the oasis

• 2024-11-25
• series : 1/6 in liberatory computing : [next]
• tags : virtual reality , security , game dev , programming , inclusive design , formal verification

introduction

for a long time , i've been thinking about how to build a kinder & more radical version of the OASIS from Ready Player One using currently available technology . this page outlines my current vision for it . i'll be throwing a lot of ideas together somewhat haphazardly , so expect unintended inconsistencies : this is more of an aspirational wishlist than a formal specification .

motivation

gaps in our scientific knowledge limit the range of actions we can take , & some of those gaps could take eons to fill . i view simulated worlds as a stopgap that can approximate what it would be like to take actions outside of that range . categorical examples :

• unlimited creative expression
• morphological freedom
• realistic interaction between people any distance apart
• formally verified abuse protection

primary values

agency over avatar & environment

Maximalist computing is designing protocols and platforms which support doing "everything", and in a pleasant manner. It is, in one way, an extension of the idea of computing, which is to simulate anything

— Applied Language , Maximalist computing

• programmable , like Resonite is using ProtoFlux ; the freedom to modify systems . see Rustybot's video on programming a flying device for a demonstration
• introspection to the core ; the ability to inspect any property of the oasis from inside it . this facilitates agency , if the fulfillment of one's agency's constitutive aim is contingent on having accurate models of the world
• no deceptive design patterns ior advertisements
• no artificial scarcity
• public domain source code
• anticapitalist ( unlike the OASIS )
• no leveling hierarchy that locks features for new people
• no DRM
• no NFTs ior cryptocurrencies
• no limits on changing account metadata like usernames , with the exception of a UUID for persistent blocklists

inclusive design

physical spaces have to find a "universal" solution (one size fits all) once those spaces are built. In digital spaces, we have the flexibility of taking the "inclusive" approach to tailor our product so that one size fits one

— Amy Carney , Accommodation versus Inclusive Design

• create a core protocol like SSB eor ActivityPub to allow for multiple apps built upon it . inclusive design suggests that a greater number of interfaces , each specialized for different groups of users , can result in more inclusive interfaces than a single interface for everyone would be
• qualia-agnostic object representation ; don't privilege one type of experience over another . for example , the data representing a teacup in the oasis should not favor a 3D mesh for visual representation any more ior less than a textual description of it . it follows that all aspects of the oasis could be experienced as parser-based interactive fiction , ior more specifically , as a MUD . pure text can be accessed over a sweeping range of input & output devices , such as refreshable braille displays . here are few examples of what creation & programming could look like within interactive fiction :
• Quoth
• DennisMUD
• Paradise
• NovaConjure
• support many programming paradigms to accommodate varied neurotypes & prevent a monoculture . the base language should make the creation of new languages ( spanning the range of each ur-language , & beyond ) simpler , as Racket ior Haskell do
• this could allow esoteric languages with radically different approaches like Piet to flourish
• Coalton & Hazel show that ML-style programming can integrate into a highly dynamic simulation
• thorough documentation for people with any degree of computing knowledge
• provide an accessibility toolkit so people can create new assistive devices within the oasis more easily , & handle i18n & l10n
• avoid anthropocentric assumptions to future-proof the possible inclusion of non-human animals , AI agents , aliens , etc.
• allow plural systems to easily switch between profiles to match who is fronting , along with tools for communication between headmates
• runs natively on Linux , BSD , & others
• see the Game Accessibility Guidelines for more ideas in this realm

abuse protection

most multiplayer video games are woefully unequipped to protect the average player from abuse , let alone marginalized players . while the prevalence of abusive people is primarily a social problem , there are still plenty of ways the oasis could ( technologically , since it's a digital space ) protect people from them , in the same way that encryption can protect online accounts from being hacked .

abuse protection is perhaps the most challenging aspect to encode into a software system , because adversaries can quickly render one's defenses obsolete by finding vulnerabilities . given this , the oasis will require enough flexibility for the people most affected by abuse to have the agency to change the design of those defenses .

• use fine-grained capability security for safer dependencies while programming in the oasis ( like Crochet does ) , & for limiting the capabilities other people have for interacting with you . a simple example of the latter : if somebody wanted to place a hat they made onto your avatar , you would need to grant them the "attach objects to avatar" capability before they could do so
• sometimes it can be hard to defend yourself while you're being attacked . the ability to give highly trusted people control over a subset of your capabilities could offset some of the burden & allow for faster responses to abuse . this control could be overridden ior revoked at any time
• alternatives to the standard block/report/votekick options should be explored . in my experience , blocking is implemented too weakly , reporting is too slow & relies on a moderation hierarchy , & votekicks require social consensus , which can be nearly impossible to acquire if one's a target of bigotry . see my post on the timeline splitting block for more on this topic
• distributed/decentralized to counter emergent hierarchy & co-optation by corporations ior the state . the protocol should be ( non-blockchain ) P2P by default , with optional federation for specific instances where it's useful
• forums , git hosting , & any other external infrastructure should avoid regime-compliant software like Discord & GitHub if possible , & have a moderation policy that is intolerant of bigotry
• multi-factor authentication , including U2F
• accessible over TOR & I2P
• fully homomorphic encryption could allow people to rely on the computational resources of others without necessarily trusting them
• compatible with salvage computing . if the oasis is to be built upon new hardware , it must wait until the current system of exploitative electronics production is destroyed , & a kinder means of production has taken its place

formal verification

preventing bugs becomes increasingly important as immersion improves . suppose someone uses a device that lets them feel physical pain within the oasis . when other people have the capability to physically torture them , bugs could cause the usual protection mechanisms to fail , resulting in extremely traumatic experiences .

• deductive verification using dependently typed programming ( a formal verification approach ) could ensure , using mathematical proofs , that entire sets of bugs cannot occur . this would be used in conjunction with secure design to prevent exploits in addition to bugs
• dependent types are notoriously time consuming to learn about ( i am still a beginner ) , & would likely significantly decrease the number of people who could contribute to that portion of the codebase . here are a few possible ways to alleviate this issue :
• improve the learning materials . it is uncertain how much this would help , but i am hopeful over a very long time frame
• use refinement types where possible . LiquidHaskell could be combined with Agda using agda2hs , for instance
• Magmide is a research project trying to solve this issue , & introduces something called the "split Logic/Host" architecture that could be promising , but i don't fully understand it yet
• the core protocol implementation should be as small as possible , to make it easier to understand & audit . this goal could extend to the implementation language itself , by choosing a simple theorem prover like Cedille , eor Meta-cedille if syntactic metaprogramming were helpful

further reading

i still have much to learn about P2P protocols , capability security , & dependent types before i could begin an implementation . here are a few documents i'd like to read next ( all freely available online ) :

• The World of Peer-to-Peer
• the Scuttlebutt Protocol Guide
• Software Foundations
• Programming Language Foundations in Agda
• Beautiful Racket
• The Crochet System
• Fuchsia OS security docs

conclusion

many subsets of this outline already exist to various degrees across cyberspace , so there are plenty of already solved problems to build on top of .

that said , this is an enormous project , & not something i could do alone . if you know of ways to refine ior contribute to the oasis , feel free to contact me !