[a / b / c / d / e / f / g / gif / h / hr / k / m / o / p / r / s / t / u / v / vg / vm / vmg / vr / vrpg / vst / w / wg] [i / ic] [r9k / s4s / vip / qa] [cm / hm / lgbt / y] [3 / aco / adv / an / bant / biz / cgl / ck / co / diy / fa / fit / gd / hc / his / int / jp / lit / mlp / mu / n / news / out / po / pol / pw / qst / sci / soc / sp / tg / toy / trv / tv / vp / vt / wsg / wsr / x / xs] [Settings] [Search] [Mobile] [Home]
Board
Settings Mobile Home
/biz/ - Business & Finance


Thread archived.
You cannot reply anymore.


[Advertise on 4chan]


File: Fzu2eVwX0BcUxPY.jpg (91 KB, 976x1046)
91 KB
91 KB JPG
I work in software, I seriously think web3 has genuine applicability for authentication. Right now auth is typically done via a complex RBAC system based off of generated tokens (oAuth and JWT), it's literal retard shit and super vulnerable. Then the other half of "developers" are just using shit like Google and Discord to control auth to their webapps, which are basically the same thing except the burden of security is placed on the big companies. As soon as quantum computing becomes accessible, everyone's accounts are basically exposed.

It seems like blockchains could be genuinely useful for controlling auth to websites, and already seem more suited for it even without the risk of quantum computing. Am I just completely misunderstanding this? I genuinely don't understand why there isn't any adoption.
>>
You don't need Web3 or random blockchains for that.
You just need a private key to authenticate yourself, so basically what you already have when you have a Bitcoin wallet.
>>
>>59655158
chainlink deco is still in development. I'm also not sure what the latency is because it relies on proofs that are generated by the oracle network, it's gonna be considerably slower than oAuth. but much more secure
>>
>>59655158
What I really want in terms of blockchain application is zkp. That shit should be mainstream and I have no idea why it isn't
>>
>>59655158
and what exactly do you propose that crypto should do here?
>>
>>59655286
I think the biggest issue is the proof generation and proving time, a lot of zkps can't be done without a specific cpu or gpu, and a lot of proofs take a long time to generate. and I don't think it's something you can easily speed up, because you're doing zillions of arithmetic operations with huge numbers to get the proof. so most zkp services rely on a central prover that takes data from users and returns the proof
>>
File: 1736810792474606.png (231 KB, 612x568)
231 KB
231 KB PNG
>>59655253
Yeah but a blockchain is shared, so in theory you could auth across multiple sites and it would be easier for devs to implement with less security risk (assuming the blockchain tech is secure). In my retard world you could just import an NPM package and immediately have auth, you wouldn't need a separate VM instance running to sign certs.

I'm not wise on auth though so maybe I'm dead wrong.

>>59655313
Idk was hoping someone smarter than me knew, I just started learning about this.

From what I understand you could just leverage the blockchain to store info about a user in general. You could call it something like User Token or whatever. You would create a wallet (e.g. account) and when you sign on to a webpage it would create a node that would then be consensus validated and thus you'd be logged on.

You could create subnetworks (like ICP) of these chains and maybe add some caching to increase the speed. The blockchain could also store JSON data pertaining the roles of the user in the nodes so you could integrate with existing RBAC architecture? Then users would effectively "own" their data and could be an alternative way for websites to generate revenue?

Again I have like 30% understanding of what I'm talking about. Can anyone tell me how this is retarded?
>>
>>59655426
>Yeah but a blockchain is shared
tell me what you think a blockchain is needed for here
>>
>>59655333
>central prover
But then you're still giving up your identity to some corp. That's what you're trying to avoid in the first place
>>
>>59655522
exactly, hence why we don't see more of it. I believe you can circumvent part of the problem using multiparty computation. i.e. the prover is made of distributed nodes that each receive part of your information, and together they create the proof without any node having full knowledge of your data. but I don't know how far along they are with this yet
>>
>>59655426
MTLS and a proof of legitimacy like getting your cert signed by some government agency is all you ever need for that.



[Advertise on 4chan]

Delete Post: [File Only] Style:
[Disable Mobile View / Use Desktop Site]

[Enable Mobile View / Use Mobile Site]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.