Hacker News new | ask | show | jobs
by evbogue 1135 days ago
> The DID itself is derived from the sha256 hash of the first operation in the log. It is then base32 encoded and truncated to 24 chars.

https://atproto.com/specs/did-plc#how-it-works

They could be using public keys as identifiers, why are they using nonsense?
2 comments
UncleEntity 1135 days ago
Would public keys be recoverable without having the private key, one of their objectives?

They also say: “We're actively hoping to replace it with something less centralized.”

link
evbogue 1134 days ago
They could replace it with allowing you to hold onto your own keypair.
link
jazzyjackson 1135 days ago
because they want the ability to perform key rotation
link
evbogue 1134 days ago
well exactly. If they hold onto your private keys for you, then they can keep you from losing them and also give you a new public key on a set schedule.

but they're also holding into your private keys for you, which comes with some risks.

link