Great post! Â About 75% of the way through, my mindset shifted from, "I am disappointed that he has given up on decentralization" to "zero-knowledge centralizationÂ is a fucking fantastic idea."
0. Suppose I'm trying to, say, send an IM over a maximally-decentralized IM network that uses a centralized zero-knowledge server for tracking the IPs and open port numbers of people or devices connected to said network, which chat clients somehow query so they know where the IM should be sent.
In this scenario, do you think it's possible for me to get this information without the server also getting it (by decrypting the IP/port pairs however I'd decrypt them), thereby eliminating the critical zero-knowledge aspect? Â Is this the kind of system and situation you have in mind?
1. Could something like the Fluidinfo API, which is world-writable (assuming it's still working), play the role of The People's Zero-Knowledge Data Store?
2. Similarly, what if we all shared some world-writable DB-backed API running on Heroku, GAE, or some other free architecture? Â Couldn't that serve as such a system, which we'd only write encrypted data to? Â We could even have several of these servers, which perhaps exchange information with one another (simple DB replication?), in which case we'd have a federatedÂ zero-knowledge system hosted by many providers. Â (If the servers are independent and don't communicate, we could have one server that publicly lists the IPs of the other servers.) Â This is basically the Fluidinfo scenario, but hosted my multiple parties.
Would either of these be helpful?
3. For a year or so I've had a design for a zero-knowledge server that nonetheless implements partial search/querying functionality for anyone with the key. Â Perhaps this could also play some role in the ecosystem. Â I'll try to write something up.
Thanks for jump-starting this conversation (thread), whose core focus is so critical to the future of (maximally-)decentralized systems.