Discuss compromised identities scenarios. #44
Labels
design
How should it work
Milestone
Comments
dpc
changed the title
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
People are going to get their machines compromised, and CrevIDs stolen.
My plan was that people should just create a self-Trust Proof with
distrustset to non-Noneand publish that. Any client that finds a Trust Proof like that should immediately distrust the whole CrevId. Maybe even include the Proof like that into their own trust db to publish it for others to see. Only for CrevIDs that they considered trusted before, to prevent spamming.The rest of the problem should be covered by the fact that the default number of reviews required to consider something a trusted code, should be at least 2. This way one compromised/malicious individual can not compromise anything. For this to happen, the graph/trust algorithm will have to get smarter too and consider only non-overlapping paths, so that people can't create a new CrevId, trust it, and it would now count as another reviewer.
The text was updated successfully, but these errors were encountered: