Convenient ID lookup for an end-user without compromising security

I am having trouble seeing the whole architecture. Let’s say Bob wants to send to Alice a PGP encrypted message. Can he use Blockstack to reliably look-up Alice’s key ?

Wouldn’t that mean that he has to run full core, and download the full blockchain ? If so, how can this be made convenient for the end-user Bob ? What if Bob wants to use a mobile app to send Alice an email?

If the only way to make it convenient, is for Bob to trust an agent with a Blockstack core server, then why not have that agent just be a key-server and not store the key in Blockstack ?

Note that this problem doesn’t exist for bitcoin, the currency. Having a light-client for bitcoin that just shows a balance on your wallet works even without 100% trust, but fetching a PGP key requires a 100% trust, otherwise you will encrypt a secret message for someone else.

In conclusion, I don’t see how Blockstack or any blockchain solution can be used for ID lookup from a mobile app.

There needs to be a way to query existing random Blockstack servers from the mobile-app, and query enough of them so as to get a high confidence in the returned value. If so, how these random servers would be found by the mobile app?

I think this is what SNV is for, but I’m not sure of the details. @jude should know more about this.

Hey @boris25 Bob has a few choices:

  1. Run a full Blockstack node and run a full Bitcoin node.
  2. Run a full Blockstack node and run a light Bitcoin node (trusting the remote node a bit).
  3. Run a light Blockstack node and connect to a remote full Blockstack node, then check the consensus hash against other peers to make sure that none of them are lying.

On mobile, you can have trust in your lookups if you define the set of full nodes that you’d like to trust, where all of them have to lie to you at the same time. The full nodes you trust can be well known, like nodes run by Princeton, Stanford and Google. Alternatively, if you have a Raspberry Pi at home running Blockstack you can decide to only trust that node.

What is the difference between a Blackstack node and a Bitcoin node ? Don’t they download the same blockchain ?

What is the storage requirement on this Raspberri Pi idea ? How much of the block chain does it have to download ? Can a Raspberri Pi download 200gb of data ? What would be the cost of such device ?

1 Like

A full Blockstack usually comes with a full Bitcoin node inside of it, but it doesn’t have to. It can instead reference a remote Bitcoin node.

Full Blockstack nodes connect to a Bitcoin node and then scan the whole Blockchain and build up a database of names to crypto addresses to zone files.

The storage requirement for the Raspberry Pi would be about 200GB if it keeps the entire Blockchain. It doesn’t have to though. It can actually throw out old blocks. I’m not sure the exact amount of this but my guess is if it throws out old blocks it may only need 20GB or something like that.

For any one else reading this: the way to throw old blocks is described in the original bitcoin white paper, in section 7 “Reclaiming Disk Space”.