search

protocol / bedrock

WIP - Testing planning structures
2 stars 0 forks source link

Indexer instance with double hashing #10

Closed TorfinnOlsen closed 1 year ago

TorfinnOlsen commented 1 year ago

eta: 2022-12-31 description: At least one running indexer instance uses double hashing scheme to ensure reader privacy protection when performing content discovery. Using this scheme, no one will be able to see which CID is actually being requested.

TorfinnOlsen commented 1 year ago

The production indexer instance has been deployed to /prod

willscott commented 1 year ago

i believe double hashing is only in dev, not prod?

masih commented 1 year ago

That's right; double hashing is only on dev right now.

@TorfinnOlsen Judging from the description of the issue, there is technically no mention of prod. However, I assume that is a given in the context of starmap?

TorfinnOlsen commented 1 year ago

I guess I've been thinking about this more implicitly as accomplishing having an instance with doublehashing(which within our scope means responding to double hashed queries and encrypting CID's) which technically we have. That was our initial goal I believe. We now have the subsequent goals in Q1 of:

-[100% ingestion of all previously ingested CIDs to put them in an encrypted store.] -[All queries on cid.contact CAN source their data from the encrypted data store and return encrypted results.]

I think from the perpsective of double hashing only being in /dev right now as a result of not being on the cid.contact instance the definition of done would be all of these things we've described being complete and cid.contact having an encrypted key value store and responding to dh-queries.

If that's accurate I'd like to pair down the scope statement of this original milestone and close it to reflect what we did complete earlier in Q1, and let the Indexer reader privacy solution #35 carry our remaining goals regarding double hashing for this current quarter.

Does that seem like a sensible approach?

willscott commented 1 year ago

right, i think we're saying we're okay with this issue being complete and more clearly specifying next steps.

just noting that your comment of:

The production indexer instance has been deployed to /prod is not true yet :)

TorfinnOlsen commented 1 year ago

Thanks both of you for sharpening my steel!