All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Analysis of ATProto Key Management Issues and Account Recovery Problems

By

todsacerdoti

4mo ago· 6 min readenInsight
Bagel score 100 of 100
100/100
Golden Brown
Bagelometer

An everything bagel for the brain. Substantive, layered, well-seasoned.

Score100TypeanalysisSentimentnegative

Summary

The author recounts their experience with ATProto's key management system, where they lost access to their account due to a key rotation issue. They criticize ATProto's design decisions around key management, particularly the lack of user-friendly recovery mechanisms when keys are lost. The post gained attention on HackerNews, leading to the author's account being manually reinstated, though they note this hasn't happened for other affected users. The author aims to provide constructive criticism of specific technical design flaws rather than general dislike of the platform.

Key quotes

· 3 pulled
I hope to make it clear that, while I do not like ATProto in general, I am trying to make good-faith criticisms of specific design decisions and outcomes
this post getting updoots on HackerNews appears to have gotten the attention of the team, so, mission accomplished
My account has since been manually reinstated; this has not happened for any of the other users that have had this issue, as far as I know
Snippet from the RSS feed
Note: this post has been revised to be split into two sections: a description of what happened, and my analysis. I hope to make it clear that, while I do not like ATProto in general, I am trying to make good-faith critcisms of specific design decisions an

You might also wanna read

Why React and JS-heavy frameworks are often the wrong solution for web development

A critical opinion piece arguing that React and JavaScript-heavy frameworks are overused and often the wrong solution for web development. T

jsx.lol·5d ago

Reverse Engineering YouTube's 'Most Replayed' Graph: A Technical Exploration

This article is an interactive exploration and technical analysis of YouTube's 'Most Replayed' graph feature. The author begins with a perso

priyavr.at·4mo ago

How to Self-Host a Bluesky Personal Data Server on Ubuntu VPS

This article provides a step-by-step technical guide for self-hosting a Bluesky Personal Data Server (PDS) on an Ubuntu VPS. It explains wha

blog.radwebhosting.com·36m ago

North Korean Chollima Group Targets PHP Developers via Malicious Packagist Package

A malicious obfuscated JavaScript payload was discovered appended to tailwind.js in the Packagist development version dev-drewroberts/featur

socket.dev·38m ago

Tokyo AI Event Addresses Engineering Challenges of Production-Grade AI Systems

This article covers a Tokyo AI (TAI) community event focused on the engineering and operational challenges of transitioning AI from experime

luma.com·1h ago

Copyparty: A Lightweight File Server That Runs as a Single Python Script

Copyparty is a lightweight, full-featured file server that runs as a single Python script, making it extremely easy to set up without needin

hackaday.com·1h ago