feddit.org

3 points

1 day ago

It’s trust less in the sense that commits can’t be easily forged and are signed with cryptographic keys and identities.

I’m pretty sure being able to verify that the person responsible for a push is an actual maintainer is the opposite of trustless.

report

[ - ]

simplymath@lemmy.world

2 points

1 day ago

How is it any different than verifying that a transaction occurred?

How is a trusted repository different from a hard fork?

Isn’t “proving someone is a maintainer” just an IRL proof of stake?

report

[ - ]

3 points

1 day ago

How is it any different than verifying that a transaction occurred?

With a centralized trust source (bank), you ask for the records.

How is a trusted repository different from a hard fork?

Because you check who owns and maintains it. A notable example was with Simple Apps for Android, earlier this year the main repo was sold to a company. Trust was lost, thus a fork was created to keep the original stuff.

report

[ - ]

simplymath@lemmy.world

2 points

1 day ago

Right, but isn’t the “main chain” of Ethereum based on a similar principle wherein it’s the main chain because it’s the one the devs use?

What about BTC vs BTC lightning.

I’m genuinely failing to see a distinction here, and, again, the wiki article says that blockchains are special cases of Merkle trees.

report

[ - ]

2 points

1 day ago

Right, but isn’t the “main chain” of Ethereum based on a similar principle wherein it’s the main chain because it’s the one the devs use?

No clue, I don’t keep an eye on that, I’m partially aware that there are several similar forks (and eth classic was a result of scammy shenanigans) but, afaict, none try to pretend they’re the “real” ethereum.

I’m genuinely failing to see a distinction here

A distinction between trust and trustless? Because my initial point was that git isn’t trustless, because it works just like any other online system that requires a login, where a central server/database checks if the user sending inputs was properly identified by some mean (password, cryptographic key, something else). Implementing a Merkle or any other hash tree doesn’t make something trustless

report

[ - ]

simplymath@lemmy.world

1 point

1 day ago

does git require authentication with a central server? I know that’s common practice and true of github, but my recollection was that it was meant to fix the problem of distributed kernel development via an email listserv in the early 2000s. This stack exchange post discusses how it’s not really centralized

report

[ - ]

1 point

1 day ago

Not being centralized has nothing to do with being trustless. The fediverse is also decentralized, yet you, me and everyone else has to log in to a specific server. If I try to login via lemmy.world, it’ll fail. I have to login via programming.dev. Does that make lemmy and the fediverse trustless? No.

Even the top answer on that SO question explains that the use case of hash trees for git is different from that of blockchain

report