Thread - Nostr Hypermedia

Immutable container runtimes are becoming more and more prevalent. It should be possible to build a cryptographically verifyable container for every commit on Github, then automtically deploy that container to an immutabl container runtime engine in such a way that the entire live production backend could be verified by users. @miljan can you have the devs chew on this? I think its in Primal's best interst to put this type of concern trolling to rest.

↑ Parent

Replies (4)

Laser laser@primal.net 1 year ago

note156x0nyw5wlthztyne4uaekvffu9hhmh7lhl5u3yskkvksvkavhxsmvp48h

Laser laser@primal.net 1 year ago

Look, I'm trying not to embarrass you, but it's clear you don't know what you're talking about. It's not 2000 anymore; servers have immutable, verifyable runtimes that can't be hacked the way you are talking about. It is possible, just not common practice, to provide full attestation of server code so that users can verify (byte by byte) that build A is running in immutable container B. note156x0nyw5wlthztyne4uaekvffu9hhmh7lhl5u3yskkvksvkavhxsmvp48h

2 replies ↓

franzap fran@zapstore.dev 1 year ago

Immutable container runtimes sounds powerful, however I don't see how it can be proved/enforced. Do you have any pointers to how they work? @aljaz do you know anything about this?

1 replies ↓

aljaz aljaz@nostr.si 0 years ago

Well container images are by definition immutable since you know what hash you are running on, if you pair that with remote attestation you get crypographically provable environment which is also the fundamental part of confidential computing