Gregory's Server
#Mitra can now process Move() activities.
This activity tells your followers to un-follow your old account and follow your new account when you're migrating from one instance to another. Mastodon can do that: https://docs.joinmastodon.org/user/moving/. I was unable to find any documentation or examples, and I've never seen this activity in the wild, so I just copied the logic from Pleroma.
The problem is that Move() activity must be signed by your old instance, and if the server is offline or if you're banned from it, there's no way to send it. To solve this problem, I want to let users sign activities with their own keys, so even if activity was sent from a new instance, it is still can be verified by other instances. There are two things that need to happen to make this possible:
- Embedded signatures. Mastodon can create them, but their implementation is not portable. There should be a clean and simple way to sign JSON object, otherwise embedded signatures will never be adopted in Fediverse.
- Identity proofs. This is a verifiable link between domain-based account and user's public key identity. Mitra already supports Ethereum identity proofs, and I'm planning to support GPG keys as well.
I've already started to work on signatures, and will create FEPs for each protocol extension (embedded signatures, identity proofs, user-signed move).