Show HN: VeraId, a decentralised, user-friendly, offline authentication protocol (veraid.net)
VeraId combines DNSSEC with a new Public Key Infrastructure (PKI) to produce digital signatures that can be linked to a domain name. Consequently, every signature contains enough data to be independently verified without external queries, such as DNS lookups.
Here's a Replit demo you can use locally to produce signatures attributed to your own domain names: https://veraid.net/demo/
We built VeraId in 2023 to support a broader initiative aimed at circumventing complete Internet blackouts caused by repressive regimes and wars. This might sound familiar because the main project hit the HN homepage a few months ago: https://news.ycombinator.com/item?id=41646782
VeraId underwent an independent security audit, but the US Government (which funded all our work) defunded foreign aid before the auditor produced the final report. I was never alerted to any issues, and I should have been if there were any. I can't prove that, but you can check out the audit reports for our other projects to get a sense of our security practices: https://awala.app/en/blog/2024-security-audit-part1/ and https://letro.app/archives/letro-security-audit-2024.pdf
Any questions? Feedback? Looking forward to hearing your thoughts!
0 comments
[ 3.1 ms ] story [ 11.3 ms ] threadNo comments yet.