Building Decentralized Web Apps with Solid and Symfony

by Kévin Dunglas

Slide 1

Slide 1 text

Building Decentralized Web Apps Using Symfony, API Platform and no blockchain!

Slide 2

Slide 2 text

Save the web, decentralize! 02 03 OUTLINE 04 01 Web 3 VS Web 3.0 Solid Build your Solid application

Slide 3

Slide 3 text

Kévin Dunglas ➔ Co-founder of Les-Tilleuls.coop ➔ Symfony Core Team ➔ Creator of: ● API Platform ● Mercure.rocks ● Vulcain.rocks @dunglas

Slide 4

Slide 4 text

02 03 04 01 Save the web, decentralize! Build your Solid application Solid Web 3 or Web 3.0?

Slide 5

Slide 5 text

No content

Slide 6

Slide 6 text

Save the Web, Decentralize! 57% of all network traﬃc = Source: Sandvine (2021)

Slide 7

Slide 7 text

Our Privacy Is at Risk

Slide 8

Slide 8 text

Our Societies Are at Risk

Slide 9

Slide 9 text

Save the Web, Decentralize @ AFUP Day 2020

Slide 10

Slide 10 text

02 03 04 01 Save the web, decentralize! Web 3 or Web 3.0? Build your Solid application Solid

Slide 11

Slide 11 text

➔ Resources ◆ published on servers ◆ requested by clients ◆ identiﬁed by URIs (aka URLs) ◆ linked together ➔ Open standards (W3C, IETF): ◆ URI, HTTP, HTML… ➔ Created by Tim Berners-Lee @ CERN Back to the Future: Web 1.0 (90s)

Slide 12

Slide 12 text

« The Web is intended to be an Internet-scale distributed hypermedia system. » Roy Fielding (author of HTTP, Apache and REST), in 2000. The Web 1.0 was Decentralized

Slide 13

Slide 13 text

➔ User Generated Content ➔ focus on interoperability (initially) ➔ Marketing term, not a fundamental change of the web stack: ◆ still relying on URI, HTTP (1.1), HTML… ◆ RSS, XML, web APIs, XML, JSON 😍 ◆ rise of JavaScript ➔ Mix of community (RSS, Wordpress, Wikipedia…) and commercial (YouTube, Twitter, Facebook…) projects ➔ Lead to centralization (because money) Web 2.0: the Social Web (2000s)

Slide 14

Slide 14 text

➔ Reclaim big tech’s and government’s power, give users back the control of their data ➔ Decentralized open source apps ➔ Crypto-based, runs on blockchains ➔ Trustless and permissionless: direct exchanges, no 3rd parties Web3, the Promise: Re-Decentralize Image: Rapid Innovation

Slide 15

Slide 15 text

➔ Real-world “dapps” are mostly centralized, most of data and code are in centralized servers, not in the blockchain (eg OpenSea NFT) ➔ Hard to maintain, privacy issues (public and immutable data/code) ➔ Proof of Work Blockchains: huge ecological footprint ➔ Proof of Stake Blockchains: less decentralized, favors users who have a large amount of cryptocurrency Web 3: Don’t Believe the Hype

Slide 16

Slide 16 text

Web 3: Don’t Believe the Hype ➔ Promoted by VCs, crypto and NFT enthusiasts, large tech corps ➔ Main goal: monetize and ﬁnancialize every aspects of life ➔ Littered by scams and Ponzi schemes ➔ Criticized by many experts: Moxie Marlinspike, André Stalz, Jack Dorsey, Stephen Diehl… even Elon Musk

Slide 17

Slide 17 text

Back in 2014…

Slide 18

Slide 18 text

➔ Machine-readable web: Linked Data ➔ The web as a big database ➔ Focus on interoperability and decentralization ➔ Created by Tim Berners-Lee ➔ Open standards (W3C): ◆ URI, HTTP ◆ RDF: abstract data model ◆ JSON-LD, Turtle, XML-RDF…: serialization formats ◆ RDFS, OWL: vocabulary deﬁnitions The Original Web 3.0: Semantic Web (2000s)

Slide 19

Slide 19 text

➔ Abstract model to represent any set of data ➔ Directed graph ➔ Basic unit: semantic triple ◆ subject ◆ predicate ◆ object Resource Description Format (RDF) SUBJECT OBJECT predicate

Slide 20

Slide 20 text

RDF: Table and Visual Representations

Slide 21

Slide 21 text

RDF: N-Triples

Slide 22

Slide 22 text

RDF: Turtle

Slide 23

Slide 23 text

RDF: Turtle with Preﬁxes

Slide 24

Slide 24 text

RDF: JSON-LD

Slide 25

Slide 25 text

No content

Slide 26

Slide 26 text

03 01 Web 3 or Web 3.0? Solid 02 04 Save the web, decentralize! Build your Solid application

Slide 27

Slide 27 text

No content

Slide 28

Slide 28 text

No content

Slide 29

Slide 29 text

➔ Toolkit to build decentralized and interoperable apps ➔ Users store their data in decentralized data pods ➔ Pods are secure personal data stores (S3-like) ➔ Users choose who and which apps can access their data ➔ Set of open standards (W3C) ➔ Built on top of Web 3.0 standards ➔ Created by Tim Berners-Lee, Inrupt and the MIT Solid

Slide 30

Slide 30 text

Solid: Overview Social Web Resources management Identity / Auth

Slide 31

Slide 31 text

Solid Stack: Standards URI HTTPS RDF LDP, WebID and OpenID Connect Solid specs

Slide 32

Slide 32 text

➔ WebID: URI identifying a person, an organization, a company… ➔ Open ID Connect (OIDC): identity layer on top of OAuth2 ➔ Solid OIDC: to discover the OIDC/OAuth server related to a WebID ➔ Linked Data Platform (LDP): Linked Data REST API to read and write RDF resources ➔ Web Access Control (WAC): RDF vocabulary for users, groups and ACL ➔ Other specs: pub/sub, notiﬁcations, friend lists…. Solid Stack: Standards

Slide 33

Slide 33 text

Solid Pods ➔ FOSS, self-hosted ◆ Node solid server (most popular) ◆ Nextcloud ◆ PHP Solid Server ➔ FOSS, community hosted: ◆ solidcommunity.net ◆ solidweb.org ➔ Commercial: ◆ Inrupt Enterprise Solid Server ◆ TrinPod

Slide 34

Slide 34 text

NHS Pods Storing Health Records

Slide 35

Slide 35 text

➔ Common vocabularies are key for: ◆ interoperability between apps ◆ data portability ➔ Well known vocabularies: ◆ FOAF: social graph ◆ vcard: e-business cards ◆ ActivityStreams: social networks ◆ DublinCore: documents ◆ Schema.org: common things ◆ … ➔ Vocabs can be mixed together and extended ➔ RDF vocabs to deﬁne new vocabs: ◆ RDFS, OWL, SKOS… RDF Vocabularies

Slide 36

Slide 36 text

03 01 Build your Solid application 02 04 Web 3 or Web 3.0? Save the web, decentralize! Solid

Slide 37

Slide 37 text

No content

Slide 38

Slide 38 text

➔ Standalone PHP library ◆ OIDC and Solid OIDC client ◆ Solid pods client ➔ Symfony Bundle ◆ Passport authenticator ◆ User provider ◆ Pod client as a service ◆ HttpClient integration ➔ Early stage, experimental ➔ Some TODOs (contribs welcome) Solid Client PHP

Slide 39

Slide 39 text

Slide 40

Slide 40 text

No content

Slide 41

Slide 41 text

Create and Access Files

Slide 42

Slide 42 text

Built on top of awesome PHP libraries: ➔ jumbojett/openid-connect-php: OIDC client ➔ web-token/jwt-core: JOSE implementation ➔ easyrdf/easyrdf: RDF parser, serializer and converter ➔ symfony/http-client: HttpClient Free Software ❤

Slide 43

Slide 43 text

Contributing Upstream

Slide 44

Slide 44 text

15 16 SEPTEMBRE 2022 LILLE & ONLINE ➔ api-platform.com/con SAVE THE DATE!

Slide 45

Slide 45 text

Thanks! ➔ Try building your Solid app: dunglas/solid-client-php dunglas.fr @dunglas