Establishing indelible commit provenance
4 views
Skip to first unread message
Arto Bendiken
Dec 16, 2015, 4:31:35 PM12/16/15
to Conreality mailing list
Here's an important meta-task that needs doing, the sooner the better:
As a 100% public-domain project written wholly as a cleanroom
implementation from scratch, we need to be able to defend against
adversaries using copyright monopoly legislation as a blunt instrument
to shut us down.
Our most obvious line of defense is to ensure that we can
cryptographically prove the provenance (or at least, timestamp) of
every single one of the commits in our code base. Indelibly anchoring
each commit to an attested temporal point means that anyone trying to
commit copyfraud [1] on us is going to have an NP-hard time.
The way to do this is to write a script to be used as a GitHub
post-commit hook that activates when we push to the Git repository.
The script would simply collect the Git identifiers (i.e., SHA-1
fingerprints) of all new commits and post them to as many third-party
trusted timestamping [2] services [3,4,5] as possible. More the
merrier, as empirically these services tend to come and go over
timespans measured in decades.
This combined with PGP signatures of all Git tags (e.g., releases)
should suffice to establish mathematically-proven provenance and hence
deter attempts to fuck with us on the level of lawfare.
I'd like to have this operational by year's end. Any takers?
[1] https://en.wikipedia.org/wiki/Copyfraud
[2] https://en.wikipedia.org/wiki/Trusted_timestamping
[3] https://www.proofofexistence.com/
[4] https://www.btproof.com/
[5] http://www.originstamp.org/
--
Arto Bendiken | @bendiken | http://ar.to
As a 100% public-domain project written wholly as a cleanroom
implementation from scratch, we need to be able to defend against
adversaries using copyright monopoly legislation as a blunt instrument
to shut us down.
Our most obvious line of defense is to ensure that we can
cryptographically prove the provenance (or at least, timestamp) of
every single one of the commits in our code base. Indelibly anchoring
each commit to an attested temporal point means that anyone trying to
commit copyfraud [1] on us is going to have an NP-hard time.
The way to do this is to write a script to be used as a GitHub
post-commit hook that activates when we push to the Git repository.
The script would simply collect the Git identifiers (i.e., SHA-1
fingerprints) of all new commits and post them to as many third-party
trusted timestamping [2] services [3,4,5] as possible. More the
merrier, as empirically these services tend to come and go over
timespans measured in decades.
This combined with PGP signatures of all Git tags (e.g., releases)
should suffice to establish mathematically-proven provenance and hence
deter attempts to fuck with us on the level of lawfare.
I'd like to have this operational by year's end. Any takers?
[1] https://en.wikipedia.org/wiki/Copyfraud
[2] https://en.wikipedia.org/wiki/Trusted_timestamping
[3] https://www.proofofexistence.com/
[4] https://www.btproof.com/
[5] http://www.originstamp.org/
--
Arto Bendiken | @bendiken | http://ar.to
Arto Bendiken
Dec 16, 2015, 4:40:17 PM12/16/15
to Alexander Biersack, Conreality mailing list
On Wed, Dec 16, 2015 at 10:34 PM, Alexander Biersack
<a.bie...@googlemail.com> wrote:
> Would putting hashes into the blockchain be an option?
At least some of those services in the footnotes claim to do so.
Though I suppose they could be considered some form of sidechains, as
it'd be prohibitively expensive to actually literally put every single
fingerprint on the blockchain itself.
In any case, lots of services exist, some based on the blockchain and
others not. We should be agnostic: just post to all of them, and let
time sort out the winners and losers.
<a.bie...@googlemail.com> wrote:
> Would putting hashes into the blockchain be an option?
At least some of those services in the footnotes claim to do so.
Though I suppose they could be considered some form of sidechains, as
it'd be prohibitively expensive to actually literally put every single
fingerprint on the blockchain itself.
In any case, lots of services exist, some based on the blockchain and
others not. We should be agnostic: just post to all of them, and let
time sort out the winners and losers.
Mike Gogulski
Dec 17, 2015, 3:13:40 PM12/17/15
to Conreality mailing list
I could develop this on Google AppEngine, in Python. No port-80
interface, and any back-end we want to do (eg logging) accessible via
either the built-in tools or via some Django admin modules.
I would start out developing the main handler, then develop something to
post timestamps to one of the free services. When/if we decide we want
to start paying the one-satoshi-plus-five-cents-for-the-miners fees for
every code push, I can either do Bitcoin RPC to one of my home fullnodes
or we can set up a web wallet somewhere that has a payments API.
Does that sound reasonable?
interface, and any back-end we want to do (eg logging) accessible via
either the built-in tools or via some Django admin modules.
I would start out developing the main handler, then develop something to
post timestamps to one of the free services. When/if we decide we want
to start paying the one-satoshi-plus-five-cents-for-the-miners fees for
every code push, I can either do Bitcoin RPC to one of my home fullnodes
or we can set up a web wallet somewhere that has a payments API.
Does that sound reasonable?
Arto Bendiken
Dec 17, 2015, 3:22:19 PM12/17/15
to Mike Gogulski, Conreality mailing list
On Thu, Dec 17, 2015 at 9:13 PM, Mike Gogulski <mi...@gogulski.com> wrote:
> I could develop this on Google AppEngine, in Python. No port-80
> interface, and any back-end we want to do (eg logging) accessible via
> either the built-in tools or via some Django admin modules.
>
> I would start out developing the main handler, then develop something to
> post timestamps to one of the free services. When/if we decide we want
> to start paying the one-satoshi-plus-five-cents-for-the-miners fees for
> every code push, I can either do Bitcoin RPC to one of my home fullnodes
> or we can set up a web wallet somewhere that has a payments API.
>
> Does that sound reasonable?
Sounds good to me, Mike. Let's make it happen, will be one less worry
> I could develop this on Google AppEngine, in Python. No port-80
> interface, and any back-end we want to do (eg logging) accessible via
> either the built-in tools or via some Django admin modules.
>
> I would start out developing the main handler, then develop something to
> post timestamps to one of the free services. When/if we decide we want
> to start paying the one-satoshi-plus-five-cents-for-the-miners fees for
> every code push, I can either do Bitcoin RPC to one of my home fullnodes
> or we can set up a web wallet somewhere that has a payments API.
>
> Does that sound reasonable?
for the post-popularity transition.
Mike Gogulski
Dec 18, 2015, 8:06:19 AM12/18/15
to Arto Bendiken, Conreality mailing list
Arto Bendiken
Dec 18, 2015, 8:35:52 AM12/18/15
to Mike Gogulski, Conreality mailing list
On Fri, Dec 18, 2015 at 2:06 PM, Mike Gogulski <mi...@gogulski.com> wrote:
> IT HAS BEGUN
>
> https://github.com/conreality/provenance
Nice job--that's a good way to go about it. Starred & followed!
> IT HAS BEGUN
>
> https://github.com/conreality/provenance
Reply all
Reply to author
Forward
0 new messages