A client for Pleroma and Mastodon instances written using Flutter

fedi for pleroma and mastodon

fedi is open-source client for pleroma and mastodon social networks written using flutter.

pleroma and mastodon are parts of fediverse (decentralized social network). the main idea of fediverse – nobody owns fediverse. anybody can run their server instance and use it to communicate with other people.

so fedi is an open-source mobile client for social networks and has features similar to twitter.

follow us on fediverse [email protected]

features

• pleroma and mastodon support
• offline mode. access to cached data even without network
• custom emojis. with emoji reactions support on pleroma
• customizable home timelines
• multi-account support
• push notifications via pushrelayfcm and fcm
• supports receive and send share intends
• scheduled and draft statuses
• filters
• instance details, announcements, trends, activity history, limits
• day & night theme
• bookmarks, hashtags, lists, featured tags, suggestions
• messenger-like ui for conversations(dm) and pleroma chats
• customizable real-time notifications & timeline updates via websockets and push notifications
• fetch data from remote instances via public api. so you can access full data on remote instance if currently logged instance hasn’t synchronized all data yet
• a lot of settings options(global or per-instance). for example: always show nsfw or auto-load media content
• threads & polls
• special ui for media-only timelines
• mutes & blocks
• editing profile
• sign up support

coming soon

• admin api;
• support other fediverse instances: pixelfed, misskey, peertube, gnu social, friendica and others;
• pleroma: scrobbles, mascot and recently added new features;
• mastodon: recently added new features.
• adopt ui for large screens;
• display timelines from different instances on single home page(currently you should switch instances to see related data);
• remember timeline position via markers api;
• onboarding & tutorial. popular instances suggestions;
• a lot of minor ux improvements in backlog.

feel free to open issues if you have suggestions

known issues

• text is not selectable, but you can copy or share whole statuses
• instances with special chars like ü are not supported

data gathering

fedi doesn’t use any special analytics service to track users.
however fedi uses firebase services for pushnotifications(optional) and crashreporting(optional).

you can completely remove firebase via manual building from source.

crash reports via firebase crashlytics

fedi gathers crashes and non-fatal errors to make app more stable.

• you can build app from source and remove crashlytics library via .env config(details below)
• you can disable gathering via settings inside app(option is disabled by default)

push notifications

push notifications are implemented via pushrelayfcm server

pushrelayfcm is ruby on rails server which handles web pushes and relays them to fcm.

from 2.5.0 version fedi uses pushrelayfcm mode without decryption on server-side. so all private data is safe.

pushrelayfcm and fedi can work in two modes:

• without server-side decryption (2.5.0 and newer) – relay simple proxy encrypted messages
• with server-side decryption (before 2.5.0) -decrypt messages and have access to notification content and user access_token. it is not used from 2.5.0 version, but is still supported in fedi(see below why you still may want to use it).

without server-side decryption way

(used in appstore/googleplay versions from 2.5.0)

1. fedi subscribes to /api/v1/push/subscription with subscription[endpoint] set to relay server url
2. instances send web push notifications to relay server
3. pushrelayfcm doesn’t decrypt message
4. pushrelayfcm proxies notifications to fedi app via fcm
5. fedi doesn’t decrypt message and use fcm message with encrypted data as simple trigger to load latest notification via rest api (this will be improved in future releases)
6. fedi displays notification

since pushrelayserver doesn’t know private decryption keys, it can’t access any private data.

pros

• doesn’t have access to user private data
• uses rich notifications layouts and actions provided by awesome_notifications

cons

• delivery may be delayed. because pushrelayfcm sends fcm push message without notification (fcm calls it data message). read awesome_notifications and firebase_messaging documentation for details. fedi uses :mutable_content=>true, :content_available=>true, :priority=>"high", to increase delivery priority

why fedi doesn’t decrypt message on client-side?

because it is hard to implement with flutter. there are no 3rd party flutter libraries to decrypt ecdh p256v1 by now.
it is possible to decrypt it in kotlin/swift and it will be done in the future.

with server-side decryption way

(it is not used in appstore/googleplay versions from 2.5.0)

1. fedi subscribes to /api/v1/push/subscription with subscription[endpoint] set to relay server url
2. instances send web push notifications to relay server
3. pushrelayfcm decrypts notifications
4. pushrelayfcm relays notifications to fedi app via fcm
5. fedi displays notification

• pushrelayfcm has access to title, body and access_token
• access_token is sensitive data. it is possible to login into your account if someone knows access_token

pros

• faster push delivery. fcm message(notification type) with notification.title and notification.body, which has higher priority than message without notification.title & notification.body fields. actually it is more affects ios, than android. read awesome_notifications and firebase_messaging documentation for details.

cons

• private data access is main reason why fedi moved to without server-side decryption way
• doesn’t use rich notifications layouts and actions provided by awesome_notifications

localization

app uses flutter_localization api bundle with flutter sdk.

it uses .arb files located in lib/l10n and generates .dart classes in /lib/generated/ folder.

after you make changes in .arb files you should do additional actions to regenerate dart classes

• automatically via flutter intl plugin
• manually via flutter intl package

completed

• english, russian

help translate fedi

• help translate fedi with weblate
• it is easy to suggest fixes even without registering