General

indiepay.me

Posted on 13th May 2018

I'm sure the blockchain is interesting technology, but I'm also quite happy to show that there's a simpler way to do distributed payment tracking. The key difference is that instead of needing to prove ownership cryptographically, we can claim ownership over our urls.

Indiepay.me is an interesting project. How do you plan on handling record integrity and non-repudiation?

Khürt Williams

I'm just a human being who wears many hats. As an avid amateur photographer, I enjoy exploring the art and science of capturing beautiful moments through my lens. When I'm not behind the camera, I'm working as an information security professional, utilizing my expertise to keep data safe and secure. Beyond that, I'm a nemophile who finds peace and serenity in the great outdoors, and a philomath who loves to learn and expand my knowledge. I reside in Montgomery Township and am always seeking new adventures to capture and share.

Previous Post Next Post

Khürt Williams
14th May 2018 at 7:19 AM
Hi Malcolm, thank for the follow-up. My understanding of blockchain ledgers is that the integrity of the ledger is paramount. This is one reason why the ledger is encrypted and widely distributed. This protects the integrity of the ledger and also makes non-repudiation non-trivial (a certain number of nodes have to agree).

Perhaps private Webmentions -- something that I did not know existed until I read your post, "credentials: a distributed ledger for the #indieweb" -- can help but ... I guess I'm concerned that a "one-and-only-copy" ledger system is prone to attack, and the fact that Webmentions can be deleted may compromise "trust".

I think the idea is worth exploring but the design (putting on my security systems development lifecycle hat) needs more thinking on the "information security" aspect.

Loading...
Malcolm Blaney
14th May 2018 at 2:09 AM
thanks Khürt! non-repudiation would be interesting, you could specify a time out for the original request, and remove your payment post after that. I think it would be up to the requester to decide what it means for the payment to not be confirmed, and indiepay.me only creates a balance from confirmed transactions.
Integrity is a bit harder, you want the confirmed balance to be provable by validating all existing payment amounts at their original urls. I was thinking it would be good to have "verified" badges, and as long as indiepay.me continues to find your original posts you get to keep it.
I actually wrote about both those points when I first started thinking about the project too: https://unicyclic.com/mal/2016-06-10-credmentions_a_distributed_ledger_for_the_indieweb

Loading...

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

indiepay.me

Like this:

Khürt Williams

You Might Also Like

Apple's Touch ID Busted?

FreshRSS

Rethinking MobileMe and iPod Touch as ultra-portable

Khürt Williams

Malcolm Blaney