Signal's ratchet makes doing so constantly the unavoidably the correct software engineering choice, otherwise your code leaks endless old keys because of the ratchet. ![]() That makes sense right?Īlways with "exploding" messages the actual expiry is implemented by some software explicitly deciding to throw ephemeral data away. ![]() That's right, your 1 hour exploding message about the lawsuit was optimised for cases where you'd need to share it with a 500 person group who all have multiple devices. This was easier for their multi-device large group stuff. Suddenly it's more like you wrote the message in chalk on an outside wall rather than it instantly "exploding". But cryptographically it takes up to a month or so for the bomb to "explode". Visually it seems like they blow up instantly when the time limit expires right? Gone. Actually though "exploding" messages are another Keybase compromise. "I killed Bob" (new key) "You did what?" (new key) "I was so angry I just stabbed him" (new key) "Shit. Signal's double ratchet does this for every single message back and forth. In contrast a PFS system would discard the keys as soon as they'd been used to decrypt stuff, and agree new keys for subsequent messages. Doesn't matter until the key is replaced. The device may never have received these messages, maybe it was switched off, or they've since been removed. Maybe it's next week, or next month, or next year, or in ten years time. Spooks can record Alice's encrypted message and get it back if they at /any/ subsequent point obtain the Keybase device key for your iPad, iPhone, MBP or Thinkpad, for example as a result of seizing it for some other reason. This way you can read the message from any of your devices. Keybase will ensure Alice provides keys to decrypt that message for your iPad, iPhone, the MBP and your old Thinkpad. Say Alice sends you a normal Keybase message right now about murdering her husband Bob. For _other_ Keybase messages without PFS it's open season. I'm going to assume in good faith that you've simply misread the comment but I'll circle back on this because the technical details are interesting.ġ. So, firstly the comment you're replying to specifically says that Keybase _does_ use PFS for exploding messages. I don't think this was quite bad a move as some make it out to be. (Though there are caveats, but the infrastructure is there natively to build very useful things.) And I'm not even naming the fact that it natively allows you to keep fiat money as a Stellar asset instead of exposing yourself to the risk of losing value to fluctuation. I personally knew Stellar already, but as a technical user (which I feel is a natural demographic for any crypto to start to get early adopters), this brought back Stellar in my mind and renewed my interest (or would've interested me if I hadn't known it).īesides, I quite like Stellar as a cryptocurrency for payments: fees are low, and confirmations are near instant. Compare that to yet another app which I don't know, need to evaluate, don't trust to keep my secrets, or won't share them across my devices. This is probably the least painful way I've kept crypto private keys.īesides, the wallet is pretty functional, and is integrated to an app that's already sync'd to my phone and computer. Keybase wants to make encryption user-friendly, and keeping cryptocurrency keys secure fits very well to that purpose. ![]() Keep them too well, lose your money keep them not well enough, someone can steal your money. Keeping cryptocurrency keys secure has always been a challenge. There's a lot I like in the Stellar-Keybase integration. It relies on the cooperation of trusted nodes to confirm transactions.Seems like a lot of people are saying the airdrop and integrating Stellar to Keybase was a bad idea, but I don't think so. How does Stellar's consensus protocol work? To issue, exchange, and transfer tokens quickly and afficiently Why would banks and businesses use Stellar? Why is Stellar good for sending remittances? The prerequisite is that they are also active and the quiz answers questions.Ī decentralized protocol that unites the worlds financial infrastructureįacilitating low-cost, universal payments. ![]() You'll get $ 10 for the 5 instructional videos + 5 questions to answer and recruit the rest through friends.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |