Draft Service Message Broadcast protocol #43
Labels
enhancement
New feature or request
Comments
This was referenced Feb 16, 2020
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Overview
Offer the ability to broadcast signed, unencrypted messages to anyone interested in such messages, without the sender knowing who's interested. Potential applications include:
Technical design
This specification will extend Awala to support the Publish-Subscribe pattern, where:
If we imagine a world where Twitter is an Awala service using this protocol, then every Twitter user is a potential publisher and subscriber. Following a Twitter user means subscribing to a publisher. Each tweet is a message. And there'd only be one topic in the whole service.
Awala Internet gateways will form a P2P network to propagate the messages. Private gateways will subscribe to topics on behalf of their endpoints via their respective Internet gateways, without disclosing which endpoint(s) require the subscription.
Avoiding hate speech and misinformation
We'll use a new PKI to avoid hate speech and misinformation at scale, in a decentralised manner.
The root certificates will belong to an "Oversight Board" (OB) that will set the policies that participants must adhere to. Each member of the OB will own a root certificate, and each of these will be included in the trusted key store of Awala-Internet Gateway providers like Relaycorp.
For an end user to broadcast messages, they'll have to be sponsored by an intermediate. The sponsor is a charity or company vetted by the Oversight Board; they get an intermediate certificate issued by a board member when they're accepted.
Sponsors get a lot of autonomy in determining their criteria to let people in, since the only requirement is that their sponsorees don't spread hate speech or misinformation. Some may require the real identity of their sponsorees, and others may accept anonymous users. Some may require a payment for the sponsorship.
Generally, the certificates issued by sponsors to end users should be short-lived when users are new, and subsequent certificate renewals will produce certificates that last longer. For example, a brand new user may get an initial certificate that lasts 3 days, and when it's automatically renewed, if they haven't broken any rules, the second certificate will last a week -- and so on.
Any member of the OB can revoke certificates issued to any user or sponsor, but sponsors can only revoke their own users' certificates. Gateway providers will monitor such revocations to drop messages signed with a revoked certificate, similar to certificate revocation lists (CRLs) in traditional PKIs.
Sneakernet bundles
Awala courier networks may optionally distribute a curated collection of broadcast parcels, to distribute information that may be generally relevant to Awala users in the region served. For privacy and safety reasons, private gateways would download the entire collection (or specific shards if we use sharding), to avoid disclosing to the courier what the user is interested in.
Such collections may include broadcasts from news organisations, humanitarian organisations, political dissidents, etc.
P2P network amongst Awala Internet gateways
It'd only be used to propagate messages. Messages will only be persisted for 5 minutes to help peers that get disconnected.
Internet gateways will identify themselves with their Vera ids, so that abusive peers can be blocked by domain name -- thus making it expensive to attack the network. Attackers mustn't be able to bypass this by creating subdomains.
We're likely to need sharding as popularity grows, although it'd be ideal to make the number of shards a function of throughput.
Changes to the existing protocol suite
Messaging Protocols
Alternatives considered
See also
The text was updated successfully, but these errors were encountered: