I did some writing about Jetstream, a lightweight version of the AT Proto firehose that's plain JSON over a websocket and without the MST/verification. It makes getting started building on AT Proto or Bluesky a lot lower friction if you trust your Jetstream operator. jazco.dev/2024/09/24/j... - ThreadSky

jaz.bsky.social • 160 days ago

I did some writing about Jetstream, a lightweight version of the AT Proto firehose that's plain JSON over a websocket and without the MST/verification.

It makes getting started building on AT Proto or Bluesky a lot lower friction if you trust your Jetstream operator.

https://jazco.dev/2024/09/24/jetstream/

Comments

jcsalterego.bsky.social•160 days ago

all my merkles unverified

mackuba.eu•160 days ago

Jaz is gonna get us hooked on the new stream and then once we get used to it will start sending counterfeit merkles when nobody's watching 😈

snorre.io•160 days ago

It’s just sparkling records if it’s not from the merkle tree region.

shawn.justshillin.com•160 days ago

I’m incredibly grateful too. The firehose was obliterating my bandwidth so jetstream is a lifesaver

rafaelcaricio.eu•160 days ago

📌

jaz.bsky.social•160 days ago

Running a Jetstream instance yourself is easy, it's all FOSS and I run the current public instance for $5/mo on an OVH VPS.

If you're building a bot, some fun side-project, or anything else that wants to consume the firehose but can't afford the bandwidth/compute, Jetstream is a decent alternative.

dattil.io•160 days ago

I should really look into this, I stayed away from the firehouse specifically because it was an absurd amount of data.

I really want to make custom feeds for each individual label in @warlabel.bsky.social

vedetta.bsky.social•160 days ago

📌

justdan96.bsky.social•160 days ago

📌

oyin.bo•160 days ago

This implied use case is puzzling me:

https://bsky.app/profile/mackuba.eu/post/3l4wj7dlfjt2z

If you're running a local instance of JetStream, aren't you paying for the bandwith already? Where is the savings?

mackuba.eu•160 days ago

Why is everyone assuming I'm paying for bandwidth per gigabyte?…

oyin.bo•160 days ago

How does your JetStream consume the incoming firehose from the Relay? Isn't it in Gb?

mackuba.eu•160 days ago

I'm talking about paying, on VPSes you generally have a monthly quota of TB, and if it's high enough, then the current bandwidth use isn't something I pay extra for beyond the normal monthly fee. So it doesn't matter if Jetstream runs locally or on Jaz's VPS, because it's not about bandwidth cost.

oyin.bo•160 days ago

It makes sense as a smart proxy node in a server farm (e.g. serving data to many feed generators).

It makes sense as an official BlueSky JetStream.

But for a sole local consumer, it ought to be less efficient than a CBOR reading library?

mackuba.eu•160 days ago

Yeah, so one possible use case is: set up Jetstream on one VPS, and then multiple client apps on one or more VPSes pull from that JSON source, instead of having N parallel CBOR streams.

mackuba.eu•160 days ago

This also opens up the possibility of splitting one monolith app into separate apps dealing with different things, if the only reason you had them bundled together was so that you wouldn't need to stream two firehose streams to the same VPS

oyin.bo•160 days ago

When one should probably consider Kafka, but ain't ready for a serious commitment.

mackuba.eu•160 days ago

Baby steps…

mackuba.eu•160 days ago

Another possible use cases:
- your firehose client written in a "not real language" is much slower than Jetstream's so you offload that to the Jetstream process and only deal with parsed records
- there isn't any good firehose client lib in the language you use yet and it's easier to just parse JSON

oyin.bo•160 days ago

If it's fast enough for JavaScript, it's fast enough for everything.

https://bsky.app/profile/oyin.bo/post/3l4w325vkz42d

mackuba.eu•160 days ago

AFAIK JavaScript these days is a surprisingly fast language, at least among scripting languages, because it's been hyper-optimized by browser vendors working for years on squeezing every last ms from it…

oyin.bo•160 days ago

Or wait, did you mean VBA???

oyin.bo•160 days ago

💯

bossett.social•160 days ago

there's major advantage in developer experience too - decoding CBOR, dealing with cursors, etc. is just busy work you don't have to do if you're happy to just run a local instance. idk that cycle-for-cycle efficiency is going to be your limiting factor

oyin.bo•160 days ago

That need is better served with a library rather than a separate spun server instance.

bossett.social•160 days ago

that's one's a bit of a philosophical rabbit hole

oyin.bo•160 days ago

In general case yes.

If a browser keeps up with raw firehose, it'd be embarrassing for some big server to struggle, no?

https://bsky.app/profile/oyin.bo/post/3l4w325vkz42d

aparker.io•160 days ago

it’s certainly easier to fuck around with plain ol json than it is to deal with libraries

aliceweb.xyz•160 days ago

(i mean, you still kinda need to deal with cursors if you want anything substantial. but yeah)

oyin.bo•160 days ago

Worth noting, JetStream isn't less secure:

wss://...

👆 is an end-to-end encrypted connection.

In the end the BlueSky PDS data is verified via the same DNS as the BlueSky JetStream.

jaz.bsky.social•160 days ago

The loss of "security" in Jetstream is mostly that a malicious operator could feasibly omit or change data on the stream.

Part of what makes AT Proto "Authenticated" is that no matter how many entities sit between you and the data, you can verify it's authenticity and completeness on your end.

jaz.bsky.social•160 days ago

That's why Jetstream isn't really protocol compliant and it doesn't have the guarantees of the full firehose. If you trust the Relay provider, you can run your own Jetstream and feel safe. If you trust your Jetstream provider, you can consume their stream and feel safe.

mackuba.eu•160 days ago

And Jetstream verifies all the events it gets from the source, right?

jaz.bsky.social•160 days ago

Not at the moment. I'm planning on adding at least signature verification soon though. I only ever point it at the relay I'm already operating so I haven't bothered with it... 😳

jaz.bsky.social•160 days ago

That will drive up it's CPU util and memory significantly so I may add it as an optional toggle. Caching DID docs is actually pretty expensive now that we've got 10M users and people are active...

mackuba.eu•160 days ago

Yeah that would be nice, since this would mean if you're running a local instance of Jetstream, you don't need to trust the Relay you're streaming from in that aspect

mackuba.eu•160 days ago

😅

oyin.bo•160 days ago

OK but a malicious operator can't intercept wss:// connection without taking over the servers.

jaz.bsky.social•160 days ago

Sure, "malicious" in this case could be i.e. if you don't trust Bluesky and think they may be censoring their relay or something.

str4d.xyz•160 days ago

"operator" is intended here as a subset of "adversary". Here, the "operator" is the person running the Jetstream instance, not an arbitrary network adversary.

oyin.bo•160 days ago

If BlueSky runs an official JetStream, it'd be the one everyone uses.

tautologer.com•160 days ago

this is awesome!

peterullrich.com•160 days ago

Thank you for this, Jaz 🙏 I replaced my connection to the Firehose API with Jetstream and was able to delete 90% of my code since I now don’t have to filter out non-posts and don’t have to decode from CBOR anymore. Very much appreciated 🙏

jaz.bsky.social•160 days ago

Awesome! Glad to hear it :)

zota.bsky.social•159 days ago

📌

Comments

Posting Rules

Reply