[baby]

Props to the whatsapp team for improving the machinery!

One question I have is how the protocol handles forks, or in other word what prevents the centralized service from sharing different views to different users?

To me the problem screams: you need a consensus protocol. Without a consensus protocol you’re just hopping that users might be able to detect malicious forks by gossiping.

If there’s a non-cryptocurrency usecase for blockchains, this is it.

[palata]

> If there’s a non-cryptocurrency usecase for blockchains, this is it.

They just explain in their blog post how they solve it.

There is no non-cryptocurrency use-case for blockchains, period.

[Aachen]

A distributed blockchain would actually prevent the malicious server issue. It would theoretically be better.

The practical problem is that you don't want to consume a ton of battery juice so this just isn't really feasible on mobile. (PoS wouldn't help because you'd still have to keep up with two billion users doing key changes.) Keybase ran into the same issue, there's a Github ticket somewhere where this was discussed. There was some blockchain lite they were hoping to implement, but that never happened, not sure if it was just off their radar or has issues of its own. I don't remember what its properties would be / if that would genuinely have distributed the trust for key exchanges. (Keybase was already publishing merkle root hashes on a chain, but the client didn't verify anything so it didn't help anyone, just like here with WhatsApp publishing the keys on a second system but that's still their own server controlled by a single party.)

[palata]

> A distributed blockchain would actually prevent the malicious server issue. It would theoretically be better.

No it would not: the third-party audit record is there to prevent the malicious server issue, while being infinitely more practical than blockchain.

Blockchain enables crypto-currencies. For the rest, we have more practical solutions already.

[Aachen]

> the third-party audit record is there to prevent the malicious server issue

Third party? Isn't Facebook running the show, like, their own servers that do the key log recording and publishing? If so, I've misread the news (I looked into the details but can have missed something of course)

I 100% agree with you that this is infinitely more practical (and achieves essentially the same level of assurance if the third party is in another jurisdiction), if that's indeed what they're doing

[palata]

In this case it may be Facebook running the show. But I was answering to the "this is a use-case for blockchain" point.

It is not a use-case for blockchain: it is (much) easier to get one or more third-party servers to host the repository.

Blockchain is a pretty cool technology, but let's face it: it does not solve anything (other than cryptocurrencies) that we don't already know how to solve in a more practical way.

[baby]

It would totally be doable on mobile. See what Celo does, for example. It’s a combination of using a BFT consensus (so that as a mobile user you only have to verify a few signatures and a merkle tree membership proof) as well as zero knowledge proofs to quickly verify epoch transitions.