Well, i really need this stuff.
It is amazing how difficult it is to do peer to peer, encrypted negotiations.
There are vulnerabilities at every level. Even onion tor has honey pots, and govern-cement servers.
Something i would really like to do is have a chat, or phone/video service that doesn't need a server. But our internet isn't built that way. And you need a server, at minimum, just to find each other.
After microsloth "acquired" Skype i have been rolling around ideas for a true internet communications tool. But, like you put here, there are several pieces that are missing.
That said, there will be a new computer connecting Aether Network
It will probably be wireless, and it will connect over the whole world.
But, it will really be P2P centric, and not host to server centric like our current internet.
I think the best we can potentially achieve is a system in which every user is a server, serving only their data, but providing an endpoint for every other server to send to. This also needs to be wireless to eliminate the physical host of wired network, enabling all users to be peers. Politically, I don't think this can currently be created, because the totalitarian tyranny being imposed on the world requires the ability to completely control data, but that tyranny is doomed to collapse due to internal competition once the external hurdles are surmounted and cooperation once necessary to gain that global control is exchanged for internal struggle to gain control of the whole. History shows this is the inevitable result of successful imposition of power, because the players that can attain to power cannot refrain from seeking to gain more power. Water flows downhill, and it always will.
Eventually the need for such comms will produce such a system, but only after attempts to rule the world mutually destroy each other. Hopefully we don't have to regress to the Stone Age to get past that elimination of megalomaniacal powermad wannabe tyrants, because that means we could get stuck in a loop that never enables getting past it. I am confident we can get past it, and very hopeful this is the time we will.
Yeah I'd really like to see the ability to sign operations on Hive on an airgapped machine like Raspberry Pi Zero 2.
Connect a camera to the pins to scan QR codes and maybe connect a display to the pins that can output QR codes.
With something like this the encryption could be nearly impenetrable and broadcasting the messages would be pretty easy even within centralized architecture.
I don't see how a connection to Hive from the machine you interact with could be considered airgapped. Using the QR codes you refer to could limit the connection, but there has to be a connection for the Pi to reach from your machine to Hive.
The definition of an airgap is "limit the connection" by transferring data through the air.
There are QR codes on both sides.
QR code input
QR code output
Airgapped on both sides.
I've already performed this operation by hand when changing my recovery account signed by owner key.
Which was a complete pain in the ass but it worked.
I can also be done using a flash drive; still technically airgapped but not as secure as a raw QR code.
If the QR code is able to be output to the internet by the Pi, doesn't the Pi have to have an internet connection? Such connection would entail other data transferred to and from the Pi, if I'm not mistaken. While there would be an airgap between the source of the QR code and the Pi, since no other connection to it, nor to the internet, would be necessary, the Pi itself wouldn't be airgapped, right?
Edit: depending on how the QR code was provided to the Pi. I guess the Pi wouldn't necessarily have a camera to get the QR code, and then might not be airgapped from the source of the QR code. Seems to me the USB, however, would be a mechanism to airgap between the source of the data and the Pi, with only the USB drive connecting the source of the data and the Pi.
Alright well firstly the PI doesn't need an input QR code unless it needs information from the blockchain/Internet.
For example hardware wallets don't have internet access and have no idea how much crypto they are securing.
All a hardware wallet can do is sign a public operation with the private key (blindly).
On Hive there are variables to make sure you can't post to multiple chains at once so you need to know a valid
ref_block_num&ref_block_referencewhich act as a reference to the current chain you are posting on. Theref_block_numresets every 2^16 (65,536) blocks so you have to pick a reference that is at most 54.6 hours old otherwise it will not be valid by definition and the nature of the 16-bit overflow mechanic.All this being said if you want airgapped communications and already know your partner's public key for encrypting messages then you don't need additional info from the interwebs. Again all these values can be input by hand, the QR code scanning is just an extreme convenience to avoid needing to type hundreds of characters flawlessly. In a way doing it by hand makes your brain the airgap rather than the QR code.
Output QR code:
The QR code that the PI creates to broadcast to the Internet is scanned by a phone.
The phone piggyback then broadcasts that message to the interwebs.
You can manually read all the data that goes in or out of the PI before it gets exposed.
All outbound transactions have already been encrypted by the private key.
Remember that the main reason to do all of this is to protect the private key.
As long as the key can't get leaked by outbound and the device functions as intended we're good.
My linux experience in a nutshell. LOL
The necessity for all this is disheartening, but I have no suspicion it isn't necessary. I have exposed my keys once, and lost 400 Hive for it. I appreciate your detailed explanation and the kind consideration that is behind it.