Replying to Avatar hodlbod

Yeah, I've thought a lot about it. In theory, there's nothing you can really do to keep private data private once it's published — someone can always take a screenshot of your note. There are a variety of techniques that can help in practice though:

- Use AUTH to implement read access

- Use NIP 70 to ask other relays not to store your events

- Strip signatures (this is the nuclear option, it basically breaks nostr, but could be used in specific situations)

- Encrypt your content

- Use clients that are smart about replicating stuff

- Include relay urls in events and have both relays and clients validate that the event came from the designated relay (this isn't done anywhere, but I may use it for flotilla).
Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

oh i thought of another one... certificate chains, like DNS certificates

your client can demand such attestation about the software and if it doesn't provide one then it can refuse to send the event to it

certification organisations are a very important part of decentralised governance

governments are shit at it because it's not voluntary

Reply to this note

Please Login to reply.

Discussion

Avatar
ᴛʜᴇ ᴅᴇᴀᴛʜ ᴏꜰ ᴍʟᴇᴋᴜ 1y ago

hm that one is a hard one though... since the only way to verify source code is to hash the binary, and what is the process for how to sign the binary as it's running exactly

that's a good question... it's on my mind because i've been inspecting the CosmWasm architecture this last week and one of the things they have in there is a verification that ensures that a source code and a binary version are linked, this thing is a big issue in smart contract engineering - how to ensure that things are deterministic, and it kinda matters with source code too

there's a lot more to but how exactly can you be sure a server is running the software version it says it is, and not some altered version? you can't! at least not trivially