I was browsing Handshake repos on github and noticed a pull request that added sign/verify [1] on the Bob Extension [2] on Github. This piqued my interested, and of course, it was time to hack away again.
The result is applause [3] which lets you post and applaud (sign) your and other people's messages. This website does not require a login or signup because it uses the decentralized Handshake [4] blockchain.
It's open source on github [5] and mixes Web 2 and Web 3 together causing some interesting benefits.
This is different from a website like Hacker News or Reddit which aim to be social media websites and avenues to engage in discourse.
Applause, instead, is as you might say, a tech demo, but also aims to, through UX and feature, create a different kind of environment than general social media networks. Instead, when a user engages in the act of 'signing' something, people can either agree in whole or not. If they agree in whole, they actually sign the original message itself. It's closer to a "shouting out to the void in a certified manner, and others can join in the shout" versus "shouting out to the void and debating."
From the name I was expecting something like image boards (think 4chan) where you can add a username to your post by specifying a secret, which will set your username to substring(sha(secret)). Instant authentication with no signup.
This isn't that, instead it seems to delegate the registration to some Namecoin-like thing, and I verify my identity but signing the content with my secret key? Did I get that right? I guess the advantage of that approach are human readable user names
You hit the nail pretty much on the head. While you're correct that a 4chan-like mechanism would provide a means of authentication, the hash would not be human-recognizable easily (basically, not meaningful). Using a naming block chain like Handshake, you essentially solve Zooko's Trilemma [1].
> While you're correct that a 4chan-like mechanism would provide a means of authentication, the hash would not be human-recognizable easily (basically, not meaningful)
This part can be addressed easily with avatars such as those Gravatar makes. Using a blockchain instead seems like a huge overkill, and also brings 'login' back into the equation, albeit with a different connotation than traditional login.
> This part can be addressed easily with avatars such as those Gravatar makes. Using a blockchain instead seems like a huge overkill, and also brings 'login' back into the equation because most websites will use something like Metamask, which you have to log into.
A gravatar is great for a profile photo, but in the end, there's no guarantee that the message viewed by a user was actually written by the poster. A site admin could simply inject posts as that user.
With signed messages, only those who possess the key could have created the signature for the signed message. Even a site admin cannot edit the message and get away with it (since the signature wouldn't validate).
> If you think about it, this is also true for web3 — true enough that it's broken.
You absolutely cannot fake a message being cryptographically signed without providing a broken verification function.
> We don't live in a world where you can't take things from people, etc.
The half glass empty approach is one method. The other method is to review the primitives we have in place today and explore different permutations that allow us to route around our adversities. That's the Hacker way. Of course, we do it with code.
> Ultimately, society works because we don't really need ironclad guarantees like that.
The society you live in is very different from mine. Fraud and impersonation are real. [1]
Between "there's no guarantee that the message viewed by a user was actually written by the poster" and "You absolutely cannot fake a message being cryptographically signed without providing a broken verification function" you moved the goalposts so hard it gave me whiplash and I'm afraid I can't continue this discussion due to my concussion.
> Between "there's no guarantee that the message viewed by a user was actually written by the poster" and "You absolutely cannot fake a message being cryptographically signed without providing a broken verification function" you moved the goalposts so hard it gave me whiplash and I'm afraid I can't continue this discussion due to my concussion.
I think it might be wise to review what signing means to understand that I didn't "move the goalposts" at all [1], but thanks for the discussion, as I merit it will help a lot of people to better understand the power of cryptography as I'm guessing it's a new field here as of yet.
No, they're absolutely right. You can steal a person's computer. You can get them drunk and ask them to hand over their keys. There are a dozen ways off the top of my head that you can have a message that's not written by the supposed poster without a broken cryptographic function.
This is solved with key management and security as opposed to with the fact on whether or not the technology has merit. Now, we're really moving goalposts. ;)
Sure, but you're ignoring flaws in the security to make a stronger marketing message for your site. Yes, there is nothing you can do about this, it's not under your purview. But nevertheless you can't make so strong a claim as to say that a message can't be faked without a broken verification function. It simply can't be faked in one particular way.
If Person B published a message under Person A's name, that is, to the non-crypto world, a faked post. They're not going to be impressed by your argument that actually it isn't faked, it's real, Person B just had access to Person A's computer.
Again, this is a security issue and doesn't in any way reduce the proven efficacy of cryptography. It's pedantic at best, and I am going to stop replying to your comments.
That's fine, I'm not looking to debate, I'm trying to help. You're here presumably looking for input on your new project, but you're not taking any of it, and getting very defensive whenever anyone offers anything other than praise.
I'm not making a comment out of pedantry, I'm telling you how I expect this is going to be seen by regular users. People on the whole are not interested in whether or not some particular security system is theoretically perfect, they're interested in whether or not it actually provides the security that they interpret it to promise. And they will interpret your claims as meaning that messages cannot come from anyone other than the signed user, which is going to be a problem the first time that assumption fails. And it will fail, because people aren't good at keeping secrets secret.
I don't see goalposts being moved. It seems like your base assumptions are just different from most people. Most discussions about security assume that users are taking care of their passwords and private keys, and talk about how secure a system is _given_ that assumption. If start assuming that stealing computers and getting people drunk to steal passwords is reasonable, then there would be no point to any of the security measures on the web
Pretty much all of security relies on the user not giving out their passwords or secret keys. Imho it's an implicit assumption when talking about identity and security. If we break that assumption, nothing in the world is secure, and any discussion about security becomes pointless.
I'm not too familiar with 4chan and handshake, but my current understanding of this is that it's like using public-private key cryptography for creating user identities, and then using blockchain to map public keys to usernames?
So if I wanted to make a post, I first generate a public-private key pair, and then sign posts using my public key?
You can either use Bob Wallet [1] or hsd RPC. You'll need a Handshake [2] name as well. There's a PR on the Bob Extension that streamlines this process (think metamask) [3].
I think where we're headed is a blend of Web 2 and Web 3 (Web 666). In this, Web 2 continues to live on in its current form, because it works quite well. However, there are some issues with Web 2 that Web 2 can't easily solve that are solved by Web 3. One of the biggest ones is decentralized identity which Handshake solves beautifully.
With signed strings tied to the keys associated with the handshake name, every action taken on a Web 2 website can now benefit from being verifiable [1]. You don't need the blockchain outside of the identity.
Secondly, the more I've been working with this technology, the more I've truly begun to understand how important it is to own one's name. There shouldn't be two afro88s. Imagine if there is an afro88 on reddit and this person starts acting a certain way -- and then someone comes here and they see your username and apply bias due to actions that were not your own?
Web 666 is a silly name for blending the "stacks" if you can call them that, together, but then again... [2]
[1] A reddit admin edited a user's comments. Imagine if that user was suddenly prosecuted on said "evidence?" What a shame, and cryptographic signatures really empower people on the internet, especially in a Web 2 world.
It's more of using specialized, purpose driven applications vs using a generalized swiss army knife of epic proportions.
Handshake was purpose built to work with traditional DNS while ENS is something entirely different. I think that's why Handshake is gaining more adoption in the traditional DNS sector as well, but whatever the case, I've opted to work with this technology based on a number of factors:
1. The ENS project is great for creating human readable Ethereum wallets. However, it doesn't seem that it was initially suited to be used for DNS and that this was later patched on.
2. ENS is centrally controlled by a federation of key holders [1] while Handshake is decentralzed.
3. In Handshake, you truly own the name.
4. With blockchain already inheriting many inefficiencies when compared to more traditional systems, ethereum, while very cool, tries to be too much and the bloat has led to extreme fees for interacting with the blockchain.
That being said, I'm keeping my eye out on all of the naming projects. It's something I'm very interested in.
Maybe it's not technically a sign up, but the new user flow needs some work. There are boxes for "handshake name" and "signature" but no indication of what you should put there.
I tried leaving them blank and got an error message: "You need to include a valid Handshake name and signature generated with the key associated with the name."
I apologize for that. There was an assumption that most people were aware of the Handshake Naming system [1]. Handshake is a naming blockchain that's recently been gaining adoption quickly (Namecheap [2]) (Opera Browser [3]). Using this, you can control your name, which is your identity, on the internet. There's a lot of other cool benefits, but as it pertains to this project, it's the names, cryptographic proof of ownership of said names, and the cryptographic provability that the messages were written by the owners of said name.
There are many ways to get Handshake names, but the easiest ways are to use Bob (non custodial) [4] or Namebase (custodial) [5].
So handshake.org seems to be the authoritative source on everything handshake, and it has several lengthy posts describing how using anything but it and things it vouches for to interact with handshake is about the absolute dumbest thing a person could possibly do [1]. And while namebase.io looks like it might provide an incredibly intuitive "getting started with handshake" experience, it's not vouched for by handshake.org. Can you explain why using namebase.io to mint a handshake name isn't the dumbest thing I could possibly do?
The instructions you pasted are for claiming a name that was pre-reserved when Handshake launched [1]. This is different from creating and obtaining a new name on the blockchain.
Are you implying people should feel free to create and obtain a new name on the blockchain using any random website? Also I do not see the list of popular GH names in the link you provided.
> Are you implying people should feel free to create and obtain a new name on the blockchain using any random website? Also I do not see the list of popular GH names in the link you provided.
The popular names are in the names folder.
I wouldn't recommend obtaining a new name from any random website. I don't think I did so. I'm going to avoid continuing this thread as gaslighting isn't usually something one would wish to engage in, obviously on the receiving end, but on the creator's end too.
I hope you are able to find peace in the next year.
I once created a SAAS application that did not have the "ordinary" workflow that people expect these days - email/password or social login.
People hated it and actually took the time to complain.
The lesson for me - make your auth process precisely what people expect - if there's feedback, it should be about your product, not about the signup process.
Signup process is not a feature - it's plumbing.
In the case of this new product / service - I note the headline is almost unrelated to what the product does - it's a headline about how the auth works on this - the technology something is built with shouldn't be the marketing message.
This is a Hacker project to explore improved ways of doing things with the new primitives of our collective technology base. In this case, owning your own identity with a decentralized identity system.
I think marketing posts are better suited for another forum, no?
I agree that the intentions were pure. That said, this isn't a product, but instead, a project with a specific goal of improving internet security by showcasing concepts to the HN community. The discussion within the thread, I think, is indication that it is helping to inch closer to that goal as more users on HN are made aware of the beneficial tools cryptography with Handshake provides.
This isn't truly no signup right? I only saw the handshake now, but isn't my handshakeName+signature my new username and password for posting? Instead of having a centralized auth provider, the blockchain is used to authenticate the signature?
Just looking at Handshake - if I buy HNS and purchase a domain, sure I can use the handshakeName and signature to authenticate to supported websites. But if I want to host a website with the domain, the possible options are using hns.to domain or have my DNS point to a different DNS server. Both are not viable options for my end users to reach my website. Is the expectation that overtime Handshake gains popularity and all existing services would have a mechanism to integrate into this?
53 comments
[ 2.6 ms ] story [ 124 ms ] threadIt's open source on github [5] and mixes Web 2 and Web 3 together causing some interesting benefits.
It supports drag and drop among other things!
Hope you like it!
MIT LICENSED! Do whatever you want with it!
[1] https://github.com/kyokan/bob-extension/pull/15
[2] https://github.com/kyokan/bob-extension
[3] https://applause.chat
[4] https://handshake.org/
[5] https://github.com/publiusfederalist
> Name: applause.chat
> Internationalized Domain Name: applause.chat
> Registry Domain ID: 1deb3f28409a44cb92dcf6ad12b77b70-DONUTS
> Domain Status:
> clientTransferProhibited
> addPeriod
> Nameservers:
> ns1.linode.com
> ns2.linode.com
> ns3.linode.com
> Dates
> Registry Expiration: 2022-12-29 02:01:19 UTC
> Updated: 2021-12-29 02:07:14 UTC
> Created: 2021-12-29 02:01:19 UTC
At the same time my login is not present in the handshake chain, that would make sense.
[0] https://github.com/kyokan/bob-wallet
This is different from a website like Hacker News or Reddit which aim to be social media websites and avenues to engage in discourse.
Applause, instead, is as you might say, a tech demo, but also aims to, through UX and feature, create a different kind of environment than general social media networks. Instead, when a user engages in the act of 'signing' something, people can either agree in whole or not. If they agree in whole, they actually sign the original message itself. It's closer to a "shouting out to the void in a certified manner, and others can join in the shout" versus "shouting out to the void and debating."
This isn't that, instead it seems to delegate the registration to some Namecoin-like thing, and I verify my identity but signing the content with my secret key? Did I get that right? I guess the advantage of that approach are human readable user names
[1] https://en.wikipedia.org/wiki/Zooko%27s_triangle
This part can be addressed easily with avatars such as those Gravatar makes. Using a blockchain instead seems like a huge overkill, and also brings 'login' back into the equation, albeit with a different connotation than traditional login.
A gravatar is great for a profile photo, but in the end, there's no guarantee that the message viewed by a user was actually written by the poster. A site admin could simply inject posts as that user.
With signed messages, only those who possess the key could have created the signature for the signed message. Even a site admin cannot edit the message and get away with it (since the signature wouldn't validate).
If you think about it, this is also true for web3 — true enough that it's broken.
We don't live in a world where you can't take things from people, etc.
Ultimately, society works because we don't really need ironclad guarantees — and we don't have any.
You absolutely cannot fake a message being cryptographically signed without providing a broken verification function.
> We don't live in a world where you can't take things from people, etc.
The half glass empty approach is one method. The other method is to review the primitives we have in place today and explore different permutations that allow us to route around our adversities. That's the Hacker way. Of course, we do it with code.
> Ultimately, society works because we don't really need ironclad guarantees like that.
The society you live in is very different from mine. Fraud and impersonation are real. [1]
[1] https://www.theverge.com/2016/11/23/13739026/reddit-ceo-stev...
I think it might be wise to review what signing means to understand that I didn't "move the goalposts" at all [1], but thanks for the discussion, as I merit it will help a lot of people to better understand the power of cryptography as I'm guessing it's a new field here as of yet.
Happy New Year!
[1] https://en.wikipedia.org/wiki/Digital_signature
As always, there's a relevant XKCD https://xkcd.com/538/
If Person B published a message under Person A's name, that is, to the non-crypto world, a faked post. They're not going to be impressed by your argument that actually it isn't faked, it's real, Person B just had access to Person A's computer.
Happy new year.
I'm not making a comment out of pedantry, I'm telling you how I expect this is going to be seen by regular users. People on the whole are not interested in whether or not some particular security system is theoretically perfect, they're interested in whether or not it actually provides the security that they interpret it to promise. And they will interpret your claims as meaning that messages cannot come from anyone other than the signed user, which is going to be a problem the first time that assumption fails. And it will fail, because people aren't good at keeping secrets secret.
How about by obtaining the private key?
And getting access to private keys can happen by means other than the user volunteering them.
So if I wanted to make a post, I first generate a public-private key pair, and then sign posts using my public key?
[1] https://applause.chat/v/9
[2] https://handshake.org/
[3] https://applause.chat/v/5
With signed strings tied to the keys associated with the handshake name, every action taken on a Web 2 website can now benefit from being verifiable [1]. You don't need the blockchain outside of the identity.
Secondly, the more I've been working with this technology, the more I've truly begun to understand how important it is to own one's name. There shouldn't be two afro88s. Imagine if there is an afro88 on reddit and this person starts acting a certain way -- and then someone comes here and they see your username and apply bias due to actions that were not your own?
Web 666 is a silly name for blending the "stacks" if you can call them that, together, but then again... [2]
[1] A reddit admin edited a user's comments. Imagine if that user was suddenly prosecuted on said "evidence?" What a shame, and cryptographic signatures really empower people on the internet, especially in a Web 2 world.
[2] https://en.wikipedia.org/wiki/Lucifer_(cipher)
Handshake was purpose built to work with traditional DNS while ENS is something entirely different. I think that's why Handshake is gaining more adoption in the traditional DNS sector as well, but whatever the case, I've opted to work with this technology based on a number of factors:
1. The ENS project is great for creating human readable Ethereum wallets. However, it doesn't seem that it was initially suited to be used for DNS and that this was later patched on.
2. ENS is centrally controlled by a federation of key holders [1] while Handshake is decentralzed.
3. In Handshake, you truly own the name.
4. With blockchain already inheriting many inefficiencies when compared to more traditional systems, ethereum, while very cool, tries to be too much and the bloat has led to extreme fees for interacting with the blockchain.
That being said, I'm keeping my eye out on all of the naming projects. It's something I'm very interested in.
[1] https://docs.ens.domains/frequently-asked-questions
I tried leaving them blank and got an error message: "You need to include a valid Handshake name and signature generated with the key associated with the name."
But it doesn't explain how you do that.
There are many ways to get Handshake names, but the easiest ways are to use Bob (non custodial) [4] or Namebase (custodial) [5].
[1] https://handshake.org/
[2] https://www.reddit.com/r/handshake/comments/pt55vb/namecheap...
[3] https://twitter.com/opera/status/1476841607005622273
[4] https://github.com/kyokan/bob-wallet
[5] https://namebase.io
[1] https://handshake.org/claim/
[1] https://github.com/handshake-org/hs-names
The popular names are in the names folder.
I wouldn't recommend obtaining a new name from any random website. I don't think I did so. I'm going to avoid continuing this thread as gaslighting isn't usually something one would wish to engage in, obviously on the receiving end, but on the creator's end too.
I hope you are able to find peace in the next year.
Happy new year to you.
People hated it and actually took the time to complain.
The lesson for me - make your auth process precisely what people expect - if there's feedback, it should be about your product, not about the signup process.
Signup process is not a feature - it's plumbing.
In the case of this new product / service - I note the headline is almost unrelated to what the product does - it's a headline about how the auth works on this - the technology something is built with shouldn't be the marketing message.
This is a Hacker project to explore improved ways of doing things with the new primitives of our collective technology base. In this case, owning your own identity with a decentralized identity system.
I think marketing posts are better suited for another forum, no?
No, Hacker News "Show HN" posts are often launch/marketing posts - totally accepted here.
Just looking at Handshake - if I buy HNS and purchase a domain, sure I can use the handshakeName and signature to authenticate to supported websites. But if I want to host a website with the domain, the possible options are using hns.to domain or have my DNS point to a different DNS server. Both are not viable options for my end users to reach my website. Is the expectation that overtime Handshake gains popularity and all existing services would have a mechanism to integrate into this?