Phoenix Social

Caution

This project is an early work-in-progress. See the “Status” section for more info.

Features

Fast

Written in Rust, starting up in around 100ms. Phoenix runs laps around other servers.

Unified

Ever thought that Mastodon and Pixelfed being separate is a bit silly? Us, too!
Phoenix combines those two lenses on the same content in one service.

Secure

Full OAuth 2.1 with mandatory PKCE. Phoenix takes your security seriously.

Simple to run

All Phoenix needs is RabbitMQ and PostgreSQL. Simple to start, and easy to scale. It “just works™”. From your e-waste thinclient to your Kubernetes cluster with multiple replicas.

Reproducible

Phoenix is designed to be built with Nix. Binaries are reproducible bit for bit. If there’s a bug in production, you can reproduce it locally.

Status

Phoenix is very much a work-in-progress. The following things already work:

• Registration
• OAuth Dynamic Client Registration
• OAuth 2.1 flow with PKCE (S256 challenge only)
• GraphQL API
• Unicode usernames with proper homoglyph attack resistance
• OAuth cleanup workers
• Frontend i18n via Project Fluent

The rest is very much in flux at the moment. But the timings mentioned are not expected to drastically change in the future.

Note

This claim is supported by timings from the spiritual predecessor to this project: Kitsune.

This project will apply for NGI Zero funding to aid its development.