Hacker News new | ask | show | jobs
by eeegnu 1863 days ago
How can you know nothing was altered, even if you stay in constant sync with the git repo, if github wanted they could selectively send different copies to different people. The entire point is that it's a trustless system where malicious actors get drowned out by others, especially if they're uncoordinated.
1 comments
endisneigh 1863 days ago
can't you just compare your repo with the main one? this is pretty trivial no?
link
yuliyp 1863 days ago
So in case you get mismatches, you can then have a bunch of humans figure out what happened and how to recover from it, and if necessary, involve a court system to settle disputes based on the evidence that exists.

This type of human resolution is needed even in blockchain systems: people will try and fork, people will try to launch 51% attacks, software will have bugs. In the end, a blockchain is a bunch of bits. People believing it and acting based on it is what matters.

link
eeegnu 1863 days ago
Then what happens when your comparison fails. There's no consensus mechanism. But then can't everyone just start using a fork from the last time you all agreed (ignoring that coming to a consensus on where to fork would pretty much be impossible)? Well since github is hosting that git repo, and they're the malicious actor, they just alter that as well. You could take them to court, but this would take a huge amount of time. Effectively if you have a central authority you gain nothing from a public ledger because you have to trust them in the first place. Maybe it makes it quicker to find out that fraud has been committed, but the individual(s) who suffered from it will probably be suing anyhow.
link
asjdflakjsdf 1863 days ago
And what if some engineer at github changes the original one to say that all my money has been sent to his account?
link
endisneigh 1863 days ago
that's not really possible - presumably if someone were implementing what I was describing they'd have it so all transactions are signed by the participants. they wouldn't have the private key(s) so, well, it's impossible.
link
asjdflakjsdf 1862 days ago
Its very possible. They could change it on their side, rewrite the history, and claim I never owned anything. I have no defence in that case
link