Oookay so like. What actually is a "crypto-art"/NFT?
- root of trust (Ethereum blockchain, 🤮 )
- attestation of ownership (hashing some piece of art, or an IPFS URL if you want to have a bad time)
- method of transference (via smart contracts)
@tindall What about GPG and SSL key expiration? Wouldn't that cause a problem with verification for those who move to new keys or certificates?
@dmoonfire @tindall However one should keep in mind, that it would be possible to tamper with the timestamp if you get access to the key. Therefore a while back we developed "Signed timestamps" which basically takes the document (or a hash of it), sends it to a (trusted) third-party, which add a timestamp and signs it with an own certificate, before sending it back to you, allowing you to proof that you actually signed the document at this time.
Plus, that might help in case you have to revoke a GPG key (because it was compromised) and then accidentally negate the proof on ten years worth of previous work.
... not that had happened to me.
@tindall @dmoonfire One can argue back and forth how trusted this third-party actually has to be. Personally I would argue roughly as trust-worthy as a witness in on a crime scene especially if you only ask them to sign a hash of the document.
I mean, all they verify is that this hash existed at the mentioned time. So as long as you can make it reasonable that they did not conspire with/are also victim to the attacker, you are good.
@tindall I'm not sure if you already know it, but in this context a look at @keyoxide (basically a fancy GUI for OpenPGP keys) could be worth, as it provides a proof system that allows you to have all this data as part of your key:
https://keyoxide.org/9f0048ac0b23301e1f77e994909f6bd6f80f485d (example of the main developer)
@tindall Doesn’t this allow duplication by transferring the NFT more than once? The role of the cryptocurrency is to enforce artificial scarcity.
@skybrian yeah, although there are similar solutions to this as well - but that's not scalable in the same way "artists make signatures themselves" is
@tindall Part of this story might be multi-dimensional failures of knowledge transfer between generations of hackers, and also just the chasing of fashionability - being seen to be doing something new.
@bob @tindall Or a desperate need to prove themselves as useful. I'm sure it was entirely coincidental that NFTs started being pushed into the public just as there was a huge swarm of articles about the economic and energy costs.
Hive/Steem has basically NFTs for years (used in the online card games and dcity), but it's a proof-of-stake system and not the proof-of-waste.
The two parts missing from GPG were a compelling UX and a robust public key infrastructure. UX is a perennial problem for GNU and the GPG PKI was a proof of concept written as a grad school thesis
The thing a blockchain can do that you can't accomplish with simple signatures would be establishing proof that a digital asset wasn't duplicated. Which isn't to say that proof of work blockchains are justified or that blockchain isn't overhyped, just that there is some value there. Attributing the problems of high profile chains to the entire sector misses the point that people are trying to find alternatives to US economic imperialism
Also a lot of this is funded by American tech VC, so it overwhelmingly supports the nouveau bourgeoisie at the expense of national sovereignty as well as the banking establishment
@tindall i really hate NFTs as well but you haven't solved the double-spend issue: under your system, I can sell the same thing to two people at once.
i mean obviously the energy use was fucking awful, but if the energy use wasn't an issue (using a proof-of-stake thing, or just centralizing it) i wouldn't really get angry about it
@hierarchon you can do this with regular NFTs, too - minutely alter the compression, add a millisecond of silence to your MP3, etc and simply resell the changed hash.
@hierarchon the scarce thing isn't hashes, it's artist signatures. Same trust as when someone makes a "limited run" of disks or whatever.
@tindall sure, but only the person who created the work can do that. if i buy the blockchain-NFT from you, i can't do that because i won't have the right address. (this assumes the NFT platform verifies author authenticity, of course.)
on the other hand, with your GPG-NFTs, after i buy a token from you i can double-transfer it by generating two transfers and sending them to different people.
@tindall (this isn't to say i like NFTs in their current state, though tbh if they were on a non-energy-wasting system like proof-of-stake and were limited to things where the author of the underlying made them i'd just roll my eyes as opposed to despising them)
@tindall wow. i was a bit worried after your last post. but might i humbly suggest rfc 3161 for establishing origin, too (i even put up a docker container to set up such a timestamping server as a self hosted instance should one desire to do so: https://github.com/elbosso/rfc3161timestampingserver )
@tindall except for two things:
- NFTs don't actually give the holder any rights
- NFTs are extremely volatile and most of them will probably be gone within 10 years. this is probably by design
NFTs aren't supposed to be useful in any sort of way. they're just another money grabbing scheme by crypto assholes
the only thing that's being sold here is hype. and then the hype will die down and NFTs will be pretty much worthless, even to the people who still own functional ones