GM Nostr, let me tell you a little about Pubky.
Any questions?
https://blossom.primal.net/94ddbeb78c4456b1966fb1af1d2c86977e4417c6a4f3b509b77b349d742223d7.mp4
Discussion
Are you going on nostr:nprofile1qqs8d3c64cayj8canmky0jap0c3fekjpzwsthdhx4cthd4my8c5u47spzfmhxue69uhhqatjwpkx2urpvuhx2ucpz3mhxue69uhhyetvv9ujuerpd46hxtnfduq36amnwvaz7tmwdaehgu3dwp6kytnhv4kxcmmjv3jhytnwv46q6ekpnp pod?
Would you say the main disadvantage of signing everything is that you need a private key available in every interaction? If that issue didn’t exist, what do you think would be the main advantages?
It is a complex topic, but I think any advantage of signing everything is overstated, while the downsides are understated.
It is true that signing can prevent data mutation, but it does not bring any other certainty with it, and there is little evidence of data mutation being an issue in the wild.
The topic should be framed by problems that need solving, and best ways to do so.
If you want more data integrity, you first need to establish authority of that data, like we do with PKARR. Then, you can do things like use versioned cryptographic data structures, or even more simply, data watchtowers.
Then you have all the issues that come when you lose your key. How do people know when that key stopped being you? Now you have data signed by a real you and a fake you. Not very portable.
Thank you for the detailed reply! Any recommendation on where to read more about PKARR?
There are some great posts about public key domains, mainline dht, and Pubky in the blog here: https://medium.com/pubky/
Some docs about the system here: https://docs.pubky.org
Code:
https://github.com/pubky/pkarr/
Yeah, why do i keep hearing about it from podcasters but it's not even usable yet?
