Skip to content
Snippets Groups Projects

Update 2016-05-13-Introduction-a-la-toile-de-confiance.md

Open Scan le Gentil requested to merge scanlegentil/website_en:patch-1 into master
1 unresolved thread
@@ -8,24 +8,24 @@ Thumbnail: /images/network.svg
Duniter is a software which allowing the creation of a free money as described by the RTM (Relative Theory of Money). This theory implies that monetary units are co-produced by each of the members of a given community. It is therefore essential that the members of the community are identified and recognized.
In a word without dishonest people, a simple declaration of identity could be enough to become a member (and thus co-produce monetary units). But in our world, when it is about money, cheating cases can potentially come.
In a world without dishonest people, a simple declaration of identity could be enough to become a member (and thus co-produce monetary units). But in our world, when it is about money, cheating cases can potentially come.
Actually, it is tempting to register with many identities and thus produce a surplus of monetary units for its own advantage. This is even more true when it is about digital identities and when it is easy to create as much as we wish. We call such a thing a *« sybil attack »*.
One should ensure sure that the members are disposing of only one digital identity.
One should ensure sure that the members are owning only one digital identity.
## Who is to trust ?
How to ensure that the members are disposing of only one digital identity ? Which organization is necessary ?
How to ensure that the members are owning only one digital identity ? Which organization is necessary ?
There are two types of possible organization : the organizations with a trusted third-party, and the self-regulated organizations.
To illustrate the organization with a trusted third-party, let's take the example of population census. These is the administration of the state which « creates » the identities and registers them in different files (aka, data bases) of the state. These officials are acting like « trusted third-party » in the name of the state. The control means used can be administrative documents (maternity declaration, proof of address, ...). These means are far from being foolproof since it is trivial to create fake documents (and then obtain real-fake papers). This system is based on the judiciary system to deter fraudulent behaviors.
To illustrate an auto-regulated organization, we can use the example of the queue area. People arrive one after the others, even if no one is really delighted to wait for his turn, each one respects the rule, which regulates a queue ; first-come, first-served. Given that everyone knows who came first and who came later, anyone is able to control that there is no cheating. To violate these rules expose us to a strong social disapproval, and an exclusion of the queue.
To illustrate the organization with a trusted third-party, let's take the example of population census. These is the administration of the state which « creates » the identities and registers them in different files (aka, data bases) of the state. These officials are acting like « trusted third-party » in the name of the state. The control means used can be administrative documents (birth certificate, proof of address, ...). These means are far from being foolproof since it is trivial to create fake documents (and then obtain real-fake papers). This system is based on the judiciary system to deter fraudulent behaviors.
To illustrate an auto-regulated organization, we can use the example of the waiting queue. People arrive one after the others, even if no one is really delighted to wait for his turn, each one respects the rule, which regulates a queue ; first-come, first-served. Given that everyone knows who came first and who came later, anyone is able to control that there is no cheating. To violate these rules expose us to a strong social disapproval, and an exclusion of the queue.
example of the waiting queue
Please register or sign in to reply
## Web of trust
@@ -54,7 +54,7 @@ An individual, who whishes to become a member of a community, has to issue its d
On Duniter, a digital identity is composed of :
* a private cryptographic key, knew only by the individual and not broadcasted to the network, is used to sign digital documents
* a private cryptographic key, known only by the individual and not broadcasted to the network, is used to sign digital documents
* a public cryptographic key, knew be anyone, is used to check that a document has been signed by the private key of the individual
@@ -87,11 +87,12 @@ To prevent this attack, Duniter ensures that members are close enough one to the
<center>![2 steps](https://framapic.org/4LNI8XX2JAJt/HY1s3QndhJS7.jpg)</center>
When an individual is susceptible to become a member (that is, he obtained enough certifications), Duniter runs the following verification procotol :
- Members having received and issued enough certifications are used as "checking points" (referent members)
The number of certifications to be issued **and** to receive depends on the number of current members. N is the number of members, Y(N) is the number of certifications to be issued **and** received for the member to be considered "referent".
For an identity to become a member, there must be a path of *stepMax* no or less than *xpercent* % of referring members to the identity in question.
For an identity to become a member, there must be a path of *stepMax* no or less than *xpercent* % of referent members to the identity in question.
st
In the case of the currency Ğ1 *stepMax* = `5` and *xpercent* =` 0.8` (80%)
Y (N) = CEIL (N ^ (1 / stepMax))
@@ -128,7 +129,7 @@ There is one similar parameter used when new members are registering.
As we saw previously, to become a member, an individual must :
* publish is declaration of identity
* publish its declaration of identity
* collect a sufficient number of certifications
Loading