Does ActivityPub send those to other instances, or does ActivityPub only send the original post and the rest (upvotes, downvotes, replies) are stored only on the original server where the post was made?

  • Empricorn@feddit.nl
    link
    fedilink
    arrow-up
    36
    arrow-down
    2
    ·
    1 year ago

    Since you’ve gotten enough real answers, I’ll just remind you that upvotes are stored in the balls.

  • Teppic@kbin.social
    link
    fedilink
    arrow-up
    8
    ·
    1 year ago

    Posts and comments are federated (synchronised). Upvotes are actually a bit of a fudge, they are actually ‘Favourites’ if considered from an activity pub (e.g. Mastodon) perspective, and yes favourites are also federated.
    Downvotes don’t exist in activity pub and, as a result, they do not federate between instances.
    At least that is my understanding.

    • Max-P@lemmy.max-p.me
      link
      fedilink
      arrow-up
      5
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Downvotes do federate, but it uses protocol extensions to do it. So the downvotes won't federate to Mastodon, but it does for Lemmy and I think Kbin too

      • nutomic@lemmy.ml
        link
        fedilink
        arrow-up
        14
        ·
        1 year ago

        Votes federate with standard Like and Dislike activities which are part of Activitypub. It’s just that some platforms like Mastodon can’t handle Dislikes.

        • Monkey With A Shell@lemmy.socdojo.com
          link
          fedilink
          arrow-up
          5
          ·
          1 year ago

          Can’t handle by choice I’d guess. Given the format of individuals following individuals rather than topics in communities it doesn’t make much sense for a person to follow someone only to downvote/dislike their comments.

  • Send_me_nude_girls@feddit.de
    link
    fedilink
    arrow-up
    8
    ·
    edit-2
    1 year ago

    Technically votes are public. Only UI is hiding them. Which should be resolved, one way or another.

    Edit: there was a post with that here a few weeks ago. I understand that this isn’t a real answer to your question. Maybe you find it with these hints.

    Edit2: Found it. Here you’ll find more. https://mylemmy.win/post/89871

  • peereboominc@lemm.ee
    link
    fedilink
    English
    arrow-up
    2
    ·
    1 year ago

    What if someone sets up an instance, make a post and manipulate the upvotes? Just give it a million upvotes. That would break the whole system…

    Or a bit more subtle, every upvote is multiplied by 10.

    • Max-P@lemmy.max-p.me
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Individual votes are federated but not by number but by user, so you’d have to set up fake users and then federate a vote from each of them.

      That makes it rather easy to detect and identify and get that particular instance defederated.

      Votes will still go from origin instance -> community instance -> other instance, be if the other instance has defederated the origin instance then it simply gets dropped.

      • Teppic@kbin.social
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        If you use kbin you can even see who has made each upvote, so yes easy to then look for patterns of voting together and also at the profiles to see if the accounts looks like real people etc.

        • Max-P@lemmy.max-p.me
          link
          fedilink
          arrow-up
          1
          ·
          1 year ago

          Until a mod catches it and reports it to the admins, yeah.

          Lemmy isn’t the absolute most well thought out platform in many regards, I don’t think anyone expected Reddit to actively go hostile and drive such an amount of users to Lemmy.

  • AlexWIWA@lemmy.ml
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    1
    ·
    1 year ago

    Honestly votes being federated seems like a bad idea imo. Would be easy to spin up an instance with thousands of fake users and manipulate posts.

    Fediverse is already big enough that it could be lucrative to do so.

    • Shadow@lemmy.ca
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      So then everyone just blacklists that instance. If the problem is really severe, we move to whitelisting.

      It’s not hard to identify when someone is doing this.

      • AlexWIWA@lemmy.ml
        link
        fedilink
        English
        arrow-up
        2
        ·
        1 year ago

        It’s not hard to identify if you’re looking for it, they just use one instance, they aren’t subtle about it, and they are only boosting a specific company instead of a variety of products and ideas.

        Vote manipulation is hard enough to detect on Reddit where they have visibility top to bottom. I think this will become a major issue in the future.

        This is on top of the already significant scaling issues votes are causing.

        Other instances can cache the total count for historical reasons, to preserve lost instance vote counts, but keeping the full ledger is going to be a serious barrier to entry for hosters and a security (manipulation) issue.

      • Rogue@feddit.uk
        link
        fedilink
        arrow-up
        1
        ·
        1 year ago

        A whitelist defeats the decentralisation and openness of a defederated system.

        I think you’re mistaken in your assumption it would be easy to identify malicious instances. Bots are notoriously difficult to fight, every time you block one method another workaround will appear.

        • Shadow@lemmy.ca
          link
          fedilink
          arrow-up
          3
          ·
          edit-2
          1 year ago

          I think you’re mistaken in your assumption it would be easy to identify malicious instances. Bots are notoriously difficult to fight, every time you block one method another workaround will appear.

          I run a large instance and I look around in the DB occasionally when users complain, so I’m pretty familiar with what’s in there.

          A whitelist defeats the decentralisation and openness of a defederated system.

          True, but assholes are assholes and sometimes freedom and assholery don’t mix well.

    • PoliticalAgitator@lemm.ee
      link
      fedilink
      arrow-up
      1
      ·
      1 year ago

      Would it change anything besides their technique?

      They almost certainly already have vote manipulation tools for reddit that work via browser automation, because someone offered me money to build one 10 years ago.

      Those tools and a handful of accounts+vpns would already be borderline undetectable without the access needed to see that 25 accounts always voted the same way.

      At least on Lemmy, you have that access. Reddit not only makes zero effort to prevent it, they actively obfuscate the information needed to spot it.

    • merthyr1831@lemmy.world
      link
      fedilink
      arrow-up
      2
      arrow-down
      1
      ·
      1 year ago

      I disagree. Reddit openly admitted to manipulating its upvote count to “deter bots”, especially since it became apparent that the front page of reddit became a very lucrative position to be if you were promoting a product, service, or ideology. In the post API world of Reddit, it’s more apparent than ever that votes are being manipulated to give users an illusion of activity that isn’t actually there.

      In fact, Reddit’s manipulation was always as easy as paying someone to upvote a post a few hundred times within an hour of posting which in turn boosted it on the algorithm that displayed leading posts based on rate of activity instead of actual upvotes.

      On the fediverse, being on the front page of an instance isn’t nearly as lucrative, and being on the front of ALL of them isn’t feasible. Even if one instance is manipulated, federation makes that effort null in seconds.

      The fact these services aren’t monetised, are volunteer-funded, and don’t have the economic or advertising power as reddit does, really makes it harder for votes to be manipulated, let alone make someone want to manipulate the service.

      Lemmy and Mastodon have issues with moderation but at worst the manipulation risk is nowhere near as bad as reddit. At best, it looks like corporate manipulation of social media is all but nonexistent on here. Let’s celebrate that

  • iso@lemmy.dbzer0.com
    link
    fedilink
    arrow-up
    0
    ·
    1 year ago

    haven’t worked with AP yet, but as a webdev I’m certain it’s original server only. Syncing upvotes between nodes would be an insane datavolume and one hell to properly keep in sync to begin with.

    • Dave@lemmy.nz
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      1 year ago

      My instance has 800 users, is 4 months old, and the database only is over 30GB. It is an insane amount of data.

      • nutomic@lemmy.ml
        link
        fedilink
        arrow-up
        0
        ·
        1 year ago

        There is a postgres command to show the size of each table. Most likely it is from activity tables which can be cleared out to save space.

        • Dave@lemmy.nz
          link
          fedilink
          arrow-up
          0
          ·
          1 year ago

          After the second-to-last update the database shrunk and I was under the impression there was some automatic removal happening. Was this not the case?

          It’s helpful info for others but personally I’m not that worried about the database size. The size of the pictrs cache is much more of a concern, and as I understand it there isn’t an easy way to identify and remove cache images without accidentally taking out user image uploads.

          • nutomic@lemmy.ml
            link
            fedilink
            arrow-up
            2
            arrow-down
            1
            ·
            1 year ago

            Yes there is automatic removal so if you have enough disk space, no need to worry about it.

            The pictrs storage only consists of uploads from local users, and thumbnails for both local and remote posts. Thumbnails for remote posts could theoretically be wiped and loaded from the other instance, but they shouldnt take much space anyway.

            • Dave@lemmy.nz
              link
              fedilink
              arrow-up
              1
              ·
              1 year ago

              Yes there is automatic removal so if you have enough disk space, no need to worry about it.

              What triggers this? My DB was about 30GB, then the update shrunk it down to 5GB, then it grew back to 30GB.

              The pictrs storage only consists of uploads from local users, and thumbnails for both local and remote posts. Thumbnails for remote posts could theoretically be wiped and loaded from the other instance, but they shouldnt take much space anyway.

              I’d be pretty confident that the 140GB of pictrs cache I have is mostly cache. There are occasionaly users uploading images, but we don’t have that many active users, I’d be surprised if there was more than a few GB of image uploads in total out of that 140GB. We just aren’t that big of a server.

              The pictrs volume also grows consistently at a little under 1GB per day. I just went and had a look, in the files directory there are 6 directories from today (the day only has a couple of hours left), and these sum to almost 700MB of images and almost 6000 files, or a little over 100KB each.

              The instance has had just 27 active users today (though of course users not posting will still generate thumbnails).

              While the cached images may be small, it adds up really quick.

              As far as I can tell there is no cache pruning, as the cache goes up pretty consistently each day.

              • nutomic@lemmy.ml
                link
                fedilink
                arrow-up
                2
                arrow-down
                1
                ·
                1 year ago

                The activities table is cleared out automatically every week, items older than 3 months are deleted. During the update only a smaller number of rows was migrated so the db temporarily was slower. You can manually clear older items in sent_activity and received_activity to free more space.

                Actually Im wrong about images, turns out that all remote images are mirrored locally in order to generate thumbnails. 0.19 will have an option to disable that. This could use more improvements, the whole image handling is rather confusing now.

                • Dave@lemmy.nz
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  1 year ago

                  Thanks for the info! Ior performance reasons it would be nice to have a way to configure how long the cache is kept rather than disable it completely, but I understand you probably have other priorities.

                  Would disabling the cache remove images cached up to that point?