Closed CMCDragonkai closed 1 year ago
Does this information go into the Polykey wiki (which is currently empty) or the js-polykey wiki? Above it specifies the Polykey wiki but we were talking about the js-polykey wiki before so just want to double check. @CMCDragonkai
Goes into js-polykey wiki for now, we will reorganise it soon.
If I go for Polykey, polykey-desktop, polykey-mobile and js-polykey repos. Where we have tutorials, how-to guides and reference for all separate repositories. But then Polykey being the main repo will be where discussions and theory/discussion will be placed. This has some structural sense, but it might make it very difficult to see how all the pieces play together.
If we move the wiki entirely to Polykey, we have to consider what happens to the reference material relative to polykey-mobile and polykey-desktop.
A compromise might be:
But you can see most marketing material will derive from Polykey.
@emmacasolin we need first draft by Friday.
Introduce social discovery as the BLUF.
Then produce a narrative involving (in-order):
Notes for wiki:
keywords
relationships identities -> gestalt -> trust -> sharing -> discovery
if you can trust a system -> can start sharing secret info with system need to make sure this system represents the entity we think it is -> trusting a gestalt means making a judgement that the gestalt represents the real-world entity -> leads to an explanation about how we form gestalts
First draft has now been written. Some new terms were also added into the glossary (https://github.com/MatrixAI/js-polykey/wiki/Glossary)
Can you make sure to have the diagrams and screenshots I used in the issues to illustrate the process also brought into the wiki. Use them as a props to help explain the gestalt augmentation process and the what an example of a digital identity is.
On 7/9/21 5:15 PM, emmacasolin wrote:
First draft has now been written. Some new terms were also added into the glossary (https://github.com/MatrixAI/js-polykey/wiki/Glossary https://github.com/MatrixAI/js-polykey/wiki/Glossary)
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MatrixAI/Polykey-Desktop/issues/76#issuecomment-876971349, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE4OHKBQ3O5NISYELT4ZULTW2O2PANCNFSM47YECGYA.
Note that we are now moving these wikis to https://github.com/MatrixAI/Polykey/wiki.
For wikis to have images, those images need to be put into the repo. I'm going to start doing that by moving your article into Polykey
now.
This is now done, see: https://github.com/MatrixAI/Polykey/wiki We use an image embedded from https://github.com/MatrixAI/Polykey/blob/master/assets/divio_quadrant.png
So you can do the same for the screenshots we have used.
Just a note @emmacasolin please use https://raw.githubusercontent.com/MatrixAI/Polykey/master/assets/divio_quadrant.png, this is the raw URL for the image, it is much faster to load.
Uploaded some images from polykey-design to the Polykey GitHub so that they can be included in this wiki page. So far they've all been added to the page but I've only styled the first one so far.
Uploaded images can be seen here: https://github.com/MatrixAI/Polykey/tree/master/assets All of them have been used except for Sharing Board which was uploaded in error Images are from https://gitlab.com/MatrixAI/Engineering/Polykey/polykey-design/-/issues/31, https://gitlab.com/MatrixAI/Engineering/Polykey/polykey-design/-/issues/33 and https://gitlab.com/MatrixAI/Engineering/Polykey/js-polykey/-/merge_requests/195
Added information about Keynode Identities (X.509 identity certificates) - will continue to look through polykey-design#31 for more information to include, particularly from https://gitlab.com/MatrixAI/Engineering/Polykey/polykey-design/-/issues/31#note_492869452
Wiki page has been updated with subheadings, images, lists, and the information contained within polykey-design#31
For @joshuakarp to review.
Can you also add in a proper explanation about the Gestalt Graph. That there is a graph of gestalts, formed by all the users of Polykey keynodes.
Also how does the graph grow? Through node to node claims and node to identity claims.
And later how does the graph shrink?
How this graph affects the ACL (and trust networks)?
On 7/23/21 11:42 AM, Josh wrote:
- Overall, I think it's really well-written - there were only a small number of changes I made (see the history for those), but they were very minor.
- My only thought was that most of the images/diagrams are a bit too small - especially ones that have some detail in them. I think the size of all of the images should be bumped up by ~20%. Right now, I can't make out details in the GUI screens. I'm not sure if this is just my resolution though.
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/MatrixAI/Polykey/issues/1#issuecomment-885344218, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE4OHMYN3HMXTZDYQAJ4XDTZDCIHANCNFSM5ACLCUBQ.
Yep, was that for me to do? Should I prioritise this or notifications?
Notifications.
On 7/23/21 1:44 PM, emmacasolin wrote:
Yep, was that for me to do? Should I prioritise this or notifications?
— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/MatrixAI/Polykey/issues/1#issuecomment-885378230, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE4OHOHAWQZ5CJJECQHZJ3TZDQS7ANCNFSM5ACLCUBQ.
Some extra feedback:
Changes to be made based on feedback:
Very relevant paper I stumbled upon while researching: https://www.researchgate.net/publication/258763091_Trust_Networks
The article has now been revised to incorporate the provided feedback above
@emmacasolin here's some review.
In today's world, agents can be represented by their presence across digital identity providers. Through social discovery, these agents can be located and authenticated, and subsequently allowing for the secure sharing of secrets with desired entities.
You need to begin with the purpose of the gestalt system. Start like this instead:
"To share secrets securely between people and machines, it all has to begin with identity. If we do not securely identify a person or a machine on the internet to share information with, it does not matter what encryption technology we use or how we use it, any secret shared would immediately be leaked and compromised. Therefore it is essential to understand how we can securely discovery identities, establish trust relationships between different identities in both public and private spaces, and authorize information sharing to these identities."
Notice that in my first paragraph I'm establishing the topics I'm going to be talking about. That's the bottom line.
Now you can lead into digital identities, gestalts, trust, sharing and then discovery in that order.. The very next paragraph should explain how digital identities are points of presences for agents (persons or machines). And the relevant details of that. I can see you're leading to gestalts afterwards. But I have some more comments.
Digital identities contain a vast amount and variety of information, so much so that digital identities can go as far as to authenticate agents and allow them access to services and secrets (for example, using a Facebook account to log into other websites). This ability comes not only from a digital identity's documentation of factual information (such as an agent's name, age, and acquaintances), but also information about behavior.
If you want to explain digital identities. It's best to stick with straightforward definitions of them and examples of them. Like:
"Digital identities are the artifacts of identity on the internet. They represent real-world agents (people or machines). If multiple digital identities are used to represent a single real-world agent, then each digital identity is a facet of the combined digital representation of the agent."
Give examples of: GitHub, Facebook, Twitter, LinkedIn etc. Take screenshots online of public people on the internet. Like a famous developer on Github. A famous person on LinkedIn/Twitter.
Remember to introduce terminology either by contextual usage, or by strict definition sentence.
Polykey takes advantage of this idea through the use of Gestalts - a word that comes from the adage "the whole is greater than the sum of its parts". Despite there being no physical links between the various digital identities that represent an agent, social proof allows us to infer that all of these identities can combine to form a greater whole. The Gestalts implemented within Polykey combine the information that is contained within digital identities with the secrets held within the vaults of Keynodes such that the result is a point of presence between identities and agents. Each Gestalt is comprised of:
Despite there being no physical links between the various digital identities that represent an agent, social proof allows us to infer that all of these identities can combine to form a greater whole.
@emmacasolin also try to use a word/writer to just check grammar at the end of writing. There was a few grammar mistakes I found that should be trivially solved every time you update.
Also add Keynode
to the Glossary
and refer to it when you talk about Keynode at the beginning of the article.
As for better writing style when linking different articles, please see this: https://en.wikipedia.org/wiki/Wikipedia:Manual_of_Style/Linking
In particular "repeated linking".
BTW, in order to align terminology, I've changed the above usage of "entity" to "agent".
Very relevant paper I stumbled upon while researching: https://www.researchgate.net/publication/258763091_Trust_Networks
This paper is indeed relevant. Nice find. It does provide a greater theoretical understanding of trust networks, and therefore we will be able to later review it in detail and understand how PK fits in the big-picture architecture of global trust networks.
@CMCDragonkai I think you might have missed a paragraph in your above review? I defined and explained social proof in this paragraph just above where I introduce gestalts:
Unlike factual information, behavioral information is hard to imitate. As a consequence, this information can be utilized to create a reliable representation of an agent. Social proof is a concept that taps into this idea: that the people around you will often collectively hold more information about the current environment or situation than yourself. If a large enough number of people believe that a digital identity is a reliable representation of a particular agent, then this information can be used to form a decision of whether or not this information is accurate.
Yes I know that one, I believe that comes afterwards. Don't talk about social proof until you have gestalts trusting gestalts.
Yeah I've copied and pasted it into a later section for now and will link it in better at a later stage
See my core activity 3 section in the R&D report. Notice I focus on identity first.
And we can state that this entire architecture forms a trust network.
@emmacasolin I'd like you start using sequence diagrams for the augmentation process. I think it's a good idea to map out how our augmentation procedure works. Then it can also be done for node claims.
@tegefaulkes is also making use of sequence diagrams for the session authentication protocol, so it's good idea to share diagrams as we talk about these protocols.
@emmacasolin you can start with ASCIIflow first to prototype it, and then later use plantuml to make it more maintainable.
Most of the content work is done for this iteration, Friday will just be finishing off the diagrams. So far I've prototyped the augmentation sequence diagram:
┌────────┐ ┌─────────┐ ┌───────────────────┐
│ Agent │ │ Keynode │ │ Identity Provider │
└────┬───┘ └────┬────┘ └──────────┬────────┘
│ │ │
│ Request DI augmentation │ │
├────────────────────────────────────►│ │
│ │ Register IdP │
│ ├──────────────┐ │
│ │ │ │
│ │◄─────────────┘ │
│ │ │
│ │ Send authentication request │
│ ├──────────────────────────────────────────►│
│ │ │
│ │ Respond with authentication code │
│ │◄──────────────────────────────────────────┤
│ │ │
│ Respond with authentication code │ │
│◄────────────────────────────────────┤ │
│ │ │
│ Perform authorization action │ │
├─────────────────────────────────────┼──────────────────────────────────────────►│
│ │ │
│ │ Request access token │
│ ├──────────────────────────────────────────►│
│ │ │
│ │ Respond with access token │
│ │◄──────────────────────────────────────────┤
│ │ │
│ │ Generate claim on sigchain │
│ ├────────────────────────────┐ │
│ │ │ │
│ │◄───────────────────────────┘ │
│ │ │
│ │ Publish claim to DI using access token │
│ ├──────────────────────────────────────────►│
│ │ │
│ │ Respond with claimId and url │
│ │◄──────────────────────────────────────────┤
│ │ │
│ │ │
│ │ │
│ │ │
And I'll make a proper version with plantuml on Friday.
Completed so far:
Still to do (Friday):
Awesome, will have a deep review this friday.
Drafted up a gestalt discovery flow diagram using plantuml. I've embedded a png in the wiki for now but this is the edit link if things need changing: https://www.planttext.com/?text=jPFDRi8m48JlVehf3Lu13Y21XAggg9UsgjIBcso8XMD7zaB8stSJ7CIFHBdqaaJUzSpustWUMGVULLQf9owf8jHM6wSK6xQ45KdTCfOcPdvFeSLRy1d52ALKlrMffZJIENftUMgY7F9a8tspCKp4w8lYM06cm6XHKhRjwtG0jpMD8RuEexNFgMi29YjYHBF9Iac2NBEUzkk1QjBSVwOcHmT69e6hQLhkB3vBpRqqV76iTY4CpmQh5shToUsUOrzR174bQ5ZZjlWXRaX4H0dSU7oxf2OE3duNJinMGTVbe4Cs2gEbsHYfuJad9u3RimGV54pHfhZUuRgr0xytEOM7agLCaawx_5RhRbAPOt766sc-hpxGCLxiyWsqBYTyxvWzv2HG15_zTSH7ndqvk67SyWCc04EVyyB9Ki4JB4v7qExMMeWrnbfes-Ws2bDqVxGWJeBg_z3VnNsjSuMzczbKoIljNljnTpzzhTHSLkL-_m80
Can you copy paste the plantuml code as a .puml
file somewhere. I just
want to figure out the best way for storing and showing plantuml
diagrams on GitHub wikis. Gitlab wikis have the ability to auto-render,
unfortunate that GitHub doesn't.
On 9/24/21 3:16 PM, emmacasolin wrote:
Drafted up a gestalt discovery flow diagram using plantuml. I've embedded a png in the wiki for now but this is the edit link if things need changing: https://www.planttext.com/?text=jPFDRi8m48JlVehf3Lu13Y21XAggg9UsgjIBcso8XMD7zaB8stSJ7CIFHBdqaaJUzSpustWUMGVULLQf9owf8jHM6wSK6xQ45KdTCfOcPdvFeSLRy1d52ALKlrMffZJIENftUMgY7F9a8tspCKp4w8lYM06cm6XHKhRjwtG0jpMD8RuEexNFgMi29YjYHBF9Iac2NBEUzkk1QjBSVwOcHmT69e6hQLhkB3vBpRqqV76iTY4CpmQh5shToUsUOrzR174bQ5ZZjlWXRaX4H0dSU7oxf2OE3duNJinMGTVbe4Cs2gEbsHYfuJad9u3RimGV54pHfhZUuRgr0xytEOM7agLCaawx_5RhRbAPOt766sc-hpxGCLxiyWsqBYTyxvWzv2HG15_zTSH7ndqvk67SyWCc04EVyyB9Ki4JB4v7qExMMeWrnbfes-Ws2bDqVxGWJeBg_z3VnNsjSuMzczbKoIljNljnTpzzhTHSLkL-_m80 https://www.planttext.com/?text=jPFDRi8m48JlVehf3Lu13Y21XAggg9UsgjIBcso8XMD7zaB8stSJ7CIFHBdqaaJUzSpustWUMGVULLQf9owf8jHM6wSK6xQ45KdTCfOcPdvFeSLRy1d52ALKlrMffZJIENftUMgY7F9a8tspCKp4w8lYM06cm6XHKhRjwtG0jpMD8RuEexNFgMi29YjYHBF9Iac2NBEUzkk1QjBSVwOcHmT69e6hQLhkB3vBpRqqV76iTY4CpmQh5shToUsUOrzR174bQ5ZZjlWXRaX4H0dSU7oxf2OE3duNJinMGTVbe4Cs2gEbsHYfuJad9u3RimGV54pHfhZUuRgr0xytEOM7agLCaawx_5RhRbAPOt766sc-hpxGCLxiyWsqBYTyxvWzv2HG15_zTSH7ndqvk67SyWCc04EVyyB9Ki4JB4v7qExMMeWrnbfes-Ws2bDqVxGWJeBg_z3VnNsjSuMzczbKoIljNljnTpzzhTHSLkL-_m80
— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/MatrixAI/Polykey/issues/1#issuecomment-926353293, or unsubscribe https://github.com/notifications/unsubscribe-auth/AAE4OHMW4ITMTLGGVEZXFBLUDQCS3ANCNFSM5ACLCUBQ.
Can you copy paste the plantuml code as a
.puml
file somewhere. I just want to figure out the best way for storing and showing plantuml diagrams on GitHub wikis. Gitlab wikis have the ability to auto-render, unfortunate that GitHub doesn't.
I've made a folder in the wiki repo (like the images
one) called files
and put it in there
I've made a prototype for the augmentation sequence diagram. It's in plantuml since I find that a little easier to work with since all the formatting is done automatically:
The wiki page is now finished for this iteration and is ready for review
I'm going to be making some changes.
Firstly a rewording of some initial paragraphs to make it more authoritative. Replacing "can" with "is". No need to be unconfident in our ideas.
The secure sharing of secrets between people and machines begins with identity. If we do not securely identify an agent (person or machine) on the internet, with whom we wish to share secret information, then regardless of what encryption technology we use and how we use it, any secret shared would be compromised. Therefore, it is essential to understand how we can securely discover and authenticate identities, establish trust relationships between different identities in both public and private spaces, and authorize information sharing to these identities.
Digital identities are digital artifacts e.g. social media profiles, domains, public keys, that exist on the internet which represent real-world agents. If multiple digital identities are used to represent a single real-world agent, then each digital identity is a facet or point of presence of the combined digital gestalt.
Digital identities are hosted on identity provider platforms. Identity platforms are centralized or decentralized reputation systems. There are public (Facebook, LinkedIn, GitHub, Twitter) and private platforms (Active Directory, Slack). Public platforms allow agents to perform digital activities to signal social proof, and thus build a network of trust via digital identity reputation. Private platforms are simpler as trust is dictated by fiat.
After this, I want to then tie up the introduction with respect to existing platforms.
The first section should conclude with the reason to create a Polykey decentralized trust network. That is saying that these platforms are loosely connected atm.
The second section is now:
Decentralized Trust Network
Which is introducing PK's idea, and the keynodes.
Which can broken into (as in your existing structure):
I think this will nicely expand in detail how PK's trust network addresses the above issues with existing trust networks.
Some more changes...
The secure sharing of secrets between people and machines begins by authenticating digital identities. Authentication involves securely identifying an agent (person or machine) on the internet with whom we wish to share secret information. Without this, regardless of what encryption technology we use and how we use it, any secret shared would be compromised.
Currently secret sharing requires trusting third-party centralized platforms that provide the authentication of identities. Polykey has constructed a decentralized trust network which eliminates these middlemen so that secrets can be shared without trusting third-parties.
Decentralized Trust Network
Polykey's decentralized trust network is built on top of existing digital identities from centralized identity provider platforms.
Digital identities are digital artifacts (e.g. social media profiles, public keys, certificates) that exist on the internet and represent real-world agents. If multiple digital identities are used to represent a single agent, then each digital identity is a facet or point of presence of the combined identity.
The most commonly used digital identities are hosted on centralized identity provider platforms. There are public (Facebook, LinkedIn, GitHub, Twitter) and private platforms (Active Directory, Slack).
These platforms are reputation systems that allow agents to perform digital activities (that may have physical real-world effects) to signal social proof, and thus build a network of trust via reputation. Private platforms are simpler as trust is dictated by the platform's owner. For the purposes of this discussion, we're going to focus on public platforms.
On a surface-level identity provider platforms enables the following interaction cycle:
- Discovery - the ability to discover identities by querying social proof information, and tracing digital activities to identities.
- Trust - social proof is quantified by gamifying collaborative digital activities, e.g. reputation points, friend and follower count, likes and stars.
- Engagement - users rely on trust to help them engage in digital activities, e.g. posting comments, retweeting, sharing photos, answering questions.
The trust networks between each platform, and the effect of their social proof is loosely connected to each other. This is currently done mostly by "crossposting" or hyperlinking.
So basically we are going to straight to explaining the decentralized trust network after justifying why we need this.
I want to define trust relationships which leads us to creating cryptographic secure cross posts. Like we really need to define what is trust here. I see a trust section later, and that may be moved up above.
It's all about how it's built on top of digital identities and centralized trust networks. It allows us to introduce all the building blocks. So the overall structure is now:
The title of the article can be "Decentralized Trust Network" since that's more primary to the point of this article.
Will also have a references section of nice things to mention:
We may mention keybase as one of the first to do this... but I reckon I'll just have it in the references as it flows better.
Not sure if the "claims" should be used, or should we still call it "augmentation", since I think CLI now uses "claims" keyword now. But we can explain it as a process of augmentation.
The article is now renamed https://github.com/MatrixAI/Polykey/wiki/Decentralized-Trust-Network to better reflect the 2 core ideas of Polykey: Secrets Management and Decentralized Trust.
The trust chain image of X.509 is a nice picture showing how PKIs use X.509, but it's not how we use it. So either we get a better picture/diagram for ourselves or we explain how this is how PKI use X.509 to create a certificate trust chain by having signature chain.
Specification
Our polykey-design repo has lots of information on how DIs and Gestalts and Social Discovery works.
All of this information should be synthesized into the Polykey wiki, the js-polykey wiki should be focused on the CLI-side of the situation.
Additional context
The wiki page can be found here: https://github.com/MatrixAI/Polykey/wiki/Decentralized-Trust-Network
Tasks