10 years have passed, and no one has figured out how to use the blockchain. And here again?
Is this really so? This is almost 100 percent true. But there are a couple of nuances. The first is the well-known cryptocurrency. Its properties still have some appeal against the backdrop of fiat. The topic is an acute one, frankly speaking, politically very “charged”, therefore objectivity in it cannot be expected.
But here is another real case. The blockchain is perfect for organizing an honest casino in which the PRNG is strictly and completely controlled by public consensus, and at any time we check it with anyone. The case applies to all types of gambling, where "honesty" and strict rules of accessibility to an array of random sequences are important. Poker, in which you do not need to trust the organizer of the table, works great on bch. But this topic is also ambiguous - on the verge (and beyond) the legal framework of various jurisdictions.
As far as I know, there are no other areas where the blockchain is applicable differently than a crutch screwed to the bumper. Apart from the hypothetical direct democracy and / or bureaucracy of course on the blockchain - which now looks even more fantastic than anything else.
Nevertheless, I want to share another idea of the real application of technology.
Of course, it will also be slightly politically charged, but perhaps more relevant and more mundane at the moment than cryptocurrencies and electronic democracy.
In general, warfare somehow cuts into the sphere of trust between people. Therefore, it causes a diverse layer of experience regarding technology. But the crisis of trust between society and its institutions has long been overdue, and now it is entering a more acute phase ... but we will not be distracted.
So, the idea is an analog of HTTPS on the blockchain.
What is the problem of the system in its current form?
Large corporations are strenuously and to some extent categorically promoting HTTPS everywhere. HTTPS really blocks many MITM attacks, thereby protecting privacy. But there are, as usual, nuances. The certification authority system is very vulnerable to a Snowden attack. Moreover, HTTPS is becoming a potential global censorship opportunity. Of course, corporations promoting total HTTPS have an impeccable (try reproach) reputation and do not abuse such very wide opportunities. But is it possible to be sure that as a result of the next crisis some odious personalities or fanatics of cults will not come to power? I do not think that such options are completely excluded. Now imagine these people gaining access to the global HTTPS system? And besides everything else,
Against the background of these statements, I propose to consider the following alternative to HTTPS.
In general, the architecture is very simple (I’ll immediately notice that this is not hidden advertising, etc., but just a concept. I don’t know the analogs of such a system).
- All encryption is done through the well-established e2e Dhifi-Hellman algorithm.
- The algorithm has one vulnerability. Alice cannot be sure that the primary handshake and key exchange he carried out with Bob, and not with Eve. By the way, this is the basis of the illusion of security for all popular secure e2e messengers with a closed server part.
- The "center" of public keys is available to anyone who wants to deploy it on their server as a blockchain node. Based on this blockchain, the “center”, anyone can generate a session pair of ephemeral keys.
Let's look at the system in more detail now. There are a lot of questions and subtleties there. But dwell on a couple of obvious ones.
- Again, what is it to burn kilotons of hydrocarbons to solve the problem of the Byzantine generals?
Everything is very simple here. Not worth it. The POW consensus has some charm, but it has outlived itself. He popularized the very idea of consensus in the database and for this he and his creator Satoshi were recognized. But further participation in this mining madness makes no sense. Consensus can be without electricity (not literally of course): POS, DPOS, etc.
- Not everyone has a desire to download the blockchain to their device, for example, just go to the Google or Yandex website. Why then such an overhead?
Everything is simple again. For those who don’t need it, it’s quite possible to make a public note and each user takes the risk of trusting in such a note (as it is now essentially). Those for whom security matters matter are deploying their bch-node and may be involved in consensus.
- What if I lose my privatnik, is that all?
One of the really tricky questions of using warheads in real life. Initially, yes - no privatnik - no user) But the issue is solved. You can organize the process of delegating authority to restore access to a trusted circle of other private owners. As an option - after a certain time. It could very well be a commercial service on top of the blockchain ... or government.
- What if many forks violate this whole global process?
The question is open. This is possible, but there are also a number of limiting factors for rampant forking. For example, the default browser settings. This will greatly limit the massive “visibility” of the forks. Moreover, it is possible to implement a consensus mechanism that basically excludes fork - only hard fork. This is offhand.
- Motivation to participate in consensus and contain a node?
It's even easier than with cryptocurrencies. Those who hold the node themselves are interested in the process of providing a secure e2e channel for their needs. But no one bothers tokenize the process and attract financing through the exchange, as well as provide the token with additional services on top of such a system.
- But will the special services agree with the absence of a single point of failure of the Internet encryption process?
The question is rhetorical, philosophical.
PS
The subtleties and nuances of such a system are very, very many. One article does not comprehend them.
But the main question: "Why is blockchain needed here?"
Then, with the help of it it is easy to get a VERIFIED public key of a certain network participant for organizing an e2e session. At the same time, it is more difficult for an attacker to replace him or seize control of the “center” due to the lack thereof. At the same time, the current model of provisionally "registered in the browser" certification centers will also be able to work as it is now.