vp's avatar
vp
vpnostr@favvy.com
npub1u6qh...nd7t
#ssi #web5 and #metamodernism #aiagents
vp's avatar
vp 2 years ago
about #nostr
vp's avatar
vp 2 years ago
#web5 was a surprise for me. We worked for a few years in the #ssi domain and even created a few similar solutions, but... For me, the leading game changes, and the principal value of TBD folks in SSI ecosystems, is repackaging and reinventing Relay architecture as #DWN. Relays are more scalable and realistic than peer-to-peer or classical agent networks. #nostr folks are using relay architecture models too. I am keen to play more with #DWN and relays in general. Still eager to see relay data sync features and full-scale permissions. Web5 is better web for everybody
vp's avatar
vp 2 years ago
#Meditation is free and do not require apps , services couches and any credit card . For me casual things work the best . Nordic walking ^ meditation. And for sure my favorite tea ceremony ^ meditation . Tea could be expensive hobby but for me tea is a working tools . To get focused and connected you need disconnect first .
vp's avatar
vp 2 years ago
#AI will empower and fuel #dataecomony . I read few research papers that clearly stated tha even much smaller models that trained on qualitatiy data give high quality results . It is mean that data and data authenisity will create completely new market with own challenges. #ssi give a tools for authenticity and ownership . I eager to see more products that focus on prove of authenticity and ownership .
vp's avatar
vp 2 years ago
I start from #pascal and #C. In 2004 my first industrial language was #Js and a bit of #Csharp. With #JS, I discover Wunderland of functional programming and a few mindblowing languages that make much sense for JS. Self and Smalltalk and lisp. JS is way ahead of time for me than Java or even C#. JS was easy. JS was different and designed for limited and tiny environments like browsers, and because of this limitation, scarify many features in runtime. JS is still the most misunderstood language ever created. Eventually, the JS community gave up and followed more Java ways to introduce features like classes and make C# folks happy. It is sad. I was keen to see traits, algebraic data types, and algebraic effects with continuations. Still, now we have #Typescript that makes C# folks happy and give you a completely broken, extremely complex sound incomplete type system. People could do crazy things not to learn new paradigms of thinking. Sometimes a great idea could be killed by the community.
vp's avatar
vp 2 years ago
We don't need another Twitter app based on Instagram identity with same pro russian community moderation. Apps are isolated time killers that fight for your time, attention and sell your data. We need Self-Sovereign Social Network Protocols that set ground rules for self-organized and self-moderated communities. I want to take my social graph and audience with me and do something useful for this relationship. I want to unlock this relationship. I belive more in #noster #activepub #lense #protocols
vp's avatar
vp 2 years ago
It will be a renaissance of system programming and programming with minimized computation and memory footprint. Why ? It is two great domains that are eager for performance but limited in resources or, let's say, where resources are mapped to money or just limited by the nature of the device. 1) #smartcontracts 2) co-local mobile-first, #privacyfirst #AI #agents I suggest investing in #rust and modern #cpp For decades cloud providers have sold us the idea that resources are unlimited and that it is ok to run tonnes of Js code in a cloud and scale more containers. Somebody must pay for this unlimited haven with real money, give up part of the profit, or relearn a new reality.
vp's avatar
vp 2 years ago
#identity and #wallets is unavoidable evil )) We all want to focus on business cases and products but … We desperately need interopable identity and protocol for wallets. Challenge with a wallet is simple UX is hard and interaction patterns is uncommon for web2 users . Well browsers was magic software around 1993 but now it is every where . How to not repeat browsers wars and create common protocol and interopable ecosystem ? It is one of my favorite 12 problems of #ssi We need more brave builders to make it happen
vp's avatar
vp 2 years ago
#SSI #wallets . How ssi wallet differ from #web3 wallets and what kind of functions and entities it should support
vp's avatar
vp 2 years ago
#dfinity #icp
vp's avatar
vp 2 years ago
# The Wallet War: Understanding the Misunderstood Concept of Crypto Wallets *By Volodymyr Pavlyshyn* Hello, folks! Today, we're diving deep into the world of wallets, specifically crypto wallets. I've previously discussed the differences between hot wallets, cold wallets, agents, hubs, and other components actively used in Self-Sovereign Identity (SSI). However, today, we're focusing solely on wallets. ## What is a Wallet? A common misconception is that your wallet holds your assets, NFTs, ABCs, and all things crypto. In reality, your wallet is your key management assistant, primarily responsible for managing your private keys and, in some cases, timing. Hence, the term 'wallet' is somewhat misleading. It would be more accurate to call it a signer, keychain, or key master. ## The Problem with Wallets The adoption of SSI and crypto comes with a significant responsibility: managing your private key. If you lose the key, you lose everything. This creates a huge usability problem as there's no way to recover or have a recovery system in place. The most popular approach to wallets is based on the idea of using a 'seed' instead of keys. This seed is a form of entropy from which you can deterministically generate private keys. This concept was sold as a secure method, with the Bitcoin standard BIP 32 outlining how to convert the seed into multiple different keys of different types. ## The Issue with Seeds However, the question arises: how do you keep the seed secret? How do you recover it? The common solution is to convert your binary entropy into a mnemonic phrase, giving you 12 to 24 words that you need to memorize. But this method has failed spectacularly. The hierarchical wallet, which is essentially a wallet at its core, has a significant flaw: if you lose the seed, you lose multiple private keys. This is one problem. Another issue is that it works well for one type of cryptography. If you want to combine one key from Bitcoin with another key from more modern chains like Solana, you lose the possibility because of the different cryptography involved. ## The Limitations of Hierarchical Wallets Hierarchical wallets were a cool concept that simplified a lot and allowed you to just memorize a phrase and manage multiple keys. However, it created a single point of failure, a lot of limitations, and the main problem of the hierarchical wallet is the process of recovery, or rather, the lack thereof. ## The Quest for the Perfect Wallet So, what's the best wallet in the world? It's one that the user doesn't even know exists. If we can create a seamless experience for the user, where they don't even realize they have some magic wallet, that would be a success. But what about recovery? What can we do there? ## Multi-Part Computations (MPC) The first idea was multi-part computations, where you split your private key into multiple sub-keys that need to come together to form a quorum. For example, you split it into ten parts, but to get the signature, you need six parts. This off-chain approach allows you to distribute cryptographic materials over the wire, and different people need to come together in some quorum to sign the transaction. However, the problem with MPC is that it's off-chain, and many threshold signature algorithms are not compatible with each other. Currently, we lack a standard that allows us to do this. ## Multisig Another approach, quite similar to the previous one, is multi-signatures or multisig. This is not a new concept. If you're a Bitcoin user, you knowthat you can build an unlocking script that requires the same scheme. For example, in the Lightning Network, you need two of two signatures to unlock the transaction. The idea is simple: you have multiple independent private keys, but you need several of them to unlock the wallet or sign the transaction. ## Smart Contracts as Wallets The majority of multisigs are smart contracts, so the cost of these operations can be high. It usually requires multiple operations. Some networks require you to have some kind of smart contracts, and we will talk about smart contracts as wallets in a moment. But the idea is simple: you have multiple keys, you can distribute them over the wire, and have social recovery. ## Account Abstraction The Ethereum folks came up with the concept of account abstraction. This means that your account and the signing of your transactions can be managed by a smart contract. This changes a lot, including how we validate signatures and operate with accounts. With account abstraction, you have a programmable way of managing your account, signing your transactions, and it could still be social recovery, multisig, or you could create your own programmable concept that will allow you to manage transactions, sign transactions, and manage keys. ## Programmable Key Pairs (PKP) If you don't have such things in your blockchain or maybe you're completely off-chain, you could look at the LIT protocol. The guys there have a quite cool idea of programmable key pairs (PKP) as some kind of NFT. This means that you could mint the key, manage the keys like NFTs, and it's more blockchain-independent, so you could port the programmable key pairs to different networks. ## Seedless Wallets All these things like multisig, MPC, PKP, and others revolve around the concept of seedless wallets. In seedless wallets, you don't have a seed, but you have a different programmable mechanism that allows you to recover your wallet easily. ## Conclusion The world of wallets is complex and ever-evolving. As we continue to innovate and explore new ways to improve security, usability, and recovery, it's crucial to stay informed and understand the mechanisms at play. If you're doing something in the space of wallets, recovery, security, or usability of Web3 solutions, I'd love to hear from you. I'm always ready to share my knowledge, provide consultation, and collaborate on building something new. Remember, the best wallet is one that provides a seamless user experience, robust security, and easy recovery. As we continue to innovate in this space, I'm confident that we'll get closer to this ideal. --- Thank you for reading. Don't forget to subscribe to our channel and Medium blog for more insights into the world of crypto wallets and beyond. Share this article with your friends and let's continue the conversation. See you next time!
vp's avatar
vp 2 years ago
What is the best Wallet and #wallet #UX ? One that do not exist and one that you could recover. Let's discover together #mpc , #seedlesss , #multisig , #smartcontractwallet, #pkp
vp's avatar
vp 2 years ago
# Web3 login web3 ID vs Web5 DIDAuth ( DID authentication) *By Volodymyr Pavlyshyn, [YouTube Video]( ## Introduction Web3 ID or Web3 login is being touted as a solution to many of our problems - it's decentralized, OTP-less, and passwordless. However, before we all move to this new, happier world, there are a few questions that need to be addressed: - How do we rotate a key and deal with a stolen private key? - Is it truly passwordless? How do we unlock a wallet, and how do we recover a password? - How do we make it cross-device? I propose a better answer to these challenges - Web5 Auth, or as we call it in our Affinidi SDK, DIDAuth. ## What is DIDAuth? DIDAuth is an edge auth protocol that proves ownership of private keys based on DID (Decentralized Identifiers). With DID, we decouple but cryptographically bind the Controller (user), private/public key pair, and identifier. So with a DID method that supports key rotation, we could solve the first challenge. With seed migration, we could solve a cross-device experience. Recovery is a more complex story; Affinidi SDK solves it for custodial users and provides building blocks for edge developers to implement their solutions for this challenge. ## The Problem with Web3 Login Web3 login or Web3 identity is a simple concept - login with your wallet, such as Metamask. However, this approach has several issues: - **Key Rotation**: If someone steals your wallet, they steal your identity. Key rotation should be a key feature, but it's not working well with login with Metamask or other similar solutions. - **Passwordless?**: Despite claims, you still need to maintain a password to access your private key. So, it's not truly better than what we already have. - **Portability**: It's not easy to port your wallets to different locations. - **Recovery**: If you forget the password, what should you do? The main concern is the possibility to rotate keys, which is why there are a lot of concerns about the Web3 login. ## The Solution: Web5 Login What I can offer, which has been available in our Affinidi SDK for a few years, is Web5 login. This protocol solves several issues: - **Decoupling**: The Decentralized Identifier (DID) allows you to decouple several elements. This is represented as a triangle, not as popular as the self-sovereign identity triangle, but it's the identity triangle. This triangle is the cryptographic binding between three things: the user or controller, the key pair (public and private key), and the identifier. The DID is your identifier that is cryptographically bound with the private and public key and cryptographically or otherwise bound with the controller. - **Key Rotation**: We need to find DID methods that allow us to keep the identifiers stable but still connected to the private and public key and to the controller, and allow us to rotate the keys. There are several DID methods that allow this, including DID peers, DID Key, and off-chain methods. On-chain methods can be quite expensive and not all of them give you the possibility to easily rotate the signing key. - **Portability and Recovery**: There are still open questions about how we do the portability between devices and how to do the recovery. For the Affinidi SDK, we have the answer for the recovery because we have the backup of the seeds and then you could use your email or phone```markdown to recover with your password. However, if you compromise your key, we need to build some extra protocol that allows us to do the operations in this case. The answer to this could be DID Key or DID Peer, and you could notify all your peers that this key is not valid anymore. While I see a lot of potential in Web5 Auth, I also see a lot of gaps and problems in the idea of logging in with your wallet. I encourage everyone to stay connected, share what you think, and let me know if you need more technical examples. --- *This article is based on the video "Web3 login web3 ID vs Web5 DIDAuth ( DID authentication)" by Volodymyr Pavlyshyn. The video was uploaded on January 29, 2023, and has been viewed 89 times as of the time of writing.* --- *Tags: ssi, didauth, auth, architecture, web3id, web3, web5*
vp's avatar
vp 2 years ago
#Anonymous #authorization it is a critical part of future meta identity system
vp's avatar
vp 2 years ago
#identity #architecture