Content pfp
Content
@
0 reply
0 recast
0 reaction
Stephan pfp
Stephan
@stephancill
Would global message ordering make granular signer permissions more feasible? iirc message ordering was a factor? maybe I’m thinking about something else
3 replies
0 recast
12 reactions
Stephan pfp
Stephan
@stephancill
cc @v @horsefacts.eth
1 reply
0 recast
0 reaction
Varun Srinivasan pfp
Varun Srinivasan
@v
What kind of granular permissions ?
1 reply
0 recast
0 reaction
Stephan pfp
Stephan
@stephancill
the most basic would probably be to only give an app permission to write messages of a specific type
1 reply
0 recast
0 reaction
Varun Srinivasan pfp
Varun Srinivasan
@v
What’s something you’d build if you had this? This has always been buildable, just avoided the complexity for people to have to reason about the nuances between letting someone write casts vs change follows
1 reply
0 recast
0 reaction
Stephan pfp
Stephan
@stephancill
This is basic (and frankly expected) security functionality imo I think I was conflating signer permissions with signers going onchain in my question. With strong ordering guarantees signers could be stored off chain on hubs right?
1 reply
0 recast
0 reaction
Varun Srinivasan pfp
Varun Srinivasan
@v
> This is basic (and frankly expected) security functionality imo Its not obvious to me why this is the case. Can you explain with an example?
1 reply
0 recast
0 reaction
Stephan pfp
Stephan
@stephancill
I’m thinking of OAuth permissions which often provide granular scopes and are very widely used. Users are typically scared off by apps that ask for long lists of permissions (and rightfully so), because giving an app full access to your account is a big deal But in fairness I just looked at X’s scopes and they just have read, read/write, and read/write/DMs, so maybe I’m reaching a bit However, going back to the off chain signers point - is this something that could be enabled by strong ordering guarantees?
1 reply
0 recast
0 reaction
Varun Srinivasan pfp
Varun Srinivasan
@v
Yes, in the abstract it seems like a good idea to have granularity. But once you actually think about the specifics in context of this social network it makes a lot less sense. What is the difference between a signer that can change my bio vs a signer that can change my casts? In either case, a malicious app can post a drainer link (bio or cast) and hurt my credibility. One is slightly less worse than the other, but the thread model is still the same - 'never give write access to someone you don't trust'
1 reply
0 recast
1 reaction
Varun Srinivasan pfp
Varun Srinivasan
@v
It might be possible to have off-chain signers, I'll have to think a little more about whether there are any attack vectors once we lock down the sync model.
0 reply
0 recast
1 reaction