HackerTrans
TopNewTrendsCommentsPastAskShowJobs

CryptoTotalWar

no profile record

comments

CryptoTotalWar
·il y a 2 ans·discuss
We didn't reinvent shit! Everything we did is built off existing tech.

We reused PKI and extended it to achieve peer to peer web of trust. So there's both vertical trust chains via certificate signing and horizontal trust chains via a sigchain.
CryptoTotalWar
·il y a 2 ans·discuss
1) Real world verification is voluntary. Nothing is forcing anybody to provide real world information. Users can decide to do so by claiming a real world identity - in which the verification is outsourced to that IdP. Users can also decide who to trust based on what information is available on the network.

2) Root key compromise can be resolved through revocations on the trust network. It's the same as how PKI works right now but in a decentralized manner. This isn't possible yet on PolyKey (PK) but it's something we are working on.

3) Actually we enable CAs to sign the PK certificate. This is in our roadmap.
CryptoTotalWar
·il y a 2 ans·discuss
Polykey is an open-source, decentralized secrets management solution that uses GitHub as an identity provider (IDP). During the initial setup—akin to creating a new digital wallet—users authenticate and claim their GitHub identity via the Polykey CLI. This step binds their Polykey node to their GitHub profile, verifiable through a publicly visible cryptolink called a "gestalt identity" displayed on their GitHub user profile or gists.

Within the Polykey network, each node can host vaults that safeguard sensitive information. By integrating identity verification directly into this decentralized framework, Polykey enables users to discover, trust, and securely share cryptographic keys with other verified nodes. This system departs from traditional methods that depend on anonymized wallet addresses for user discovery, offering instead a mechanism for direct interaction within users’ operational environments, provided their identities have been linked to their nodes.

This approach aims to tackle foundational challenges in key management and identity binding. Do you think integrating identity verification in this way could improve the management and security of cryptographic identities? Are there any potential advantages or drawbacks you foresee with this model?