Open eukreign opened 5 years ago
Could you explain how this is better than our current system of putting the key in the manifest blob? It seems like its just an extra step that doesn't provide any more security and potentially reduces the convenience (what if no peer for the key are found?). What am I missing?
The main point of this is to decouple hosting and spreading the content from having access to decrypt and view the content.
Enables things like:
1 is possible today. Just pay after you get the full stream. 2 is possible today, especially with reflector. Reflector accepts blobs from anyone for free, and rehosts them. It does not pay for the content that is sent to it. 3 is possible today by putting the content on the DHT before putting the claim on the blockchain. Regarding distributing it to regular users, I don't understand when someone would need something so badly that they'd want to download it before it can be decrypted. Can you give some examples?
In general,
This proposal addresses the problem of getting the decryption key to the user after purchase.
Is this a problem we have?
I thought that enforcing payments in the client was only a temporary solution but if that is the permanent solution then this proposal can be closed.
re-opening this to keep it on the main list of proposals, for posterity
Problem Statement
A core feature of LBRY is buying and selling content. Once content is purchased and downloaded via DHT/P2P the buyer needs to be granted access to that content: this is done via a decryption key which can decrypt the blobs representing the purchased content. This proposal addresses the problem of getting the decryption key to the user after purchase.
Requirements
Decentralized: There should not be a requirement for the publisher to be online 24/7 and become a centralized bottleneck in negotiating and distribute decryption keys. Distributing keys should be on par in scalability and performance with distributing the content blobs themselves: without blobs the key is useless and without the key the blobs are useless.
Pragmatic: Keeps honest people honest without introducing complex security systems easily circumventable by determined malicious users.
Solution
This proposal assumes the acceptance of #6 or similar proposal where a public key chosen by the buyer is referenced by a valid purchase transaction, signifying that anyone with the associated private key should have access to the content.
This proposal also requires adding a hash of the content decryption key to the claim metadata.
Using the same or similar DHT/P2P mechanism as used for content blobs the publisher would announce a hash of the decryption key. Unlike for blobs, a peer requesting the value of the decryption key hash would be required to provide the
txid
of the purchase transaction associated with that content decryption key and get back a decryption key encrypted using the public key referenced in the tx. Roughly the process is the following: