Radicle is completely peer to peer. There are no such things as servers and clients, only nodes. However, there are quite a few nodes that then act as HTTP servers to offer convenient access via the browser.
All in all, seems like an awesome project and instantly more trustworthy and rugpull-resistant than Tangled.
> The Radicle Foundation is established. A Swiss non-profit that oversees the development of the project.
Thank you!
Tangled to my understanding is federated in theory but centralized in practice. It relies on "knots" (servers that host Git repos) and a central AppView at tangled.sh that aggregates the network. Issues and social artifacts live on Personal Data Servers, not locally. While you can self-host a knot, the default experience routes through Tangled's managed infrastructure. The architecture is fundamentally client-server: your operations go over the network to wherever your data lives.
What Forgejo are working on is to have their servers/instances communicate with each other via ActivityPub (IIRC). Think about it more like GitHub : Forgejo :: Twitter : Mastodon and possibly Filesharing : BitTorrent :: Software Development : Radicle.
With Forgejo, every instance has its own database of user accounts, and controls who may log in or not (and so on). This is not the case with Radicle. Since there is no such authority, user accounts are self-certifying.
For repositories, since there is no "standard location" like "the server", Radicle has developed a way to abstract from the user namespaces of the maintainers of a repo, to a canonical namespace. This is how references are lifted from individuals to a project. Not by having a copy on some particular server, which access control. Of course, Radicle also has access control, but it is tied to the self-certifying identities, not to some server.
From the FAQ:
> For one, [git] has no way of verifying that the repository you downloaded after a git clone is the one you asked for, which means you need to clone from a trusted source (ie. a known server). This isn’t compatible with peer-to-peer in any useful way.
> Radicle solves this by assigning stable identities to repositories that can be verified locally, allowing repositories to be served by untrusted parties.
What does this mean, in practice? At first glance this sounds like Radicle is turning a service trust problem into a PKI-shaped problem, which is more of a transmutation than a solution.
Or more precisely: how do I know which stable repository identities to trust, and how is that trust distributed to parties in the network?
Imagine a project with multiple repos on GitHub (not “forks” but someone actually uploaded it as a new repo). Similar problem. I’ve seen this before with some simple C libraries that haven’t changed in years.
Each repository is governed by an identity document which is signed by a set of delegates, each delegate currently corresponds 1:1 to someones ssh-key. We are working to adjust this mechanism so you can have group identities, but its a hard problem and we're not the only ones working on it (note theres light at the end of this tunnel at this point).
Seeing as you studied philosophy I'd argue what then do you mean by a solution? Aren't all solutions transmutations of prior 'things'? In the complex domain we have a word for it, exaptation - the radicle repurposing of something in a new context.
That aside, how do you know which people to trust when you meet them? And how do you signal trust in those you've met? In Radicle holding stable cryptographic identities doesn't resolve the zero-to-some trust problem but it does resolve the some-to-more trust problem, I can continue trusting once I recognise and know an identity.
So to answer "how is that trust distributed to parties in the network" - by stable cryptographic identities.
To answer "how do I know which stable repository identities to trust" - by socialising, like you know how to trust people you meet in the world because you were introduced to them by someone else you trust.
We need better forges and they need to be p2p to survive. p2p is the only viable future for the web.
But this seems excellent for code, a thing that (to the extent you can or should be) is mostly apolitical.
And that got me to thinking about Usenet and how a ton of software (usually pirated) and images (usually pornography) were posted to it.
And people often posted stupid stuff they said (usually because they were young and dare I say afflicted by a moment of dumb).
I think one of the problems with p2p distributed systems is how do you handle "mistakes". Things you want deleted.
What if someone accidentally posts their address and phone number?
What if you post a communication system with encryption methods, but then the government passes a law that is criminal? Maybe in some regimes that puts you on a list for arrest? Look at what is happening with HAM radio operators and Belarus...
https://www.niemanlab.org/reading/ham-radio-operators-in-bel...
To me, none of this raises above the idea that distributed p2p content should not be used. It is just that it has some issues.
Also, unrelated, but I think the plethora of "How does this compare to XYZ" type comments are not very helpful. It is too easy to write that kind of post, but much harder to answer.
What if the government says all FOSS developers must be rounded up and executed? What if you spill coffee on your laptop because you were tired while reading the documentation? What if you misunderstand the instructions and accidentally post a no no word on the internet?
One time when I was younger I downloaded something and it had a virus. Bad news!
Just some concerns, you know. Not taking a stance here, just saying I have questions...
Edit: just tired of seeing posts sowing FUD on every thread about decentralized tech. Don’t worry, the government isn’t going to break down your door because you host a Radicle node.
Whether your mistakes can be deleted is up to the operator. They can even lead you to believe your content was deleted, while reporting it to the authorities.
> What if you post a communication system with encryption methods, but then the government passes a law that is criminal
Did you post it while it was legal to do so? Yes. Are you distributing it after it was deemed illegal? No. If you are in a country with a fair justice system, you wouldn't have to worry. If you are in a country without one, they will find a much easier way to get you anyway.
You can put your node behind Tor if you’re worried about demand letters, by the way.
ISPs will try to block use of IPV6 for serving content, but eventually I think users will win because ultimately it should be a right to share information.
Radworks and RAD are still a thing, and the last vote (https://community.radworks.org/t/3698 and https://community.radworks.org/t/3703) was to fund Radworks App (https://radworks.org/app), Drips (https://www.drips.network/), Radicle Garden (https://radicle.garden/).
Radicle development is funded by the Better Internet Foundation (https://betterinternet.foundation/), previously called "Radicle Foundation".
RAD "tokenomics" are discussed here: https://community.radworks.org/t/3645/
endiangroup•1h ago
a-french-anon•59m ago
endiangroup•53m ago
lorenzleutgeb•52m ago
Tepix•53m ago
gitlab recently closed a 2015 feature request https://gitlab.com/gitlab-org/gitlab/-/issues/14116
PS: What's this "AD" prefix you're using?
endiangroup•51m ago
endiangroup•45m ago