BALL

> Drogulus
> description
>

Items stored in the drogulus are designed to stand on their own and be self-verifiable through cryptographic signing.

An item stored in the DHT is a collection of named fields and associated values (it's a JSON object):

  • value - the actual value to store.
  • timestamp - a UNIX timestamp representing when the creator of the item thinks the item was created (so it's easy to work out the latest version of an item given two candidates).
  • expires - a UNIX timestamp beyond which the creator of the item would like the item to expire, be ignored and deleted in remote nodes.
  • name - a meaningful name given by the creator for the key.
  • created_with - the version of the drogulus the creator used to generate the item.
  • public_key - the creator's public key.
  • key - the SHA-512 value of the compound key (based upon the public_key and name fields) used as the actual key on the distributed hash table.
  • signature - a cryptographic signature generated using the creator's private key with the fields described above.

The public-key field is used to validate the signature value. If this is OK then the compound SHA-512 key is checked using the obviously valid public-key and name fields.

This ensures both the provenance of the data and that it hasn't been tampered with. Any items that don't pass the cryptographic checks are ignored and nodes that propagate them are punished by being blocked. It also confirms that the generated SHA-512 key for the item is correct given the public_key and meaningful name ensuring no other entity may set items with this unique key (assuming no key collision vulnerability in the hashing function).

Nicholas H. Tollervey

Remarks

  • "meaningful name": see Zooko's triangle. Human meaningful names are always in lexical scope of the referrer, not the referee.
  • The key preserves too much and too less at the same time. It fails to proof anything without the private key.