@voresky.app
Labeler for the https://voresky.app/ RP overlay for Bluesky. Check the https://voresky.app/about page to learn more!
PFP by @fuzzyremi.bsky.social
Account and service run by @colton-armstrong.bsky.social
PFP by @fuzzyremi.bsky.social
Account and service run by @colton-armstrong.bsky.social
Also. You have been poked.
February 8, 2026 at 12:36 AM
Also. You have been poked.
Okay, so: anything that happens within Voresky stays in there. The only thing that can breach containment are the label, and the Voresky feed.
What it means (and I probably should explain better) is that you can browse Bluesky FROM WITHIN VORESKY.
That's where profile play can happen.
What it means (and I probably should explain better) is that you can browse Bluesky FROM WITHIN VORESKY.
That's where profile play can happen.
February 8, 2026 at 12:35 AM
Okay, so: anything that happens within Voresky stays in there. The only thing that can breach containment are the label, and the Voresky feed.
What it means (and I probably should explain better) is that you can browse Bluesky FROM WITHIN VORESKY.
That's where profile play can happen.
What it means (and I probably should explain better) is that you can browse Bluesky FROM WITHIN VORESKY.
That's where profile play can happen.
So I'll be honest: I'm going to be a hard no on letting people upload random, unfiltered images. It's one thing to allow people to poke each other, it's another to have to monitor their content for child pornography.
The service is just... one person.
Also, this would massively increase costs.
The service is just... one person.
Also, this would massively increase costs.
February 8, 2026 at 12:32 AM
So I'll be honest: I'm going to be a hard no on letting people upload random, unfiltered images. It's one thing to allow people to poke each other, it's another to have to monitor their content for child pornography.
The service is just... one person.
Also, this would massively increase costs.
The service is just... one person.
Also, this would massively increase costs.
Ah! Great question. It's not tied with vore directly, but is part of a larger set of kinks.
Building Voresky was just about vore at first, and then... "hey... more can be done actually... why not!"
That's why housing, collars, hypnotization, ...
All are welcome! Too late to change the name though
Building Voresky was just about vore at first, and then... "hey... more can be done actually... why not!"
That's why housing, collars, hypnotization, ...
All are welcome! Too late to change the name though
February 8, 2026 at 12:12 AM
Ah! Great question. It's not tied with vore directly, but is part of a larger set of kinks.
Building Voresky was just about vore at first, and then... "hey... more can be done actually... why not!"
That's why housing, collars, hypnotization, ...
All are welcome! Too late to change the name though
Building Voresky was just about vore at first, and then... "hey... more can be done actually... why not!"
That's why housing, collars, hypnotization, ...
All are welcome! Too late to change the name though
For now, I'm going to make the transition as smooth as possible. The two auth screens will happen back-to-back during login, and you shouldn't need to re-authorize often. I'll keep you posted as I roll this out!
February 7, 2026 at 10:18 PM
For now, I'm going to make the transition as smooth as possible. The two auth screens will happen back-to-back during login, and you shouldn't need to re-authorize often. I'll keep you posted as I roll this out!
Publishing signing keys (JWKS) or adding a token verification endpoint would let apps like Voresky confirm "yes, this person is who they say they are" without a second login. I'd love to see AT Protocol support this.
stytch.com/blog/understanding-jwks/
stytch.com/blog/understanding-jwks/
Understanding JWKS: JSON Web Key Set Explained
In this article, we explore the role of JWKSs in signing and managing JWTs for secure sessions and API communication.
stytch.com
February 7, 2026 at 10:18 PM
Publishing signing keys (JWKS) or adding a token verification endpoint would let apps like Voresky confirm "yes, this person is who they say they are" without a second login. I'd love to see AT Protocol support this.
stytch.com/blog/understanding-jwks/
stytch.com/blog/understanding-jwks/
I know two login screens feels weird and possibly suspicious. I'm not happy about it either. I only need to verify your identity - I don't actually need permission to post on your behalf or read your DMs. But without proper identity verification support, a full login flow is the only way.
February 7, 2026 at 10:18 PM
I know two login screens feels weird and possibly suspicious. I'm not happy about it either. I only need to verify your identity - I don't actually need permission to post on your behalf or read your DMs. But without proper identity verification support, a full login flow is the only way.
So the only option left available to me: two separate logins. One where my server verifies your identity for game mechanics, and one where your browser gets direct Bluesky access. Two authorization screens for what every other platform handles in one.
February 7, 2026 at 10:18 PM
So the only option left available to me: two separate logins. One where my server verifies your identity for game mechanics, and one where your browser gets direct Bluesky access. Two authorization screens for what every other platform handles in one.
Bluesky doesn't support this. They chose not to implement OpenID Connect, and don't publish signing keys that would let me verify your login. No alternative verification mechanism exists.
github.com/bluesky-social/atproto/discussions/2656
github.com/bluesky-social/atproto/discussions/2656
OAuth Roadmap · bluesky-social atproto · Discussion #2656
OAuth is nigh! Protocol support has been a long time coming and we are pumped. It should greatly improve the user and developer experiences building secure apps and integrations on atproto. And cou...
github.com
February 7, 2026 at 10:18 PM
Bluesky doesn't support this. They chose not to implement OpenID Connect, and don't publish signing keys that would let me verify your login. No alternative verification mechanism exists.
github.com/bluesky-social/atproto/discussions/2656
github.com/bluesky-social/atproto/discussions/2656
On most platforms this is easy. "Sign in with Google" uses a standard called OpenID Connect: you log in once, and any server can verify your identity using published cryptographic keys. One login, done.
openid.net/developers/how-connect-works/
openid.net/developers/how-connect-works/
How OpenID Connect Works - OpenID Foundation
What is OpenID Connect OpenID Connect is an interoperable authentication protocol based on the OAuth 2.0 framework of specifications (IETF RFC 6749 and 6750). It simplifies the way to verify the ident...
openid.net
February 7, 2026 at 10:18 PM
On most platforms this is easy. "Sign in with Google" uses a standard called OpenID Connect: you log in once, and any server can verify your identity using published cryptographic keys. One login, done.
openid.net/developers/how-connect-works/
openid.net/developers/how-connect-works/
But my server still needs to verify who you are. When you interact with another player's character, I need proof you're really you. Otherwise someone could impersonate you and mess with your characters, or invade other players' privacy.
February 7, 2026 at 10:18 PM
But my server still needs to verify who you are. When you interact with another player's character, I need proof you're really you. Otherwise someone could impersonate you and mess with your characters, or invade other players' privacy.
The fix: let your browser talk to Bluesky directly. Your timeline, likes, posts, notifications, all from your own IP and your own connection. Rate limits spread across every user naturally. My server only handles game mechanics, which don't need Bluesky access at all.
February 7, 2026 at 10:18 PM
The fix: let your browser talk to Bluesky directly. Your timeline, likes, posts, notifications, all from your own IP and your own connection. Rate limits spread across every user naturally. My server only handles game mechanics, which don't need Bluesky access at all.
The problem: all those requests come from one IP address: my server's. Bluesky limits any single IP to 3,000 requests every 5 minutes. With 200+ users and growing, I'm approaching that ceiling. Once it's hit, everyone starts seeing errors.
voresky.app/stats
voresky.app/stats
Stats - Voresky
242 users · 181 characters · 88 labeled - Live activity metrics and growth charts for Voresky.
voresky.app
February 7, 2026 at 10:18 PM
The problem: all those requests come from one IP address: my server's. Bluesky limits any single IP to 3,000 requests every 5 minutes. With 200+ users and growing, I'm approaching that ceiling. Once it's hit, everyone starts seeing errors.
voresky.app/stats
voresky.app/stats
Right now, every Bluesky action you take in Voresky goes through my server. I built it this way because Bluesky doesn't let me verify your identity without a full server-side login. One auth flow felt better than two, but it means my server handles all your API calls.
February 7, 2026 at 10:18 PM
Right now, every Bluesky action you take in Voresky goes through my server. I built it this way because Bluesky doesn't let me verify your identity without a full server-side login. One auth flow felt better than two, but it means my server handles all your API calls.
Wait, it still happens?!
voresky.app/changelog
"Fix duration input preventing values below the displayed unit (e.g. couldn't set respawn timer below 1 day)"
I definitely saw interactions of 6 hours going on...
voresky.app/changelog
"Fix duration input preventing values below the displayed unit (e.g. couldn't set respawn timer below 1 day)"
I definitely saw interactions of 6 hours going on...
February 7, 2026 at 8:51 PM
Wait, it still happens?!
voresky.app/changelog
"Fix duration input preventing values below the displayed unit (e.g. couldn't set respawn timer below 1 day)"
I definitely saw interactions of 6 hours going on...
voresky.app/changelog
"Fix duration input preventing values below the displayed unit (e.g. couldn't set respawn timer below 1 day)"
I definitely saw interactions of 6 hours going on...
So that's a bit of a design decision at the moment. But a proper search is planned, yes. Privacy-first is important, so the current method is only relying on the public label people are applying voluntarily, or the Voresky list you can check here.
It's crucial not to break people's trust.
It's crucial not to break people's trust.
February 7, 2026 at 6:56 PM
So that's a bit of a design decision at the moment. But a proper search is planned, yes. Privacy-first is important, so the current method is only relying on the public label people are applying voluntarily, or the Voresky list you can check here.
It's crucial not to break people's trust.
It's crucial not to break people's trust.
Ah, derp! The paths were fixed, but not their snapshots for the in-progress interaction.
You should be good to go now. Sorry for this, and thank you for the report!
You should be good to go now. Sorry for this, and thank you for the report!
February 7, 2026 at 6:33 PM
Ah, derp! The paths were fixed, but not their snapshots for the in-progress interaction.
You should be good to go now. Sorry for this, and thank you for the report!
You should be good to go now. Sorry for this, and thank you for the report!
You have to chose at the moment. There's some plans for randomizations in the future, but everything needs to be properly clamped to avoid taking a prey on a path they don't want, using full CW-aware mechanisms, so this needs to be rock solid first.
But yes, stay tuned! It's all so very new!
But yes, stay tuned! It's all so very new!
February 7, 2026 at 6:31 PM
You have to chose at the moment. There's some plans for randomizations in the future, but everything needs to be properly clamped to avoid taking a prey on a path they don't want, using full CW-aware mechanisms, so this needs to be rock solid first.
But yes, stay tuned! It's all so very new!
But yes, stay tuned! It's all so very new!
Oh it's simple, really. Should have been fixed already, even, but do come back and ping if that's not the case!
February 7, 2026 at 8:26 AM
Oh it's simple, really. Should have been fixed already, even, but do come back and ping if that's not the case!
The other tell is that your PFP has a light blue ring around it. If you browse Bluesky through Voresky, and you see profiles with rings, it means they have characters under various states. Light blue means having the label. Green for collared. Yellow for caught. Red for dead. Purple for respawning.
February 7, 2026 at 8:07 AM
The other tell is that your PFP has a light blue ring around it. If you browse Bluesky through Voresky, and you see profiles with rings, it means they have characters under various states. Light blue means having the label. Green for collared. Yellow for caught. Red for dead. Purple for respawning.
This is how other users discover your characters that is.
February 7, 2026 at 7:48 AM
This is how other users discover your characters that is.
It's probably a bit too discreet, but on your voresky profile, there's a little icon with a fork and knife. Click it and that's the list of your characters!
February 7, 2026 at 7:47 AM
It's probably a bit too discreet, but on your voresky profile, there's a little icon with a fork and knife. Click it and that's the list of your characters!