> The solution offered provides an external system that provides a way to determine if someone did something even if Wikipedia tries to hide it later.
No it doesn't.
This system is signing the revision id number (im assuming based on the video). There is not neccessary any connection between the signer and the revision id. There is no way to verify if the revision id was ever valid (typically revision ids are sequentially increasing numbers but there are edge cases where that is not true. And i dont mean censoring edge cases, although there are systems on wikipedia where pages can be deleted or revisions hidden)
So what does this system actually prove? That someone at a specific point in time signed an integer. Maybe that integer corrdsponds to a edit they like, maybe it doesn't. Maybe they never read the edit. Maybe the edit never existed.
This whole thing is seriously stupid. It is a non-solution to a non-problem. The problem they are trying to solve doesn't exist and even if it did this wouldn't fix it.
I mean hell, at the very least you think they would sign a hash of the edit instead of just an id number.
Yeah, at this point you might as well hook in to the RecentChanges API, monitor that, sign everything, and then you could detect when there was a RevDel or Oversight action taken and the edit disappears from view.
Or you could, you know, get involved in the WP community and become an Administrator, and then you would actually have access to see those deleted edits and files without hindrance.
This whole bit seems to be some kind of hedge against Wikidata oversighters becoming evil and "covering up" some misdeeds or truths by abusing their powers to delete and suppress edits. While anything could happen, and I grant that this is a temptation to anyone, "signing an integer" as is proposed, with a completely unrelated identity in a completely unrelated PKI, is going to be utterly pointless and won't produce the accountability they seem to seek.
Also, if this signature isn't recorded on the blonkchain, then where is it going to be recorded? Wikidata ain't holding it for you. You've got to put it somewhere. Are you going to use IPFS or Dropbox or something?
> NoZebra120vClip@: ... Also, if this signature isn't recorded on the blonkchain, then where is it going to be recorded? Wikidata ain't holding it for you. You've got to put it somewhere. Are you going to use IPFS or Dropbox or something?
OP: I am glad that you brought it up! Yes, that's something we are comtemplating right now. It could be a IFPS, it could be a centralized server that we own, or a Wikimedai Toolforge. The good part is, it could be both, and also decentralized. Being a cryptographic signature, anyone who hold a copy of an endorsement could validate if their are true. We put out this prototype to solicit wise and inspiring feedbacks like yours, and hopefully we can improve our product. We also ask for open source contributors who are interested.
I wasn't really paying attention to the implementation, but just what is easily possible. It would be simple to sign the full edit and provide that to other people without ever storing it on chain. It's also possible to create a contract that serves for domains of an organization to sign messages, etc.
> This whole thing is seriously stupid. It is a non-solution to a non-problem. The problem they are trying to solve doesn't exist and even if it did this wouldn't fix it.
I think this a valid. I actually do think blockchains solve identity well through domains, though, with endorsements, there's already seemingly good trust to the accuracy of identity on social media platforms. As an example, there's not usually a question to whether Elon Musk was the person who made a Tweet endorsing something as true.
> I mean hell, at the very least you think they would sign a hash of the edit instead of just an id number.
With most blockchain based stuff, it seems like projects are frequently made without much consideration.
> It would be simple to sign the full edit and provide that to other people without ever storing it on chain
You could definitely do better than what they were doing, but i dont see how you would be able to distinguish between a signature on a real edit and one on a fake edit that never existed on wiki. Of course you could have a trusted third party verify the edits, but in that case you might as well just use a normal website.
> You could definitely do better than what they were doing, but i dont see how you would be able to distinguish between a signature on a real edit and one on a fake edit that never existed on wiki. Of course you could have a trusted third party verify the edits, but in that case you might as well just use a normal website.
If they really wanted, they could prove they made edits on a chain. Using Ethereum directly is expensive, but the layer 2 chains that finalize on Ethereum are not expensive. The EVM can handle and store the results of any computation given that it is small enough for the block and has enough gas to pay for it. The fees on some layer 2 chains are very low. [1]
I don't really know if it necessary to prove someone did not make an edit though.
Note: I'm not sure that Polygon's zkEVM supports all op codes. Though, there are other chains like Arbitrum Nova where the EVM is fully supported, and the fees are less than $0.01/transaction. (for now at least) Polygon's zkEVM provides better security guarantees though. You can see the total value locked for different chains here, [2] which should be partially indicative of how much the markets trust them.
So assuming the context is to prove if wikipedia is "censoring" you, i dont get how this would work. Sure you could store the whole edit on the blockchain, but how do you prove that is the same edit as the one that used to be on wikipedia and is now censored? How would an outside observer be able to tell that the whole edit isn't faked? That instead of wikipedia censoring the edit, what actually happdned was the edit was never submitted to wikipedia at all but made up.
If everything is going on a blockchain, it's very simple. I made this simple contract to demonstrate. [1] It can be tested with Remix. [2]
In [3], the getArticle is called which shows the article text has not yet been set. Then, in [4] I'm showing that by calling a method on the contract, the text of the article can be set by someone using the contract. In [5] I show that this previous edit changed the text of the article. In [6] I'm showing that different signers of transactions can also be displayed as an editor. And finally, in [7], I'm showing the an item in the edit history can be looked up by index.
If what is stored on the blockchain does not match what Wikipedia is showing, then Wikipedia is censoring what is supposed to be in the article. This isn't showing endorsements, but, endorsements could easily be added to this contract by creating a mapping on the contract for users that want to endorse edits at an index, etc.
This is not state everything should be on a blockchain, but just demonstrate that it is possible to create censorship resistant article edit tracking that has endorsing users.
Endorsements. (specifically to edits they approve)
While this prototype did not consider much, most applications on Ethereum do provide high levels of interoperability. An organization (or DAO) could write their own implementation for how their domain uses the endorse function on a contract, then have their members endorse information, which results in the organization endorsement (ex. endorsed by who.int) showing up when requirements are met, etc. A high profile person, like Elon Musk, could also sign stuff to have his signature show up on a reference. (ex. ElonMusk.eth endorses this reference as accurately representing the truth)
I think with this specific use case, the purpose is not as clear because endorsements on social media are already trusted by users. For users, even if this was correctly decentralized through a blockchain domain, it still would likely require developer interpretation for them to understand if the decentralized service is operating as expected.
I mean, i dont think "elon musk endorses this statement as true" is something that wikipedia would want. Elon musk is not a good source for what is true about elon musk (not picking on musk specificly. Most people have motivation to not be fully truthful about themselves).
Ultimately i dont see what benefit all the blockchain stuff has. You need to bind identities to wallets anyways, why not just skip the middle man and have people make endorsemdnts directly? Like the main benefit of signing would normally be non-repudiation, but it seems like this is a case wherd repudiation would be beneficial - we wouldnt want to keep an endorsemdnt that was repudiated.
> Like the main benefit of signing would normally be non-repudiation, but it seems like this is a case wherd repudiation would be beneficial - we wouldnt want to keep an endorsemdnt that was repudiated.
So, it sounds like you're thinking something more like [1]
> I mean, i dont think "elon musk endorses this statement as true" is something that wikipedia would want. Elon musk is not a good source for what is true about elon musk (not picking on musk specificly. Most people have motivation to not be fully truthful about themselves).
I think it's useful information, but, that it basically already exists. I think there are times when it becomes really interesting, like organizational endorsements and repudations, but I just don't see endorsements and repudations being that interesting. Another idea I've seen suggested in the past is requiring users to provide a small deposit, which can be seized if it's shown they're intentionally acting malicious.
> You need to bind identities to wallets anyways, why not just skip the middle man and have people make endorsemdnts directly?
This actually has been done really well. Ethereum Name Service now has over 2,500,000 registered domains. [2] It's as easy to remember someone's address as it is their email address or social media handle. (And they can be contractually controlled, so an organization or DAO can create transactions with them or create complicated implementations that determine how they should resolve)
> bawolff@: You could definitely do better than what they were doing, but i dont see how you would be able to distinguish between a signature on a real edit and one on a fake edit that never existed on wiki.
OP: In our prototype, an endorsement is being signed. In production, it's possible that people will add their signature for their edits tool. We hope increasingly people will sign their edits so there is an increasing subset of Wikipedia edits that could benefit from decentralized signature that doesn't rely on Wikimedia or centralized entities to verify. The adoption will not happen overnight, just like The HTTPS.
> bawolff@: This system is signing the revision id number (im assuming based on the video). ...
OP: that's totally true, bawolff@. Our intention was to show case the signing part End-to-end workflow prototype. In real production one could be signing for a diff patch, or a full update.
No it doesn't.
This system is signing the revision id number (im assuming based on the video). There is not neccessary any connection between the signer and the revision id. There is no way to verify if the revision id was ever valid (typically revision ids are sequentially increasing numbers but there are edge cases where that is not true. And i dont mean censoring edge cases, although there are systems on wikipedia where pages can be deleted or revisions hidden)
So what does this system actually prove? That someone at a specific point in time signed an integer. Maybe that integer corrdsponds to a edit they like, maybe it doesn't. Maybe they never read the edit. Maybe the edit never existed.
This whole thing is seriously stupid. It is a non-solution to a non-problem. The problem they are trying to solve doesn't exist and even if it did this wouldn't fix it.
I mean hell, at the very least you think they would sign a hash of the edit instead of just an id number.