• BeigeAgenda@lemmy.ca
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      1
      ·
      edit-2
      1 year ago

      Without knowing much about Lemmy I would guess that a bit more info is needed, along with some human interaction on both servers to validate the move.

      When I signed up i wrote a bit about why I chose that server, I think that as a minimum would also be required.

      Edit: I would also only allow moving between servers at the 1st of each month, just to cut down on work for the admins.

  • sabreW4K3@lemmy.tf
    link
    fedilink
    English
    arrow-up
    6
    arrow-down
    1
    ·
    1 year ago

    I think UI is the least of their worries. They’ve not even decided what to migrate yet.

    • NickwithaC@lemmy.worldOP
      link
      fedilink
      English
      arrow-up
      5
      arrow-down
      1
      ·
      1 year ago

      It really needs to be everything - posts, comments, subscriptions, upvotes/downvotes, blocks, and mod status. It needs to be such that signing in to your account on the new instance is the same as signing into on the old one. It should be so seamless that you can just switch instances just to try out a new one and switch back again if it isn’t for you.

      • Muddybulldog@mylemmy.win
        link
        fedilink
        English
        arrow-up
        3
        arrow-down
        1
        ·
        edit-2
        1 year ago

        It won’t be anything even close.

        Indexes are unique to each instance. Post ID, Comment ID, Vote ID. There’s no way to correlate this information between two instances other than to do a full text match, post by post, comment by comment, vote by vote, to determine if what is being imported already exists on the new instance or is “new”.

        Even if you go that route, then there’s the quandaries that follow… if you import what is effectively a “new” post to your new instance, do the comments (which aren’t yours) come along, or do you simply end up importing your post with no interaction history.

        Then there is identity. You most likely have a non-local identity on your new server, as a result of federation, how does the new instance know that you are who you say you are, givimg you ownership of any of that existing content as it binds it to your, now, local identity?

        That’s just off the top of my head.

        If you’re lucky you’ll get to keep your cake day.

        • Dandroid@dandroid.app
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          I kinda just want to keep my cake day. I signed up on my first account on my IRL birthday, but then I created my own instance some time later and created an account on that one. I just thought it was fun to have it on my birthday. :(

          • maegul (he/they)@lemmy.ml
            link
            fedilink
            English
            arrow-up
            3
            ·
            1 year ago

            This is a perfect example of how engineers/developers can fret over all sorts of technical challenges and compromises while completely missing the one thing a user wants most because it’s simple and sentimental and “human” which also turns out to be comparatively trivial to implement.

        • Spzi@lemm.ee
          link
          fedilink
          English
          arrow-up
          2
          ·
          1 year ago

          Indexes are unique to each instance. Post ID, Comment ID, Vote ID. There’s no way to correlate this information between two instances other than to do a full text match, post by post, comment by comment

          I hope there will be a solution for this. It’s so unpractical. The only sane way to link to posts on other instances seems to be to cross-post them.

          If you just share a link to a specific post or comment … people can see it, but unless they happen to have an account on that instance, they cannot interact with it. To do so, you have to search for it, and the search is not reliable.

          Why can’t post or comment IDs be generated hashes, and each instance uses the same algorithm?

          • Muddybulldog@mylemmy.win
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Someone else did bring up the point that the canonical URL is stored, so that does make correlation a bit easier.

            Doesn’t solve the concerns you’ve brought forth. For example, the “I don’t have an account here”. A local instance can correlate a local post to a remote post, being able to provide a “open on original instance” link but it can’t be done the opposite direction, which would relieve this problem.

            As for hashing, it too certain what that would gain but at some point there was obviously a decision not to correlate by the message UUID (which would accomplish the same thing). Since I wasn’t in the room can’t say why.

        • Deebster@lemmyrs.org
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          Posts and comments have a canonical URL (i.e. the original submission’s URL that’s linked to via the Fediverse pentagram), so that can be used as a foreign key when comparing.

          I think identify claiming would need to have been designed into the original spec with something like a public/private key for account ownership to allow moving of related data in a safe way, or e.g. editing a post from a different instance than originally posted it.

          • Muddybulldog@mylemmy.win
            link
            fedilink
            English
            arrow-up
            1
            ·
            edit-2
            1 year ago

            Like I said, I was just running of the top of my head.

            While it’s true they have canonical URLs, there still remains that there’s no apparent method for integrity checks. No way to validate a correlation between the “new user” and the post or comment that can prevent abuse.

            • Deebster@lemmyrs.org
              link
              fedilink
              English
              arrow-up
              1
              ·
              1 year ago

              Yeah, I wasn’t arguing, just thinking out loud too. I think the whole decentralised aspect of the fediverse means that ownership has to have a cryptographic answer because there’s no central source of truth that everyone can agree on.

              I think moving accounts is a little easier than you think, apart from who gets to say that something should move. It’d be better to have a “pull” than something like the “push” solution that currently exists on Mastodon - there you can forward an account to a new place, as long as the old instance exists and cooperates (big ifs).

              I’m mostly thinking about moving accounts (+ communities) in the case of when an instance suddenly vanishes.

              • Muddybulldog@mylemmy.win
                link
                fedilink
                English
                arrow-up
                3
                ·
                1 year ago

                Agreed. It really comes down to what is enough to satisfy most people. Exporting subscriptions is an easy implementation. Saved/favorited posts, slightly less easy but very achievable. Each of these could be safely done as a user initiated export/import.

                Once you start getting into any type of ownership type work, votes, comments, etc. then it’s starts getting hairy due to integrity concerns. How do we trust that this activity actually belongs to the person claiming it.

        • elscallr@lemmy.world
          link
          fedilink
          English
          arrow-up
          0
          ·
          1 year ago

          As long as they’re using UUIDs where they should be the possibility of a collision is literally so low as to be impossible, but that relies on all the pieces of software using good principles.

          • Muddybulldog@mylemmy.win
            link
            fedilink
            English
            arrow-up
            1
            ·
            1 year ago

            Message activity contains a UUID but the activity table is considered disposable and is purged regularly. Once the message is broken down into its parts and stored the universal identifier is lost. All correlation is local.

      • sabreW4K3@lemmy.tf
        link
        fedilink
        English
        arrow-up
        0
        arrow-down
        1
        ·
        1 year ago

        It’s not that on mastodon and it shouldn’t be that here either. There needs to be some consequence to switching instance.

  • scytale@lemmy.world
    link
    fedilink
    English
    arrow-up
    4
    ·
    1 year ago

    I discovered this a couple of days ago: https://github.com/CMahaff/lasim. It just transfers your subscriptions to your new account in another instance. I don’t really mind not being able to transfer comments for now, but this has been very very helpful when I moved my subscriptions from one of my lemmy.world accounts to another instance because of the recent downtimes.

    • maegul (he/they)@lemmy.ml
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Yea this is what should be aimed for in the middle term. Anything bigger involves a number of technical chalenges.

      But being able to migrate your “setup” to another instance is the middle ground that will actually doable in the short term and a rather significant improvement in the user experience.

      “Setup” would include subscriptions, and any further details about subscriptions that may come along like user defined multi-subscriptions etc, settings, cakeday (suggested elsewhere in the comments and a wonderfully human suggestion), blocks etc.

  • cheer@lemmy.world
    link
    fedilink
    English
    arrow-up
    1
    ·
    1 year ago

    They might just go Masto-style migration and just but a banner on your profile linking to your new account, and give you a list of communities to import.

  • samokosik@lemmynsfw.com
    link
    fedilink
    English
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    Let’s just be honest the default interface sucks and should be used only for account creation

  • Pregnenolone@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    1 year ago

    I’m not convinced that this is a problem that needs to be solved. The value of the federation is that your data is fleeting and not guaranteed. I’m not sure why anyone in the federation needs to guarantee the existence of your data long term.

    • Contramuffin@lemmy.world
      link
      fedilink
      English
      arrow-up
      1
      ·
      1 year ago

      Because people form attachments to their accounts, and allowing them to keep their info can promote federation (encourage people to use other instances, especially since most people start off on one of the big instances).

      I get what you’re saying, but I think there is a practical purpose for allowing migration. That being said, I think working on the UI before thinking about how migration would work in practice might be putting the cart before the horse

  • Kinglink@lemmy.world
    link
    fedilink
    English
    arrow-up
    2
    arrow-down
    2
    ·
    edit-2
    1 year ago

    There’s three big problems with this.

    A. You’re now allowing people to hop, and even name change. Let’s say they’ll allow that. But I think both of those are things that will have to be agreed upon if it’s done at all.

    B. You’re missing the password. Every instance should have a unique salt, passwords should NEVER be reversible, and never be stored insecurely (AKA before salting the hash for instance). I use a different password for every site, but I’ve had sites tell me “Your password is X” … holy shit that’s a HUGE security flaw for multiple reasons.

    So if I’m migrating and don’t need to set a new password, that’d be questionable.

    C. This can be done unscrupulously. If I get control of someone’s account, I can migrate it and essentially steal all their accounts and posts. For 99 percent of us who cares, but let’s say there’s a post from “Justin Bieber” and I get his account, migrate it, use a new password, and now make his posts say “I don’t suck cocks”…

    It’s probably more important when it’s a big game studio who posts update and such to Lemmy somewhere but the point is accounts will have a huge value eventually, letting you migrate it with a click might be dangerous.

    • crystal@feddit.de
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      1
      ·
      1 year ago

      A. If you want to hop you can already just create a new account. What’s the issue with taking ownership of your posts with you?

      B. Just migrate the salt, too. A server can have per-user salts, which may be migrated together with the hash.

      C. If you already have control over someone else’s account, what additional benefit does migrating serve?

      • Kinglink@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        1 year ago

        What’s the issue with taking ownership of your posts with you?

        I think the question is will they allow it. Though I’m sure there’s weird edge cases. I’m not an expert on the Ferdiverse, but let’s say you hope from Lemmy.world to Threads or something like that. But Lemmy.ca banned threads, now your posts have moved. It kind of creates a weird migration.

        Though the counter argument also exists “Why do you need to take ownership of posts?” I don’t know if that’s as valuable to go through the hassle. If anything moderator positions is what would matter more and can be done through a process rather than migration. (promote B, remove A)

        But like I said, I’m not an expert so I’m still learning.

        B. Just migrate the salt, too. A server can have per-user salts, which may be migrated together with the hash.

        If ever server has per-user salts, great. But that’s again a question for implementation. You’re making a huge assumption that’s how it works, and there’s no server dependent values. I mean even the hashing algorithm should be able to be proprietary be different between servers (At least that’s how I’d do it).

        C. If you already have control over someone else’s account, what additional benefit does migrating serve?

        Because control can be reverted, or limited. I mean if I can step to Bieber’s laptop when he’s in the bathroom, that’s not the same as having his login in and password… If lemmy.world sees someone has broken in and locks the account, or Bieber changes his password, your access is lost, where as if you migrate it, can lemmy.world revoke the migration? And if that’s the case, doesn’t that create some strange problems?

        I’m not saying this is a bad idea, but I think you have to think more about the edge cases. Though this does have me now thinking about what’s the value of this migration?

      • Dandroid@dandroid.app
        link
        fedilink
        English
        arrow-up
        1
        ·
        1 year ago

        A server can have per-user salts, which may be migrated together with the hash.

        They better have per-user salt. Otherwise that would defeat the entire purpose of salt, which is to make sure that it isn’t obvious if two users have the same password.