Also, the blockchain has introduced (AFAIK) the idea of using append-only databases to build decentralized applications, and this is currently used in very interesting new techs which have nothing to do with currencies or economics (like secure-scuttlebutt). The "dweb" is becoming a thing, IMO.
That is very not new - even transaction based decentralized databases technically date back to the 1980s - even if they received less practical use. The theory of databases are pretty old and practically ancient in computing terms.
Before blockchain was a thing much less a hyped one cloud computing used it and before that some databases practiced 'tombstones' for databases. The easiest way to maintain absolute consistency has been known to be not really deleting things but marking them as 'deleted' and leaving them to be ignored by default until consistency can be achieved. That was the approach when cloud computing dawned to make things scaleable and avoid the bottlenecks and load-balancing server overhead.
Transaction based databases are logically equivalent to an append only database. If you have a list of transactions that add up to the same resulting database state - with the option of more versatility if you don't constrain things to be operational order insensitive.
The similarity goes deeper than that, given that git uses Merkle trees as does Bitcoin. There's hashing and in the typical use case there is even some distributed consensus process involved although often in git human decision making takes the place of an algorithm.
I think the water gets muddied by people who know very little and yet have an opinion as well as by people who know so much they can't see the forest for the trees (if you'll allow the pun).
> the idea of using append-only databases to build decentralized applications
The ideas of a write-ahead log, appended event identifiers as analogous to a monotonic clock, and of state/integrity checking by having log items "check" (-sum, usually) each other have underpinned the most popular databases for decades.
Oh indeed, I'm not trying to say they should not fund these programs, this is awesome and welcome. I'm just warning about a possible pitfall for them to keep an eye on :)
Congratulations on Notable, it's very slick, and exactly the kind of note taking app I was after.
I'm mostly concerned about keeping my data offline these days, so Google Keep and Evernote were no fit for me. I take tons of notes every day, and ended up using the note app from Kontact (the PIM suite for KDE), mostly because I'm a heavy KDE user and it was properly integrated with Akonadi (KDE's PIM backend). But it is very raw, especially compared to Notable.
Given Notable data is just plain text, it means I can get it indexed by Baloo (KDE's desktop search), so it's perfect for me. Thanks a lot :) And nevermind Electron haters, having an app in an AppImage, released on github, so that I can subscribe to release's RSS feed and just download/drop the update if I want to is furiously awesome.
One suggestion : I would love, when I create a new note when having a Notebook selected, that this new note is automatically added with this tag (currently, manually importing data from Kontact is painfully long). Autocompletion of tags could do too.
> One suggestion : I would love, when I create a new note when having a Notebook selected, that this new note is automatically added with this tag (currently, manually importing data from Kontact is painfully long). Autocompletion of tags could do too.
Definitely, tag autocompletion may be a bit tricky but putting the note in the current tag should be implemented quickly.
Initially, I started with ssb (secure scuttlebutt), but ultimately moved to dat/beaker.
I've been having a lot of fun with it, I love how this allows to publish side projects without needing to rent a server.
For next year, I'm interested in exploring the implications it has regarding interoperability of apps, given users host their own data and can give access to it to other apps.
I'll speak only for me, here, but Fallout 1 is the game that impressed me the most among these, during those times. It had to do with this idea that you could go anywhere you wanted and you weren't forced into a linear plot (somewhat a precursor of current day's openworld games).
Granted, I didn't know d&d back then, I guess if it happened now after playing d&d, Baldur's Gate would impress me more.
Btw, I wonder : I intend to use KDE on librem 5 (at least eventually, if it's not ready on phone release). Do you know if mixing GTK and QT apps on the system will be as easy as on desktop?
Because having code that behaves differently on development and production is never a solution, it's a workaround. Having bugs that can't be reproduced locally is the worst thing that can happen to a developer. So yeah, you can _just_ put environment settings if you have no other possible way, but you should really avoid it if there is any other one (like using chrome with CORS disabled, here).
Mentioned this in another response. In this case, that requires the addition of another component. The app itself is serving a valid CORS policy. The stub we're using to support S3 development offline (LocalStack) ignores the configuration it's passed.
I agree with you that fixing the headers (via a proxy in this case) is the right solution. I'm just not able to prioritize right now.
Beyond that, there are always going to be occasions where developers, security analysts, and testers need to bypass default security enforcement. I'd like to see every browser provide a way to make these adjustments for a one-off session (e.g., via a command-line switch). It's an efficient solution that I can offer when I come across a nasty hack living permanently in a developer's web configuration.
By that same argument, using Chrome with CORS disabled is just as bad, if not worse. If you only test in Chrome with CORS disabled, how do you know that CORS works at all?
At the very least, CORS should be disabled for localhost. I build interfaces using create-react-app, which launches a dev server on localhost:3000 (useful for things like live reload), making requests on a go api on localhost:5000. On production, both are on :80 and the backend serves frontend production files. This is annoying to alter the application code just to handle dev environment (although, this already happen in many other places, so it's not critical).
That was my usual extension management method for chrome, but sadly each time I tried that on firefox, it didn't fly (IIRC, you _can_ load extension from your local FS, but they only lives for the time of the session).
By the way, if someone from firefox team is reading this : I would _really_ love to be able to just load directories from my FS as extensions rather than having to trust someone on the internet that it does what it says it does. I love building extensions myself, but I just don't install extensions from the web anymore because I don't know what's in there (note that referring to a github repos is not enough : I have no guarantee the content of the extension is the same).
I'm toying currently with an app to do play by post d&d campaigns on Dat, I make one user create a Dat archive to hold game data, then each player has their own archive for their character, the game archive hold references to the public keys for each one, and then the application takes each character feed and merge them to present a seamless discussion.
This feels like contributing to the same document, and yet each user is in total control of their data (almost total control, because they cannot decide to erase it if other people are already seeding it). I also love the possibilities of scaling it implies : when each user hosts their own data, the number of users doesn't matter (provided they all interact in reasonably small groups, of course).
EDIT: oh btw, I can create archives on-the-fly because I'm using Beaker browser's api. I don't know if it's something possible with Dat by itself.
So how do you build consensus if everyone is responsible for hosting their own part?
Suppose I wanted a group activity. Who enforces any rules? What if someone deletes something?
How does a personal swarm recover from the same user making two conflicting edits? Is it just totally borked from then on?
And about consensus... how in Dat can I have the others deny an operation in the Dat, if it violates some rule? Like if I wanted to double-spend a token, for instance. A single, non divisible token, mind you.
Note: I'll only speak for my toy app, not pretending to be an expert of Dat, obviously.
I don't try to build a consensus (if by that we mean conciliating possibly conflicting entries, like Stellar if doing, for example), I just merge feeds. For now, it's as simple as it gets : my feeds (one in each character's archive) are json array of objects each containing a timestamp and a message, I just concat them and sort by timestamp. Of course, this won't fly for long, I'll soon have to separate data sources in chunks and process them as stream to avoid loading everything in memory at once, but for now, it's good enough to explore what I can do with the protocol.
I have the feeling your questions could be sum up as : how do you implement authority if there is no central control of data? (my apologies if I got it wrong and make you say something you haven't). The answer is : you don't.
With a standard app on a server, if you don't enforce data integrity, one user can possibly break the application for all users. With an app like the one I'm building, an user only share their data with a small group of friends and can only affect them. If they corrupt their data, the app is only broken for them. "Congratulation, you broke your toy. Now what?" (edit: in my app case, removing that person from the group would be enough to fix the data).
Of course, this reduces seriously the scope of what kind of app you can build (forget banking apps, or anything where anonymous people interact with one an other at a public scale). I'm perfectly fine with that : I can build my usual small tool services without pondering if it's worth mantaining, renting a domain name and renting a server. I'm not trying to build uber or bitcoin.
Please note that I'm not saying that consensus protocol and security can't be implemented with Dat, I'm just saying that it doesn't matter for what I'm currently building (and which is my only experience with dat so far).
Not asking how to implement authority, but rather how to implement consensus. In other words, if A pays B, how does B know that the transaction really committed? If the data is there now, I need it to be there later, too. If everyone is just writing to their own Dat, how do I know they won't just "forget" that they paid me?
If you want to implement payment, that's clearly the wrong tool for the job :) (although, it could easily leverage cryptocurrency networks)
Personally, I see the dweb as internet of the early days, when we were all writing blogs and publishing tools just because we found it cool. If Dat makes it difficult for big players to launch commercial products on it, I would call that a feature (but it's too early to say if it's the case). They already have the web for that.
