In this video we will walk you through: 00:00:00 Intro 00:00:50 Agenda of this Video 00:03:20 How holochain runs hApps and why Rust 00:11:35 Modularity in Rust 00:19:56 Implementing progenitor pattern and read DNA property in zoom 00:33:30 Implementing test for progenitor pattern 00:41:17 what is cell in holochain app 00:42:13 unwrap() vs question mark(?) in Rust 00:50:10 improve the code and replace unwrap wtih ? 00:52:05 why unwrap is not safe 00:54:14 scaffolding am_i_developer functionality 01:01:05 Why we need DNA property 01:05:48 DNA property for forking application like football 01:08:00 DNA property Q&A and more example
These sessions are mostly suitable for programmers and designers, so if you would like to participate you need to fill-out this application in advance.
I just watched this session and one thing that doesn’t resonate to me in the progenitor pattern is why progenitor’s public key is compared against agent’s public key? Shouldn’t it be a comparison (some logic related to cryptographic signature), of agent’s private key with progenitor’s public key? I mean, if only public key with public key are compared, there is a chance that a bad agent impersonates progenitor’s public key, considering that the key is public and visible to all. Hope my question makes sense. Thanks.
@feamcor
Thanks for bringing up this nice topic. Yes the question is clear and is a really valid concern. Also your offer to use some cryptographic signature is even better than PublicKey.
Example: Developers(or Admin Users) can sign their own PublicKey with their private key and put the result in the DNA property instead of raw PublicKey. The comparison can be on the signature.
Basically I assumed that Conductor is going to query Agent public behind the scene and without any interaction with Agent. If the Key generator is safe enough to not produce the same KeyPair for 2 different agents, I can assume the process is safe enough to put even PublicKey in DNA property in Progenitor Pattern.
But I am not 100% sure about all vulnerabilities. If I find any new topic I will keep here updated.
I was now following the first exercise on the Holochain Gym and dug a bit into the documentation for the agent_info() function and related AgentInfo struct.
I must say that calling the agent’s hash on the DNA network as pubkey is (at least for me) semantically confusing, as it doesn’t correspond to the usual private/public keys of asymmetric cryptography.
As such, if to implement a production-ready progenitor pattern, as discussed on previous posts, I consider introduction of public-key cryptography a must.
Are there any public-key cryptography feature included on the HDK, or would it require using some external crate?
Ignore my last question on previous post. I started to read the HDK docs and I see reference to libsodium and ed25519 crates there. So, batteries included!
Cheers.
