This meeting is for the engineering team, app developers and the community to discuss engineering concerns or questions.
Please reply to this forum post with items you would like included on the agenda.
This meeting is for the engineering team, app developers and the community to discuss engineering concerns or questions.
Please reply to this forum post with items you would like included on the agenda.
re there any topics people wanted to discuss before we ask is our community members,and Larry,
let’s see here. I can’t keep track of the whole timeline. But after the most
recent browser push, I want to say um PB Jay was asking about that about the
bug that Apple flagged these basically, like, I need another immediate hot fix
on the browser like yesterday, or something like that. And I think I sent over
to Hank. And I’m just wondering what happened with that. I know we’re trying to
get better about our QA process, but it seems like we’re speeding up those
releases, not like slowing them down. So I was just curious that anything
happened with that and what is the state?
Um sure I can speak to that. Um, nothing happened in terms of breaking that QR
code scanning. There’s some old tickets that got brought up from way back when
will originally built it. And I I guess the way that we’re embedding a web view
in the native, I believe it’s never worked. And I think it just didn’t get
caught by Apple reviewers before now. Yeah,
And so what happens is, the native apps actually add like a parameter to the auth flow. And so we can check for that. And basically, we just, we check for that parameter. And if it’s there, we hide the Scan button.
And so I implemented that got some review. Shreyas has caught something for when
you went back and forth, kind of between different views that fix that
yesterday, kind of early afternoon. And so I think Shrey if you can just confirm
that and then I think we will be able to push these to the web. That’s my that’s
Yeah, that’s definitely exactly what happened regarding whether that was always there or just showed up recently, I’m pretty sure that flag real asked me to ask them if I get iOS secure, because of this feature, because we knew this wasn’t working. So I feel like it should have been handled. That was the whole point of the flag. I don’t know how it progressed. But yeah,
yeah, if you look at the ticket, I tried find the link I don’t have it open
right now. But I’m Will brought that up. And then you kind of went up basically
said, okay, we added it, but then the PR just got emerged. And it was okay to do
for like, a future date instead of the others. No code right now that deals with
anything like that.
Cool. That all sounds fine. And I sort of assumed you guys would just take care of it, I think I was really asking about was, um, was like, I think he’s got some urgency because he’s like, my, my app is being judged right now at my name. And I’m blocked until it’s done. Like, I can’t be I can’t I can’t be judged by anybody can’t be seen by anybody. So. He’s like, doing a lot of urgency. And I think my question is, are we going to follow that urgency, and like, just do a hot fix best possible, or we are every entered slow mode where we’re rigorously testing this before will possibly released anything. And I didn’t know the status of that, with you guys. So that’s why I was asking about,
I’d be curious to hear probably from somebody like Aaron. I think if we were
going to do with hot fix, we would just push it to the web. One tricky fact is
Amy’s, I believe the only person on the team who can build the Mac native app
So that’s a limitation,
though. Yeah. So I would be in support of pushing this to the web app. I think
that like the answer to Jeff’s question of like, whether or not we’re in like,
slow rigorous testing mode versus like urgency need a hot fix mode is kind of a
third option, which is, well, it’s both like, I feel like this PR has been
tested. and I don’t feel like it would be like missing test coverage at this
point, right. Like, it’s been tested by two different people that aren’t Hank. I
think Hank has also tested it. So I think in terms of shipping this to the web
app, we should just kind of do it.
And then with respect to like, the hot fixes for the native apps, I think it’s like, not a problem in this case. Because like, yeah, this is specifically for kind of fixing the web on mobile,
but also as a principal, like, if, if there’s an issue that’s preventing someone from participating in app mining. I
mean, if you like, as a principle, that should definitely be something that should be in fast mode because that relationship if they have to miss out on app mining,
like, I don’t think there should exist a fast mode where we would accept like, a
high possibility of shipping code that like, break everything, right? Yeah, we
should not have a fast mode where it’s like, oh, there’s this urgent thing that
needs to be fixed. So we’re going to, like, ship something that like we know is
going to break, right? Yeah, that’s not a motive that should exist.
Yeah, we just talked videos that are done on and just see accepted to
the App Store.
So the average viewer, so again, update their app. So that’s we’re trying to fix
just less like user problems. It’s more like just to camera stuff on Android
user testing. Yeah, that’s good, I think is fixes just
to get their approval, and maybe the impact is lower than we realized. I think that’s the I don’t know what the impact is.
Exactly. Right. And also the rankings are do today, right?
Yeah. So whatever damage is, like, it’s done, it’s locked in. So maybe, maybe I’m kind of panicking on whether we need to well, so
I just in my mind, I’m like, I’m thinking like, our bug, and then our, our bug, and then our release, like our subsequent release, causes him to have to resubmit. The recent mission was blocked because of another bug. And now like the entire this of him, not getting kind of on us. That’s, that was kind of one of your
[Clarification that this a public engineering meeting]
Yeah, we can we can move on. I think. I think we’re okay. Here. Seems like you guys are on top of it. I was just curious. Like, what happened?
Oh, so Larry, you said you had a topic you wanted to discuss?
Oh, I just had, a meta meta questions. Always trying to like figure out when
this meeting was without access to the block stack.com calendar. And so it was
kind of challenging. I saw the post from last week, like, and so I knew a title
was last week. And I guess it’s probably the same time this week. Um, but there
was a bit of uncertainty. So. So I just like would suggest that maybe like a
places found where the meeting is committed to publicly so that people can
easily find it instead of guessing, because it’s a there’s a period of time
where it would change, you know, depending on what it looks like in New York,
sort of stuff like that. Yeah, yeah. Cool. Yeah, we should probably create that like engineering meeting post on at least Monday before the cheer.
Yeah, yeah, yeah,
Yeah. Cuz, like, I think, like, right after the previous there, I guess still exists a chance that we might change what time the meaning of that?
so maybe we start with just like the Monday before, and there would be really great for, which is always the same time irrespective of what was going on in your neck of the woods. Like, so if you can’t make it, you can’t make it.
Yeah, skipping to the next week, just because, like, I’m not thinking of like, like, people want to put it in their calendar, and then know, it’s a set time every week. And so, so it gets me around, then, like, there becomes a synchronization problem. Yeah, like,
yeah, anyway, that’s just my thoughts.
I can’t recall a time when it’s ever not been at this time, and in a while. So just a couple of mistakes this term,
yeah. Okay. So then, I guess we did, what we could do is, we can just create the civil create them the meeting post, just like immediately following
leader, it’s gonna be different. next meeting is going to be different. Like, I mean, at least have like, an announcement during Yes, week. And then on time, and, like, make note of it. And then the meeting notes for the previous read it like,
pretty opaque to understand what it was. And I was when I was when I was like, in the interview process, and I was checking the forum, but it was always good, always get posted right before I think she brought up and then I was also like, emailing Ryan, or how
I was doing that, which he didn’t respond to, I’m going, I want to attend the meeting. When is it it gets posted, like seconds before it happens. I’m always late to it, you know, like, healthy out. And as far whatever would happen if we just put it like on blog sec.org right there every week time, you know, eastern time we we do this call, like, here’s the here’s like a shortened link for it.
I wouldn’t care if we would just get like
five times a month people
finished. I really like that. Or like that, like, also commitment. And like in sort of an area if you have a page like how do I get involved? Like, yeah, click on this link.
websites are like a blockchain, right? It’s immutable
might might be out of gate, and then you’re stuck with it for six months, before we actually get more,
it’s like more beautiful than
Yeah, it’s just like it’s more visible. And what has once been seeing the unseen,
it’s like a classic.
So is there any any other topics anyone would like
I would like to, I would like to understand the status of the 19 release.
Because the Android SDK depends on the feature branch. And I would like to move
it to the main release of blockstack.js.
Definitely Ken’s on vacation vacation is kind of status in the dev tools,
and it’s just been pushed back my whole day and then can be out and him being in Hong Kong last week.
I mean, we do have a working on MPM that you could use it’s like an alpha version. I don’t know. I mean, I know that might not help much. Um, I believe it’s, I believe, it’s on Ken’s plate for like next week, I’m not sure that it’ll get emerged next week.
But there is a little bit more work to do in terms of a migration guide, and backwards compatibility work, which is not done. And so I guess that is like a blocker for the release.
I have a, very, like open ended topic. If nobody has anything else, like more of a
or like something I was hoping to share with everybody at some point. But like
this is, this is a good time setting.
So I think we should do an npm beta release of the new protocol detection
stuff. And so today, just reviewing it now, you’ll be able to actually test
how it works out.
But yeah, I think we should do that soon.
We should also emerge and probably actually released the browser because there
should have no effect on anything and tell the block such as the end user. And
that’s kind of a prerequisite which change so the browser has been updated for
users using the native application to have thi have this whole thing worked out.
Yeah, it’s like a prerequisite
for it to work out. But it’s still everything still works just as soon as it
doesn’t have kind of like challenges getting everybody to quickly like, there’s
like a long tail.
Yeah, and this has old designed to be like, backwards compatible with different
versions. So I think that should be okay. Yeah, and talking with an Hank and
Mark and I looked at this a little bit, and Hank you to actually had a chance
to, like, test actually testing results, right?
Yeah, I have. um, I think it’s, I don’t think there’s going to be any changes
required in the browser. The question on the browser is more of we have, like,
returning, returning kind of an epic of of related are very unwieldy bug fixes,
mostly, like quality of life improvements, and improvements and stuff.
And I think a lot of that’s going to be done like this sprint, as in this week,
next week. And so I could see a release, like towards the end of next week type
of thing. And we do include that I’d be more hesitant to do a release earlier
than that, just especially because we’re doing this hot fix.
I’d rather I don’t know, I’d rather just kind of move a bit more slowly and get a whole released together that we can test out.
Yeah, that’s a timeframe is good, like next week, maybe?
Yeah, I mean, it ultimately. So you’ve got a pull request open for adding the echo response to the browser. Right? Yeah. Ultimately, that needs to be reviewed and QA first, right?
Yeah, and those changes are pretty small. So you keep on this picture, it’s an
npm be released that we get out to developers to test before us before it goes
Yeah, and I think we probably have that we have three or four developers in the community
that really really
want this so
Do we know exactly who they are so we can ta
to talk to them now
just and then people that have been replying to
so they’re already involved on GitHub,
the other like they’ve
tested it is fantastic
okay with the empty books Yeah,
one One day I was testing on like a combo I forgot but
it’s really happy to see it
actually the question for you about how the work centers currently working through on
I noticed that the way you’re doing this is through an echo reply key set an item in local stores as unique per app
what happens if two different – if one’s habits able to guess another’s echo reply
echo reply reason being is that we do the code reply early detection
code you’re getting an echo reply key from the query string so if tab a is able to guess tab
bees echo request can’t tab a intercept tab be an indication and steal tabs b applciation ke
applications it’s it’s still a scope to cross origin. So all this happens in the context of that web app. So
it’s in graphite I only have access to local storage and then when graphics
web app is open for the attention of responding with echo replay
unlimited has access
to that local storage funny matter of local stores, though it’s a matter of Can I guess your echo reply
like No, I don’t think that the echo reply protocol like has any security implications here
The echo reply is only to decide whether or not you should attempt to open the link with the blocks that protocol handler or just redirect directly to a blockstack.org
So like, if somebody had a tab open that like replied to the echo
in like, guest the landing key that you generated, like, all I would do is cause your browser like, cause the app to redirect browser I to blockstack.org instead of the local app
was actually the opposite I think,
yeah, and actually the opposite. So get handled by whatever the blockstack protocol handler is installed on your computer.
Alright, so it doesn’t need to be backward secure. Or I guess
no, I don’t really need it. It’s for like, really edge
where users and clicking sign on a blockstack on the same browser on the same website, but in like, different tabs
multiple times. And
then so the intention is so that their replies go back to
the tab that started it.
And as long as there’s no way for interception that I guess my main concern there,
just the next week will release the beta of the
and the full block into changes, right. The beta Yeah, the browser,
which should that one, I don’t think we should do an update, I don’t have to read you native betas for the
browser. Not yet.
And so I think as long as we get a couple people to review that I think we can actually just merge
probably at least find Justin and others jump on it
shouldn’t hear from their users
can get the course I guess
it’s kind of feeling
okay, what’s wraps
anybody in the next week
and then the following Friday? Well, we don’t want to release on a Friday
get a bit of a
spring right? Yeah,
actually for testing this out. Since you want to have the updated native app install I think maybe we’ll try to get like a Mac
build for the native apps that’s what I think most for our testing with right now you can do on Windows but
the other devs that are in here. Who else we have from the community.
I’ve been reviewing like the like surveys, and the last, like the notes from
our past conversations, like all talking to different teams. And I’ve been
talking to, like, we talked to them about collections. And we’ve had a lot of
internal discussions about collections, but also talk to them about like other
rails, which means like, the inbox is I think, and also some, like, easy ways to
push notifications, and maybe even email invitations.
And those are like really clear, I would say, like, validated things that people want and the way to utilize on their apps. It very clear and straightforward and kind of like, not not theoretical. So I was thinking about like, like, one one thing is like, for years, like working on a chat
like an interface , and that’s kind of related to this. But the other thing I was thinking about was
as it’s more of a question, like if you were if you were using
different apps to like, chat inside the apps with other folks in any way, like chatter message could be anything it could be like liking a photo, or it could be like literally a chat back and forth or whatever would that actually be a collection that you’d want to report into other apps essentially like user control data fully which means like you can access communications from what we’re generating one app in any other app that
that you gave permission to and almost like essentially to me like looks like
almost like email right like any email client and open up all your emails
essentially and anybody that’s sending a communication on blockstak like where
it’s essentially putting text in your in various people’s Gaia should that be
sort of like have a schema or any app can can adjust it and use it however they
want, right? It’s kind of a question just kind of to me means like, we don’t
have to work on collections or, or messaging features, we actually like to them
as one like first big collection should be like a messaging collection and
whatever, we need to implement it and then offer that essentially like anybody
can use that in any app.
It’s an idea like something to work on
so what is the actual question?
I think, I think it’s like, as anybody ever thought about it like that, as anybody has already. forum post,
I think Jude gave a great presentation last week at the meetup that we had here
that like that, I think it’s a first I think it was huge presentation. But, but
the idea of reversing, like, like, right now you have apps to talk to servers,
and the data is behind the server. And then here, you switch the location of the
data, right? The the apps talk to the data, because that’s essentially what
Yeah, like today, you can definitely enter, you know, pull out and read any data from any app right now, I’m just need to know the Gaia hub prefix which you can get from the profile
because you have to know about all the other apps schemas.
Yeah, I’m almost repurposing the most that we like, if we take on a project to
make our messaging really easy. And blocks that apps that you approach it as a
collection, which means like, if you if you do it, if you implemented in our,
you know, kind of like sanctioned way It means other apps can adjust message
history. So, like, I always use use travelsack, it just feels like a very easy
to understand app to me, like if somebody somebody comments on a photo, and then
somebody else comments and somebody else comments, right, like another app could
ingest those those comments and use it in some other way. If you give them
my thinking about that the right way? Is there any reason why we wouldn’t do it like that? There’s one other concern, and that is
how do you met? Whether the question is really I think, to me is whether or not
you want to manage collections as a separate entity versus just a series of a
well formed data sets across multiple apps. Here’s a good example of this, like
your pictures he did. He wanted to treat pictures as a first class collection,
that would be a separate key that’s independent of all
you’d have a separate key life cycle for it,
you only be able to attend to it wouldn’t be able to delete or modify them. Otherwise, any I could be able to do that, for example,
or like, you know, affiliated one athlete to a partial failure collections
yeah, you’d want to have
the trick, though, is that if you want to go that route, you’re going to need cooperation from the authenticator
how to make sure, for example, that you can’t, you can’t break them
and break the API promise
that it makes
the other route of keeping a separate app based
like that, definitely easy way to do this would be to create just like a specialized like collections.js library, where like, anything that you store by a collection such as can be layered finish with collections. And we have different types schema that’s reach the data, but it looks like with your data is your collections. And we started across all your apps, like there’s a collections folder interface, basically. Yeah, and each of your apps and then that’s it under that prefixes.
I think it’s more based on what we currently have for this provides developers with a better way to basically push and pull from that, right.
Yeah, yeah, just that you wouldn’t have this notion of
you would necessarily have a notion of like, collections that are private to you that you wouldn’t be able to access so. So here’s an example like it was you have a private document in graphite and you’re trying to use another app like Stealthy, we’re not going to say to us, like, no, right? Like that, that document is private and graphite
that you’d be able to get it
you would need the key programs like to do this, if this is really an authenticator needs to help you out need to pass like key was dangerous, or the needs to be wholly separate collections facility that were like more aware of, for example, the authenticator immediate access your collections and keep the collections key separate.
Yeah. So that’s the approach I’m planning to take like I’m planning to provide API so if you guys come up with collections I’ll use that if not I’ll just like
make up fake app domain like photos dot something rather right and use that as a use that as a janitor private key, and then the like, like, have an API that browser provides like the apps they can rewrite photos or whatever they want to do and then if they want to like Roca, they just click someplace and turn off.
I think ultimately, I think ultimately, like, like the theme of my my
talk last week was a need to have like software in between, like this, your data. And then the apps are trying to use it to like, mediate
pretty it’s really hard. So because I mean, people already have expectations around this, like you have this on their phone, right? Like you get rich access to your photos you don’t want we just had I just devoted to turn off your phone.
So if we don’t, if we don’t put a filter the latter thing that you’ve described you, then we really don’t know
you, when you often you don’t actually know
what the app is trying to access. It could like, we don’t have any sort of, we could say like this app once is going to access your photos, whatever. But we don’t actually even we can’t really tell like what it has access to what it does it is it grab it from all apps are from all the other apps or like a subset of them are like you don’t really have any exposure to what it’s tempting to access. Whereas if we like lock it down, these we would be able to understand that is trying to access
everything in the collection. Right?
Yeah. So. So the way that the way with this would necessarily work is like for each data type, you’d have a collection of photos would be a collection documents be a collection,
there would be separate piece for
reading and writing different collections. It’s just that if you share those keys with your
your app that has the ability to
it, the revocation story gets kind of messy, because you have to be key every other app permission from what happened.
Yeah, so I think that the way to think about this is that like, you actually like, have like, two totally separate concepts. So like, one is like sharing encrypted data between applications, which is the story of like, how to do untrusted or less trustworthy key sharing, like group key encryption and stuff like that group key management. And then the other is just like
a story about standards, which is like, you want to have basically file types that are across different applications. And there’s like, no reason to hide the doing these at the exact same time
just like trying to develop a really complex article that might not be used by anybody.
Oh, that sounds like a job for some standards organization. I
I think I was I think my, my bigger plans. I kind of
Yeah, I shouldn’t, we would kind of do more with what you said, like the latter
kind of more rigorous approach.
And I just think the other point I was, I guess, kind of make more question for you guys is like,
if we just if we, if we think about in boxes and making like messaging easy
on blocks that apps and we have ignore these considerations, we just discussed that I’m thinking we’re gonna have,
we’re gonna have, like, we’re going to encourage, like a fragmented message history, all the different data schemas across every single app. And later on, we’re gonna be like, shit, we should have thought about that. More of a collective like, more as a collection itself?
Well, I mean, given inboxes you see inboxes, right?
This case, I think inboxes is one component of it, basically making they basically making it so that like, there’s a really easy to use solution for putting messaging app, which is like, I think something that like, half the apps are like, have done worked on or
Okay, in some way. I’m a little confused with what you mean by
the messaging like comments, or do you mean, like notifications or
all of it? We may see there’s actually a different access patterns.
Yeah, right. Under the hood mechanism,
I think like, what if we like, just what if we were just talking about like email, like what we just said, we want to build like email in blockstack that other apps or apps can share an inbox or you’re eating, you can access your inbox, the same inbox for different users, then I think it’s going to be a lot harder to have a sharded data schema, because you need to do reason and writes on various different, you know, aspects of this. And you also need like a shared inbox
until I get more sharded approach, I think, would make this a lot more tricky versus one collection. And the collection has an inbox and one, you know, storage address path.
Ideally, we want to be like iOS, right?
Like permissions can be granted
a mind using an app for the first time later, you can regularly like, turn off access, the apps that are granted access, have full read and write access. I mean, we could just provide, like, read or
or app, I suppose if you don’t trust it out until
But like, that’s where we want to go, right? Like, we want to have that level of sort of
cross app permissions and sort of functionality. We don’t want us to say it’s
this. There’s there’s two things here. I agree with the mark mark saying
these are two things like there’s one
one is you this this data structure thing, like what you could use for messages, like Jeff said, and then to you have like, this idea of a product like blockstack messaging, it’s really easy for app developers to like, add into their into their thing
is that are present manner to my account yet?
Yeah, good, good. Yeah. And I get this, there’s different like, under the hood, it’s all it’s all different, right? If you’re doing like to do push notifications, or the inbox is or you want to do an email like thing,
I get that it’s all implemented differently. But I think the
one is, it’s just made more tricky, because the way our picture works, like, if we were doing it just in Firebase and building an app, it would be more straightforward.
I think, like
I might, my goal would be like to achieve to achieve kind of what is pretty easy in decentralized world, which is, it’s like, if you want to have allowed to users to communicate you your app. It’s like,
not that hard to do
it. But but it’s part of our life that you’re proposing that perhaps
it might be easier to run
data collection and messaging at the same time.
Yeah, or, or I’m almost, maybe I’m asking the question to, like, if we
focus on providing focus on making messaging, like, work well, and easy to implement nice user experience, if, you know, six months later, we’re going to be like, whoops, we should have approach this as a collection. Now.
Now, like now, like, we’re kind of almost like, we almost be like violating our, one of our promises, which is like, you can you have control over your your data fully. But in this case, we didn’t do it like a collection, essentially, each app with we’re like
to maintain it on their own little database or something like where there were, those messages are organized and stored,
still access other apps, because you can still do that today. Just
we believe what we really need is like a group keying mechanism
under the hood. Because what I like that, that’s, that’s a hard engineering challenge. And once
you have that,
most other things are pretty easy.
Yes, I guess, like,
email example is easy. You can say, like, what if I create, like a messaging app, like, I’ll do whatever, I send a bunch of messages back and forth with people. It’s like, it’s like, you know, it’s like an inbox as an email like behavior. And they’re like, I don’t like stuff anymore. I want to, like, use whatever. So it’s a new thing, right? You should be able to just open it up and important, completely agree. So that
suggests that would work is sign like
very narrow features
are like, almost the exact same feature and experience from Africa, right, like it’s one app, add any value beyond like, just sending messages, then that wouldn’t exactly get it over to another they want to consume.
Hey, I see.
You’re saying so. Like, there’s been to this in the past. So there’s a whole protocol excellent up around this, like, like, it worked pretty well. Google’s able to, like scale chat and video and lots of features or extensions, like, um, I kind of like the idea like, let me see, I’m getting this right, Jeff, like, are you sure suggesting that like that, like, we get like a team looked at, like building blocks that chat or block that email as like a feature, develop a platform platform feature, and then build the necessary primitives to execute on that, as opposed to building some primitives and then figuring out how to use them later, is that sort of, you’re suggesting,
yeah, so I’m saying that if we, if we really sat down and really like
thought through this, you know, kind of in the long term view, we would sort of sort of arrive at the idea that any users generated messages with apps are within apps, and they should be able to import them into other apps in the future. And if we don’t,
if we don’t,
maybe we can add this later. But like, I’m just thinking that we’re going to our conclusion is going to be that that’s the right way to do it. And so we’re going to do it sort of saying like, should we just sort of tackle both at once like think about it as a collection and also also solving the problems necessary to make it work
that way there’s a lot of work when I when I can explain from wechat and I think that at the moment isee, he had like a research and development project called blockstack like messaging,
it’s not based on Guaia it’s based on the metric network. And this is like x MVP, there’s all the features Larry mentioned.
But you can what I did at the moment is I generated accounts for each identity address and also for the addresses of the from the private keys
one has different possibilities to communicate and then you invite these addresses into rooms and maybe these rooms could be collections but that’s something just to try out and see whether it makes sense and then also and Matrix they solve the problem of group messaging encrypted group messaging with murky murkier all in this code, you have doubled this way you progress keys in the encryption and only the person that joined
at the beginning, can read from the beginning, the only you’ll get the shared key if you join, whenever you join, you get the share key for the future.
So then lots of things that might solve some problems that we try to solve for success. So
and I implemented yesterday an example where an animal kingdom, you can talk to
a chat app. So there’s, you can experiment how this works and how it looks like.
And then I can be a see whether it fits right or not,
I think we should assign both of these tasks as research to somebody on the engineering team
one state elections once messaging can be the same person perhaps,
if somebody wants to do both and take the when they get research with, like,
all the various solutions to this, and we just compare the two we say to these fit for additional validation, or we say now this one first one, because I think right now is to me, it’s too hard to know
what’s going on. Just sort of start thinking about this and sort of Yeah, really looking r&d thing. And you could demo for us some time to for you.
What the team wants to research data collections more
than anybody else, for example, like, Who’s most passionate about getting directions? I can’t get it might be, but I’m not sure.
we already have, you know, proposals and like basic specs for collections and in boxes and like, they work well, for a certain context, I think what’s not clear is like what we’re trying to solve for
like fully, like everybody, like they’re good,
I feel like they’re kind of like, half bake sale is that
like a forum, and it’s kind of like, there are materials come to that we have a spec or project there yet. He I mean,
I’m just unsure that what a critter state is like, I don’t know that it’s, it’s
time to research out a proposal because we can, we’ve been talking about a lot
of different scenarios here, and proposals would sovle for different scenarios.
And so I’d rather just continue this conversation
and be like,
and figure out what feature sets were trying to solve for and then go more into the research of how we would do it. Yeah, that’s cool. I’ve got some ideas on how to get more clear on that. And I’ve read the proposal previously. But you know, yeah, like a few days later, I forgotten a lot of details. So I was like a calendar to say, let’s talk about the questions. I’m asking
for an hour, and then
we’ll come back to it again,
we just keep moving forward to it.
Cool. I didn’t I go to follow up with a few of the apps
and kind of briefly, but I think they’re trying to publish to what the requirements are from their point of view, and then bring that back.
I’m actually curious to know how are Grinch the chat messaging works with insofar as sharing keys between apps, you want to elaborate on that trigger
I haven’t done that.
If you create a room and metrics you can enable peer to peer encryption. Yeah, PGP encryption, okay. And then everything happens magically.
So I so I read a bit about double ratchets i you do if you do encryption, but
I’m not perfect.
All right. Thanks for sharing. I was mainly curious about like, how we could I mean, like I mentioned earlier, I can guarantee grace to me, no pun intended. The key challenge to making all of this work is really going to be a mechanism for doing group key management, group encryption, key sharing and key rotation. So I was wondering if maybe matrix had some insights into how to do this, or whether or not openintent has a way to do this already.
I think that make our own algorithm is the right thing to look at
it called make our own algorithm. Oh, and
Um, I got it.
Yeah, I think that the the, like, the thing to do for messaging would be, I
think, at first till just like punt entirely on the grouping friction challenge.
And just try to say, like, Okay, if we implement messaging, we want to do it in
a way that like, the data types are going to be sound and digestible by
different apps and trying to solve the group encryption problem sort of later.
So that’s like messaging would be solved as, like, you know, actually what it
takes to do messaging in an app in like, a sufficient way, like, part one, part
two would be like, kind of the collection you part, which is like ensuring that
the data would be digestible by the app, if it had access to that data or data
was public, like not encrypted any degree at some later point, like we can do
to support encryption with these collections, basically, the first the first
project conscientiously, for the second one by
this yourself for the second.
So if you view the encryption have some like, just like magic function that’s going to be applied to data at the point that you want to do collections in a more secretive way. And just like public data,
yeah, they’ll give you 80% of the functionality.
I see Larry’s now doing a shit jude says tweet
me to read that to you. I just said heard,
it’s a public meeting, I can live tweet it
and ask more people about this. And just generally try to get my head around around, like, what’s been done here, and what still needs to be done.
Definitely one of the, like, bread and butter use cases that are like, sort of
functionality that a lot of people want to add to their apps. I’ve heard it
like, you know, dozens of times one of the awkward to have something, you
know, 30 like, you know, some way some work around or they’ve done their own
thing or whatever. So
Yeah, getting getting a standard way of us in place is going to be getting buy into that it’s going to be
the more so
keep doing the key sharing
I have a question
just generally next, at its core is an index, right?
So when we talk about expanding indexing functionality,
are we talking about expanding the blockstacksore that before because I think branding is also come up as
blockstack core indexes the blockchain and nothing else we don’t
have a that
that’s me by wholly separate process, there’s actually a whole search in that runs alongside
blacks core on board, I’ve watched center org
when I hit blockstack core at the end of my profile section
that’s not blockstac kcore that quarterly network routed through books that
we have an API front end, like an engine x front end where like, the search queries are actually passed on to like a MongoDB it’s just
a little side thing. Yeah.
So it’s not part of what you saw blocksstack core you’re not getting that you’re not getting
a bonus. Yeah,
it’s an add on. Okay. So but that could be that out, I’m gonna be the next or that could be like the, the embryo of an index or sorts, right, kind of really knowledgeable query through that way. I prefer
to have heard if we don’t end up becoming responsible for
everybody’s Gaia hubs,
like find all their apps. And that’s basically its job day
like this will this
this can become extremely difficult to do first of all, and also extremely, extremely bad
if it goes offline because people might depend on it.
And then important thing I mean, you can also run your own core node pretty easily
but yeah, keeping track of everybody’s every apps data schema so we can index them is a huge buracratic overhead that can be better just making each
or or runs on racks or
just seems like convenience wise
people already query before they turn into this but not not updated just profiles right.
never someone Someone was asking I’m sorry, just under the like along the lines of indexers. Someone was asking me about the graph which is the graph comm which is I don’t know if anybody’s heard of that scalable queries for decentralized feature and it seems to tackle this problem but like in a very least from the website very fun way the way so I’m not really
not really sure the graph the graph.com
I spend about 20 seconds looking at it um
yeah I don’t know didn’t didn’t immediately look like it would be useful
yeah I’m not impressed
I mean look it looks like the crawling IPFS using state that you can glean from a Ethereum and smart contracts and building up an index over that
so if you assume IPFS
Sure, I guess it works and it’s something I PFS can reliably get you data back
which is a pretty big F
m Okay. Cool. Well, I just like to point out because this came from a conversation
some of us have that were like can and then he couldn’t make it to and one of the meetings in Shenzhen last week. Like some developers immediately zoomed in on the problem that like you can’t query data that’s stored cross Gaia hubs easily. Um, I know, we know we have we have sort of some solutions for that. But we don’t have like, a really clear can we can point out like, this is the solution like like it is up to your standards.
So that’s like a question keeps coming up.
So might it might like from a product perspective, like make sense, the package whatever the solution is up in like, you’re like, hey, engineers, like you like to do join queries on lots of data. Like this is where you used to do it.
I mean, that’s like, roughly the the problem that like Radix tries to solve Right,
Blockstack.js is probably the best
place for like developers to have an API for that sort of thing like
a cev comes off the street and especially blocks that affected
so you think okay, this Why am I methods right if there’s a method of there our users However, it’s, you know, of course, the back end
which like I want for your costs, my users or whatever, that’s going to be the most successful thing. So
how are we sort of make that work? That’s kind of where my mind goes with this?
Is that some writers that like one actually, because it will be different thing like outside the box? actor? Yes. And so the problem, the problem is that it requires basically a server component
to help with indexing
Of if we don’t if we don’t help with, like finding host to
No, basically no matter what, like, we could try to come up with some like
scheme where we index all application data, but that’s really hard, because
like, I guess application data could be indexed different ways, though, I guess
we can provide a library that it’s like, if you build your application data in
this specific way, then, like our index index, it
probably is always the number one
yeah, if you’re gonna if we’re basically being asked right not have to re
implement site maps. Yeah, and and then we implement web crawlers that process
those site maps. So we can build up reverse index it reverse keep first indexes
that map key phrases or keywords to Gaia hubs.
Yeah, basically became Google. Yeah, I think it’s like, kind of
back that could be okay, I could totally be okay. It’s just that I feel like this should be like a third party service or like a different product from
Oh, yeah, definitely be a different product.
And the question is whether or not we, we, like provide this protocol to people
that like, if they act within it, then, like any public indexers able to index
their application for them,
I mean, we think Radix I mean, pretty much already built in a way that we could just host a big instance of the RAdix backend server. And it could be similar to Gaia such that we, we host the public one that’s free and whatever uses to us and then you could also run your own,
but it would be, you know, it’d be like a high
that’s a lot of data, you know,
what’s up CPU and bandwidth to who would not be somewhat costly to run a big one
of these that kind of also breaks like our promise that we’re not gonna
we’re not going to gather your data and holding the database, right. Central
will be encrypted, it would still be the same exact issue of guy where anyone can read and it would just be encrypted content.
yeah, we can’t read your data anymore than your ISP or Azure
can. This is
really just, it’s really just,
it’s, it’s no more violating that promise, and Google violates the promise server.
Unknown 56:22 But in order to make use of it, then you have to essentially
like, download and decrypt the entire entire index locally to make use of it as
an app developer in that case,
sorry, yeah, if you wanted to query encrypted data Radix like I’m working on
functionality where you can in a smart way, it can just basically download all
of your user data, like not even just all have data, just apps data related to
the user and then like groups that you’re in, and that would be much smaller
subset, and then you could keep it cash of that in the browser and just think
downloading data constantly.
Yeah, I mean, this
is like, not my area at all. But like, for like, that would break at some point, right? Like, or what if I want to search tweets, like, across all users, right? Like, as far as our messages to the right,
if it’s public, it’s fine. Yeah,
literally no different than what Google does. Now, Google can crawl your data,
if I put ciphertext online, you can query for it. Yeah. And encrypted.
Private is a small, like each user is kind of much smaller. Add to that
you read that in the browser, right?
I mean, I’ve been talking to Hank about this, I think we should like
whether we do it this way, or whether we just like, release it and say, like,
blockstack supported thing, but it’s like a side project that’s like, heavily well documented and heavily suited for blocks that quick, whatever, one way or another, we should like actresses up and release it and see what people make with it. Yeah, I would love to see like
Where radix goes with this honest I feel like I should put into shouldn’t feel like part of the official SDK because everyone who has any sort of cross user query concern is inevitably bunch of new products or somebody from electronics raise
it had an interface in the SDK for this it gives me very important
yeah and I would rather have everybody use an RAdix deployment for indexing the
content that you can later swap out on your own doesn’t have every app try to
build their own proprietary index
because we do that with Gaia Yeah. Yeah. Like our approach we say well there’s a hosted an evil where user
yeah so the long long term I could definitely see like Roddick’s be official and and it would be something you’d on sign and you would pass in the preferred products
end points would crawl that for yo
don’t go for your calling for you configuration
without browser to that we didn’t have a three things
yeah we do have a chord with me I will do that also with with the next one day
plus i costed Radix server would would be cool because it would be it’d be a super similar to Firebase. And then you would just you would also be able to say, if you want to run your own someday, it’s pretty simple open source, you can just migrate all the data or whatever.
just like how we passed in. And also like apps can ask them their their recommend ones,
just like the Gaia hubs.
Jessie J Wiley is working on some sort of core extension for indexing right now. And I don’t know what that’s different
it’s it’s different when he’s doing is he’s taking the index data, the I read a profile data and putting back into a pocket so people can download it to other indexes over it
download the whole thing or quarterly against it down the whole thing on those queries?
I don’t believe so.
But given what a query like
all the users that tracker app, I can’t really do that with the
It’s like, but they can do it this way that you’d rather you get the JSON you just parse through and see which ones
that come around the profile it’s still
very profile oriented yeah that’d be a core that’s like a limit
and even then it’s not when you when you download some
looks like or you don’t get that that sounds like it’s almost like a separate service
I love it if we would really like yeah come to some kind of a shipping event on
this and just get in the hands of people that have already implemented something
like this day but kind of feel that it’s like sucky and it doesn’t work as well
as I like
this article and be like hey swap swap it out of this work with Hank and like
let’s kind of go down to jail worked and then we can do a little bit of
document efficient and really releasing this feature
anyone a radical have when you load it via your web browser it’ll have a bar saying like search for this or I’m feeling lucky
I gotta run everybody.
See you later.
Transcribed by https://otter.ai