[liberationtech] Have any of you ever used Scuttlebot?
John Ohno
john.ohno at gmail.com
Tue Apr 21 13:26:32 CEST 2020
Signatures are being chained (like a blockchain) to create a provable order
-- necessary to avoid split-brain problems in an offline-first environment.
The original use case was that one of the devs lived on a sailboat & got
internet once every like six months.
On Tue, Apr 21, 2020, 5:46 AM fuzzyTew <fuzzytew at gmail.com> wrote:
>
>
> On Tue, Apr 21, 2020, 12:40 AM John Ohno <john.ohno at gmail.com> wrote:
> <...>
>
>> Fully independent implementations are under development, but they're
>> difficult because the protocol as defined involves cryptographically
>> signing sections of regular JSON -- which, of course, has no defined order
>> for objects. This means that in practice, the SSB protocol is not standard
>> JSON plus signatures, but the entire set of nodejs JSON serialization
>> quirks. In order to implement it in another language, you have to duplicate
>> exactly the ordering produced by nodejs, or else old messages will not be
>> interpreted as valid by your implementation and the messages produced by
>> your implementation will not be interpreted as valid by competing
>> implementations. Ultimately, this means that if you want a full-featured
>> SSB client, you're stuck with an electron app (with all the attendant bloat
>> and memory leaks).
>>
>
> It sounds like the protocol is a little complicated under the hood?
>
> Do you know why the order of serialized content matters when it is only
> being signed and not encrypted?
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ghserv.net/pipermail/lt/attachments/20200421/0156e8cc/attachment.html>
More information about the LT
mailing list