- Toshendra Kumar Sharma
- October 14, 2022
The biggest problem that is faced by the internet over the last twenty years is that it is facing issues to secure the accounts of the user. The accounts of a user are increasing every day with dozens of websites popping up. Due to these occurrences, the number of hacks has grown in the world of internet.
Turing-complete code
The best way to control and resist these problems is by introducing ultimate abstraction: Turing-complete code. This will allow the users to specify a password of a pre-selected set of providers which mainly relies on talking to a server of the user’s choice. This will automatically allow access policies to execute in a particular virtual machine.
The next step is Turing-complete operation-dependent code. For many applications, you want the ability to authorize some users to carry out some operations but not others; for example, you may want to allow an sys admin to change the IP address that a domain name points to, but not sell the domain outright. This Abstraction needs to change.
A simple “Turing-complete-code as signature” setup might have the following form
VM (code, server-provided nonce ++ signature) ? = 1
Where VM is a virtual machine that runs code, taking a server-provided nonce and a signature as input, and the verification check is to see whether or not the output is 1. A simple example of code that is an elliptic curve digital signature verifier. To allow different authorization requirements depending on the operation, you want:
A simple example of code that is an elliptic curve digital signature verifier. To allow different authorization requirements depending on the operation, you want:
VM (code, server-provided nonce ++ operation data ++ signature) ? = 1
A name would need to be there with every service that the user wants to carry out. The process data would serve to add as an argument for the virtual machine, and the signature would have to be over both the nonce and the operation data.
The Turing-complete operation-dependent Stateful policies should be able to change the state of the system of aspects. And here is where not just cryptography, but specifically Blockchains come in. Of course, you could just have a central server manage the whole thing, and many people are perfectly fine with trusting a central server. The Blockchains here because they are more convenient, provide a credible story of neutrality, and are easier to standardize around. Ultimately, as it would be quite harmful for innovation to choose “one Blockchain to rule them all permanently,” the thing that we want to standardize is a mechanism by which users can download modules to support any Blockchain or centralized solution as they wish.