discussion:

[GitHub Issue: https://github.com/LemmyNet/lemmy/issues/5942]

If you're on other ActivityPub platforms, consider pushing for similar solutions! The more platforms that adopt truly portable identity, the stronger the fediverse becomes.

you are viewing a single comment's thread
view the rest of the comments
[–] muntedcrocodile@lemmy.world 0 points 1 week ago* (last edited 1 week ago) (2 children)

So Activpub needs an actor with an inbox and outbox to send and receive content. A did is a virtual actor that reroutes to a real actor and collects content across real actors. Ideally can send an activity to a did which is resolved to the current home instance. And the did stores ur profile picture a public key display names bio etc etc. U could use pgp as the key in the did if the devs want to support it as a cryptography protocol. The did is also used to sign each message similar to pgp. U simply need more functionality than what pgp provides

[–] danhab99@programming.dev 5 points 1 week ago* (last edited 1 week ago)

So Activpub needs an actor with an inbox and outbox to send and receive content. A did is a virtual actor that reroutes to a real actor and collects content across real actors.

Gpg public keys have a dedicated email address field. And if you don't want to share your "real" email address then just make a new one. (edit) Or don't include one.

And the did stores ur profile picture a public key display names bio etc etc.

Yeah that's a pain point I experienced with Gpg armored packets, I couldn't figure out a way to pack in a PFP. Even shrinking it to 64x64 made the public key file feel too heavy. So I just decided profile pics are out of scope and you should just use gravatar.

U could use pgp as the key in the did if the devs want to support it as a cryptography protocol. The did is also used to sign each message similar to pgp. U simply need more functionality than what pgp provides.

I 80% agree. I do wish PGP armored packets had extra fields and if that's an RFC that could be sent to the Gnupg maintainers then gpg would be absolutely perfect but I haven't gotten around to figuring that out. All things considered since GnuPG already exists and it's already installable everywhere and it already works I figured I could just roll with it for userless atleast. I want to use GPG for all user authentication related concerns.

[–] zalgotext@sh.itjust.works 3 points 1 week ago (1 children)

A did is a virtual actor that reroutes to a real actor and collects content across real actors

Where is that virtual actor hosted? If it's centralized, I feel like it defeats the purpose of user-centric identity control. If it's user-hosted, that sounds like GPG with extra, even more inconvenient steps.

[–] muntedcrocodile@lemmy.world -1 points 1 week ago (1 children)

Its both. It can we a json file served from some webserver. It can be a peer hosted thing where a bunch of instances host it on your behalf. It can be something that exists on your designated identity server. It can be a transaction on a blockchain. And as long as the software knows how to resolve it they all work.

[–] zalgotext@sh.itjust.works 1 points 6 days ago

Having to figure out hosting, no matter if it's self, peer, or whatever else hosting, kinda makes this proposal DOA I think. It's kinda using a jackhammer for a problem that's already been solved by a screwdriver.