Comments (9)
My understanding is that the PK public key can be pushed up to the keybase profile just like the GPG and bitcoin addresses.
However a single human identity may have many PK keys. So either keybase allows us to publish a set of public keys (representing secret Points of Presence), or we just have to choose one of them.
from polykey.
We'll have to use signatures. We cannot add public keys to keybase system. Signatures will be fine, as that's what they use already to indicate ownership of social media profiles. Posting a signature to keybase indicates that the profile has ownership over any keynode that satisfies the signature check. Later other social networks can be approached the same way, by expecting keynode signatures to be posted.
from polykey.
Actually I've just realised we can generate keypairs with kbpgp and then upload them to whatever keybase user you are logged in as! This is done via key/add!
So this might settle how we generate sub keypairs for PolyKey and not reuse the primary keybase keypair. I'm still not 100% sure about it because there is a clause that says 'this will replace your public key'
from polykey.
I've just realised that it's not really valid to 'download the private key' after login in order to proceed with polykey, I think it is possible with keybase but strongly discouraged: keybase/keybase-issues#160.
The better option would be to login to keybase on whatever device you are using and once its authenticated, upload the public key for social discovery. This seems a lot more like the way it should work where the private key always stays on the device and possibly linked to the os keychain (#6). Then your private key remains on your device and doesn't go anywhere else. This is more like a normal link between the human and digital identity and nothing more.
from polykey.
it looks like keybase doesn't support adding keypairs at the moment: https://keybase.io/docs/api/1.0/call/key/add
Not sure when this will be developed, but we could somehow adapt key storage to kbfs? but I don't think it has an API
from polykey.
well there is always the keybase-bot, I am looking into it now and it seems the bot can use kvstore
so we can store it there. There are currently bots for github
, facebook
etc so we can implement a bot for polykey
that takes one of the users paper-key
and is separated from the users account but can also feed messages into teams or individual chats.
from polykey.
here is an example I was playing around with, basically the bot is initialized with a keybase username and a pre-generated paper-key
:
// A simple nodeJS bot that doesn't care who else is logged in on this machine
import Bot from 'keybase-bot'
async function main() {
const bot = new Bot()
await bot.init('robertcronin', process.env.PAPER_KEY!)
/* now you can do things with the bot */
console.log(await bot.kvstore.put('', 'polykey', 'privateKeyPair', '====BEGIN PGP MESSAGE==='));
console.log(await bot.kvstore.get('', 'polykey', 'privateKeyPair'));
await bot.deinit() // when done
}
main()
and the output:
{
teamName: 'robertcronin,robertcronin',
namespace: 'polykey',
entryKey: 'privateKeyPair',
revision: 4
}
{
teamName: 'robertcronin,robertcronin',
namespace: 'polykey',
entryKey: 'privateKeyPair',
entryValue: '====BEGIN PGP MESSAGE===',
revision: 4
}
notice the teamName defaults to the username, but it could be attached to a particular team within polykey and send automated messages for public keys to facilitate peer discovery
from polykey.
Keybase API login can be achieved in JavaScript using https://github.com/keybase/node-login
The idea was to login and post a signature for polykey primary key advertising: https://keybase.io/docs/api/1.0/call/sig/post
But we ran into an error using node-login
lib:
Error: from login: non-0 status {"code":1002,"desc":"Failure in verify PDPKA5","name":"SIG_CANNOT_VERIFY"}
at /home/robbie/Documents/github/js-polykey/node_modules/keybase-login/lib/login.js:53:17
at Generator.next (<anonymous>)
at Deferrals.exports.Deferrals.Deferrals._call (/home/robbie/Documents/github/js-polykey/node_modules/iced-runtime-3/lib/runtime.js:88:20)
at Deferrals.exports.Deferrals.Deferrals._fulfill (/home/robbie/Documents/github/js-polykey/node_modules/iced-runtime-3/lib/runtime.js:97:21)
at ret (/home/robbie/Documents/github/js-polykey/node_modules/iced-runtime-3/lib/runtime.js:29:18)
at Request._callback (/home/robbie/Documents/github/js-polykey/node_modules/keybase-login/node_modules/iced-error/index.iced:64:22)
at Request.self.callback (/home/robbie/Documents/github/js-polykey/node_modules/request/request.js:185:22)
at Request.emit (events.js:315:20)
at Request.EventEmitter.emit (domain.js:482:12)
at Request.<anonymous> (/home/robbie/Documents/github/js-polykey/node_modules/request/request.js:1154:10) {
istack: [ 'post_login', 'login' ]
}
The only mention to this error code I could find was this issue on the client repo: keybase/client#5788
This might be an issue with my local keybase device or a bug in the API, I can't be sure, perhaps we try it with another user on a separate device. The best way to do this is the npm install keybase-login
and run this script with your credentials:
import { login } from 'keybase-login'
const username = "<username>"
const passphrase = "<passphrase>"
login({username, passphrase}, (err, res) => {
console.log(err);
console.log(res);
})
@CMCDragonkai you might want to try this out before trialling sig/post
, if you get the same, let me know and I will post an issue on the relevant keybase repo. If it doesn't work I'd say we stick with the polykey.proof hack
from polykey.
Closing on account of migration to gitlab
from polykey.
Related Issues (20)
- Intermittent test failures due to Vaults and Tasks in CI HOT 2
- Vaults clone with name of a vault already existing fails HOT 2
- `NodeConnectionManager.createConnectionMultiple` should stagger connection attempts to reduce duplicate connections HOT 3
- Incremental/Progressive Update using the Network Version of Polykey Agents HOT 4
- CI/CD Commit/Tag Flow Consolidation HOT 1
- Vaults Push Dataflow
- Audit Metric Consolidation HOT 2
- Verify IPv6 NAT Punchthrough Behaviour HOT 8
- Redesign vault clone name conflict handling HOT 2
- Background Discovery Mechanisms HOT 7
- General `Discovery` fixes and features HOT 15
- NodeId to Fort/Castle Icon Generation Ala CryptoKitties or CryptoForts NFTs HOT 4
- Follow permission and social links during discovery HOT 1
- Backgrounding of `NotificationsManager`for Fault Tolerance HOT 2
- Network Layer (next gen) for Complete Connectivity - this represents a revolution in network connectivity! HOT 2
- Inconsistent vault log when pulling secrets from a modified vault (received vault log is different) - should use fast forward merge HOT 7
- Gestalt Synchronisation for ACL Configuration, Notifications and Vault Automation HOT 1
- Adding benchmarks for `git` domain to `polykey` HOT 3
- Minor review and refactor of vaults domain for 'polykey' HOT 3
- Fix random test failures caused by `mainnet` connections HOT 7
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from polykey.