Gzuuus's avatar
Gzuuus gzuuus@nostree.me 1 month ago
Yes, this is a complex problem and it took me some time until I felt comfortable with any solution. Currently, the spec relies on the fact that users and state machines can define their own model of trust. The key here is that in the state machine definition event, 'state custodians' are defined. These state custodians are legit sources that are established in the state machine definition event and are something you can agree upon with the participants in the state machine. There might also be cases where one of the state custodians is a third-party service that offers to be a 'watchtower.' But as I mentioned, there is nothing imposed in the spec, so for each use case, users can choose the model that best suits their requirements. Then, every transition references the previous one, creating a DAG, and the state snapshot references the head, so there we have a deterministic tie-breaker. There is also a section in the spec about this: '7. Conflict Resolution and Chain Integrity' that explains all of this in detail. Let me know what do you think about this, and thanks for the feedback
↑ Parent

Replies (1)

hodlbod's avatar
hodlbod hodlbod@coracle.social 1 month ago
Yeah, that was the section I was referring to. Multiple watchtower-type custodians helps (similar to relays), but they're still picked by the creator of the state machine, so they could be malicious. Nostr works because truth is relative, but in this case users can't pick their own custodian without risking an unresolved fork