We are getting places with #doauth cryptography in browser.
Can't wait to polish the second prototype and start integrating it with services, looking at OIDC compliance, etc.
Finally, #doauth is sending stuff over HTTP!
A pretty big day.
Good morning! Time to fix some #doauth tests I broke while implementing tofu logic.
Been a while since I've updated y'all about #doauth.
Well, we can insert credentials under transaction with a very nice interface: a keypair and a claim map.
Here's how to insert a credential / claim in #doauth: https://git.sr.ht/~doma/do-auth/commit/d2a28de2e48dfd3c739b40633b280c4ab4814826#test/db_test.exs-1-4
Because you can't go far without json.
Sunday evening #doauth programming.
My Sunday Feeling
While thinking about a way for #doauth users to control their identity, disclosing nothing by default AND high availability / replication, I came up with the notion of disclosure event logs.
After just a little bit of tinkering with the definition, it turned out that it's getting modelled with existing approach to credentials / claims really well.
I love that immediate positive feedback on design and architecture.
I really like the fact that there is a very high theoretical ceiling for #doauth
Our colleagues from other companies that are working on modern identity-related products are already investigating usage of #ZKP to reduce correlation attack surfaces.
A rare occurrence when being in cryptocurrency business since 2013 pays off — I already understand quite some stuff about zero knowledge cryptographic systems, so it won't be too hard to catch up! 🏃