I also don’t get it. Auditable trail? Use a Merkle DAG. Or something like this Permissionless Timestamping Network: https://intercoin.pdf/whitepaper.pdf
I mean how hard is it? What are the real challenges?
Elsewhere they say something like "But it works like a database! You do queries and everything!"
Ok. So sign a database.
It's like they're expecting developers to not know a damned thing about blockchain, but know they want a secure database and something with cool buzzwords in the name and AWS has one for them as long as they have a credit card.
AWS needs to provide clear and compelling places where AWS is not the answer to everything. I am not hearing that, and it indicates to me a lack of appropriate executive direction. Yeah, sure, build a cult. But build a cult with guardrails.
I'm not sure that this is the "Make stuff people want" that I would be comfortable pumping to others. I don't know. I must be missing it.
Why wouldn't you put it all in one spot? The technical requirement of needing an audit table is ubiquitous and I bet almost every SQL database in history eventually ends up having a history table of some sort. This technical requirement is unrelated to any regulatory requirements about (not) storing data in the cloud, and certainly shouldn't be coupled to it.
Git and QLDB both use the Merkle tree concept to prove that history hasn't been edited. The GPG signing proves new events are coming from a trusted person or computer.
Thanks. (I'm actually aware of the mechanisms involved and have implemented something similar in the past, although with a rather different set of tradeoffs.)
My main interested was in use cases and the details of the integration with git.
