HN Theater @HNTheaterMonth

Tara gave a good intro talk at jsconfeu https://youtu.be/rJ_WvfF3FN8

Seems to be a teaser for more articles about dweb yet to come. So here two links for people interested in this topic:

1. "Decentralized Web Summit 2018" is happening just now (July 31 - August 02 https://decentralizedweb.net/. I'm looking forward watching the talks once released.

2. This year at JSConf EU 2018 Tara Vancil talked about Beaker (https://beakerbrowser.com) an experimental peer-to-peer browser. This was really fascinating to listen to.

Here is Tara's talk: https://www.youtube.com/watch?v=rJ_WvfF3FN8

⬐ panic

Beaker is really cool! There's a big list of sites built for it here: https://github.com/beakerbrowser/explore.

⬐ deanclatworthy

Beaker in theory is great, and so is the demo. Soon as you try and put anything other than a few small files on it, the whole client crashes. There is an open issue about it [1].

We have a long way to go.

[1] https://github.com/beakerbrowser/beaker/issues/952

⬐ rapnie

Beaker is by far the most interesting application based on Dat.

I find it a pity that the datproject.org are so 'programming-focussed' to the neglect of the Dat protocol, standardization, documentation, advocacy and community-building

⬐ kickscondor

While this is true, the tooling and documentation for Dat is quite excellent. So if it's to be a building block, I'd much rather that it have excellent APIs - then leave all the people work to Beaker. It seems like a pretty symbiotic relationship to me.

⬐ rapnie

Agree on the symbiotic relationship.. Beaker is a godsend to Dat. I am a big fan of the technology concepts too, promoted Dat wherever I could. But I'm still afraid that eventually they 'fall by the road-side' by lack of adoption.

Last time I checked (admittedly some time ago) all their libraries were NodeJS/NPM (some vanilla JS, but low-prio, unsupported), and the Dat protocol paper was out-of-date and incomplete.

There is good documentation if you want to build simple apps off of hypercore/hyperdrive, but it lacks depth/detail if you want to go further. Then you'll only find a rather small (though dedicated) community to help you.

Hope they succeed, and also that they start operating less under the radar, so to find more community help. Maybe via Beaker increasing traction they may get there.

⬐ filiwickers

Thanks for your feedback and support! We're trying to push forward the specification work to support other implementations like https://datrs.yoshuawuyts.com/.

We created a protocol working group and spec are being updated at https://www.datprotocol.com/deps/. But definitely still some need to improve docs all around! We have an upcoming grant to support this :).

- joe hand, a dat person

⬐ rapnie

Very happy to see this. Splendid initiatives, thx!

⬐ mattlondon

Thanks for the link to beaker - this is really interesting.

I was curious what the difference with IPFS (that I had heard of) and Dat (that I had not heard of) - they have a FAQ entry on this on their page: https://docs.datproject.org/faq#dat-vs

⬐ tekknolagi

If you're interested, I wrote a small paper about the Dat Project for my distributed systems class: https://bernsteinbear.com/dat-paper/

⬐ mattlondon

Just looking into this a bit more, the video briefly skims over their "Fritter" demo without going into detail. I didn't grok what it was doing from the video so dug deeper.

This is basically a twitter clone (https://github.com/beakerbrowser/fritter/blob/master/README....), but the difference is that your profile and your posts (i.e. all your data) is stored in your own "archive" stored on Dat, and the APIs they have written simply load up that archive over Dat to get all your details (and cache it to provide some performance) WebDB source here that explains it: https://github.com/beakerbrowser/webdb

So you can go and edit/delete your posts and profile from the data on your computer, and it is updated in the Fritter application instantly. Posts you make from the app automatically appear in the files in your local archive too.

That is pretty cool!

In light of GDPR this is really interesting and potentially huge - you could imagine a lot of use cases for this where you are really in control of your data. I believe that only you can edit your own archive since only you have the private key - posts from Fritter made by you are writing to your own archive so that is how they handle auth I think.

Question for anyone familiar with Dat: how do I properly secure access to my data? E.g. instead of the Fritter application, what if there was an ecommerce application? I put my home address, paypal/credit card etc data in my own archive that the ecommerce site uses.

How can I make sure that only the ecommerce site can access that? I know in the FAQ it is basically relying on security by obscurity, but is there anything more concrete than that?

It would be nice if asymmetric keys were somehow pinned to a Dat archive so that I could still edit my archive in plain text still and then have the application transparently encrypt it with the ecommerce site's public key so that I could be sure that only those with the ecommerce site's private key could unencrypt it.

Also, are there common "micro-formats" for common applications? E.g. looks like Fritter has its particular format that it uses - is there a defined format for this that would allow me to reuse the same archive on another service? You can imagine the ecommerce one being very useful - no more entering your name, address and credit card over and over!

⬐ phyzome

Ah, it's wonderful to hear about Fritter!

« Fritter uses Beaker's DatArchive APIs to access the Dat network. This makes it possible to store profiles locally on the user's computer, and to transfer profile information directly between user devices. »

Yes yes yes! The user's own computer should be the store of record for their own data, and the data then synced out as appropriate.

⬐ zaarn

It's not that easy with GDPR, the dat protocol to my knowledge knows how to update but not how to delete. A delete is essentially a soft-delete in that case.

⬐ mattlondon

Yeah I guess there are questions how delete works in a distributed system like this.

E.g. if I have the archive on my computer/server I control and delete it then bingo - the data is gone and the app cant access my data any more. However, what happens to nodes that are seeding my data? Presumably they'll hang onto it for as long as they want, and there would not be a way to "force delete" the shared data since that would break a lot of the other benefits. Same goes for any hypothetical "prevent seeding" type options.

⬐ zaarn

There is no sensible way to force delete tbh. Once someone has made a copy, you can't delete it.

But I'd rather have social networks of the future have a DELETE call that atleast honest nodes will follow and delete the stuff.

⬐ kickscondor

> Question for anyone familiar with Dat: how do I properly secure access to my data? E.g. instead of the Fritter application, what if there was an ecommerce application? I put my home address, paypal/credit card etc data in my own archive that the ecommerce site uses.

No, there isn't a pattern for this kind of thing. There is a "session data" proposal[1] that begins work in this direction.

However, there is an implicit attack vector here - if a phishing website were able to punk you into connecting to the address (and key, presumably) of your wallet - well, then they score all the good stuff. Beaker would need to have a keychain-type thing builtin that would store that dat address and private key.

I think Beaker has a great start and they are grabbing a bunch of great low-hanging fruit. This is the first time I've seen compelling "static" applications. And it marks a return of the read-write browser. (Yes you can figure out how to run a TiddlyWiki locally from Firefox, but Dat lets you create a website right from its start page.)

[1] https://www.datprotocol.com/deps/0006-session-data-extension...

Sounds a lot like you’re describing the work being done with Dat and Beaker Browser. Here’s a recent talk by Tara of the Beaker team: https://www.youtube.com/watch?v=rJ_WvfF3FN8