Nougat,

Proton rolled out the beta version of Key Transparency on their own private blockchain, meaning it's not run by a decentralized series of validators, as with Bitcoin or Ethereum. Yen said Proton might move the feature to a public blockchain after the current version serves as a proof of concept.

https://finance.yahoo.com/news/blockchain-not-crypto-proton-mail-120000573.html

Because the Proton blockchain is currently private, the keys they are currently adding could easily be affected by a man in the middle attack.

No. That's not how that works. Just because a blockchain is "private" doesn't make it suddenly changeable, and it doesn't mean there's a unsafely small number of nodes. People commonly get invited to participate in beta testing; that's kind of how software development works.

And there would be no way to invalidate those keys for any of the affected users, ...

Remember when I said:

As long as there is an appropriate method for adding a legitimate entry to the chain, incorrectly entered data can be handled by appending corrected data on to the chain, and marking the error as such.

That hasn't become untrue in the last hour.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • privacy@lemmy.ml
  • localhost
  • All magazines
  • Loading…
    Loading the web debug toolbar…
    Attempt #