Bluesky's Centralization Paradox: How an Open Protocol Could Fuel Lock-In

When Bluesky launched as a decentralized alternative to Twitter, its foundation on the open ATProtocol (https://atproto.com) signaled a new approach to social networking. Backed by $120 million in funding at a $700 million valuation, the platform offered a compelling vision: users would own their identities and data through Personal Data Servers (PDS), free to migrate if policies changed. Yet beneath this promise lies an architectural reality that may undermine its decentralization goals.

At protocol level, ATProto enables genuine portability. When Bluesky CTO Paul Frazee stated that leaving a "gone evil" Bluesky would involve migrating to alternatives like "freesky," he described the protocol's intended fail-safe. Apps like Tangled (git hosting), Grain (photo sharing), and Leaflet (publishing) demonstrate interoperability—allowing users to access multiple services through one ATProto identity. This technical capability represents meaningful progress beyond walled gardens.

However, implementation diverges from theory. Nearly all users default to Bluesky's managed PDS rather than self-hosting. Though migration tools exist and self-hosting costs as little as $5/month, friction prevails. Bluesky's seamless integration across apps creates a convenience trap: each new ATProto application—whether for code collaboration or photo sharing—incentivizes storing more data on Bluesky's infrastructure. This generates a centralizing flywheel where third-party developers effectively subsidize Bluesky's dominance by building atop its systems.

Critical chokepoints compound this:

• The Relay: Bluesky operates the primary relay routing all network data. While replaceable, alternatives lack the user base to matter
• AppView: This timeline-building layer is predominantly Bluesky-operated. Client apps depend on its availability
• DID Directory: Identity resolution remains centralized under Bluesky since 2023, despite decentralization promises

This parallels email's centralization pattern. Though SMTP is federated, Gmail dominates because self-hosting proves impractical. ATProto's architecture may worsen this: whereas email clients connect to your chosen server, each new ATProto app pushes more data to Bluesky's default PDS—turning openness into an engine of centralization.

Funding dynamics intensify concerns. The $120 million VC investment demands returns via acquisition, IPO, or monetization—all incentivizing network control. If acquired, Bluesky's buyer would control:

• The PDS hosting most user data
• Primary relay and AppView
• Identity resolution systems

This enables disabling exports, blocking third-party apps, or injecting ads across the entire ecosystem—including Tangled issues and Grain photos stored on Bluesky's PDS. The Public Benefit Corporation structure provides vague safeguards, but untested legal obligations rarely outweigh $120 million in investor pressure.

Historically, protocols like XMPP and RSS show that technical exit options don't prevent lock-in when defaults dominate. Bluesky's team appears genuinely committed to decentralization, but architecture and incentives matter more than intent. As Bluesky apps proliferate, they risk creating the very dependence they sought to dismantle—proving that in networked systems, convenience often trumps capability.

Ultimately, Bluesky highlights a foundational challenge: true decentralization requires aligning economic incentives with technical design. Without mechanisms to distribute infrastructure ownership or reward independent node operators, open protocols can paradoxically accelerate centralization. For Bluesky to fulfill its vision, it must evolve beyond "you can leave" capability toward architectures that make leaving likely.