this post was submitted on 07 Oct 2024
201 points (96.7% liked)
Firefox
18050 readers
86 users here now
A place to discuss the news and latest developments on the open-source browser Firefox
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
@felsiq @sugar_in_your_tea
IMO a solution that doesn't use a blockchain is better. The premise of a blockchain is that either (1) everybody keeps a copy of every website everyone visits, or (2) there's a trusted party (or parties) somewhere that compresses the database.
We already have trusted parties on the web, and recording that much duplicate data is bad both for resources (bandwidth, energy consumption, disk usage) and for privacy.
There's a whole field of blockchain forensics and it will get even more interesting as quantum computers with more qubits start spinning up.
Really sites and visitors just have to agree on a signed bill/receipt and hand the transaction over to any existing payment processor.
Your other points are absolutely valid, but privacy-wise I’d much rather have my data associated with an anonymous wallet ID than any payment linked to my real identity
@felsiq
Good point thanks for catching that. The receipt itself can name any anonymous identifier like a crypto address. I was just intending to note that the blockchain is essentially a wasteful timestamp server that doesn't seem needed for this application.
As a practical matter, the website has your IP, when you visited, what you looked at etc. So you already have to trust them with your privacy. And there's a question of whether public policy would allow web traffic to be untraceable by default. But certainly the payment processor doesn't need to know things like which websites you visit.
Minor correction: the website has my VPN’s IP 😂 I don’t trust random websites with shit, personally. The payments not being tied to your real identity would also not make the web any more or less private than it currently is - just the alternative would remove privacy. Again tho, I’m not tied to crypto specifically and would be perfectly happy with any payment system that maintained user privacy. I just don’t want to see a feature roll out that gets people jailed for visiting lgtbq+ sites or some shit when their payment providers are controlled by fascist governments
@felsiq
> that gets people jailed for visiting lgtbq+ sites or some shit when their payment providers are controlled by fascist governments
If that's your threat model, then there may be an additional threat of timing analysis on the blockchain.
If your threat actor has the resources of a nation state and is able to tap your ISP, the site's ISP, and your VPN's ISP, then you probably also don't want a permanent pseudonymous record of your activity in the form of a blockchain.
This is just an initial thought; I don't have any concrete reason to believe that blockchain forensics + timing analysis is any stronger than just one of those on its own.