πΎ Archived View for vi.rs βΊ anons-triangle captured on 2020-09-24 at 01:23:40. Gemini links have been rewritten to link to archived content
-=-=-=-=-=-=-
βββ igital credentials used for authorization in networked systems are governed
βββ by a trilemma in the spirit of Zooko's Triangle. Zooko observed that names
in a system can have at most two of the three attributes: distributed, secure,
and human-readable.
Names: Distributed, Secure, Human-Readable: Choose Two
Digital authorization credentials such as asymmetric key pairs are similarly
limited. They can have at most two fo the three attributes: pseudonymous,
trusted, and zero-cost to obtain.
Pseudonymous
β±β²
β± β²
β± β²
ββββββ
Trusted Zero-cost
A credential that was not issued by any authority and is not correlated with
any other credential or real world identity.
A credential that has a trust anchor. If it is an asymmetric key pair, this
implies that some web-of-trust endorsement from a credential issuer (e.g. TLS
certificate authority).
A credential that has no cost to createβfinancial, computational or
otherwise.
Credentials that are both trusted and zero-cost are familiar to all of us. They
are credentials such as birth certificates and drivers' licenses. The most
common digital equivilent is a TLS certificate issued by a free certificate
authority like Let's Encrypt. With the standards work at the W3C to create
verifiable credentials anchored in blockchains, the digital credential issuance
market is opening up to anybody. The cryptography makes the trust in the
credential issuers transitive to the credential bearers.
Credentials that are both pseudonymous and zero-cost are also familiar to
cypherpunks. These are commonly known as ephemeral keys used to achieve perfect
forward secrecy in encrypted communication protocols such as TLS, Noise, and
CurveCP. The key re-negotiation and ratcheting mechanisms used in these
protocols relies on creating ephemeral keys that are used only once and then
discarded. These protocols only work because the credential creation costs
nothing.
Credentials that are both pseudonymous and trusted are much more rare. In 2011,
Aaron Schwartz observed that Zooko's trilemma describes a graduated trade-off
rather than an all-or-nothing set of properties as implied in Zooko's original
paper.
Squaring the Triangle: Decentralized Human-Readable Names
Schwartz observed that by trading a little security, a naming system can gain
some decentralization while preserving human readability. Anon's triangle is
similarly graduated in that pseudonymous credentials can begin as zero-cost,
no-trust credentials and gain trust over time that is directly proportional to
the cost paid by the credenital bearer.
Adam Back's Hashcash is an early design for a proof-of-work system meant to
create some degree of trust in email transmission due to the cost incurred by
the sender associated with each email.
A Partial Hash Collision Based Postage Scheme
The theory is that a legitimate sender can pay the small cost per email but a
spammer cannot pay the aggregate cost of sending millions of spam emails.
Paying that computational cost buys the sender the trust in their email.
Satoship Nakamoto used a very similar technique for creating trust and also to
regulate the speed of Bitcoin block creation. Iain Stewarts' proof-of-burn
system seeks to accomplish a similar trade of cost for trust through the
provable destruction of cryptocurrency.
Proof-of-Burn β Bitcoin Wiki
A novel proof-of-work system described in the new Git Decentralized Identifier
Method specification relies on contributions to open source projects as the
price paid by project contributors.
By storing credentials inside of a Git repository and requiring that all
contributions be signed by a credential already in the repository, the
provenance of all commits is cryptographically linked to credentials. The
credentials in the repository can be pseudonymous or linked to other
credentials possibly even real-world identities. If the credential is
pseudonymous, the level of trust for the credential is directly proportional to
the trust people have for the open source project itself as well as the amount
of good work associated with the credential. The idea is that you may not know
who I am but I can prove to you that I am the maintainer of some non-trivial
chunk of code in a well-respected open source project.
Teh use of open source contributions as a proof-of-work finally links human-
scale work with digital credentials and solves the pseudonymous+trusted
credentials without using computational resources. This presents an opportunity
for constructing fully pseudonymous online services that rely on the open
source ecosystem as the source of truth.
βͺ .
.
ββββββββββββββββββββββββ
ββββββββββββββββββββββββ
. β βΏ β
β βͺ β΅ β .
β β΅ β
β
β