~uniqmg

Hi, I'm UniQMG! /* About me */ I joined tilde.club on Sep 20 2019. I enjoy programming and finding cool things to explore on the internet. I also tend to overuse obnoxious css, as you can see. /* Why I joined tilde.club */ I find the old internet a fascinating subject: Granted, we have lots of new technology (both physical and software) to play around with these days, but being able to truly explore the internet is my idea of traveling the world. tilde.club and derivatives are a fascinating lookback to this sort of content. /* Programming languages I have experience in */ /* Blog posts and quick notes */ Sep 20 2019: Hello worldI joined tilde.club today and put up this page. It's nothing fancy, but I like adding some css to things. It's mobile-friendly, not outright ugly to look at, and provides a good launching pad. Sep 22 2019: Signed card playground
I was playing around with an idea today: Making a crypto-secured trading card system on tilde.club. It didn't exactly go far, but the owner of the system (i.e. me) can sign new cards and run a script that processes transfer requests. Users of the system (i.e. every user on tilde.club) can verify who owns a card and put in transfer requests which are picked up by the owner-run script.
You can play around with it at /home/uniqmg/signed_card_playground. There's currently only one signed card, of which a copy is called card.yml. The program is basically a mess of node and bash scripts:
  • scripts/validateCard [card] checks a card's syntax for validity but does not verify the card is signed.
  • scripts/verifyCard [card] verifies that a card is signed and accurate
  • scripts/transferCard [card] [recipient] puts in a transfer request for a card to another owner. You can only transfer cards you own. Ownership is determined by the value 'owner' in the card name and your tilde username.
  • scripts/getJson [field] [replace?] is a simple helper file that parses json/yaml piped to stdin and retrieves the specified field, with nested fields accessed via dot notation. If a replace value is specified, it instead replaces the value and prints out the whole file.
  • scripts/processTransfers processes any queued transfers. It can only be run by the owner.
  • scripts/signCard [card] signs a card and stores a copy in the "database" (actually just cards/)
The program uses ssl keyfiles, private.pem and public.pem located in the root of the program directory. Signed cards are stored in cards/
What this system IS:
  • Secure even if write access is gained, as long as private.pem remains confidential.
  • Secure as a copy of the original, as long as you trust public.pem. Note that there is no centralized revocation mechanism and so outdated copies don't know they're outdated (see below).
  • Publically readable and verifiable by any user on the system, and so usable as simply a store of data that other actual card game programs could use.
What this system IS NOT:
  • A blockchain. There is no verified date, so an outdated copy of the database has no indicator that it's outdated, potentially allowing the re-use of cards transferred to other users.
  • Decentralized. The owner of the system is the only one who can sign cards, which means that they must be available to sign new cards and run the transfer processing script.
*note: any mentions of security have not been reviewed by someone qualified to talk about security.
/* I'll put some more stuff here eventually */ /* Webring! */



Click for the [ Random page ]
Want to join the ring? Click here for info.