Detect whether polls are promised to be anonymous or publicising voter identity with their cast vote

Oneric commented

2026-04-04 12:36:21 +00:00

Owner

Smithereen may (depending on the decision of the creating user)
disclose who voted and what everyone voted for. This information
is made publically available to everyone, including via ActivityPub
(eventhough the AP vote collections show some type and data
inconsistencies between the inline and standalone version at the
time of writing. It is necessary to fetch the standalone collections
for the full information.)

Smithereen does indicate whether a poll will disclose votes and voter
identies and when this is kept secret. But of course, for this info
to be visible to our users we will need to first pick up the hint
from Smithereen and forward it in our Masto API responses.

Example: https://friends.grishka.me/posts/1116518

Smithereen may (depending on the decision of the creating user) disclose who voted and what everyone voted for. This information is made publically available to everyone, including via ActivityPub (eventhough the AP vote collections show some type and data inconsistencies between the inline and standalone version at the time of writing. It is necessary to fetch the standalone collections for the full information.) Smithereen does indicate whether a poll will disclose votes and voter identies and when this is kept secret. But of course, for this info to be visible to our users we will need to first pick up the hint from Smithereen and forward it in our Masto API responses. Example: https://friends.grishka.me/posts/1116518

Oneric added 2 commits

2026-04-04 12:36:22 +00:00

{api,fed/in}: expose remotes claims wrt poll vote anonymitiy 8dab392bac

Most of the major micro-blogging AP implementations do not make
votes or voter identity available to anyone by regular means.
However, this is but an informally adopted common practice.

Smithereen may (depending on the decision of the creating user)
disclose who voted and what everyone voted for. This information
is made publically available to everyone, including via ActivityPub
(eventhough the AP vote collections show some type and data
 inconsistencies between the inline and standalone version at the
 time of writing. It is necessary to fetch the standalone collections
 for the full information.)

Smithereen does indicate whether a poll will disclose votes and voter
identies and when this is kept secret. But of course, for this info
to be visible to our users we will need to first pick up the hint
from Smithereen and forward it in our Masto API responses.

Example: https://friends.grishka.me/posts/1116518

fed/out: indicate our own polls are always anonymous

ci/woodpecker/pr/test/2 Pipeline was successful

Details

ci/woodpecker/pr/test/1 Pipeline failed

Details

39616b120f

With regard to regular user and admin interaction via API.
Ofc, the server operator can still extract identites from the database.

Oneric referenced this pull request from a commit

2026-04-04 12:36:53 +00:00

poll: show vote anonymity hint if known

mkljczk commented

2026-04-04 12:38:08 +00:00

Contributor

Any reason for using different property than the one supported by pleroma-fe (poll.pleroma.non_anonymous)?

Any reason for using different property than the one supported by pleroma-fe (`poll.pleroma.non_anonymous`)?

Oneric referenced this pull request from AkkomaGang/akkoma-fe

2026-04-04 12:39:02 +00:00

poll: show vote anonymity hint if known #500

Oneric commented

2026-04-04 12:49:28 +00:00

Author

Owner

Thanks for pointing out a related property already exists as a Pleroma extension. But after looking at the Pleroma property now, it is not nullable and simply folds both "no info" and pledged anonymity into "non_anonymous = false`. Thus it cannot relay an anonymity pledge preventing verification badges like implemented in AkkomaGang/akkoma-fe#500

pleroma/pleroma@a3404e91:lib/pleroma/web/mastodon_api/views/poll_view.ex:26

non_anonymous: object.data["nonAnonymous"] || false

So I think sticking with akkoma.anonymous = (true|false|null) here is better and Pleroma may want to consider adopting it too deprecating the more coarse pleroma.non_anonymous = (true|false)

Thanks for pointing out a related property already exists as a Pleroma extension. But after looking at the Pleroma property now, it is not nullable and simply folds both "no info" and pledged anonymity into "non_anonymous = false`. Thus it cannot relay an anonymity pledge preventing verification badges like implemented in https://akkoma.dev/AkkomaGang/akkoma-fe/pulls/500 [pleroma/pleroma@a3404e91:lib/pleroma/web/mastodon_api/views/poll_view.ex:26](https://git.pleroma.social/pleroma/pleroma/src/commit/a3404e91bc1efcd562d4cde4a54f60697c3bed82/lib/pleroma/web/mastodon_api/views/poll_view.ex#L26) ```elixir non_anonymous: object.data["nonAnonymous"] || false ``` So I think sticking with `akkoma.anonymous = (true|false|null)` here is better and Pleroma may want to consider adopting it too deprecating the more coarse `pleroma.non_anonymous = (true|false)`

Oneric force-pushed poll-anon from 39616b120f

ci/woodpecker/pr/test/2 Pipeline was successful

Details

ci/woodpecker/pr/test/1 Pipeline failed

Details

to 6ed20f1ca3

ci/woodpecker/pr/test/2 Pipeline was successful

Details

ci/woodpecker/pr/test/1 Pipeline was successful

Details

2026-04-04 12:51:20 +00:00

Compare