By the way. I didn't answer the main question! I am currently betting on webassembly with modified wasi extensions. That is actually the part I am coding now. I am making a VM service based on wasmtime so I can make cli applications that secretly run on the VM.
Discussion
My biggest hesitation with WASM is that a compiled WASM application or library may be quite large. We can't rely on loading them every time a web page loads like we do with JS.
WASM libraries could perhaps be stored locally and only redownloaded when there are version updates, sort of like PWAs.
A WASM VM sounds promising! It would isolate code for security, but still run on the browser, correct?
No. I don't plan on incorporating a browser. The wasi extensions allow more native behavior.
A browser is, however, an application that could use the VM. It would gain access to signing services so logins become a thing of the past. Like oauth without the dependencies on large providers like Google and GitHub.
I'm working on nostr authentication using schnorr signatures too
Love it! This is the most obvious next step for browsers. I am not sure why it hasn't been pushed through by a big player. Probably because they are all oauth providers and the lock in is welcome.
Thanks! It's based on NIP-98 which I co-wrote with Kieran and is in wide use. Re big players, absolutely yes. They also want to couple everything to email. And the email providers are also the web giants.
This little shim will allow you to do an authenticated write operation, for example.
Ohh so it's a VM that runs WASM.
What is the advantage of that over other solutions, like native apps?
Yes. It is more of a service maintaining VPN like connections between peers, managing keys, handling signing and encryption, permissions etc. But it also hosts a VM so applications can easily get access to those services without having to even know about them. For instance if I had the code for a native C program that just needed file access, I could compile it to the wasmtime-wasi target and all the data it processed would be available on all my machines.
For applications that need to communicate with other people there could be a simple API that gets you a stream reader/writer and you wouldn't need to know anything about the p2p network.
I am also toying with ideas to just make the service expose a native API so native applications can access it as well. That is harder to sand box though. With WASM you can be slightly more careless about installing some game your friends are all playing as long as there are careful guards about what contexts you give it access to.
The long con is getting some VM wasm or something else, that has the ability to run different pieces on different machines so you can get distributed compute as well as distributed data. Imagine immediately getting full power of your gaming rig on your laptop or even phone, with 0 configuration. Also being able to move between machines and have your running applications follow you.
Then extend to mutual agreements with friends. So much untapped idle horsepower. Muwahaha!!
Yes. I plan on storing them on my distributed file system, just a binary blob like everything else. We don't want a client server kind of thing. You "install" an application by signing a small notification sent by others in your network that is basically a little description card.
"App: HelloWord, Context:{cli_write}, ID:Som3H4sh, DecryptionKey:50meK3y"
You sign that and your VM creates keys needed for the contexts the the app needs access to. Then anywhere you try to run that program it downloads it and runs it. Keeping the binary local there after.