Apps4Life's comments

Yes. On web2 you may need passwords and have to worry about how secure your users passwords may be. With web3 you can assume as a default that all users can use 256 bit keys with near infinite security. This is possible on web2 as well but isn’t feasible as it’s too hard to convince all of society to start using 256 bit passwords on existing platforms, whereas on web3 it’s a pre-requisite.

The answer is not binary.

The answer is not binary

𝗪𝐡𝐲 𝐢𝐬 𝐭𝐡𝐢𝐬 𝐮𝐬𝐞𝐟𝐮𝐥?

There are a few reasons you may need to be able to prove who you are without revealing who you are.

Suppose you desire to share many different pieces of information online but must remain anonymous for security reasons. Since you are anonymous, you have no reputation online and therefore no trust or credibility. You can release one piece of information that will later prove to be true, thus gaining credibility for yourself. People will now take your information seriously, except you were fully anonymous, so that credibility is useless to you as you can't claim it in the future when sharing future information. What's worse, others may impersonate you, claiming to be the original author of the first piece of information, and then share bad information thus soiling all of the credibility you built up.

With AnoProof you can sign your first piece of information with an AnoProof signature using your AnoProof secret key. Now, once it gains credibility, you can sign your future informations with your same secret key. Using AnoProof, anyone can verify that the future information (signed) was authored by the same anonymous author as the original credible information.

AnoProof doesn't always have to be used anonymously, another great use-case for AnoProof is in proving your known identity, online, in an ever increasing world of spoofing, deep-fakes, and general impersonation.

Consider the case of Leoni AG, in which the CEO instructed the CFO to wire transfer $40m to an offshore account, the only problem for the CFO, it wasn't a true eMail from the CEO, it was a hacker pretending to be the CEO. Had the company policy been that all instructions of such nature must be signed with an AnoProof signature, the CFO could have easily proven that the hackers weren't the CEO.

This example was just a simple eMail spoofing, but imagine a few years from now when DeepFakes, SIM spoofing, and a combination of other tools will allow a hacker to video call one of your employees, and pretend to be you not only with caller ID but visibly and audibly as well. Signing protocols like AnoProof will become more and more necessary in the identity verification crisis realm AI will bring us towards.

AnoProof works by appending a signature based on a hash of your message, to your message itself, signed by a secret key, with the public key encoded into the signature itself. This utilizes SHA256, Elliptic Curve asymmetric cryptography (ED25519), and a custom base-256 encoding scheme to ensure that signatures fit within half a tweet. This whole message, for example, was signed with AnoProof

AnoProof:ǀƩNJƴǟƩŕǪśǮƐƃŘĖǓĢŸƌƒĽŽǖĶĥĶĜƓğƏǍǞňśćDzķƂŋǀşĮŮǀƱƤƒƎĄŬţĐƯŸǨǭŷœǑŠƠƧDzŚąŦđƪǬŊŖƴŞūƿǫNJėǮĈŌğĞěǘƌĊƈƪƤƷLJńǣŨŘʼnĀƘǻƪǓijĞŗōįŷƧĈǚĕŪǜƣǥǚǜŴǁĽſļƣƌēƀŋǼ

AnoProof allows the reader to verify that two messages were written by the same anonymous author.

AnoProof allows the anonymous author to prove their identity in relation to a previous writing.

Thanks, I'll try that now!

AnoProof allows the reader to verify that two messages were written by the same anonymous author.

AnoProof allows the anonymous author to prove their identity in relation to a previous writing.