Hacker News new | ask | show | jobs
by Aachen 1161 days ago
A distributed blockchain would actually prevent the malicious server issue. It would theoretically be better.

The practical problem is that you don't want to consume a ton of battery juice so this just isn't really feasible on mobile. (PoS wouldn't help because you'd still have to keep up with two billion users doing key changes.) Keybase ran into the same issue, there's a Github ticket somewhere where this was discussed. There was some blockchain lite they were hoping to implement, but that never happened, not sure if it was just off their radar or has issues of its own. I don't remember what its properties would be / if that would genuinely have distributed the trust for key exchanges. (Keybase was already publishing merkle root hashes on a chain, but the client didn't verify anything so it didn't help anyone, just like here with WhatsApp publishing the keys on a second system but that's still their own server controlled by a single party.)
2 comments
palata 1161 days ago
> A distributed blockchain would actually prevent the malicious server issue. It would theoretically be better.

No it would not: the third-party audit record is there to prevent the malicious server issue, while being infinitely more practical than blockchain.

Blockchain enables crypto-currencies. For the rest, we have more practical solutions already.

link
Aachen 1161 days ago
> the third-party audit record is there to prevent the malicious server issue

Third party? Isn't Facebook running the show, like, their own servers that do the key log recording and publishing? If so, I've misread the news (I looked into the details but can have missed something of course)

I 100% agree with you that this is infinitely more practical (and achieves essentially the same level of assurance if the third party is in another jurisdiction), if that's indeed what they're doing

link
palata 1160 days ago
In this case it may be Facebook running the show. But I was answering to the "this is a use-case for blockchain" point.

It is not a use-case for blockchain: it is (much) easier to get one or more third-party servers to host the repository.

Blockchain is a pretty cool technology, but let's face it: it does not solve anything (other than cryptocurrencies) that we don't already know how to solve in a more practical way.

link
baby 1161 days ago
It would totally be doable on mobile. See what Celo does, for example. It’s a combination of using a BFT consensus (so that as a mobile user you only have to verify a few signatures and a merkle tree membership proof) as well as zero knowledge proofs to quickly verify epoch transitions.
link