@avibryant maybe even a mechanism for players to force a move to be revealed even if a player ragequits.
Diplomacy protocol strawman: during move publish bcrypt(moves + random_ms_timestamp_from_move_period). After, publish without bcrypt.
-
-
-
@JorgeO who generates the random nonce? If the player, can prepare collisions in advance. If not, who? -
@avibryant before each move, every player generates and publishes a random number. sum of all random numbers is the nonce for that move. -
@JorgeO then I can brute force your move by iterating through the very small set of possible moves and checking against your hash, no? -
@avibryant instead of bcrypt, you sign with a private key and everyone else verifies with public key. also gives non-repudiation and no-MITM -
@JorgeO any time you involve PKI the complexity goes up quite a bit, but yes, that's probably still the right solution. -
@avibryant yeah, true. also: still vulnerable to ragequit attack. but that kind of crypto is beyond me :)
End of conversation
New conversation -
-
-
@avibryant why bcrypt? you want non-repudiation and protection against MITM. also, why random timestamp and not just random nonce? -
@JorgeO the idea with bcrypt was just to have something simple where the search space was too costly to bruteforce during the turn.
End of conversation
New conversation -
-
-
@avibryant what problem is this solving? -
@aconbere synchronized move reveals without a centralized service.
End of conversation
New conversation -
-
-
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@avibryant That's easy to crack - there aren't many choices of milliseconds. Better to just concatenate your move with a random string.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.