Yeah, that's a good choice. The algorithm of generating EdDSA data integrity proofs is being standardized by W3C: https://w3c.github.io/vc-di-eddsa. In particular, jcs-eddsa-2022 is now the recommended cryptosuite in the latest version of FEP-8b32, and it is used in FEP-c390 example (these documents have not been submitted to the main FEP repo yet).
@cmdrmoto@0x0 I would add that it doesn't need to be a traditional blockchain with a cryptocurrency token. It just needs to be logically centralized system, that can act as a single source of truth.
When I was reading about BlueSky identity system I got the impression that they are trying to do exactly that. They say "append only log governed by consortium" but it really looks like blockchain with proof-of-authority consensus.
@0x0 With the door to conversations open, I’ve been re-reading your proposal with a finer focus.
Key revocations can be tricky beasts. *Especially* when you take into account the likelihood of network partitions. What happens when my root-signed “revoke this leaf” message doesn’t immediately reach the server where an attacker is ready to impersonate me?
Of course, I take the position that A Blockchain Might Help Here. At a minimum, it ensures a monotonic, chronological record
@cmdrmoto I really appreciate the feedback, and I agree with your care towards authentication systems. They are inherently complex and there is a good reason for it.
Don't be discouraged by my, let's say, negativity towards cryptocurrency. My intention is to design, at least the ActivityPub portion, to not care about the DID used.
It just has to be able to somehow verify the proof (i.e. the signature) defined in FEP-c390 + some cryptographic authentication challenge.
The keys used to sign the proof/authentication challenge have to either be the key of the identity itself or have the necessary capabilities delegated to it.
@0x0 The reason I would like to encourage you to consider integrating this particular DID despite its association with “cryptocurrency BS” is, I know the folks who wrote this blockchain. I know their security philosophy. I trust Bram - the guy who invented BitTorrent - because I worked with him and I feel confident he’s the most thoughtful system engineer I’ve ever known.
But maybe since you don’t know me you would rather go your own way. That’s fine too, I guess.
@0x0 yes! DID is a pretty useful standard. And its rekey capability is clutch.
It sounds like you’re averse to “cryptocurrency” so I am a bit trepidatious about mentioning https://chia.net - but it’s a non-global-warming blockchain with DID support and advanced custody tooling (UI still in development).
@0x0@cmdrmoto Advancements in zero-knowledge cryptography may help solve this problem. Instead of storing the full history of changes, the chain may contain only compact proofs of validity, allowing clients to verify state changes without downloading the entire database. For example Mina claims to have a constant state size (22 Kb). I'm not familiar with their system, perhaps they introduced other points of centralization (afaik zk proof generation is quite resource-intensive), but overall this sounds very promising.
@silverpill@cmdrmoto Yeah, true. Per definition a blockchain has nothing to do with a currency, it's just an append-only database following some kind of consensus. I'm just thinking about the scalability implications of this very append-only system.
Scalability from a disk-space perspective. It just grows and grows without any way to really "stop" the size.
With time this will centralise to some few nodes that have the financial capacity to buy more and more disks.