[p2p-hackers] Distributed identity, chat, publishing, and sharing
Tony Arcieri
tony.arcieri at gmail.com
Thu Jan 10 19:14:34 PST 2013
On Thu, Jan 10, 2013 at 6:49 PM, Sean Lynch <seanl at literati.org> wrote:
> Hi, folks. I'm sure similar ideas to this have been discussed on this
> list before, but I wanted to talk about an application that's been
> living in my head for years and that I keep working on in fits and
> starts, in the hopes that either someone will "steal" the idea or decide
> to work on it with me to keep me motivated even when the goal seems so
> far away.
>
For what it's worth, this sounds an awfully lot like what I have envisioned
for the Cryptosphere:
https://github.com/tarcieri/cryptosphere
Contacts would be identified by their (Ed25519) public key. When you add
> someone, you just paste their public key and type a "pet name" for them,
> which is what would be shown in your contact list.
Really close to what I had in mind, and I plan on using Ed25519. This is
actually an approach that forces you to do more than take a fleeing glance
at a given user's public key thumbprint/ID and I feel that's missing from
many similar systems (e.g. OTR)
> People could also associate various metadata with their public key in a
> very similar way
> to how they do with PGP keys: with metadata packets signed by themselves
> and other people, thus establishing a web of trust that would enable
> search, the same way we can reliably search for PGP keys but with an
> easier-to-use interface that will always show someone's relationship to
> your current trusted contacts.
>
My goal was to collect metadata about content transfers in the system by
having all participants in file transfers sign a client-specific long chain
which serves as a record of who has transferred what.
Through the course of normal system operation any given peer will collect a
number of these long chains, which can be run through a collaborative
filtering algorithm (e.g. singular value decomposition) in order to make an
educated guess about the properties of peers you've never interacted with
based on their collective similarity to peers you have interacted with
directly.
Here are some possible implementation strategies. The only one I've made
> any progress on so far is uTP:
>
> 1. uTP with our own DHT implementation for bootstrapping, lookup, and
> storage of published stuff
>
My plan was to use CurveCP with the Ed25519 private scalar as the CurveCP
private key. This allows you to set up secure channels which are based on
the same identities as the other signatures in the system.
CurveCP presently has some issues with embedding and congestion control but
I hope if people actually start using it these problems will get resolved.
I guess you could call this a p2p, pseudonymous version of Facebook,
> with all the same functionality and none of the privacy problems because
> privacy would always be defined by encryption. If you want something
> public, you post it in the clear. If you want something seen by only
> your friends, you encrypt the encryption key with each of their
> curve25519 keys.
>
A crypto capability-based access control scheme comes to mind here.
--
Tony Arcieri
_______________________________________________
p2p-hackers mailing list
p2p-hackers at lists.zooko.com
http://lists.zooko.com/mailman/listinfo/p2p-hackers
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the cypherpunks-legacy
mailing list