
Show HN: 'Signed Blogs' with Keybase.io filesystem - OJFord
https://github.com/OJFord/signed-blogs
======
malgorithms
You can read this by piping into: `keybase decrypt` :

BEGIN KEYBASE SALTPACK ENCRYPTED MESSAGE. kiZ8aa8yNOPC2nP QD3QM6XxeDcurpU
PZqSleTgKxgp9sd hCuooQmObarwJ3s nyWrixKOA2h8EWj 6ngTHMGf1nOnrwq
2hjkFzgNR2q2bcZ AMxPfhM5vvYEPHy HoWuLF9LYW6TQJH LLaUBL3twPV9KIw
PH2WWv3PrfelwWs dWaCwzBoqmn7cWr 16bbzXP9ZJDOaRY w4JSZnRFi8Mr5zX
3LxleA9zhQKlmJj nasIyzHkP24aoB1 veAhsE0LqJCsr2r RZFuWr50FeNcpa8
vLBtRm9wwhAVlfW nnauBjDcchJGv9d 2oyhAy3b8dNCenU 4DUTEzKBQPjtnII
gIEBjtppdRQrBHe cYzVCypxUolosZU w5uCDr6x1Z6ctZv vXCPwK8Fnm9QZdT
KmUozJ1h6BTkd7j xRgtUWykZSVMKW9 xE15Eu5DeCLndt1 lcjFElqty7c4C6p
lNIxD6MYEOeUaBq JTPikwIwPle6M80 DLxDSopyfst9zTa mJjdgw56w1bajI4
Ovzd9iHkY2o4vns jOBYmXCfoy6LI4X A3yw4DEjuGbuuj2 HXJgkbbSsxrJPKD
rzZVjeWBtE6C61G cFPEAWTyWqiX17Z 5t2EPAT20T0pFGH aZBoaHnHA0McNO0
VrOS0I8Ng0Wb5CI jqrgAGTg1OGzT0U kWbm7wyXLUYfY0r tFhxwI7FanJJG63
FDFkJWc4eYlu9uI lEztervxw7pD1UL vifMFDamuFOdjEx fwSOeqO4ArDWvhl
qlJy354q01KIe5E klgbuGQNRI7eaoG D01QNSWoWO7sPlQ wEkt0725b4el3Ik
C7wMeF4JPRyIsEH erMb44uoqscmCKL Oq7uBB8S5U7Smsq HFfT5rnIyD43uoW
Qad9j0nmPtzZODd BrTARreGT2xSxrI LRk2U01wYdYCjQZ SmlO2h2bC4ZhlcC
M1JrligKAfVaeBB RLO7Oq1MAgPtT73 CGVU8c4gkvmFWAN wUC7gYivwSnKFIc
IzkmMh1xdLOOoAz mPqc2plpeFOb1xU 69BYLOLY7yKSu9u qMIz5pfyH27jqe2
qcBr7ZYJnHbIEIR MEFhalnBNMYa4V6 v2xHIM17APMK4KF HMXTr6zZkzWjzaO
4v3da0FBXtOmSdw 5vyGg63adgKJfvv 2ZJ9pGCwr0EtbE0 Udq8ViuoxLdWLdS
Cnia8CzkMYVZykN 0NTawBLIdLfkdS9 lkvbKdSnLTXPRO1 KO64hsp5KqthaWC
rsGxnSVuPiNIYGw NNsbCoMLRhwlbjU QjrZlm5IvGXS8Xv 2BvaRPEvdCx2tKl
FHe8MMgs0OCxuA7 qsTTJVr7ygjbEsX 8I0zq98SQRwPKct JO2igBY28Hdtevl
o4B3qJar7cHxWAF 01keedd12iQ2s7g 1vAcePHMykUtGS8 wc1FmnsoPXPoaC3
2pOaC2h2TmLTjsB UbEKUWaQoqLuzAt H4WvBbfaG0Py1Uf 0tCn1lDfjBwoUyu
Aw9hxHKLwsnFvG7 6YFPThbUAJXRkWX UkMFJGGDYB12U4O uPhgrXCOj0wyfk0
cM2LdHr8UUAvitv lEctZt35tsk7Gs3 gcnzMXFZry0YUlz HEwdmxxyge4hHvk
lfbkVn8teR5ij3K aVW7cmVK8Hen7wG Uxnjdq4RbiYCvj9 Dh7MdZ9EeNAiKky
TiR2Qdab5T3SBWO w7mo7AZSenrKlk9 2pdRYrorpfBXb6N UpNJX8dIDY3oKpi
AT38U20c0XIhAsT rm8KD5FxwwKaOLb IRk7s6G9qxrR0JR 6JWCQss2MRlnHok
Q9spNDl5ZP8h1mw moskVQG8NUoAtad XrNlwNhiPzgYahc sR3RwaduCxoItPI
q1APP6bpvIXLA80 NHk1T3IRfbjoLAx KjWfLIvw2A6qMCs MLuEOCLttVOOyyf
yb6tTcsgCeaPZ07 rBVIF6qQiNAVx6U SHNHiaCejEV7HaS nRJR8IgMQbkx7t1
r4o5ZCUtyjFd6Qk j3Dymz0vYmUsxLm YC88Ra84XXzzJs0 sQBnzzL7f4loH54
6Pl8wKtakQGiBHs YPg56A0QsV8rEkg Sa18oSmp5DDW5Sh c4FrnEq71ZjrAtB
l26ZvEwHTfwl4Ok 5yzP9plzR4UXeJL PIsGDAs0OTnS4fd jtI4lDct1tiscY2
6ji2I4hSHxnThTd Q12xf6PruOeD6Va z067mlUxOlAxBbP AbIYzBNtCIfT3zN
hXjGvaTRVO1PQ1e mCK6AEYASAK7m49 hXZbdV6yJ6Speli cwIfwwLePYZIYd1
Ce1gqim3TlsRdZo dmJV0FrlaOskSo7 PGEAOuKnC9JUvYu lloBwrrHjYcm1XY
txS4luyzC39mDvc w2pbLUrk4OWNQ1n ikN0g3cFjsnuTvI cY9dqifkVnQbBos
HoGRvfSOqBFFeM0 JdfYumZrhhtr0X1 93rDHsnYJVgXgEX BVVMTlK4MNGxrMU
v5CJ1EiUlpPr9W4 8raCvgjMOzaY16H 7SljrVKXxNfIRRC VDXcCzY3ugncD7E
2CKKh1kc3xWZXSF RTFNVVR6t5SQV6s LnPrYV8Ypv4uyJI Qf1Xn8ExBGjdmGV
QWHUpfDZkDywX4V b0VuuTrDBGErymO F9qjY8w0BBObeb2 r8RgSxnpu3cctif
1yrCL533anB0KkV TczvdwT1qdrghna PFpJg4MNAIVbPrz ZcTE4IQIkCb5PJt
yLDnasbph4dodcv UIflf8m7mCmFArA gMdhfzvFNdTTkIG 4AHdK5PMNBLBori
VEb0BD7QvoMizJB fkubxMk144i6PYw D9CBeRUSlWCC5Dj TMrH3LbrGX. END KEYBASE
SALTPACK ENCRYPTED MESSAGE.

~~~
tilpner
I may be doing something wrong, but it says "message wasn't encrypted for any
of your known keys".

~~~
malgorithms
Oh - it was an encrypted message to the OP. Here's something general: BEGIN
KEYBASE SALTPACK SIGNED MESSAGE. kXR7VktZdyH7rvq v5wcIkHbrvAOc8o
HtD9ll30QZYRrt1 63n5tVSjvbZwtwt nQVqdDHEZIYWqWk 57rCih2L43U8D3v
uDU7bYeatPFXDSw ZikNjVdebkJILFR kJOj6IN4D9bYNmB i2nHNFWj4btITlY
zaRLkk6i76FyoyS K2Bq54fZpCtrDLQ 2FONdETOnbaI0ic FvHxWlsrpGVrdNs
wSVZpOWekpe0eVy YV4z1lt7ONQ4Qo2 p3cX0bRLsKiIWHX B667fNFKpAEqXxU
W93RkSAvfjXBvFX zkPRUCfcAFReAQz 6nEzbsy4YfQ7m01 iEvaCvMqXgEZTOx
8F9GoqyQ6gnHfHP lG9Si8v2LNP048x F1Y3oqxh1OEaJai IjpB67iffOBo00. END KEYBASE
SALTPACK SIGNED MESSAGE.

------
AlainODea
This is a compelling demonstration of Keybase.io's file system.

This idea could be taken further to get past the past the ugliness complaint.
Imagine something takes Markdown from these and renders it only if verified.
Someone could stand up a TLS-protected site (possibly protected with a
letsencrypt.com cert to reduce cost) that conditionally renders (based on
keybase verify) and potentially caches renders for performance.

Either way, this is neat and I'm excited to see what other ideas our creative
crowd come up with in using Keybase.io's new file system feature.

~~~
OJFord
Thanks :)

Regarding ugliness - I started on a stylesheet, and then just decided that
wasn't the point. I just wanted something quick to demonstrate this use of
KBFS, and I'm not expecting (or desirous of) people to use it as a genuine
service.

I've been working a bit on a blog for my own ramblings (some here may have
tried the naked domain and noticed it 503s) - I'm now interested in doing that
as the demo here but fixed to my account. (And uh.. with a stylesheet and
stuff!)

As you noted, it would then seem sensible to do some caching - but I think
this needs careful thought to not destroy the purpose and benefit of hosting
posts on Keybase. I suppose it would have to display the cached copy, and then
load from KBFS in the background anyway, to verify it (not only as untampered-
with, but also as being still the latest version).

~~~
AlainODea
Doing caching correctly is tricky. Some kind of cache hinting might be needed.
As a default though having it cache with a 5 minute interval would blunt the
hit of a popular page very significantly. It would also allow for the use of a
CDN like Fastly, Akamai, CloudFront, or CloudFlare in front if things get very
hot.

An even more impressive trick might be a TLS server with SNI running vhosts
which could check that the content was signed by a keybase user with a DNS
proof for controlling that same domain. That would allow custom domains based
on DNS CNAMEs. Now I'm getting carried away though ;)

------
wille92
Cool to see a project so soon after the keybase release. How is this any
better than browsing public files on keybase.pub though?

~~~
OJFord
It's basically the same; you're right - Keybase are doing all the heavy
lifting.

The idea was more one of subtraction than addition: take everything away and
display just .txt and (rendered) .md blog posts.

I thought I might use it just for myself (i.e. instead of the user search,
just fix it to 'ojford') but seeing as I didn't have any content, and I just
wanted to try something out, I did it like this first.

------
cyphar
Wow, that was quick! :D

~~~
OJFord
All the hard work's done by Keybase ;) - I just used their API to resolve
usernames on other services; scraped users' directory for .txt and.md files
(nothing in API, yet at least), and then just loaded the text from response
body of the file's URL.

