Protokol GiniConnect

Sampeyan kene:
<Balik

Protokol GiniConnect lair saka piwulangan penting sing kita sinau ngembang, nguji stres lan pungkasanipun pensiun Sistem Jeneng Gini (GNS). This article briefly summarizes the reasons for this and the significant benefits of the GiniConnect Protocol. (For a much deeper technical understanding of GiniConnect and why it's so unique, please read GiniConnect Protocol: Trustless & Secure Communications.)

Warisan suci cryptocurrencies adalah aman, aman lan pangguna-loropaken mekanisme ngidini pemangku kepentingan kanggo melu ekosistem cryptocurrency tanpa kudu berinteraksi karo alamat pembayaran cryptocurrency yang panjang, jelek kaya iki:

gini_3zdco6d9mz8yu1u8s3p9pwj71u8hx3udxw9pfxtj4wtzr1gkraimj6utpqq7
(Yes, that's a real Gini public payment address that is valid on the live Gini Network right now, but don't send any money to it because that node is only for testing purposes!)

Long-form addresses work fine if you're not afraid of them and don't accidentally make a typo and send the payment to a wrong or non-existent address. But some people literally have a panic attack when they see long crypto addresses. In fact, we know that those scary addresses are one of the biggest reasons why cryptocurrencies haven't become more widely adopted. That's why Gini has been working diligently to solve this problem.

Meta Alamat Email menyang Alamat Crypto ora Solusi. There are several ways to solve the "scary crypto address" problem, but they are not equally safe and secure. One way is to map relatively simple, common account-based identifiers like email addresses, phone numbers or DNS records to a crypto payment address. This was the essence of the GNS: Whenever a stakeholder wanted somebody to send them Gini currency, they would say, "Just send it to my email address or phone number from your Gini payment screen!" This functionality was based on a mapping server architecture, which mapped the email/phone addresses to the GNS records that the stakeholders created from within their Gini GUI. It worked just like the mapping between numerical IP addresses and human-friendly website domain names in the Domain Name System (DNS).

Kita Hack Kita Diri kanggo Nglindhungi Keamanan Stakeholder. Ing salebeting keramahan pangguna, GNS nyambut damel kanthi sae lan ngetangaken kerumitan pengiriman pembayaran crypto. Nanging, pamriksan penetrasi internal kita sing terus-terusan lan sistem peretasan kita dhewe ngandhakake yen ora ana sistem resolusi jeneng cukup aman kanggo alamat pemetaan alamat email, nomer telpon, akun Facebook utawa token / proxy identifikasi liyane kajaba sing bener dipercaya mekanisme ditetepake sing ngidini pangguna kanggo njamin sambungan sing sepisanan banget karo pihak sing bener.

Kabeh Email & Sistem telpon lan Sembarang Sistem sing Tergantung Iku Arep Aman. Akeh peneliti keamanan ngerti yen kabeh sistem email lan telpon umum dhasar lan cidra banget saka perspektif keamanan. Iki tegese sistem apa wae (kalebu Facebook, Twitter, Gmail, Instagram, lan liya-liyane) sing gumantung akun email / telpon iku ora aman. Kita ngarep-arep supaya kita bakal bisa ngatasi sawetara masalah sing nyerang sistem kasebut kanthi nambah lapisan enkripsi, anonim cek kualifikasi biometrik (ing kahanan tartamtu), lan liya-liyane anonim Mekanisme verifikasi ID adhedhasar bukti-nol kawruh. Nanging piling ing mekanisme keamanan luwih kaya nyelehake lapisan luwih sandhangan kanggo ngliwati kadhemen: Ing titik tartamtu, sistem kabeh dadi kaku lan ora fleksibel sing ora bisa dilakoni maneh miturut syarat kinerja sing dimaksud.

Sistem Sejati Aman Ora Ana Substansial Dependensi ing Saluran Aman. The more we tried to pile additional security mechanisms onto the fundamentally flawed and insecure email and phone systems, the more we realized it was a lost cause. This is a deep technical topic, but in summary, we concluded that the GNS can't have any substantial dependence on email, phone, DNS or any external name/account resolution system operating outside the secure Gini protocol suite because they're all relatively easy to hack and/or manipulate by a skilled and determined hacker or well-funded state actor.

Apa Sampeyan Nyambungake menyang Partai Bener? The principle of "connecting to the correct party" might seem simple conceptually: "Just get the unique phone number and email address from the parties and you're done!" some people might say. However, from a network security protocol perspective, it's a deep topic because there are many ways that a hacker/NSA/etc. can intercept insecure communications; hack email/phone accounts; impersonate you with those hacked accounts; socially engineer and bribe banks, crypto exchanges and corporate executives to give them your sensitive data from within their databases . . . if the system is not designed in a fundamentally secure, private and decentralized way.

Motivasi Ora Untung Worth Risking Keamanan Stakeholder. Boten kados perusahaan untung ingkang asring nyerahke keamanan kangge ningkataken keuntungan, misi dhasar kita inggih punika nyipta paling aman, adil, tetep lan pangguna-loropaken ecosystem for real-world commerce. Although the GNS was never hacked and the probability of a serious hack was relatively low, we were not willing to take any risk at all with our stakeholders' security.

Apa sing Aman lan Sering Anggota Sistem Sehat? After concluding that the GNS was not the optimal solution for the "scary crypto address" problem, we started thinking about creating protokol multi saluran. Tujuan kita kanggo protokol iki yaiku supaya para pemangku kepentingan supaya bisa ngganti rekaman kontak (kalebu alamat pembayaran Gini) supaya bisa njamin keamanan dhuwit alamat dhisikan pembayaran lan keaslian saka pihak liya tanpa perlu ndeleng alamat kriptografi sing dawa, angel. Kajaba iku, goal kita yaiku kanggo nggawe proses minangka otomatis sabisa nalika bebarengan ngilangi kabeh vektor serangan umum.

Apa Sistem sing Dikarepake Bisa? Pitakonan inti yaiku: Bisa nggawe multi-kanal-otentikasi pengguna lan protokol koneksi sing ora gumantung ing sembarang saluran ora aman, ora mbutuhake pihak sing nyathet kanggo ngidhentifikasi identitas pribadhi marang Gini, dhasar ora ditrapake kanggo peretas lan rusak panguwasa, lan ora nemtokake langkah-langkah ngremenake lan nyegah wektu tumrap para pemangku kepentingan? Ing tembung liya: Kita bisa nggawe sing dipercaya lan cara prasaja kanggo manungsa nyambungake ing ekosistem Gini? Jawaban iki ya and it's called the GiniConnect Protocol. (See Kenapa Dipercaya Gini? to review the difference between "trustworthy" and "trusted" systems.)

Solusi: Protokol GiniConnect. Adhedhasar Gini Account Center software's fitur pangaturan kontak sing prasaja, GiniConnect mbisakake para pihak kanggo ngèktentifikasi kanthi aman, nyambungake lan enggo bareng alamat kontak lan alamat pembayaran Gini karo pemangku kepentingan liyane Gini kurang saka 60 detik. Ing sawetara cara, GiniConnect dianggo kaya sistem perbankan SWIFT from a bank manager's perspective, yaiku carane bank bisa sesambungan karo bank-bank liya kapan wae kudu ngirim transfer kabel atas jenenge. Nanging ing kasus iki, GiniConnect ateges ndadekake saben pemangku kepentingan Gini nduweni antarmuka SWIFT pribadi dhewe kanthi alur kerja sing luwih efisien, decentralized lan gampang dianggo.

Potret gambar ing ngisor iki nggambarake cara kerjane.

Layar Kontak:

gini-kontak-layar-anyar

Panggunan Skenario: Alice and Bob know each other and want to exchange Gini contacts and payment addresses without having to touch any long crypto addresses. If they've already created a secure contact, they can simply click the Gini currency icon/link from the contact's profile to send the payment. That automatically loads the contact into the simple payment screen, as illustrated below.

gini-pembayaran-layar

If Alice and Bob haven't already established a secure GiniConnect connection, they would make their initial trustworthy connection by Alice clicking on "New Secure Contact" from the GUI, which is illustrated below.

gini-kontak-giniconnect4

Banjur mung ana telung langkah sing gampang kanggo nggawe sambungan GiniConnect sing aman.

Langkah 1: Gawe Kode Lampu Gini Gini.

gini-kontak-giniconnect1

gini-kontak-giniconnect3

Langkah 2: Share Code Flash. Alice shares the Flash Code with Bob through an existing encrypted channel that she already trusts. This could be an encrypted voice or text chat using any of the popular encrypted chat programs like Signal, Telegram, WhatsApp or simply calling Bob to share the details over the phone. (Although, phones are less secure and we don't recommend it.) Even doing it by phone or encrypted voice chat is easy because the Flash Code is much shorter and easier to share than a random 64-character crypto address.

Langkah 3: Sambungake. Bob enters Alice's Flash Code by clicking on "New Secure Contact" from dhewe Pusat Akun Gini GUI.

gini-kontak-giniconnect2

Alice kanthi cepet ndeleng panyambanan kasebut ing GUI Pusat Akun, sing bisa ditampa utawa ditolak. Ing sakjerone kasus, Alice bakal nampa sambungan kasebut amarga spam ora mungkin ing konteks iki lan dheweke mangerteni pasangan kasebut asli amarga kabeh alasan ing ngisor iki:

  • Alice miwiti ijol-ijolan.
  • Alice kanthi gampang ngasilake Kode Flash acak kanthi acak tanpa gumantung karo telpon, email utawa saluran pihak katelu sing ora aman.
  • Kode Flash acak kadaluwarsa 3 menit, sing akeh wektu kanggo nggawe sambungan sing aman karo mitra sing dipercaya, nanging ora cukup wektu hacker ngrancang serangan sing sukses. (Proses GiniConnect kabeh biasane kurang saka 60 detik.)
  • When the Flash Code is transmitted over the network from Bob to Alice during the connection process, the Gini software encrypts the Flash Code into 160-bit random code (e.g.: 372ba72670b03c1f6a9d09eb5e1ce8f5933ff450), then transmits that encrypted payload over a bank-grade Secure Sockets Layer (SSL) connection, then automatically validates the payload on Alice's side to confirm that Bob has sent the correct cryptographically secure Flash Code. Computationally, it would require over 39 octillion years (3 quintillion years longer than the lifespan of the universe) to brute-force hack the 160-bit code, but hackers only have 3 minutes.
  • Ora ana serangan ing tengah-tengah.
  • Ora ana sentralisasi cannibals perusahaan utawa panguwasa bisa dikompromi utawa dipeksa dening politisi lan eksekutif perusahaan sing bisa ngrusak.
  • Ora ana akun email utawa kode SMS sing ora dirampas kanggo ngreksa pertukaran.
  • Even if somebody hacked Alice's email, phone or computer, they would never have a fresh random Flash Code with enough time to impersonate her.

Sistem Pembayaran paling gampang Humanly Possible. Alice and Bob's mutual contact details and Gini payment addresses are securely and automatically loaded into their respective Gini Account Center contact records without needing to see any long crypto addresses at all. Their contact information is not stored on any centralized server; so nobody (not even Gini) can see their details. From that moment forward, whenever Alice wants to send payments to Bob (and vice-versa), Alice can simply click on the "Send Payment" link on Bob's contact profile or start typing "Bob" into her Gini payment screen and Bob's name and payment address are automatically inserted into the recipient box. (The long payment address is also displayed in small font in case the sender wants to visually confirm it.) Nothing could be simpler.

Saben Stakeholder Gini Nduwe Sistem SWIFT Pribadi sing Sendiri. The Secure Gini Chat tool built into the Gini contact management GUI enables stakeholders to communicate securely and privately with all their trusted payment counterparties. (Clicking the blue-green icon next to the contact's name in the toolbar toggles between Chat Mode and Contact Details Mode.)

gini-kontak-chat-layar

The chat tool enables stakeholders to keep all their private payment conversations organized with all their other private financial account data in the secure Gini Account Center software, just like fiat bankers do with SWIFT terminals. We're not big fans of the fiat banking system, but in this case, we're pretty enthusiastic about liberating Gini stakeholders from the toxic fiat banking system by empowering them with their own private, desentralisasi Sistem SWIFT!

Kesimpulan. Protokol GiniConnect ngilangake typos lan kabeh risiko keamanan sing ana gandhengane karo nuduhake rincian finansial sensitif liwat saluran insecure. Milyun wong sing wis ngerti lan nggunakake piranti chatting enkripsi kaya Signal, Telegram lan WhatsApp saben dinane. Saiki bisa nggunakake Secure Gini Chat kanggo ngatur sistem SWIFT pribadi ing ekosistem Gini sing unik, adil lan sustainable. Pungkasane, muga-muga komponen Sekuler Gini uga bakal dadi alat komunikasi sing misuwur ngluwihi kasus panggunaan saiki, nanging saiki, bisa digunakake kanggo para pemangku Gini sing kepengin nyambung lan komunikasi kanthi nyata karo mitra pembayaran sing dipercaya.


Cathetan: Kanggo nyegah stalker lan tumindak jahat liyane kanggo ngganggu staf lan insinyur Gini, nomer telpon kontak, alamat email lan informasi pribadi liyane sing ditampilake ing kaca iki digawe kanthi acak kanggo tujuan ilustrasi mung. Kita ora ngerti manawa ana wong sing duwe angka lan alamat kasebut.


Did You Like This Resource?


Gini is doing important work that no other organization is willing or able to do. Please support us by joining the Gini Newsletter below to be alerted about important Gini news and events and follow Gini ing Twitter.




Warning: sprintf(): Too few arguments in /home/customer/www/ginifoundation.org/public_html/wp-content/plugins/popup-maker/classes/Upsell.php on line 76