Neither JOSE users nor JOSE library designers should be required to understand cryptography primitives. At a lower level, this can lead to badly implemented primitives. On a higher level, this can lead to reasoning by lego.
paragonie-scott
/ jose-security.md
Last active
June 12, 2020 11:32
Suggestions for a Secure JOSE Alternative (or Protocol Upgrade)
Your blockchain must have all of the following properties:
- It's a merkle tree, or a construct with equivalent properties.
- There is no single point of trust or authority; nodes are operated by different parties.
- Multiple 'forks' of the blockchain may exist - that is, nodes may disagree on what the full sequence of blocks looks like.
- In the case of such a fork, there must exist a deterministic consensus algorithm of some sort to decide what the "real" blockchain looks like (ie. which fork is "correct").
- The consensus algorithm must be executable with only the information contained in the blockchain (or its forks), and no external input (eg. no decisionmaking from a centralized 'trust node').
If your blockchain is missing any of the above properties, it is not a blockchain, it is just a ledger.