2019-01-16 Engineering Meeting

Date/Time: 2019-01-16 @ 15:00 UTC / 10:00 EDT / 23:00 HKT
Click here to convert to your time zone
Length: 45 minutes
Meeting link: [https://zoom.us/j/9468184266]

This meeting is for the engineering team, app developers and the community to discuss engineering concerns or questions.


Please reply to this forum post with items you would like included on the agenda.

Status of QR Scanning

Status of:

  • This was kind of always marked as a “todo” in the past.
  • Jeff: there’s a lot of potential urgency here. is this in rigorous testing mode or urgent push mode?
  • Aaron: Both? I think we’ve tested this, so can also ship at this point.

Time of meeting

  • Larry: we should announce this meeting earlier.
  • If the meeting changes times, announce it in the prior meeting, raise it in the meeting notes, etc.
  • Can we just post this on blockstack.org ?

Transcript Part I

Unknown 0:13
Engineering meeting

Unknown 1:29
re there any topics people wanted to discuss before we ask is our community members,and Larry,

Unknown 1:32

let’s see here. I can’t keep track of the whole timeline. But after the most
recent browser push, I want to say um PB Jay was asking about that about the
bug that Apple flagged these basically, like, I need another immediate hot fix
on the browser like yesterday, or something like that. And I think I sent over
to Hank. And I’m just wondering what happened with that. I know we’re trying to
get better about our QA process, but it seems like we’re speeding up those
releases, not like slowing them down. So I was just curious that anything
happened with that and what is the state?

Unknown 2:06
Um sure I can speak to that. Um, nothing happened in terms of breaking that QR
code scanning. There’s some old tickets that got brought up from way back when
will originally built it. And I I guess the way that we’re embedding a web view
in the native, I believe it’s never worked. And I think it just didn’t get
caught by Apple reviewers before now. Yeah,

Unknown 2:36

Unknown 2:37
And so what happens is, the native apps actually add like a parameter to the auth flow. And so we can check for that. And basically, we just, we check for that parameter. And if it’s there, we hide the Scan button.

Unknown 2:53
And so I implemented that got some review. Shreyas has caught something for when
you went back and forth, kind of between different views that fix that
yesterday, kind of early afternoon. And so I think Shrey if you can just confirm
that and then I think we will be able to push these to the web. That’s my that’s
my thought.

Unknown 3:16
Yeah, that’s definitely exactly what happened regarding whether that was always there or just showed up recently, I’m pretty sure that flag real asked me to ask them if I get iOS secure, because of this feature, because we knew this wasn’t working. So I feel like it should have been handled. That was the whole point of the flag. I don’t know how it progressed. But yeah,

Unknown 3:41
yeah, if you look at the ticket, I tried find the link I don’t have it open
right now. But I’m Will brought that up. And then you kind of went up basically
said, okay, we added it, but then the PR just got emerged. And it was okay to do
for like, a future date instead of the others. No code right now that deals with
anything like that.

Unknown 4:08
Cool. That all sounds fine. And I sort of assumed you guys would just take care of it, I think I was really asking about was, um, was like, I think he’s got some urgency because he’s like, my, my app is being judged right now at my name. And I’m blocked until it’s done. Like, I can’t be I can’t I can’t be judged by anybody can’t be seen by anybody. So. He’s like, doing a lot of urgency. And I think my question is, are we going to follow that urgency, and like, just do a hot fix best possible, or we are every entered slow mode where we’re rigorously testing this before will possibly released anything. And I didn’t know the status of that, with you guys. So that’s why I was asking about,

Unknown 4:47

I’d be curious to hear probably from somebody like Aaron. I think if we were
going to do with hot fix, we would just push it to the web. One tricky fact is
Amy’s, I believe the only person on the team who can build the Mac native app
right now.

Unknown 5:06
So that’s a limitation,

Unknown 5:10

Unknown 5:11

though. Yeah. So I would be in support of pushing this to the web app. I think
that like the answer to Jeff’s question of like, whether or not we’re in like,
slow rigorous testing mode versus like urgency need a hot fix mode is kind of a
third option, which is, well, it’s both like, I feel like this PR has been
tested. and I don’t feel like it would be like missing test coverage at this
point, right. Like, it’s been tested by two different people that aren’t Hank. I
think Hank has also tested it. So I think in terms of shipping this to the web
app, we should just kind of do it.

Unknown 6:05
And then with respect to like, the hot fixes for the native apps, I think it’s like, not a problem in this case. Because like, yeah, this is specifically for kind of fixing the web on mobile,

Unknown 6:21
but also as a principal, like, if, if there’s an issue that’s preventing someone from participating in app mining. I

Unknown 6:27
mean, if you like, as a principle, that should definitely be something that should be in fast mode because that relationship if they have to miss out on app mining,

like, I don’t think there should exist a fast mode where we would accept like, a
high possibility of shipping code that like, break everything, right? Yeah, we
should not have a fast mode where it’s like, oh, there’s this urgent thing that
needs to be fixed. So we’re going to, like, ship something that like we know is
going to break, right? Yeah, that’s not a motive that should exist.

Unknown 7:00

Yeah, we just talked videos that are done on and just see accepted to
the App Store.

Unknown 7:12

So the average viewer, so again, update their app. So that’s we’re trying to fix
just less like user problems. It’s more like just to camera stuff on Android

Unknown 7:25
user testing. Yeah, that’s good, I think is fixes just

Unknown 7:28
to get their approval, and maybe the impact is lower than we realized. I think that’s the I don’t know what the impact is.

Unknown 7:33
Exactly. Right. And also the rankings are do today, right?

Unknown 7:37

Unknown 7:38
Yeah. So whatever damage is, like, it’s done, it’s locked in. So maybe, maybe I’m kind of panicking on whether we need to well, so
I just in my mind, I’m like, I’m thinking like, our bug, and then our, our bug, and then our release, like our subsequent release, causes him to have to resubmit. The recent mission was blocked because of another bug. And now like the entire this of him, not getting kind of on us. That’s, that was kind of one of your

[Clarification that this a public engineering meeting]

Yeah, we can we can move on. I think. I think we’re okay. Here. Seems like you guys are on top of it. I was just curious. Like, what happened?

Unknown 8:42
Oh, so Larry, you said you had a topic you wanted to discuss?

Unknown 8:47

Oh, I just had, a meta meta questions. Always trying to like figure out when
this meeting was without access to the block stack.com calendar. And so it was
kind of challenging. I saw the post from last week, like, and so I knew a title
was last week. And I guess it’s probably the same time this week. Um, but there
was a bit of uncertainty. So. So I just like would suggest that maybe like a
places found where the meeting is committed to publicly so that people can
easily find it instead of guessing, because it’s a there’s a period of time
where it would change, you know, depending on what it looks like in New York,

Unknown 9:27
sort of stuff like that. Yeah, yeah. Cool. Yeah, we should probably create that like engineering meeting post on at least Monday before the cheer.

Unknown 9:43
Yeah, yeah, yeah,

Unknown 9:45

Unknown 9:46
Yeah. Cuz, like, I think, like, right after the previous there, I guess still exists a chance that we might change what time the meaning of that?

Unknown 9:56

Unknown 9:57
so maybe we start with just like the Monday before, and there would be really great for, which is always the same time irrespective of what was going on in your neck of the woods. Like, so if you can’t make it, you can’t make it.

Unknown 10:09
Yeah, skipping to the next week, just because, like, I’m not thinking of like, like, people want to put it in their calendar, and then know, it’s a set time every week. And so, so it gets me around, then, like, there becomes a synchronization problem. Yeah, like,

Unknown 10:25
yeah, anyway, that’s just my thoughts.

Unknown 10:30
I can’t recall a time when it’s ever not been at this time, and in a while. So just a couple of mistakes this term,

Unknown 10:39
yeah. Okay. So then, I guess we did, what we could do is, we can just create the civil create them the meeting post, just like immediately following

Unknown 10:51

Unknown 10:54
leader, it’s gonna be different. next meeting is going to be different. Like, I mean, at least have like, an announcement during Yes, week. And then on time, and, like, make note of it. And then the meeting notes for the previous read it like,

Unknown 11:06

Unknown 11:09
pretty opaque to understand what it was. And I was when I was when I was like, in the interview process, and I was checking the forum, but it was always good, always get posted right before I think she brought up and then I was also like, emailing Ryan, or how

Unknown 11:21
I was doing that, which he didn’t respond to, I’m going, I want to attend the meeting. When is it it gets posted, like seconds before it happens. I’m always late to it, you know, like, healthy out. And as far whatever would happen if we just put it like on blog sec.org right there every week time, you know, eastern time we we do this call, like, here’s the here’s like a shortened link for it.

Unknown 11:43
I wouldn’t care if we would just get like

Unknown 11:44
five times a month people

Unknown 11:46
finished. I really like that. Or like that, like, also commitment. And like in sort of an area if you have a page like how do I get involved? Like, yeah, click on this link.

Unknown 11:57

Unknown 11:59
consider the

Unknown 12:03
websites are like a blockchain, right? It’s immutable

Unknown 12:09
might might be out of gate, and then you’re stuck with it for six months, before we actually get more,

Unknown 12:14
it’s like more beautiful than

Unknown 12:21
Yeah, it’s just like it’s more visible. And what has once been seeing the unseen,

Unknown 12:27
it’s like a classic.

Unknown 12:47
So is there any any other topics anyone would like
to discuss,

Unknown 12:57

I would like to, I would like to understand the status of the 19 release.
Because the Android SDK depends on the feature branch. And I would like to move
it to the main release of blockstack.js.

Definitely Ken’s on vacation vacation is kind of status in the dev tools,
and it’s just been pushed back my whole day and then can be out and him being in Hong Kong last week.

Unknown 13:40
I mean, we do have a working on MPM that you could use it’s like an alpha version. I don’t know. I mean, I know that might not help much. Um, I believe it’s, I believe, it’s on Ken’s plate for like next week, I’m not sure that it’ll get emerged next week.

Unknown 13:59
But there is a little bit more work to do in terms of a migration guide, and backwards compatibility work, which is not done. And so I guess that is like a blocker for the release.

Unknown 14:30
I have a, very, like open ended topic. If nobody has anything else, like more of a
or like something I was hoping to share with everybody at some point. But like
this is, this is a good time setting.

Unknown 14:45

So I think we should do an npm beta release of the new protocol detection
stuff. And so today, just reviewing it now, you’ll be able to actually test
how it works out.

Unknown 14:59
But yeah, I think we should do that soon.

Unknown 15:03

We should also emerge and probably actually released the browser because there
should have no effect on anything and tell the block such as the end user. And
that’s kind of a prerequisite which change so the browser has been updated for
users using the native application to have thi have this whole thing worked out.

Unknown 15:37
Yeah, it’s like a prerequisite

Unknown 15:39

for it to work out. But it’s still everything still works just as soon as it
doesn’t have kind of like challenges getting everybody to quickly like, there’s
like a long tail.

Unknown 15:54
Yeah, and this has old designed to be like, backwards compatible with different
versions. So I think that should be okay. Yeah, and talking with an Hank and
Mark and I looked at this a little bit, and Hank you to actually had a chance
to, like, test actually testing results, right?

Unknown 16:15

Yeah, I have. um, I think it’s, I don’t think there’s going to be any changes
required in the browser. The question on the browser is more of we have, like,
returning, returning kind of an epic of of related are very unwieldy bug fixes,
mostly, like quality of life improvements, and improvements and stuff.

And I think a lot of that’s going to be done like this sprint, as in this week,
next week. And so I could see a release, like towards the end of next week type
of thing. And we do include that I’d be more hesitant to do a release earlier
than that, just especially because we’re doing this hot fix.

I’d rather I don’t know, I’d rather just kind of move a bit more slowly and get a whole released together that we can test out.

Unknown 17:10
Yeah, that’s a timeframe is good, like next week, maybe?

Unknown 17:15
Yeah, I mean, it ultimately. So you’ve got a pull request open for adding the echo response to the browser. Right? Yeah. Ultimately, that needs to be reviewed and QA first, right?

Unknown 17:32

Yeah, and those changes are pretty small. So you keep on this picture, it’s an
npm be released that we get out to developers to test before us before it goes
full release.

Unknown 17:49

Yeah, and I think we probably have that we have three or four developers in the community
that really really
want this so

Unknown 18:00
Do we know exactly who they are so we can ta
to talk to them now

Unknown 18:03
just and then people that have been replying to

Unknown 18:07
various cures

Unknown 18:08
so they’re already involved on GitHub,

Unknown 18:11
the other like they’ve

Unknown 18:12
tested it is fantastic

Unknown 18:15
okay with the empty books Yeah,

Unknown 18:16
one One day I was testing on like a combo I forgot but

Unknown 18:21
it’s really happy to see it

Unknown 18:23
actually the question for you about how the work centers currently working through on

Unknown 18:28
I noticed that the way you’re doing this is through an echo reply key set an item in local stores as unique per app

Unknown 18:33
what happens if two different – if one’s habits able to guess another’s echo reply

Unknown 18:37

Unknown 18:38
echo reply reason being is that we do the code reply early detection

Unknown 18:44
code you’re getting an echo reply key from the query string so if tab a is able to guess tab

Unknown 18:51
bees echo request can’t tab a intercept tab be an indication and steal tabs b applciation ke

Unknown 18:56
applications it’s it’s still a scope to cross origin. So all this happens in the context of that web app. So
it’s in graphite I only have access to local storage and then when graphics

Unknown 19:11
web app is open for the attention of responding with echo replay

Unknown 19:15
unlimited has access

Unknown 19:16
to that local storage funny matter of local stores, though it’s a matter of Can I guess your echo reply

Unknown 19:21
like No, I don’t think that the echo reply protocol like has any security implications here

Unknown 19:32
The echo reply is only to decide whether or not you should attempt to open the link with the blocks that protocol handler or just redirect directly to a blockstack.org

Unknown 19:44
So like, if somebody had a tab open that like replied to the echo

Unknown 19:50
in like, guest the landing key that you generated, like, all I would do is cause your browser like, cause the app to redirect browser I to blockstack.org instead of the local app

Unknown 20:05
was actually the opposite I think,

Unknown 20:09
yeah, and actually the opposite. So get handled by whatever the blockstack protocol handler is installed on your computer.

Unknown 20:25
Alright, so it doesn’t need to be backward secure. Or I guess

Unknown 20:30
no, I don’t really need it. It’s for like, really edge

Unknown 20:35
where users and clicking sign on a blockstack on the same browser on the same website, but in like, different tabs

Unknown 20:43
multiple times. And

Unknown 20:45
then so the intention is so that their replies go back to

Unknown 20:48
the tab that started it.

Unknown 20:53
And as long as there’s no way for interception that I guess my main concern there,

Unknown 20:58
just the next week will release the beta of the

Unknown 21:01
blockstack.js change

Unknown 21:05
and the full block into changes, right. The beta Yeah, the browser,

Unknown 21:10
which should that one, I don’t think we should do an update, I don’t have to read you native betas for the

Unknown 21:15
browser. Not yet.

Unknown 21:18
And so I think as long as we get a couple people to review that I think we can actually just merge

Unknown 21:23
merge button

Unknown 21:37
probably at least find Justin and others jump on it

Unknown 21:43
shouldn’t hear from their users

Unknown 21:47
can get the course I guess

Unknown 21:48
it’s kind of feeling

Unknown 21:52
okay, what’s wraps

Unknown 21:55
anybody in the next week

Unknown 21:57
and then the following Friday? Well, we don’t want to release on a Friday

Unknown 22:03
Can we

Unknown 22:05
get a bit of a

Unknown 22:06
spring right? Yeah,

Unknown 22:08
actually for testing this out. Since you want to have the updated native app install I think maybe we’ll try to get like a Mac

Unknown 22:17
build for the native apps that’s what I think most for our testing with right now you can do on Windows but

Unknown 22:24
internally that’s

Unknown 22:26
probably great.

Unknown 22:28

Unknown 22:49
can see

Unknown 22:49
the other devs that are in here. Who else we have from the community.

Unknown 24:13
I’ve been reviewing like the like surveys, and the last, like the notes from
our past conversations, like all talking to different teams. And I’ve been
talking to, like, we talked to them about collections. And we’ve had a lot of
internal discussions about collections, but also talk to them about like other
rails, which means like, the inbox is I think, and also some, like, easy ways to
push notifications, and maybe even email invitations.

Unknown 24:42
And those are like really clear, I would say, like, validated things that people want and the way to utilize on their apps. It very clear and straightforward and kind of like, not not theoretical. So I was thinking about like, like, one one thing is like, for years, like working on a chat

Unknown 25:01
like an interface , and that’s kind of related to this. But the other thing I was thinking about was
as it’s more of a question, like if you were if you were using
different apps to like, chat inside the apps with other folks in any way, like chatter message could be anything it could be like liking a photo, or it could be like literally a chat back and forth or whatever would that actually be a collection that you’d want to report into other apps essentially like user control data fully which means like you can access communications from what we’re generating one app in any other app that

Unknown 25:38
that you gave permission to and almost like essentially to me like looks like
almost like email right like any email client and open up all your emails
essentially and anybody that’s sending a communication on blockstak like where
it’s essentially putting text in your in various people’s Gaia should that be
sort of like have a schema or any app can can adjust it and use it however they
want, right? It’s kind of a question just kind of to me means like, we don’t
have to work on collections or, or messaging features, we actually like to them
as one like first big collection should be like a messaging collection and
whatever, we need to implement it and then offer that essentially like anybody
can use that in any app.

Unknown 26:20
It’s an idea like something to work on

Unknown 26:25
so what is the actual question?

Unknown 26:28
I think, I think it’s like, as anybody ever thought about it like that, as anybody has already. forum post,

I think Jude gave a great presentation last week at the meetup that we had here
that like that, I think it’s a first I think it was huge presentation. But, but
the idea of reversing, like, like, right now you have apps to talk to servers,
and the data is behind the server. And then here, you switch the location of the
data, right? The the apps talk to the data, because that’s essentially what
you’re saying,

Unknown 27:01
Yeah, like today, you can definitely enter, you know, pull out and read any data from any app right now, I’m just need to know the Gaia hub prefix which you can get from the profile
because you have to know about all the other apps schemas.

Unknown 27:16

Yeah, I’m almost repurposing the most that we like, if we take on a project to
make our messaging really easy. And blocks that apps that you approach it as a
collection, which means like, if you if you do it, if you implemented in our,
you know, kind of like sanctioned way It means other apps can adjust message
history. So, like, I always use use travelsack, it just feels like a very easy
to understand app to me, like if somebody somebody comments on a photo, and then
somebody else comments and somebody else comments, right, like another app could
ingest those those comments and use it in some other way. If you give them

Unknown 27:58
my thinking about that the right way? Is there any reason why we wouldn’t do it like that? There’s one other concern, and that is

Unknown 28:04

how do you met? Whether the question is really I think, to me is whether or not
you want to manage collections as a separate entity versus just a series of a
well formed data sets across multiple apps. Here’s a good example of this, like
your pictures he did. He wanted to treat pictures as a first class collection,
that would be a separate key that’s independent of all

Unknown 28:25
the apps,
you’d have a separate key life cycle for it,

Unknown 28:28
you only be able to attend to it wouldn’t be able to delete or modify them. Otherwise, any I could be able to do that, for example,

Unknown 28:36
or like, you know, affiliated one athlete to a partial failure collections

Unknown 28:42

Unknown 28:44
yeah, you’d want to have

Unknown 28:46
the trick, though, is that if you want to go that route, you’re going to need cooperation from the authenticator

Unknown 28:52
how to make sure, for example, that you can’t, you can’t break them

Unknown 28:56
and break the API promise

Unknown 28:57
that it makes

Unknown 28:58
the other route of keeping a separate app based

Unknown 29:02
like that, definitely easy way to do this would be to create just like a specialized like collections.js library, where like, anything that you store by a collection such as can be layered finish with collections. And we have different types schema that’s reach the data, but it looks like with your data is your collections. And we started across all your apps, like there’s a collections folder interface, basically. Yeah, and each of your apps and then that’s it under that prefixes.

Unknown 29:30
I think it’s more based on what we currently have for this provides developers with a better way to basically push and pull from that, right.

Unknown 29:38
Yeah, yeah, just that you wouldn’t have this notion of

Unknown 29:44
you would necessarily have a notion of like, collections that are private to you that you wouldn’t be able to access so. So here’s an example like it was you have a private document in graphite and you’re trying to use another app like Stealthy, we’re not going to say to us, like, no, right? Like that, that document is private and graphite

Unknown 30:02
that you’d be able to get it

Unknown 30:05
within Noteriot

Unknown 30:06
you would need the key programs like to do this, if this is really an authenticator needs to help you out need to pass like key was dangerous, or the needs to be wholly separate collections facility that were like more aware of, for example, the authenticator immediate access your collections and keep the collections key separate.

Unknown 30:24
Yeah. So that’s the approach I’m planning to take like I’m planning to provide API so if you guys come up with collections I’ll use that if not I’ll just like
make up fake app domain like photos dot something rather right and use that as a use that as a janitor private key, and then the like, like, have an API that browser provides like the apps they can rewrite photos or whatever they want to do and then if they want to like Roca, they just click someplace and turn off.

Unknown 30:53
I think ultimately, I think ultimately, like, like the theme of my my

Unknown 30:57
talk last week was a need to have like software in between, like this, your data. And then the apps are trying to use it to like, mediate

Unknown 31:07
pretty it’s really hard. So because I mean, people already have expectations around this, like you have this on their phone, right? Like you get rich access to your photos you don’t want we just had I just devoted to turn off your phone.

Unknown 31:17
So if we don’t, if we don’t put a filter the latter thing that you’ve described you, then we really don’t know

Unknown 31:23
you, when you often you don’t actually know

Unknown 31:26
what the app is trying to access. It could like, we don’t have any sort of, we could say like this app once is going to access your photos, whatever. But we don’t actually even we can’t really tell like what it has access to what it does it is it grab it from all apps are from all the other apps or like a subset of them are like you don’t really have any exposure to what it’s tempting to access. Whereas if we like lock it down, these we would be able to understand that is trying to access

Unknown 31:51
everything in the collection. Right?

Unknown 31:53
Yeah. So. So the way that the way with this would necessarily work is like for each data type, you’d have a collection of photos would be a collection documents be a collection,

Unknown 32:02
there would be separate piece for

Unknown 32:04
reading and writing different collections. It’s just that if you share those keys with your

Unknown 32:07
apps, then

Unknown 32:09
your app that has the ability to

Unknown 32:12
it, the revocation story gets kind of messy, because you have to be key every other app permission from what happened.

Unknown 32:18
Yeah, so I think that the way to think about this is that like, you actually like, have like, two totally separate concepts. So like, one is like sharing encrypted data between applications, which is the story of like, how to do untrusted or less trustworthy key sharing, like group key encryption and stuff like that group key management. And then the other is just like

Unknown 32:47
a story about standards, which is like, you want to have basically file types that are across different applications. And there’s like, no reason to hide the doing these at the exact same time

Unknown 33:03
just like trying to develop a really complex article that might not be used by anybody.

Unknown 33:10
Oh, that sounds like a job for some standards organization. I

Unknown 33:15
won’t mention

Unknown 33:18
I think I was I think my, my bigger plans. I kind of

Unknown 33:22
Yeah, I shouldn’t, we would kind of do more with what you said, like the latter

Unknown 33:26
kind of more rigorous approach.

Unknown 33:28
And I just think the other point I was, I guess, kind of make more question for you guys is like,

Unknown 33:34
if we just if we, if we think about in boxes and making like messaging easy

Unknown 33:37
on blocks that apps and we have ignore these considerations, we just discussed that I’m thinking we’re gonna have,

Unknown 33:46
we’re gonna have, like, we’re going to encourage, like a fragmented message history, all the different data schemas across every single app. And later on, we’re gonna be like, shit, we should have thought about that. More of a collective like, more as a collection itself?

Unknown 33:57
Well, I mean, given inboxes you see inboxes, right?

Unknown 34:00
This case, I think inboxes is one component of it, basically making they basically making it so that like, there’s a really easy to use solution for putting messaging app, which is like, I think something that like, half the apps are like, have done worked on or

Unknown 34:18
Okay, in some way. I’m a little confused with what you mean by

Unknown 34:20
the messaging like comments, or do you mean, like notifications or

Unknown 34:24
all of it? We may see there’s actually a different access patterns.

Unknown 34:27
Yeah, right. Under the hood mechanism,

Unknown 34:31
I think like, what if we like, just what if we were just talking about like email, like what we just said, we want to build like email in blockstack that other apps or apps can share an inbox or you’re eating, you can access your inbox, the same inbox for different users, then I think it’s going to be a lot harder to have a sharded data schema, because you need to do reason and writes on various different, you know, aspects of this. And you also need like a shared inbox

Unknown 34:59
until I get more sharded approach, I think, would make this a lot more tricky versus one collection. And the collection has an inbox and one, you know, storage address path.

Unknown 35:13
Ideally, we want to be like iOS, right?

Unknown 35:14
Like permissions can be granted

Unknown 35:17
a mind using an app for the first time later, you can regularly like, turn off access, the apps that are granted access, have full read and write access. I mean, we could just provide, like, read or

Unknown 35:29

Unknown 35:30
or app, I suppose if you don’t trust it out until

Unknown 35:32
like, right.

Unknown 35:34
But like, that’s where we want to go, right? Like, we want to have that level of sort of

Unknown 35:38
cross app permissions and sort of functionality. We don’t want us to say it’s

Unknown 35:44
this. There’s there’s two things here. I agree with the mark mark saying

Unknown 35:48
these are two things like there’s one

Unknown 35:50
one is you this this data structure thing, like what you could use for messages, like Jeff said, and then to you have like, this idea of a product like blockstack messaging, it’s really easy for app developers to like, add into their into their thing

Unknown 36:07
is that are present manner to my account yet?

Unknown 36:09
Yeah, good, good. Yeah. And I get this, there’s different like, under the hood, it’s all it’s all different, right? If you’re doing like to do push notifications, or the inbox is or you want to do an email like thing,

Unknown 36:17
I get that it’s all implemented differently. But I think the

Unknown 36:21
one is, it’s just made more tricky, because the way our picture works, like, if we were doing it just in Firebase and building an app, it would be more straightforward.

Unknown 36:32
I think, like

Unknown 36:34
I might, my goal would be like to achieve to achieve kind of what is pretty easy in decentralized world, which is, it’s like, if you want to have allowed to users to communicate you your app. It’s like,

Transcript part II

Unknown 36:45
not that hard to do

Unknown 36:47
it. But but it’s part of our life that you’re proposing that perhaps

Unknown 36:51
it might be easier to run

Unknown 36:53

Unknown 36:53
data collection and messaging at the same time.

Unknown 36:55
Yeah, or, or I’m almost, maybe I’m asking the question to, like, if we

Unknown 37:00
focus on providing focus on making messaging, like, work well, and easy to implement nice user experience, if, you know, six months later, we’re going to be like, whoops, we should have approach this as a collection. Now.

Unknown 37:14
Now, like now, like, we’re kind of almost like, we almost be like violating our, one of our promises, which is like, you can you have control over your your data fully. But in this case, we didn’t do it like a collection, essentially, each app with we’re like

Unknown 37:33
to maintain it on their own little database or something like where there were, those messages are organized and stored,

Unknown 37:39
still access other apps, because you can still do that today. Just

Unknown 37:46
we believe what we really need is like a group keying mechanism

Unknown 37:51
under the hood. Because what I like that, that’s, that’s a hard engineering challenge. And once

Unknown 37:54
you have that,

Unknown 37:55
most other things are pretty easy.

Unknown 37:58
Yes, I guess, like,

Unknown 38:00
email example is easy. You can say, like, what if I create, like a messaging app, like, I’ll do whatever, I send a bunch of messages back and forth with people. It’s like, it’s like, you know, it’s like an inbox as an email like behavior. And they’re like, I don’t like stuff anymore. I want to, like, use whatever. So it’s a new thing, right? You should be able to just open it up and important, completely agree. So that

Unknown 38:18
suggests that would work is sign like

Unknown 38:22
very narrow features

Unknown 38:23
are like, almost the exact same feature and experience from Africa, right, like it’s one app, add any value beyond like, just sending messages, then that wouldn’t exactly get it over to another they want to consume.

Unknown 38:41
Hey, I see.

Unknown 38:42
You’re saying so. Like, there’s been to this in the past. So there’s a whole protocol excellent up around this, like, like, it worked pretty well. Google’s able to, like scale chat and video and lots of features or extensions, like, um, I kind of like the idea like, let me see, I’m getting this right, Jeff, like, are you sure suggesting that like that, like, we get like a team looked at, like building blocks that chat or block that email as like a feature, develop a platform platform feature, and then build the necessary primitives to execute on that, as opposed to building some primitives and then figuring out how to use them later, is that sort of, you’re suggesting,

Unknown 39:20
yeah, so I’m saying that if we, if we really sat down and really like

Unknown 39:23
thought through this, you know, kind of in the long term view, we would sort of sort of arrive at the idea that any users generated messages with apps are within apps, and they should be able to import them into other apps in the future. And if we don’t,

Unknown 39:39
if we don’t,

Unknown 39:40
maybe we can add this later. But like, I’m just thinking that we’re going to our conclusion is going to be that that’s the right way to do it. And so we’re going to do it sort of saying like, should we just sort of tackle both at once like think about it as a collection and also also solving the problems necessary to make it work

Unknown 39:58
that way there’s a lot of work when I when I can explain from wechat and I think that at the moment isee, he had like a research and development project called blockstack like messaging,

Unknown 40:14
it’s not based on Guaia it’s based on the metric network. And this is like x MVP, there’s all the features Larry mentioned.

Unknown 40:23
But you can what I did at the moment is I generated accounts for each identity address and also for the addresses of the from the private keys

Unknown 40:40
one has different possibilities to communicate and then you invite these addresses into rooms and maybe these rooms could be collections but that’s something just to try out and see whether it makes sense and then also and Matrix they solve the problem of group messaging encrypted group messaging with murky murkier all in this code, you have doubled this way you progress keys in the encryption and only the person that joined

Unknown 41:22
at the beginning, can read from the beginning, the only you’ll get the shared key if you join, whenever you join, you get the share key for the future.

Unknown 41:33
So then lots of things that might solve some problems that we try to solve for success. So

Unknown 41:40

and I implemented yesterday an example where an animal kingdom, you can talk to
a chat app. So there’s, you can experiment how this works and how it looks like.

Unknown 41:59
And then I can be a see whether it fits right or not,

Unknown 42:06
I think we should assign both of these tasks as research to somebody on the engineering team

Unknown 42:10
one state elections once messaging can be the same person perhaps,

Unknown 42:14
if somebody wants to do both and take the when they get research with, like,

Unknown 42:19
all the various solutions to this, and we just compare the two we say to these fit for additional validation, or we say now this one first one, because I think right now is to me, it’s too hard to know

Unknown 42:31
what’s going on. Just sort of start thinking about this and sort of Yeah, really looking r&d thing. And you could demo for us some time to for you.

Unknown 42:41
Yeah, sure.

Unknown 42:45
What the team wants to research data collections more

Unknown 42:47
than anybody else, for example, like, Who’s most passionate about getting directions? I can’t get it might be, but I’m not sure.

Unknown 42:54
I believe
we already have, you know, proposals and like basic specs for collections and in boxes and like, they work well, for a certain context, I think what’s not clear is like what we’re trying to solve for

Unknown 43:17
like fully, like everybody, like they’re good,

Unknown 43:22
I feel like they’re kind of like, half bake sale is that

Unknown 43:26
like a forum, and it’s kind of like, there are materials come to that we have a spec or project there yet. He I mean,

Unknown 43:36

I’m just unsure that what a critter state is like, I don’t know that it’s, it’s
time to research out a proposal because we can, we’ve been talking about a lot
of different scenarios here, and proposals would sovle for different scenarios.
And so I’d rather just continue this conversation

Unknown 43:56
and be like,

Unknown 43:58
and figure out what feature sets were trying to solve for and then go more into the research of how we would do it. Yeah, that’s cool. I’ve got some ideas on how to get more clear on that. And I’ve read the proposal previously. But you know, yeah, like a few days later, I forgotten a lot of details. So I was like a calendar to say, let’s talk about the questions. I’m asking

Unknown 44:19
for an hour, and then

Unknown 44:22
we’ll come back to it again,

Unknown 44:23
just like

Unknown 44:25
we just

Unknown 44:27
we just keep moving forward to it.

Unknown 44:29
Cool. I didn’t I go to follow up with a few of the apps

Unknown 44:31
and kind of briefly, but I think they’re trying to publish to what the requirements are from their point of view, and then bring that back.

Unknown 44:40
I’m actually curious to know how are Grinch the chat messaging works with insofar as sharing keys between apps, you want to elaborate on that trigger

Unknown 44:53

Unknown 44:55
I haven’t done that.

Unknown 44:57
If you create a room and metrics you can enable peer to peer encryption. Yeah, PGP encryption, okay. And then everything happens magically.

Unknown 45:09
So I so I read a bit about double ratchets i you do if you do encryption, but
I’m not perfect.

Unknown 45:28
All right. Thanks for sharing. I was mainly curious about like, how we could I mean, like I mentioned earlier, I can guarantee grace to me, no pun intended. The key challenge to making all of this work is really going to be a mechanism for doing group key management, group encryption, key sharing and key rotation. So I was wondering if maybe matrix had some insights into how to do this, or whether or not openintent has a way to do this already.

Unknown 46:00
I think that make our own algorithm is the right thing to look at
What was
it called make our own algorithm. Oh, and

Unknown 46:12

Unknown 46:15
Um, I got it.

Unknown 46:18

Yeah, I think that the the, like, the thing to do for messaging would be, I
think, at first till just like punt entirely on the grouping friction challenge.
And just try to say, like, Okay, if we implement messaging, we want to do it in
a way that like, the data types are going to be sound and digestible by
different apps and trying to solve the group encryption problem sort of later.
So that’s like messaging would be solved as, like, you know, actually what it
takes to do messaging in an app in like, a sufficient way, like, part one, part
two would be like, kind of the collection you part, which is like ensuring that
the data would be digestible by the app, if it had access to that data or data
was public, like not encrypted any degree at some later point, like we can do
to support encryption with these collections, basically, the first the first
project conscientiously, for the second one by

Unknown 47:29
this yourself for the second.

Unknown 47:33
So if you view the encryption have some like, just like magic function that’s going to be applied to data at the point that you want to do collections in a more secretive way. And just like public data,

Unknown 47:46

Unknown 47:47
yeah, they’ll give you 80% of the functionality.

Unknown 47:50

Unknown 47:53
I see Larry’s now doing a shit jude says tweet

Unknown 47:57
me to read that to you. I just said heard,

Unknown 48:03
it’s a public meeting, I can live tweet it

Unknown 48:10
and ask more people about this. And just generally try to get my head around around, like, what’s been done here, and what still needs to be done.

Unknown 48:19

Definitely one of the, like, bread and butter use cases that are like, sort of
functionality that a lot of people want to add to their apps. I’ve heard it
like, you know, dozens of times one of the awkward to have something, you
know, 30 like, you know, some way some work around or they’ve done their own
thing or whatever. So

Unknown 48:45

Unknown 48:46
Yeah, getting getting a standard way of us in place is going to be getting buy into that it’s going to be

Unknown 48:53
the more so

Unknown 48:58
keep doing the key sharing

Unknown 49:03
I have a question
just generally next, at its core is an index, right?

So when we talk about expanding indexing functionality,

Unknown 49:13
are we talking about expanding the blockstacksore that before because I think branding is also come up as

Unknown 49:18
blockstack core indexes the blockchain and nothing else we don’t

Unknown 49:21
have a that

Unknown 49:22
that’s me by wholly separate process, there’s actually a whole search in that runs alongside

Unknown 49:26
blacks core on board, I’ve watched center org

Unknown 49:29
when I hit blockstack core at the end of my profile section

Unknown 49:32
that’s not blockstac kcore that quarterly network routed through books that

Unknown 49:36
we have an API front end, like an engine x front end where like, the search queries are actually passed on to like a MongoDB it’s just

Unknown 49:44
a little side thing. Yeah.

Unknown 49:46
So it’s not part of what you saw blocksstack core you’re not getting that you’re not getting

Unknown 49:50
a bonus. Yeah,

Unknown 49:52
it’s an add on. Okay. So but that could be that out, I’m gonna be the next or that could be like the, the embryo of an index or sorts, right, kind of really knowledgeable query through that way. I prefer

Unknown 50:04
to have heard if we don’t end up becoming responsible for

Unknown 50:07
everybody’s Gaia hubs,

Unknown 50:08
like find all their apps. And that’s basically its job day

Unknown 50:13
like this will this

Unknown 50:14
this can become extremely difficult to do first of all, and also extremely, extremely bad

Unknown 50:19
if it goes offline because people might depend on it.

Unknown 50:22
And then important thing I mean, you can also run your own core node pretty easily

Unknown 50:26
but yeah, keeping track of everybody’s every apps data schema so we can index them is a huge buracratic overhead that can be better just making each

Unknown 50:35
app index

Unknown 50:36
or or runs on racks or

Unknown 50:39
just seems like convenience wise

Unknown 50:40
people already query before they turn into this but not not updated just profiles right.

Unknown 50:46

Unknown 50:50
never someone Someone was asking I’m sorry, just under the like along the lines of indexers. Someone was asking me about the graph which is the graph comm which is I don’t know if anybody’s heard of that scalable queries for decentralized feature and it seems to tackle this problem but like in a very least from the website very fun way the way so I’m not really

Unknown 51:11
sure I’m

Unknown 51:13
not really sure the graph the graph.com

Unknown 51:20
I spend about 20 seconds looking at it um

Unknown 51:25

Unknown 51:26
yeah I don’t know didn’t didn’t immediately look like it would be useful

Unknown 51:31
yeah I’m not impressed

Unknown 51:34
I mean look it looks like the crawling IPFS using state that you can glean from a Ethereum and smart contracts and building up an index over that

Unknown 51:43
so if you assume IPFS

Unknown 51:46

Sure, I guess it works and it’s something I PFS can reliably get you data back
which is a pretty big F

Unknown 51:54
m Okay. Cool. Well, I just like to point out because this came from a conversation

Unknown 52:00

Unknown 52:01
some of us have that were like can and then he couldn’t make it to and one of the meetings in Shenzhen last week. Like some developers immediately zoomed in on the problem that like you can’t query data that’s stored cross Gaia hubs easily. Um, I know, we know we have we have sort of some solutions for that. But we don’t have like, a really clear can we can point out like, this is the solution like like it is up to your standards.

Unknown 52:26
So that’s like a question keeps coming up.

Unknown 52:31
So might it might like from a product perspective, like make sense, the package whatever the solution is up in like, you’re like, hey, engineers, like you like to do join queries on lots of data. Like this is where you used to do it.

Unknown 52:48
I mean, that’s like, roughly the the problem that like Radix tries to solve Right,

Unknown 53:14
Blockstack.js is probably the best

Unknown 53:16
place for like developers to have an API for that sort of thing like

Unknown 53:21
a cev comes off the street and especially blocks that affected

Unknown 53:24
so you think okay, this Why am I methods right if there’s a method of there our users However, it’s, you know, of course, the back end

Unknown 53:31
which like I want for your costs, my users or whatever, that’s going to be the most successful thing. So

Unknown 53:37
how are we sort of make that work? That’s kind of where my mind goes with this?

Unknown 53:41
Is that some writers that like one actually, because it will be different thing like outside the box? actor? Yes. And so the problem, the problem is that it requires basically a server component
to help with indexing

Unknown 53:57
Of if we don’t if we don’t help with, like finding host to

Unknown 54:01

No, basically no matter what, like, we could try to come up with some like
scheme where we index all application data, but that’s really hard, because
like, I guess application data could be indexed different ways, though, I guess
we can provide a library that it’s like, if you build your application data in
this specific way, then, like our index index, it

Unknown 54:26
probably is always the number one

Unknown 54:31

yeah, if you’re gonna if we’re basically being asked right not have to re
implement site maps. Yeah, and and then we implement web crawlers that process
those site maps. So we can build up reverse index it reverse keep first indexes
that map key phrases or keywords to Gaia hubs.

Unknown 54:48
Yeah, basically became Google. Yeah, I think it’s like, kind of

Unknown 54:55
back that could be okay, I could totally be okay. It’s just that I feel like this should be like a third party service or like a different product from
blockstack core

Unknown 55:04
Oh, yeah, definitely be a different product.

Unknown 55:07
And the question is whether or not we, we, like provide this protocol to people
that like, if they act within it, then, like any public indexers able to index
their application for them,

Unknown 55:22
I mean, we think Radix I mean, pretty much already built in a way that we could just host a big instance of the RAdix backend server. And it could be similar to Gaia such that we, we host the public one that’s free and whatever uses to us and then you could also run your own,
but it would be, you know, it’d be like a high
that’s a lot of data, you know,

Unknown 55:49
what’s up CPU and bandwidth to who would not be somewhat costly to run a big one
of these that kind of also breaks like our promise that we’re not gonna

Unknown 55:57
we’re not going to gather your data and holding the database, right. Central

Unknown 56:01
will be encrypted, it would still be the same exact issue of guy where anyone can read and it would just be encrypted content.

Unknown 56:11

Unknown 56:12
yeah, we can’t read your data anymore than your ISP or Azure

Unknown 56:15
can. This is

Unknown 56:16
really just, it’s really just,

Unknown 56:17
it’s, it’s no more violating that promise, and Google violates the promise server.

Unknown 56:22 But in order to make use of it, then you have to essentially
like, download and decrypt the entire entire index locally to make use of it as
an app developer in that case,

Unknown 56:34

sorry, yeah, if you wanted to query encrypted data Radix like I’m working on
functionality where you can in a smart way, it can just basically download all
of your user data, like not even just all have data, just apps data related to
the user and then like groups that you’re in, and that would be much smaller
subset, and then you could keep it cash of that in the browser and just think

Unknown 57:03
downloading data constantly.

Unknown 57:06
Yeah, I mean, this

Unknown 57:08
is like, not my area at all. But like, for like, that would break at some point, right? Like, or what if I want to search tweets, like, across all users, right? Like, as far as our messages to the right,

Unknown 57:16
if it’s public, it’s fine. Yeah,

Unknown 57:20

literally no different than what Google does. Now, Google can crawl your data,
if I put ciphertext online, you can query for it. Yeah. And encrypted.

Unknown 57:27
Private is a small, like each user is kind of much smaller. Add to that
you read that in the browser, right?

Unknown 57:39

Unknown 57:40
I mean, I’ve been talking to Hank about this, I think we should like
whether we do it this way, or whether we just like, release it and say, like,
blockstack supported thing, but it’s like a side project that’s like, heavily well documented and heavily suited for blocks that quick, whatever, one way or another, we should like actresses up and release it and see what people make with it. Yeah, I would love to see like

Unknown 58:00
Where radix goes with this honest I feel like I should put into shouldn’t feel like part of the official SDK because everyone who has any sort of cross user query concern is inevitably bunch of new products or somebody from electronics raise

Unknown 58:16
it had an interface in the SDK for this it gives me very important

Unknown 58:19

yeah and I would rather have everybody use an RAdix deployment for indexing the
content that you can later swap out on your own doesn’t have every app try to
build their own proprietary index

Unknown 58:32
because we do that with Gaia Yeah. Yeah. Like our approach we say well there’s a hosted an evil where user

Unknown 58:39
yeah so the long long term I could definitely see like Roddick’s be official and and it would be something you’d on sign and you would pass in the preferred products

Unknown 58:48
end points would crawl that for yo
don’t go for your calling for you configuration

Unknown 58:53
without browser to that we didn’t have a three things

Unknown 58:55

Unknown 58:56
yeah we do have a chord with me I will do that also with with the next one day

Unknown 59:03
plus i costed Radix server would would be cool because it would be it’d be a super similar to Firebase. And then you would just you would also be able to say, if you want to run your own someday, it’s pretty simple open source, you can just migrate all the data or whatever.

Unknown 59:19
just like how we passed in. And also like apps can ask them their their recommend ones,
just like the Gaia hubs.

Unknown 59:29
Jessie J Wiley is working on some sort of core extension for indexing right now. And I don’t know what that’s different

Unknown 59:35
it’s it’s different when he’s doing is he’s taking the index data, the I read a profile data and putting back into a pocket so people can download it to other indexes over it

Unknown 59:46
download the whole thing or quarterly against it down the whole thing on those queries?

Unknown 59:51
I don’t believe so.

Unknown 59:53
But given what a query like

Unknown 59:54
all the users that tracker app, I can’t really do that with the

Unknown 59:57
profile search.

Unknown 59:58
It’s like, but they can do it this way that you’d rather you get the JSON you just parse through and see which ones

Unknown 1:00:04
that come around the profile it’s still

Unknown 1:00:05
very profile oriented yeah that’d be a core that’s like a limit

Unknown 1:00:10
and even then it’s not when you when you download some

Unknown 1:00:12
looks like or you don’t get that that sounds like it’s almost like a separate service

Unknown 1:00:18

I love it if we would really like yeah come to some kind of a shipping event on
this and just get in the hands of people that have already implemented something
like this day but kind of feel that it’s like sucky and it doesn’t work as well
as I like

Unknown 1:00:34

this article and be like hey swap swap it out of this work with Hank and like
let’s kind of go down to jail worked and then we can do a little bit of
document efficient and really releasing this feature

Unknown 1:00:52
anyone a radical have when you load it via your web browser it’ll have a bar saying like search for this or I’m feeling lucky

Unknown 1:01:13
I gotta run everybody.

Unknown 1:01:18
Bye bye.

Unknown 1:01:20
See you later.

Transcribed by https://otter.ai