| HN Mirror

Y	Hacker News new \| ask \| show \| jobs

by noirscape 1316 days ago

I think the problem with web3 as identity is that there's... no real advantages to this.

Public and private keys have existed before if you want to "own" your identification; you can run gpg or ssh on your computer right now, generate a public and private key pair and all you need to do to now verify that a message is from you is to send that public key to someone else and let them verify a message you signed with the private key.

Assuming your key has enough bits in it when generated, it probably won't be broken until long after you're dead or you'll have (more likely) moved on to a new pub/privkey pair.

You don't need a blockchain for that, it just... works. We don't generally do it that way because it's a fairly cumbersome user experience for people (making the PGP signing experience better is where imo real gains can be made if you want to focus on this area of identity verification, it's absurd that no modern email client for example has made this easier), but for those cases where you really need to 100% confirm that it's you, pub/privkey works just fine as a system.

Heck, you can even generate a pretty nice avatar if you wanted. All that avatar is in the end is a serialization function to display it as an image. Public key blocks are ugly, but when you for example look at SSH, randomart works just fine for validating that the keys match visually and nicknaming SSH keys is as old as time. Randomart maybe is output only a programmer could love, but a visualization of a key isn't new and there's probably some innovation to be had by improving the experience of sharing those keys and actually having randomart resemble actual art.

There's also the fact that... most people don't require that amount of no trust. I can think of a few niche cases where absolute zero trust verification is handy, but when you get to those cases the absolute last thing you want is for their existence to be publicly readable from a blockchain, which will always be the ball and chain on the leg of "web3 technology" (which as the post notes, there's barely any explanation as to what that actually means since it's just a mishmash of technology that seems to be "existing technology but we strapped it to a blockchain for some reason").

So even when it comes to identity verification, it's still mostly just... snake oil really. It's making and pushing around a cart on square wheels while huffing at those with round wheels for "not getting it".