Building Decentralized Web Apps with Solid and Symfony

Transcript

1. Building Decentralized Web Apps Using Symfony, API Platform and no

   blockchain!

2. Save the web, decentralize! 02 03 OUTLINE 04 01 Web

   3 VS Web 3.0 Solid Build your Solid application

3. Kévin Dunglas ➔ Co-founder of Les-Tilleuls.coop ➔ Symfony Core Team

   ➔ Creator of: • API Platform • Mercure.rocks • Vulcain.rocks @dunglas

4. 02 03 04 01 Save the web, decentralize! Build your

   Solid application Solid Web 3 or Web 3.0?
5. None

6. Save the Web, Decentralize! 57% of all network traffic =

   Source: Sandvine (2021)

7. Our Privacy Is at Risk

8. Our Societies Are at Risk

9. Save the Web, Decentralize @ AFUP Day 2020

10. 02 03 04 01 Save the web, decentralize! Web 3

    or Web 3.0? Build your Solid application Solid

11. ➔ Resources ◆ published on servers ◆ requested by clients

    ◆ identified by URIs (aka URLs) ◆ linked together ➔ Open standards (W3C, IETF): ◆ URI, HTTP, HTML… ➔ Created by Tim Berners-Lee @ CERN Back to the Future: Web 1.0 (90s)

12. « The Web is intended to be an Internet-scale distributed

    hypermedia system. » Roy Fielding (author of HTTP, Apache and REST), in 2000. The Web 1.0 was Decentralized

13. ➔ User Generated Content ➔ focus on interoperability (initially) ➔

    Marketing term, not a fundamental change of the web stack: ◆ still relying on URI, HTTP (1.1), HTML… ◆ RSS, XML, web APIs, XML, JSON 😍 ◆ rise of JavaScript ➔ Mix of community (RSS, Wordpress, Wikipedia…) and commercial (YouTube, Twitter, Facebook…) projects ➔ Lead to centralization (because money) Web 2.0: the Social Web (2000s)

14. ➔ Reclaim big tech’s and government’s power, give users back

    the control of their data ➔ Decentralized open source apps ➔ Crypto-based, runs on blockchains ➔ Trustless and permissionless: direct exchanges, no 3rd parties Web3, the Promise: Re-Decentralize Image: Rapid Innovation

15. ➔ Real-world “dapps” are mostly centralized, most of data and

    code are in centralized servers, not in the blockchain (eg OpenSea NFT) ➔ Hard to maintain, privacy issues (public and immutable data/code) ➔ Proof of Work Blockchains: huge ecological footprint ➔ Proof of Stake Blockchains: less decentralized, favors users who have a large amount of cryptocurrency Web 3: Don’t Believe the Hype

16. Web 3: Don’t Believe the Hype ➔ Promoted by VCs,

    crypto and NFT enthusiasts, large tech corps ➔ Main goal: monetize and financialize every aspects of life ➔ Littered by scams and Ponzi schemes ➔ Criticized by many experts: Moxie Marlinspike, André Stalz, Jack Dorsey, Stephen Diehl… even Elon Musk

17. Back in 2014…

18. ➔ Machine-readable web: Linked Data ➔ The web as a

    big database ➔ Focus on interoperability and decentralization ➔ Created by Tim Berners-Lee ➔ Open standards (W3C): ◆ URI, HTTP ◆ RDF: abstract data model ◆ JSON-LD, Turtle, XML-RDF…: serialization formats ◆ RDFS, OWL: vocabulary definitions The Original Web 3.0: Semantic Web (2000s)

19. ➔ Abstract model to represent any set of data ➔

    Directed graph ➔ Basic unit: semantic triple ◆ subject ◆ predicate ◆ object Resource Description Format (RDF) SUBJECT OBJECT predicate

20. RDF: Table and Visual Representations

21. RDF: N-Triples

22. RDF: Turtle

23. RDF: Turtle with Prefixes

24. RDF: JSON-LD

25. None

26. 03 01 Web 3 or Web 3.0? Solid 02 04

    Save the web, decentralize! Build your Solid application
27. None
28. None

29. ➔ Toolkit to build decentralized and interoperable apps ➔ Users

    store their data in decentralized data pods ➔ Pods are secure personal data stores (S3-like) ➔ Users choose who and which apps can access their data ➔ Set of open standards (W3C) ➔ Built on top of Web 3.0 standards ➔ Created by Tim Berners-Lee, Inrupt and the MIT Solid

30. Solid: Overview Social Web Resources management Identity / Auth

31. Solid Stack: Standards URI HTTPS RDF LDP, WebID and OpenID

    Connect Solid specs

32. ➔ WebID: URI identifying a person, an organization, a company…

    ➔ Open ID Connect (OIDC): identity layer on top of OAuth2 ➔ Solid OIDC: to discover the OIDC/OAuth server related to a WebID ➔ Linked Data Platform (LDP): Linked Data REST API to read and write RDF resources ➔ Web Access Control (WAC): RDF vocabulary for users, groups and ACL ➔ Other specs: pub/sub, notifications, friend lists…. Solid Stack: Standards

33. Solid Pods ➔ FOSS, self-hosted ◆ Node solid server (most

    popular) ◆ Nextcloud ◆ PHP Solid Server ➔ FOSS, community hosted: ◆ solidcommunity.net ◆ solidweb.org ➔ Commercial: ◆ Inrupt Enterprise Solid Server ◆ TrinPod

34. NHS Pods Storing Health Records

35. ➔ Common vocabularies are key for: ◆ interoperability between apps

    ◆ data portability ➔ Well known vocabularies: ◆ FOAF: social graph ◆ vcard: e-business cards ◆ ActivityStreams: social networks ◆ DublinCore: documents ◆ Schema.org: common things ◆ … ➔ Vocabs can be mixed together and extended ➔ RDF vocabs to define new vocabs: ◆ RDFS, OWL, SKOS… RDF Vocabularies

36. 03 01 Build your Solid application 02 04 Web 3

    or Web 3.0? Save the web, decentralize! Solid
37. None

38. ➔ Standalone PHP library ◆ OIDC and Solid OIDC client

    ◆ Solid pods client ➔ Symfony Bundle ◆ Passport authenticator ◆ User provider ◆ Pod client as a service ◆ HttpClient integration ➔ Early stage, experimental ➔ Some TODOs (contribs welcome) Solid Client PHP

39. Login Using a WebID

40. None

41. Create and Access Files

42. Built on top of awesome PHP libraries: ➔ jumbojett/openid-connect-php: OIDC

    client ➔ web-token/jwt-core: JOSE implementation ➔ easyrdf/easyrdf: RDF parser, serializer and converter ➔ symfony/http-client: HttpClient Free Software ❤

43. Contributing Upstream

44. 15 16 SEPTEMBRE 2022 LILLE & ONLINE ➔ api-platform.com/con SAVE

    THE DATE!

45. Thanks! ➔ Try building your Solid app: dunglas/solid-client-php dunglas.fr @dunglas