-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Request for App: Messaging app #6
Comments
I think this would be easier if you do this as integration (I think Matrix matches perfectly). With Blockstack's capabilities Matrix could retrieve their handles and device keys from a given Blockstack ID and then do their chats as usual. With Blockstack's storage provider you could even store your own chat history in your profile. |
@vsund thats sounds neat. Do you know what the scope of building something basic is? |
I talked with @ara4n some days ago and he said that they search a decentralized identity system but have a few requirements:
With these things done, one could start the integration. But all in all I think the guys at Matrix are interested in realising this too :) |
So: on the Matrix side we're very much (still) looking for a decentralised identity system that could help users discover each other based on existing identifiers when starting a conversation. The requirements are:
From speaking to @muneeb-ali at DWS last year, I got the impression that the identity verifying services are assumed to be trusted - and blockstack concerns itself with maintaining the ledger of the claims, rather than tracking the reliability of the verifiers. I also got the impression that whilst blockstack was currently subsidising the cost of adding records, this was a temporary bootstrapping measure in the grand scheme of things. Matrix should be a good fit for a blockstack-powered messaging system, assuming that blockstack could solve the identity piece! |
Hey @ara4n, good to hear from you! Blockstack gives users the ability to associate arbitrary off-chain data with their on-chain name and public key. This could easily include both a DKIM signature as well as any additional 3rd party attestations. The integration software could be written to query these attestations as part of the authentication process.
This is true. The user (or application) decides which claims are meaningful. We believe that determining the trustworthiness of a particular verifier is beyond the scope of an identity system, since it's fundamentally a social problem.
Yes, this is the case. Even if names had no cost of their own and didn't expire (both of which are supported in Blockstack), someone would still need to pay the transaction fee. We rely on this to both reduce spam and to rate-limit writes to the system (i.e. a node's local state cannot grow or mutate faster than the underlying blockchain). Matrix looks like a really cool system! I'd love to add support for it. We anticipate that many Blockstack applications will need a generic multicast notification mechanism (e.g. "You have mail", "a new forum post was added", "a new tweet arrive"), and we plan to add a driver model for using existing messaging systems to transport notifications. I was planning on using IRC at first, but if Matrix is more stable and more resilient to network partitions, we can go with Matrix instead :) |
Hopefully Matrix surpasses IRC in pretty much every way, being an open global decentralised network providing free-form JSON pubsub & persistence, signed into merkle dags, and end-to-end encryption via https://matrix.org/git/olm. Admittedly we're still late beta, but in practice there a few thousand servers out there, >1M users, >200K rooms, and generally things work pretty well. The biggest issue right now is that latency & throughput isn't quite as good as something simple like IRC, but we're getting there :) Ignoring the question of tracking the reputation of centralised ID brokers (e.g. if a 2FA MSISDN vendor can be trusted or not), I'm unclear why nobody has set up email verification servers publishing proofs into blockstack based on DKIM or similar to try to prove the authenticity of emails claims. For that matter, I'm unclear as to why keybase doesn't do email proofs either. Surely someone's doing this already? And if not, why not? |
@ara4n Great to see this discussion! A truly decentralized chat/messaging service is the dream. I think that as a first step, just allowing human-readable names in a namespace tied to public-keys can be really helpful. Imagine signing into Matrix without passwords and with a username/identity that you own. (That's less load on your servers and no need to maintain user information.) Identity proofs are the next step i.e., linking your Twitter, Github, domain etc. Email is more complex but we can brainstorm more about it. We're planning to fork Discourse (which we use on http://forum.blockstack.org) and enable logging in with Blockstack. Can we try to do something similar with Matrix? It'd be a great concrete thing to hack on. We have around 2,500 members on our Slack (http://chat.blockstack.org/) and we're open to transitioning to a decentralized chat that supports logging in with Blockstack. |
There is as well a Tox project which aims at full decentralization of a messaging system. Convenient naming is based on in-house DNS. Seems like Blockstack is a perfect candidate for pairing with Tox Protocol. We should definitely get in touch with Tox community to discuss this possibility. Though, I don't see a workaround for bootstrapping and running blockstack nodes on a mobile device in a decentralized environment (that is a necessary property for the messaging system in my opinion). |
Create an app that utilizes the email address of the user and uses the public key of each users zone file to encrypt and confirm messages sent. (Transcribing from a one off convo with @jcnelson so hopefully everything is there to piece that together :-) )
The text was updated successfully, but these errors were encountered: