Welcome everybody. We're about to start our next talk. My name is David. It's my pleasure
to introduce Vadim Toshinsky-Schmelev who will be speaking on distributed virtual worlds,
problems and solutions. Thank you.
I don't see. Okay. All right. Welcome. Thank you for coming. So my name is Vadim. I'm from
a non-profit organization called Overtv. We distribute, we develop virtual worlds. Kind of
could call it the metaverse, but that's kind of a bit of a dirty word these days. Thanks to
Facebook. So there we are. Yeah. So who am I? I'm a software developer. I'm the current chairman
of Overtv, a non-profit which supports our work. And I'm one of the active developers of the system.
All right. So first I expect that a lot of people won't be all that familiar with what we're talking
about here. So I have to give a short introduction to what we're talking about. We're talking about
systems like Second Life, Aviyar Chat. They're kind of a very, follow a very kind of similar pattern.
Oh yeah. They follow kind of a very similar pattern in that, well, first thing you get is a login
screen. So basically it's a kind of vault garden. If you can access that, well, you get to access
all the goodies. But if you're ever kicked out of it, that's it for you and all your content and all
your relationships and everything else that goes with it. Same issues happen with things like
if they happen to go bankrupt. So for instance, it's kind of been rumoured that
Aviyar Chat could have some possible financial problems at some point. Who knows?
All right. So to give a bit of context about what we're talking about here, the first of all,
I'm just going to give a short introduction of what these platforms provide to the normal user.
All right. So we have here an open source client for Second Life. First thing is you get a login
screen. You're not going anywhere without that. It's a multi-user world. This is kind of old
fashioned. There are pretty places over there. But yeah, basically it's a 3D environment with no
fixed purpose where you can create, socialize, build stuff. There's typically a set of worlds you
can explore. On Second Life, this is actually pretty neat in that there's a contiguous simulation.
You can actually cross from one world to the next just by walking around. So that creates a huge
amount of stuff you can explore, which is larger in space than many cities. This actually costs a
lot of money to maintain, which is kind of why they do things the way they do. On some other
systems, you also have things like isolated environments that are completely just floating
in the world. You have an inventory where you can keep your stuff that can be objects, avatars,
sounds, textures, text documents, things like that. That's all typically kept server side.
You have user accounts which provide you with a name, profile picture,
membership into groups, which can grant you access to places, for instance.
And most of those systems also have some sort of scripting language. In the case of Second Life,
it's a proprietary one. Not a big fan of that. That allows you to do things. You can do guns that
shoot things. You can implement games. You can do various kind of management functions, like
deciding who gets to enter an area who does not. Yeah. Right. So what do we do? We are a virtual
world in the style of this. We support Linux and Windows. We have a distributed architecture,
which is very different from what the other systems implement. And we do scripting in JavaScript
with V8, so very modern. And we are supported by Non-Profit, which I'm chairman of.
So the issue with the previous ones is that Second Life is like 150 million business. I believe
VRChat is like 100 million investment. We can't do that. We are a tiny project.
We actually are a fork of high fidelity, which was a kind of commercial successor to Second Life,
but that died, so we picked it up. So high fidelity heavily leaned into decentralization,
and we keep on with that spirit. So how do we do it? We distribute server hosting. We distribute
content hosting. We don't require logins anywhere. We script in V8. We have,
we support VR, desktop VR, which is, I think, extremely common in open source.
We don't have any kind of cryptocurrency sort of deal. That monetization is not what we do.
There's no lock-in of any kind. So basically, in structure, our system is something like the
World Wide Web. We do both a 3D web server and a 3D web client. So this is all kind of glued
together with an absolute minimum of things that do have a slight centralizing effect,
but are completely optional. Like, we do have an account server, but you don't have to use it.
You can just use it anonymously. It's like a 3D web page. When you go to foster.org,
you don't have to log in anywhere. All right. So how does this work? Servers run on an EVPS,
or you can use NAT hold punching to just run it from your home laptop if you want to.
So what is a good thing about this? Well, hosting is a troublesome for an organization. We don't
have actually the resources to pay huge bills for Amazon. Also,
this is legally troublesome in that in some areas, some kind of content may be
trickier to host than others. We also can't lock you out of anything. And this is like a 3D web
server. So if you set it up, you own it. It's yours. We can never prohibit anyone from connecting to
it. And you can use any kind of resources you provide. It just downloads assets over HTTP.
But what are the problems with this model? Well, our users have to seek a third party host. So
basically, the first step anyone has to do to deal with this is to go to AWS or a line
out or digital ocean and figure things out. Personal servers may just go down entirely.
Setup is easy, but not completely trivial. And the world can't be coherent. By this,
I mean that we can do like second life and just kind of a small, smoothly flow from one
environment to another because there's no sort of, no any kind of central infrastructure that
says, hey, this guy is to the left to this other guy. All right. How do we make this easier for
our users? Pre-packaged packages, pre-made images from common hosts. We have a very
friendly build script, which you can run on pretty much any language distribution and build it from
source. This is also intended to make it easier to try experimental developments. You can build
any branch or any pull request we have. We support hosting from home so that you don't
actually have to deal with AWS. And yeah, one of the kind of potential future developments that
we've been discussing is appearing in between servers to share different kinds of content.
This would avoid having to reach out to anything else. So what do we mean by that? So the servers
would establish links to each other and exchange things like sound streams, textures and messages.
So in this way, we could have a chat system that doesn't actually depend on anything external.
We've had discussions of connecting to matrix, for instance, or to have some sort of discord
plugin. But yeah, that's not quite in the spirit. We have an internal chat system which works inside
each environment. But we want to have better support for intercommunication in between the areas that
exist. So how do you distribute content? It's just an HTTP server. Clients just get a URL from
our server to download it. So the actual servers that contain each environment don't decide anything
about the content because they don't even see it. They just provide a URL to it. And it can come from
places like AWS or Dropbox. And since completely standard format. So benefits for us. Well, hosting
stuff is legally troublesome, especially if you allow people to upload stuff. It costs money.
Yeah, there can be kind of legal troubles. And we can't lock you out of anything. If
Second Life kicks you out, well, all your content goes with it. It's locked inside your account.
Yeah, cost of that. Well, again, a typical thing that used to be recommended is that if you want to
host an avatar, you go to AWS and use the free tire. That's not particularly user-friendly. So we're
dealing, trying to deal with that. Content tends to disappear. That's one another big problem for
our system. In Second Life, you can steal things from 2004 because the actual central server
maintains the content even if the user is physically dead. We can't do that so far. So
yeah, there's content loss. Content protection. That's an interesting wrinkle in our system. So
in places like VRChat, some people like closed environments because that allows you to sell
content by the copy. Like you make an avatar, you maybe spent a month polishing it up. That's
a huge time investment which might be thousands of dollars if you were to contract somebody to do it.
So what they do is to sell it by the copy. That's only possible in a system that actually locks you
in because you need to ban people who break the rules. If somebody extracts the assets and re-uploads
them, well, that kind of breaks that user model. So we've had to come to terms that we can't actually
do this in any way. Because we only contract our own infrastructure. The system is copied
and opened for client and server and there's no way to actually do this.
Right. How do we work on solving content issues? We support common hosts like Dropbox. It actually
reverse your URL to download. We have maintenance tools to scan things for broken content links.
We are working on implementing support for WebDAF which actually allows uploads
to the Web. So that would allow things like creating an inventory like in Second Life within the
world. To work, for instance, in Blender, save an avatar and have it immediately reload inside the
environment. One of the things that we've considered for preventing the loss of content is actually
exposing public server backups. The server backups itself. But this is just for the server owner right
now. So one of the kind of things we've considered is to allow anybody to download the entire content
if the user doesn't feel very attached to the contents of it. So if they think anyone should
be able to get this, we want to make it there. Yeah. Authentication is a bit of a problem in that
everything is by default anonymous. That creates some difficulties with moderations and there is
nothing as banning everyone for the same system. To deal with this, we've considered things like
allowing each server to export information like a ban list which other servers could
subscribe to voluntarily. In this way, there's no center, there's no central repository of anything.
You say, hey, I trust Bob that his opinion is of who is a good or not person.
Yeah. But on the good side, just start the client. As soon as you download it, you just can log into
and connect to our environments. There is, yeah, we also support authentication by fingerprint,
which is calculated for things like the MAC address. This is an opaque identifier.
So you can just say this particular machine is allowed administrative access here. You don't
need an account server to do that. And there's an issue with scripting security. So
the system we inherited doesn't really have a security system. We're having to build it from
scratch. So the current solutions work out to asking the user for permissions like a browser does
and code-signing. But turns out there's no convenient solution for siding for JavaScript.
And we've decided to steal something from Java. We can package everything in a JAR file. And it
turns out that actually there can be multiple signatures on a JAR file, which means we don't
need one central authority. You can trust whoever you want as a certifier. And that's about it.
And yeah, fortunately, that's all I have time for. We have matrix and we have our website.
So for questions, please come to our chat. And yeah.