decentpatterns
[submission] transitive trust - introducing peers
The Design Problem
Onboarding communities and finding folks on decentralized apps is hard. Especially for privacy focused social apps this can be the key challenge because only when connected to a sufficient amount of relevant peers is the user experience good enough to compete with centralized alternatives.
The Design Solution
Using the social fabric of transitive trust, i.e. the belief that when my good friend Kim introduces me to Stef, there must be something to it and it is likely safe, we can leverage the pattern of introducing our peers to each other where we think they already know or should trust each other.
Examples
TBD, I use this in https://github.com/LGro/coagulate but it would be good to list more prominent examples here.
Why Choose ... ?
When you want to empower users to grow their network of trusted peers.
Best Practice: How to Implement ...
- Allow users to introduce two peers to each other, giving both the opportunity to accept or reject the introduction.
- Leverage existing trusted communication channels if available to set up a trusted channel for the two introduced peers (e.g. by letting them know about each others public key).
- It can be helpful to provide a custom label or name for the two peers to facilitate the introduction and help them decide whether it is worth accepting. Those names or labels might need to differ from how you name or label any one of the two.
- Combine this with persistent identity to avoid users introducing peers that already know each other. I can for example share a hashed version of all the contact IDs I already know about with my peers so they know who they don't need to introduce me to. This can even be done via private set intersection to avoid disclosing the identities my peer does not know about.
Potential Problems with ...
When we trust our peers and they turn out to not be trustworthy because they have been compromised or turned on us, we are more vulnerable and their recommendations become less helpful or outright dangerous.
The Take Away
Introductions based on transitive trust empower growing a (social) network in decentralized apps.
References & Where to Learn More
Hi @LGro and welcome! We are so happy to see this submission, it's a really good fit for the library.
The maintainers were able to meet last week and discuss. We think we might want to make two patterns out of this, one called "Peer Introduction" and one called "Transitive Trust".
"Peer Introduction" would address the problem that in distributed networks, you often don't have a list of anything – no directories of the most popular users or the like, so there can't even be suggestions even if we wanted to breach privacy! So this is a great way to onboard new users. It would be based on the principle of "Transitive Trust" which we could describe as a more abstract pattern. (We have other abstract patterns, too, such as "Cautious Optimism.")
"Transitive Trust" would encompass more examples, I'm thinking Trust Levels for public keys, moderation flows following TrustNet (https://cblgh.org/dl/trustnet-cblgh.pdf) by @cblgh etc.
Would you like to work on this together? If so, what's your preference? We can work on a collaborative document, a PR, or jump on a call.
In any case, thank you for bringing this to our library!
That's wonderful to hear, and apologies for the delayed response. I'd be glad to co-create these two new patterns. Given that at least you and I seem to be in the same time zone, I'd go for a synchronous call to start out and then determine together how to continue. That is, if we also find a good time for who ever else would like to be involved. If you have other preferences, I'm also happy with any of the other collaboration modes.