• vrighter@discuss.tchncs.de
    link
    fedilink
    arrow-up
    4
    ·
    1 year ago

    You already can’t modify my copy of a document digitally signed by you, which I can use to detect/prove that you have attempted to change your copy (because only you can use your private key)

    And we already know that blockchains do not solve the root iof trust issue. Why would I suspect data if you tell me said data, but trust that exact same data if you put it in a blockchain and i read it from there? I’m not worried about you changing the words. I’m worried about your words being bullshit in the first place and not being able to have that rectified. Any solution to that involves me trusting some central authority to be able to make those changes, which defeats the purpose completely.

    so what’s the value add here?

    • sloppy_diffuser@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      1
      ·
      edit-2
      1 year ago

      Tamper proof federated distribution. That’s it now that I’ve had a couple days to think on it. Why use Lemmy when Reddit or even old school forums exist? We (as a generalization) are here because we see value in accessing many forums under one UX and we do not trust Reddiit as a centralized distributer.

      If some user here started posting they were a famous person, we wouldn’t trust that without some additional verification. Same with blockchain accounts/wallets.

      Blockchains provide one possible mechanism that prevents any Lemmy instance from falsely distributing ActivityPub messages from a user that did not author them. False messages can be checked they didn’t come from that user since they were not signed with their private key. The rest of the federated distributors would detect the forgery and drop the message.

      Sure we could all sign our messages with a PGP key. Blockchains just bake this feature into the distribution.

      The last feature, which may or may not be desirable, is that these tamper proof federated distribution channels have a full audit log.

      • vrighter@discuss.tchncs.de
        link
        fedilink
        arrow-up
        1
        ·
        edit-2
        1 year ago

        you don’t need blockchain for it to be baked into the distribution. you just need to implement it. You even said how yourself.

        The only thing a distributed blockchain would achieve would be that now, every instance needs a full copy of everything on every instance, instead of only the stuff its users are subscribed to.

        your proposal also assumes that instances post untanted data in the first place. You seem so focused on verifying who said what. What we need to verify is that what is said reflects reality.

        this is not possible. it works with crgptocurrincies because there you’re just moving coins that already exist in the system. That way nobody can create coins out of thin air because you can always see where the coin was taken from. This is obviosly impossible with comments. You can’t just pre-create all comments and have users distributing those among themselves.

        • sloppy_diffuser@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          1
          ·
          1 year ago

          Totally agree you do not need a blockchain. Its just one class of implementations. There are others like Apache Zookeeper, or even just roll your own.

          Also really appreciate you engaging with me on the topic. I’m currently working on a federated product (business to business). Blockchains have come up (private chain), so I’m trying to convince myself it brings something to the table as a framework by arguing from the other side.

          Verifying who said what is the major concern we are trying to solve. Everyone having a copy of the data is also preferred so each business pays for their own read usage.

          Verifying who is who is pretty much solved using traditional PKI with certificates. The what is said is less of a concern so long as we know who said it. The whats in our use case are not digital assets.

          We are looking at it like pub/sub kafka-like framework with complete history intact that is immutable without needing to dedicate resources to rolling our own. Co-operators have something to gain by working together (long term) but can also gain by screwing each other over (short term).

          Tendermint/Cosmos has been looking pretty attractive as a private chain with ~1s commits (no mining). 67% of the nodes must agree on who signed a message and the order the messages were seen to commit it to the next block. So far its seeming pretty convenient for what we are looking for.