CyberConnect builds a decentralized social graph protocol to serve the Web3 social network and Metaverse. CyberConnect is about returning the ownership and utility of social graph data to users, while providing integration and building infrastructure for all Web3 developers.
The social graph is composed of the mapping of social relationships between individuals. As a blockchain-agnostic infrastructure, CyberConnect supports multiple blockchains for application development and allows Dapps to access and use the social graph data provided by users themselves. .
An important early mission of CyberConnect was to provide a social graph module for Web3 applications. The social graph module consists of two parts: the follow button and the follower list. Any Web3 application with follow function can easily integrate CyberConnect without the hassle of maintaining your own social graph database.
We can envision CyberConnect as a social graph infrastructure for Web3 applications, where developers can plug a social graph module into their applications with simple code, much like how Uniswap became a cryptocurrency trading module for Web3 applications.
The CyberConnect protocol will have the following features:
Publicly accessible: Decentralized social graph data will be publicly accessible to all Dapps as an additional feature for developers to leverage user connections to expand their existing user base.
Autonomy: While social graph data is open to everyone, only users have full control over their social graph, i.e. adding, deleting, and updating connections.
Blockchain agnostic: The protocol is not tied to a single blockchain, but was created for a multi-blockchain ecosystem.Blockchain-agnostic features will support connections from all blockchains.
Decentralized Governance: Inspired by the vision of Ethereum, we will work on the ideals of secure, permissionless and decentralized governance. The long-term development of the protocol will be governed by decentralized governance.
Token Incentives: To support the long-term development of the CyberConnect protocol, we introduced a token incentive model in the initial stage to fairly reward all contributors who help guide the social graph spectrum.
Privacy protection options: We know that some users care more about their connection data than others. We are actively researching future technical solutions to enable privacy-preserving features.
At its core, CyberConnect is a tamper-resistant data structure that effectively facilitates the creation, updating, querying, and verification of user-centric data.
Each piece of user-centric data is represented as a data stream, where only the data owner is allowed to update. Each update to the data is appended to the data stream in the form of an append-only commit log, and the resulting data structure becomes a hash-linked data structure called MerkleDAG. To provide data authenticity, we use dag-joseIPLD to encode Decoder so that every piece of data, whether creating a file or an individual update, is signed by the data owner and optionally encrypted.
Before appending a new commit to the data stream, an authorization check is performed to ensure that only the data owner can append new updates. After custom IPLD encoding, data is securely stored in IPFS to provide content-addressed lookups and data integrity. With this design, each user’s social graph profile can only be modified by the user, readable by applications with the appropriate decryption permissions granted by the user, and verifiable by an additional signature.
CyberConnect partnered with Ceramic to release our first release based on their implementation of this variable data streaming storage system on top of IPFS. Performance will be further improved by writing a data-heavy model.
Data availability between nodes is achieved through libp2ppubsub. As long as a node subscribed to the pubsub topic has the required commit log, data can be queried among all nodes.
Ceramic’s blockchain anchoring and our custom data pinning services guarantee long-term data retention.
Authentication and Authorization
To fully return ownership of user data, first clear up authentication and authorization. Authentication of a user simply means that they are who they claim to be, and this is easily accomplished by signing using the user’s private key.Authorization of user data means that only users have the right to write their own data, while other central parties such as Facebook cannot modify anyone’s data. Authorization is done with the help of pre-submission checks and dag-joseIPLD encoding to ensure proper signing after submission.
In view of these two authentication and authorization requirements, CyberConnect designs a secure keychain scheme based on public key system (asymmetric key pair) for authentication and authorization. First, users should not use their blockchain private keys to sign any non-transactional data. Signing with a blockchain private key provides an additional barrier to the user experience and widens the attack surface. Therefore, we need ed25519 to generate a key pair with a curve on the client side from the entropy signed by the blockchain wallet. The private key is generated inside a protected iframe, only exposed to the application via rpc to prevent XSS attacks.
The key pair is then encrypted using the user’s existing keychain private key (or the blockchain private key if the keychain private key does not exist) and stored in the keychain’s specific data stream. The keychain data flow is authorized and protected by a key rotation scheme combined with blockchain anchoring to resolve conflicts.
User-centric user table
There is a common centralization problem with IPFS storage, where CIDs are stored in a centralized server. This raises the issue of data authenticity, where a central server can replace real user-created data with fake data by changing the CID. As mentioned above, CyberConnect does use the dag-jose codec to enforce data signing to guarantee the authenticity of the data.
To find a user’s social graph, you first need to look up the user’s keychain by their blockchain address. Then we can look up the user table by the keychain public key. Compared to the app-centric design in web2, where each app stores some information about the user, and information like name and avatar is repeated between apps, in the design of CyberConnect, a single user per user The table contains all the required information and can be used in all applications. By having all the social graph profile information in a single user table, only that user has access to update any data involved, and only the parties who get the decryption key can read the encrypted data.
Similar to how the graph indexes transaction data on Ethereum, all social graph data on top of CyberConnect welcomes data indexers. On CyberConnect, social graph data is stored as a unilateral connection. However, Alice cannot modify Bob’s follower list due to restricted access. So instead of the followers list, we only store the following list in the users table. Any indexer can easily retrieve such a follower list and restore the other’s follower list and provide such data for easy application query. We will first roll out an indexer (stored in computedindex) for the follower list use case described above and welcome other interesting data indexing opportunities from the community. Any user with some technical skills can verify the validity of the computational index, and more complex systems involving slashing can be developed in the future.
A node must provide the following functions to maintain such a decentralized social graph. A Ceramic node including a custom IPFS daemon with dag-joseIPLD encoding. This will handle all keychain authenticated stream creations and updates. It also maintains the required data availability through libp2p and IPFS data pinning services, and anchors streaming data consensus through the blockchain. The RPC endpoint that exposes the data stream. Data indexer that provides reverse lookup and data aggregation. Generates a reverse “follower list” based on one-way follow connections.
As a demonstration of the utility of the CyberConnect protocol, CyberChat is expected to be a model for the future Web3.0 application matrix based on CyberConnect.
Enabling messaging between blockchain addresses and allowing users to socialize locally with their crypto assets will be the next step in completing the social ecosystem on Web 3.0. CyberChat is a trustless Web3.0 chat application for all blockchain users.
Decentralized Identifiers (DIDs) are a new type of identifiers that enable verifiable decentralized digital identities. It is a standard created by the W3C for users to identify themselves without centralized registration, identification providers and certificate authorities.
In the future, we can use DID as a globally unique identifier for each web3 user, each DID contains a private-public key pair, so that users can securely interact with services and data. Each DID is also linked to one or more blockchain addresses, which can even be on different blockchains.
Users are uniquely identified without central authority, and the integrity of user data is preserved by DID signatures. Users can link different blockchain addresses to one DID, which suits the growing Layer1 blockchain landscape. Users will not use their blockchain private keys to sign any non-transactional information, such as sending messages or updating their avatars.
Each DID represents an abstract, key-agnostic, blockchain-agnostic interface for uniquely identifying entities, signing and encrypting information, and delegating access control to services.
Posted by:CoinYuppie，Reprinted with attribution to:https://coinyuppie.com/cyberconnect-decentralized-social-graph-protocol/
Coinyuppie is an open information publishing platform, all information provided is not related to the views and positions of coinyuppie, and does not constitute any investment and financial advice. Users are expected to carefully screen and prevent risks.