Skip to content
Tech News
← Back to articles

Who Owns Your ATProto Identity? Hint: It's Probably Not You

2026-06-21 | original
read original more articles
Why This Matters

This article highlights the significant risks associated with centralized control of personal data servers (PDS) in the ATProto ecosystem. It underscores how operators of PDS can potentially impersonate users across multiple platforms, raising concerns about privacy, security, and user ownership in decentralized social networks. This has profound implications for both the tech industry and consumers, emphasizing the need for better safeguards and understanding of data sovereignty in decentralized architectures.

Key Takeaways

After writing my previous article about Bluesky's centralization risks, I got into the weeds on how the PDS (Personal Data Server) works. The more I looked at it, the worse it got. I was originally worried about Bluesky going rogue and deleting accounts or locking people in. It's actually the least scary thing your PDS operator can do to you.

They can be you

Your PDS holds your signing key. It signs every commit to your repository. Every post, every like, every follow, everything. The PDS also holds your rotation key, which controls your identity. It can change your signing key, change which PDS your account points to, basically take full ownership of your DID (your permanent decentralized identifier on ATProto).

Your PDS operator can post as you, like things as you, follow people as you, and it would be cryptographically indistinguishable from your real activity. The signatures are valid. The commits are properly formed. As far as the protocol is concerned, you did it.

With a traditional platform, the blast radius is scoped. If Twitter's database admins wanted to post as you, they could mess with your tweets. Bad, but contained.

On ATProto, your PDS doesn't just store your Bluesky posts. It stores everything. Your git activity on Tangled (a git collaboration platform built on ATProto), your social interactions on Grain, your writing on Leaflet, whatever comes next. Every new ATProto app writes to the same repo, signed by the same key, controlled by the same operator. So whoever runs your PDS can impersonate you across every application in the ecosystem.

Say a popular third-party PDS host signs up a few thousand developers. The operator now holds the signing keys for every single one of those accounts. They could post inflammatory takes from well-known developer accounts. Grant themselves push access to repositories on Tangled, opening the door to supply chain attacks. Publish blog posts on Leaflet. All of it signed, all of it valid, all of it indistinguishable from the real thing. Across every ATProto app, not just one.

And it works the other way too. If you do something your PDS operator doesn't like, they can kill your identity. Not just your Bluesky account. Your ability to post, commit, publish, or interact across every ATProto app. On a traditional platform, getting banned from Twitter doesn't touch your GitHub. Here, one operator's decision can lock you out of the entire ecosystem. Your data might still exist in backups or on the firehose, but your identity is dead. You can't use it anymore.

It's not the data, it's the keys

The repo data itself isn't the issue. It's all public anyway, broadcast on the firehose (ATProto's real-time data stream) for anyone to crawl. Compromise a relay (the service that aggregates and rebroadcasts network data) and you get a copy of public data you could already access. Compromise a PDS and you get the ability to act as every user hosted on it.

... continue reading

Explore topics: atproto bluesky pds did tangled
Related:
There Are No Instances in ATProto
There are no instances in ATProto
Hulu Promo Codes & Discounts: 20% Off in June
Has W Social switched to closed source?
W Social, public institutions and the theater of European digital sovereignty

© 2026 GoKawiil

About | Editorial Policy | Contact