Bluesky has just unveiled its 2025 roadmap for the AT Protocol, outlining some pretty significant changes aimed at making the platform smoother and more secure. Essentially, they’re fine-tuning the entire system. A key focus is on streamlining data synchronization with the Sync v1.1 update, which will make running relays more efficient and clarify the process for validating the firehose. Think of it as optimizing the backbone of the network, ensuring everything runs smoothly. As someone who’s been exploring both AT Protocol and ActivityPub clients, I’m particularly interested in seeing how these improvements will help bridge the gap towards a truly functional fediverse. Currently, ActivityPub boasts a larger ecosystem of clients and more established connectivity.

Security is also a major priority, with the introduction of Auth Scopes. This feature will give users much more granular control over app permissions. For example, you’ll be able to allow an app to read your posts without granting access to your direct messages. It’s about putting you firmly in the driver’s seat when it comes to your data. Developers are getting some love too, with a new web interface for PDS account management. This will simplify the process of building apps on the AT Protocol, making it easier for new users to sign up and manage their accounts.

Bluesky is also prioritizing the development of features for private groups and encrypted messages. They’re aiming to enable users to share content with specific audiences and keep it truly private, addressing a major demand for enhanced privacy. They’re also cleaning up the protocol by deprecating older features, ensuring everyone is using the latest and most efficient tools.

We believe that robust support for group-private data will be necessary for the long-term success of the protocol (and for apps built on the protocol). Similarly, the ability to share private content with a specific group or audience continues to be a top feature request for both the AT Protocol and the Bluesky app. Just as we’re currently doing with public conversation on the Bluesky app and the AT Protocol, we also want to co-design the protocol specification for private data in tandem with specific real-world product features: this results in better outcomes for both. Designing for privacy is pretty different from designing for global broadcast, and we think the data architecture will probably look pretty different from the MST + firehose system.

Shared data will depend on Auth Scopes, and we don’t expect to start design work until that is complete.

Looking forward, we continue to have plans to implement on-protocol DMs and E2EE group chat. However, we don’t expect to start work on this until after shared data is implemented. Meanwhile, there has been exciting progress in the broader tech world around the Messaging Layer Security (MLS) standard, and we are optimistic that we will be able to build on reusable components and design patterns when the time comes. It is also possible (and exciting!) that the atproto dev community will experiment and build E2EE chat apps off-protocol before there is an official specification.

The AT Protocol community continues to grow rapidly, and Bluesky encourages everyone to get involved through GitHub discussions and community events. It’s a collaborative effort, and the company is clearly committed to building a robust and user-friendly decentralized social network. I’m keen to see if these updates will allow the AT Protocol to catch up to ActivityPub’s current strengths in client diversity and network connectivity.