You are reading content from Scuttlebutt
@Dominic %SZaU8a1u7UkIJ3oYGEneC3BI2jO//swt0lwMKdxAaGU=.sha256
#ssb-grants
Re: %/0AC79/Ex

I don't understand why you need to invent a new encryption method: https://github.com/jeswin/ssb-scuttlekit/blob/master/secure-key.md

SecureKey is a minor modification over private-box to suit ScuttleKit's database replication. The main difference over private-box is that SecureKey is only used for distributing keys for later use and not for communicating messages.

Sure but you can put anything inside a private-box. It doesn't have to be a post.

In addition, it defines a key identifier to help with caching, and a mechanism to handle hierarchies of trust seen in organizations and groups.

This also means it leaks metadata about who is talking to who (because they all use the same key identifier, visible to everyone). It also looks like this format reveals how many other peers you are talking to.

I think I understand the how the "key trees" work, (but not why you call them that), instead of just multipling the ephemeral key with the identity key, you also use previous keys sent.

Once the keys are sent, how are they used in messages? Is there another message format for those messages and do they still use the key id?

note, there are also some known problems with private-box, which this proposal is also vulnerable to. In particular, you could replay someone else's key message, and it would look like I knew the key, which could have surprising effects depending on the application.

I am happy to provide feedback an answer questions, cryptographic protocols is something we need to take very seriously, and there is not much prior art for group messaging to build off of. As everything I know about crypto is self-taught I am happy to support other people who are also learning, but as it is, I don't think this improves on private-box. I would rather have people to work with on private-groups than multiple incompatible private messaging formats.

The part of the proposal that I am quite interested in, though, is the sandboxing.
We need it to be easier to make and distribute ssb applications, I think sandboxing is very relavant here. Can you tell us more about how this will work? are apps loaded as websites? (i.e. from servers?) and/or from ssb blobs?

Join Scuttlebutt now
AGPLv3 © ssb-viewer 38c61a5