It’s getting easier to build new applications on ATProto, the protocol that powers Bluesky’s social network and a growing number of other apps.
At ATmosphere, the ATProto community conference held over the weekend in Seattle, Bluesky CTO Paul Frazee offered attendees a glimpse of what’s ahead for the protocol’s development and how those will help developers build more applications to expand the ecosystem in the future.
One of the key additions coming soon is support for the authentication standard OAuth, which some developers are already testing today, though not in a finalized state. With OAuth, developers will be able to create user accounts for their app’s users on AT Protocol-based infrastructure, as well as provide tools for session management and visibility into core account data.
For consumers and other end users, the addition of OAuth will allow them to sign into applications more easily and securely.
Instead of having to create an app-specific password in Bluesky’s settings, they would be able to use the OAuth option to sign in with Bluesky, similar to how people sign in with their account from a tech giant, like Google or Apple. (There is some debate around how this user interface will be presented, as it’s not clear that “Bluesky” should be a part of the branding. Bluesky will be one of many applications in the ATProto ecosystem, and the branding should reflect that users are signing in with an open social account that works across Bluesky and other apps.)
Another change is the ability to publish lexicons, or schemas, that define the structure of data records, directly on AT Protocol. This is important for the development of new types of applications, as developers expand the ecosystem with lexicons for things in other types of apps — like recipes in a recipe-sharing app or events or locations in a calendar or event scheduling app, and more.
When an application encounters a record it hasn’t seen before, it can resolve the lexicon definition through a DNS-like lookup process to understand how to interrupt that data. Sharing these resources will also allow app developers to not have to spend time defining their own unique lexicons, as they can instead look to those that have already been created by others in the ATProto community.
Later this year, the Bluesky team will begin working on ideas around how privately shared data will work. This is important because it would allow for new features that require private data, like bookmarks.
App users would also like to take advantage of end-to-end encryption, like what’s found in Signal or WhatsApp. Progress on this front, Frazee said, may be helped by the development that’s taking place now with MLS, a security layer that’s being championed by the Internet Engineering Task Force (IETF).
“There has just been a really great amount of interest in the MLS lately across a lot of different technology stacks, including the web. And I think that we can look at that with some optimism that it might be able to really accelerate the encryption future for atproto,” Frazee noted.
Other developments in the works include a way to improve relays — the part of the AT Protocol infrastructure that offers a “firehose” of network data for other services to use. By no longer requiring relays to maintain full archives, it will become cheaper and more scalable to run a relay of your own.
Work is also being planned to improve the user experience around account migrations and support for migrating to Bluesky’s servers instead of only away from its servers, as you can today.
TechCrunch reported from the ATmosphere Conference in Seattle.
