[World177]

> What's the point of some random person "endorsing" an edit?

I think you're right in that it's so far not been necessary to use blockchain based identities. Though, I think blockchain based identities are objectively better. In implementation, it doesn't have to be a random person, it could be anyone or any organization that could endorse changes.

> I'm not sure how a wholly external PKI could be any help in "endorsing" edits. A user's ETH wallet has no relation to their reputation or trustworthiness on WMF sites.

Ethereum based identities are easy to remember and harder to censor. If Wikipedia wants to censor someone currently, they can just remove the system they have implemented. The solution offered provides an external system that provides a way to determine if someone did something even if Wikipedia tries to hide it later. (with the certainty that also backs billions of dollars in value on Ethereum)

[bawolff]

> The solution offered provides an external system that provides a way to determine if someone did something even if Wikipedia tries to hide it later.

No it doesn't.

This system is signing the revision id number (im assuming based on the video). There is not neccessary any connection between the signer and the revision id. There is no way to verify if the revision id was ever valid (typically revision ids are sequentially increasing numbers but there are edge cases where that is not true. And i dont mean censoring edge cases, although there are systems on wikipedia where pages can be deleted or revisions hidden)

So what does this system actually prove? That someone at a specific point in time signed an integer. Maybe that integer corrdsponds to a edit they like, maybe it doesn't. Maybe they never read the edit. Maybe the edit never existed.

This whole thing is seriously stupid. It is a non-solution to a non-problem. The problem they are trying to solve doesn't exist and even if it did this wouldn't fix it.

I mean hell, at the very least you think they would sign a hash of the edit instead of just an id number.

[NoZebra120vClip]

Yeah, at this point you might as well hook in to the RecentChanges API, monitor that, sign everything, and then you could detect when there was a RevDel or Oversight action taken and the edit disappears from view.

Or you could, you know, get involved in the WP community and become an Administrator, and then you would actually have access to see those deleted edits and files without hindrance.

This whole bit seems to be some kind of hedge against Wikidata oversighters becoming evil and "covering up" some misdeeds or truths by abusing their powers to delete and suppress edits. While anything could happen, and I grant that this is a temptation to anyone, "signing an integer" as is proposed, with a completely unrelated identity in a completely unrelated PKI, is going to be utterly pointless and won't produce the accountability they seem to seek.

Also, if this signature isn't recorded on the blonkchain, then where is it going to be recorded? Wikidata ain't holding it for you. You've got to put it somewhere. Are you going to use IPFS or Dropbox or something?

[xinbenlv]

> NoZebra120vClip@: ... Also, if this signature isn't recorded on the blonkchain, then where is it going to be recorded? Wikidata ain't holding it for you. You've got to put it somewhere. Are you going to use IPFS or Dropbox or something?

OP: I am glad that you brought it up! Yes, that's something we are comtemplating right now. It could be a IFPS, it could be a centralized server that we own, or a Wikimedai Toolforge. The good part is, it could be both, and also decentralized. Being a cryptographic signature, anyone who hold a copy of an endorsement could validate if their are true. We put out this prototype to solicit wise and inspiring feedbacks like yours, and hopefully we can improve our product. We also ask for open source contributors who are interested.

[World177]

> No it doesn't.

I wasn't really paying attention to the implementation, but just what is easily possible. It would be simple to sign the full edit and provide that to other people without ever storing it on chain. It's also possible to create a contract that serves for domains of an organization to sign messages, etc.

> This whole thing is seriously stupid. It is a non-solution to a non-problem. The problem they are trying to solve doesn't exist and even if it did this wouldn't fix it.

I think this a valid. I actually do think blockchains solve identity well through domains, though, with endorsements, there's already seemingly good trust to the accuracy of identity on social media platforms. As an example, there's not usually a question to whether Elon Musk was the person who made a Tweet endorsing something as true.

> I mean hell, at the very least you think they would sign a hash of the edit instead of just an id number.

With most blockchain based stuff, it seems like projects are frequently made without much consideration.

[bawolff]

> It would be simple to sign the full edit and provide that to other people without ever storing it on chain

You could definitely do better than what they were doing, but i dont see how you would be able to distinguish between a signature on a real edit and one on a fake edit that never existed on wiki. Of course you could have a trusted third party verify the edits, but in that case you might as well just use a normal website.

[World177]

> You could definitely do better than what they were doing, but i dont see how you would be able to distinguish between a signature on a real edit and one on a fake edit that never existed on wiki. Of course you could have a trusted third party verify the edits, but in that case you might as well just use a normal website.

If they really wanted, they could prove they made edits on a chain. Using Ethereum directly is expensive, but the layer 2 chains that finalize on Ethereum are not expensive. The EVM can handle and store the results of any computation given that it is small enough for the block and has enough gas to pay for it. The fees on some layer 2 chains are very low. [1]

I don't really know if it necessary to prove someone did not make an edit though.

[1] https://u.today/polygon-zkevm-proving-costs-estimated-by-co-...

Note: I'm not sure that Polygon's zkEVM supports all op codes. Though, there are other chains like Arbitrum Nova where the EVM is fully supported, and the fees are less than $0.01/transaction. (for now at least) Polygon's zkEVM provides better security guarantees though. You can see the total value locked for different chains here, [2] which should be partially indicative of how much the markets trust them.

[2] https://defillama.com/chains

[bawolff]

So assuming the context is to prove if wikipedia is "censoring" you, i dont get how this would work. Sure you could store the whole edit on the blockchain, but how do you prove that is the same edit as the one that used to be on wikipedia and is now censored? How would an outside observer be able to tell that the whole edit isn't faked? That instead of wikipedia censoring the edit, what actually happdned was the edit was never submitted to wikipedia at all but made up.

[World177]

If everything is going on a blockchain, it's very simple. I made this simple contract to demonstrate. [1] It can be tested with Remix. [2]

In [3], the getArticle is called which shows the article text has not yet been set. Then, in [4] I'm showing that by calling a method on the contract, the text of the article can be set by someone using the contract. In [5] I show that this previous edit changed the text of the article. In [6] I'm showing that different signers of transactions can also be displayed as an editor. And finally, in [7], I'm showing the an item in the edit history can be looked up by index.

If what is stored on the blockchain does not match what Wikipedia is showing, then Wikipedia is censoring what is supposed to be in the article. This isn't showing endorsements, but, endorsements could easily be added to this contract by creating a mapping on the contract for users that want to endorse edits at an index, etc.

This is not state everything should be on a blockchain, but just demonstrate that it is possible to create censorship resistant article edit tracking that has endorsing users.

[1] https://pastebin.mozilla.org/5zu9mDrg/raw

[2] https://remix.ethereum.org

[3] https://i.imgur.com/osPMT57.png

[4] https://i.imgur.com/mq9oRJ9.png

[5] https://i.imgur.com/oXghJhn.png

[6] https://i.imgur.com/Ku0DOJY.png

[7] https://i.imgur.com/AaDifV1.png

[xinbenlv]

> bawolff@: So assuming the context is to prove if wikipedia is "censoring" you, i dont get how this would work.

OP: The main goal is not to avoid Wikipedia censoring.

[xinbenlv]

> bawolff@: You could definitely do better than what they were doing, but i dont see how you would be able to distinguish between a signature on a real edit and one on a fake edit that never existed on wiki.

OP: In our prototype, an endorsement is being signed. In production, it's possible that people will add their signature for their edits tool. We hope increasingly people will sign their edits so there is an increasing subset of Wikipedia edits that could benefit from decentralized signature that doesn't rely on Wikimedia or centralized entities to verify. The adoption will not happen overnight, just like The HTTPS.

[xinbenlv]

> bawolff@: Of course you could have a trusted third party verify the edits, but in that case you might as well just use a normal website.

OP: In that version of future, we no longer need a trusted third-party to verify the edits.

[xinbenlv]

> bawolff@: This system is signing the revision id number (im assuming based on the video). ...

OP: that's totally true, bawolff@. Our intention was to show case the signing part End-to-end workflow prototype. In real production one could be signing for a diff patch, or a full update.