[jeroenhd]

Blockchain. It's always blockchain. Can we just not?

How about we go back to web 1.0. TLS mutual cert auth with an ID card as a smart card, either from the government or from your favourite third party.

Or maybe we go back to web 2.0 with OpenID. Users pick their own identity providers and websites can pick which ones to trust and which ones not to trust. Actually, we already have that, and it's "sign in with Google/Facebook/Apple".

If you're a fan of stuffing Javascript everywhere you can, just use FIDO2/WebAuthn before or after validating the user through OAuth.

Solutions exist. Nobody wants to implement them, it seems. Inventing new ways to do what has been done before doesn't solve the problem, it just creates more dead protocols.

[ahelwer]

Well, one of the few plausibly-valuable additions to the world offered by blockchains are globally-distributed databases not owned/controlled/bound to any single organization. Why not make use of them for something other than scams, pump & dumps, etc.?

[jeroenhd]

Blockchains are expensive in terms of money and energy consumption.

I'm not paying $10-$30 to store data on the ethereum blockchain every time I need to add some kind of datum (assuming the ethereum blockchain). That price will only go up once such a system actually becomes used by many parties, making the system even more expensive.

I'm already overpaying for getting the government to do stuff for me. I don't want to overpay some random servers all over the world instead of my government, that's just moving (and duplicating) the problem.

[bawolff]

Because the times where a globally distributed non-controllable database is actually useful to solve problems is fairly limited.

Blockchain people are the epitome of the "when all you have is a hammer everything looks like a nail" proverb.

[Spooky23]

Blockchain has value here, essentially acting as a distributed collection of digital signatures.

If I need to prove my date of birth, why not present a credential, signed by the vital records agency of where I was born to prove it without any data broker in the middle?

[jeroenhd]

Signatures exist outside of the blockchain. You can just send your signed data point, that's the point.

The only thing the blockchain protects against in these circumstances would be that the government is denying ever signing your date of birth and you losing your signed token. I don't think that's a problem in practice in most countries where an alternative trust system would even work.

[Spooky23]

Sure; vaccination credentials took this approach by establishing a registry of known signers.

That approach doesn’t scale.

It’s easy to shit on blockchain, but this particular area is one worth understanding.

[jeroenhd]

I don't understand it though. What trust can you derive from the blockchain? If a user visits my site and says "I'm jeroenhd, Spooky23 verified it" then that means absolutely nothing to me. The blockchain may be unalterable (without hard forks, at least) but there's no reason why I'd trust the blockchain more than a piece of paper that says "I'm 18 you can sell me booze".

[bawolff]

> That approach doesn’t scale.

Why not? Traditional PKI has generally met the scalability test, so this is a pretty bold claim.

> It’s easy to shit on blockchain, but this particular area is one worth understanding.

Sometimes i wonder if blockchain is really an edgy teenager in trenchcoat. Criticism is always met with "~ThEY jUSt donT UnderStAnD Meeee!!!~~~"

[judge2020]

In case you didn't know, Git is effectively blockchain. It's just that 'breaking' the chain/rewriting history is as simple as `git push --force` and other clients can accept the rewritten history with `git reset origin/<branch> --hard`. Blockchain is (more) useful when artificial scarcity isn't involved.

[the_svd_doctor]

Blockchain means there is also a consensus mechanism. That’s the whole point: resolving conflicts.

Git is basically a Merkel Tree, but not a blockchain.