Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Our community can have the best of both worlds here. We can have the users sign their posts with a keypair on their own computer, and allow faux delete, and authenticate a merkle-tree back to the root.

Delete can't be real because someone will always have their phone out there ready to screenshot your post.

Imagine the @ protocol was

```<ed25519 Public Key><Signature>```

and that opened to

``` <timestamp><ed25519 Public Key><Previous Post Hash><Data Hash> ```

And the previous post hash could point to a post before a delete if we consider deletes to be real.

The hashes are used to lookup the post content, which we could also send with the message for the sake of convenience.

For key rotation we just need to sign a message pointing to our new keypair, no federated servers required! "My new key is EVxe89AeRwmTT0hfrT7sHe0wAuzvH9Yvg9TFUgqPh4M="



The fact that someone can screenshot something does not make deletion not real. Deletion is still valuable for many threat models and day-to-day situations humans run into.

As someone working on a p2p app that has done a lot of user research, I see it as a really good sign when a federated/p2p systems prioritize deletion, because I know based on my own research that it's something users care about and ask for.


100% agree with you. You can allow the illusion of a delete, and also allow messages to be signed using a keypair. When you build the merkle tree you stop linking to the deleted post and link to the next best non-deleted post.

BUT, if the content is already out there in a distributed system then you have to expect all of the nodes to respect your delete and not optimize for it.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: