About updated GITS and Pseudo-Trustless cryptosensors
GITHUB is somehow the base of this project at the moment.
They offer an awesome service: GIST
GIST is the twitter for code.
Protobot.xyz decided to define a standard way of posting using GIST
As a result, if the post follows the standard, it can be injected into Display.
Display won't accept any kind of external modules.
For security reasons Display tells you what kind of files you are dealing with.
Each time Display is asked to load a GIST module it will check the creation date and the updates.
If the file wasn't updated at all, so you can audit it and as far as the file isn't updated you can think it as a secure file.
The idea is simple, we need a DB we can rely on, a system able to state filaes as ORIGINAL, UNCHANGED, SAFE.
GIST can offer us the solution for a pseudo-trustless result. you check a code, you admit it in your home, and you continue calling it and consuming it as far as it remains unmodified.
The Memory module shows you all the scripts loaded.
If they are green they come from Protobot.xyz
If they are orange they come from external developers, and they are original and never modified
If they are red they have been modified so they can't be completely trusted.
Display will load only GREEN files, coming from maxxflyer's GIST
you can "open Display" simply adding the sys parameter to the URL:
sys=true
this will open the system and Display will accept any kind of injection and startup the modules.
example usage:
untrustable module (won't load, check Message Board)
http://protobot.xyz/display/?c=gist-da6e8ac73c824ae86860.2
untrustable module - system open = true (will load, check Message Board and Memory)
http://protobot.xyz/display/?c=gist-da6e8ac73c824ae86860.2&sys=true
For a completely open version of Display use Tester
Future:
inject permissions list for third party GIST modules
you keep your list in a git
you inject it or you inject a third party list
Display will allow the injection of those sources
