Hacker News new | ask | show | jobs
by mmillin 923 days ago
GnuPG/PGP and the web of trust[0]. A lot of things I see blockchain being used for today (e.g. NFTs) seems like it would be better solved using standard OpenPGP signatures with no backing chain.

Additionally, as machine-generated content proliferates, I think having services use something like the web of trust concept for membership would be super powerful. The problem is, of course, the terrible UX of cryptographic signatures. But I think there's a lot of opportunity for the group that makes it easy to use.

[0]: https://en.wikipedia.org/wiki/Web_of_trust
6 comments
notpushkin 923 days ago
There's a problem though: either you have to ban transferring NFTs (or other tokens), which makes those a lot less useful, or you need something to prevent double spend attacks (something that blockchain solves).
link
nunez 922 days ago
GPG is great. It also makes it really easy to encrypt environment dotfiles that safely reside in your source code repository. This is my favorite way of storing sensitive app configs. You don't even need a PGP private key in your keychain to do it. You can use a passphrase.
link
nemoniac 922 days ago
This sounds interesting. Have you got an example of how you do this by any chance?
link
mstibbard 922 days ago
I’d really like to hear more about this
link
ssivark 922 days ago
As a follow-up to the web of trust, I was pretty excited about Keybase and the breadth of applications they enabled, with a slick UX for web-of-trust. Pity they didn't quite succeed (got acqired/acquihired by Zoom), but it would be wonderful if something like that got another life.
link
staticBr 920 days ago
Well thank you! I think that so often ...
link
radicalbyte 923 days ago
Take a look at KERI.
link
klntsky 923 days ago
> seems like it would be better solved using standard OpenPGP signatures with no backing chain.

Programmability though

link
cvdub 923 days ago
Can you elaborate?
link
klntsky 922 days ago
There would be no automated consensus over results of execution of programs that power the applications
link
6510 922 days ago
Just curious, which would be most reliable? One entity confirms it who confirmed 1000 previous results, 2 who confirmed 500, 10 who confirmed 100 or 1000 who confirmed 1 previously?
link
DennisP 922 days ago
How about the actual case: many thousands of entities, who confirmed hundreds of thousands of previous results?
link
6510 921 days ago
Would many thousands of entities, who confirmed hundreds of thousands of previous results be preferable over hundreds of thousands of entities, who confirmed many thousands of previous results?
link