I suppose there could be two checksums, or two hashes: the public spec that can be used by API key scanners on the client side to detect leaks, and an internal hash with a secret nonce that is used to validate that the API key is potentially valid before needing to look it up in the database.
That lets clients detect leaks, but malicious clients cant generate lots of valid-looking keys to spam your API endpoint and generate database load for just looking up API keys.
He's obviously not saying that you can "trust blindly" any PQ algorithm out there, just that there are some that have appeared robust over many years of analysis.
He is assessing that the risk of seeing a quantum computer break dlog cryptography is stronger than the risk of having post quantum assumptions broken, in particular for lattices.
One can always debate but we have seen more post quantum assumptions break during the last 15 years than we have seen concrete progress in practical quantum factorisation (I'm not talking about the theory).
I see what you're saying now, I was imagining the type of transparency log that's usually run by a single institution and audited by a few others.
Even if every voter gets a hash and can check that their vote is in the log, you still have a bunch of places where a central actor can misbehave: Deciding who gets to write to the log in the first place, rate-limiting or dropping submissions, or running split-view logs in the event that there's not a ton of replication - hoping that wouldn't be the case in an election.
With a (properly designed) blockchain, you at least push those assumptions into a consensus layer with many writers/validators and game-theory penalties for rewriting its history. It's still not magic; but for something like elections, I'd rather minimize the points where a single operator can tilt the playing field, which is why I was thinking "blockchain" instead of "centralized transparency log"
No, just publish the hash of the full log. No blockchain required at all. Anybody can check they are seeing the same log as others by checking the log hash.
Sometimes it's impossible even with an account. I can't search in English on my phone in Japan. If I go into options and change the language, the moment I click OK, it switches everything right back to Japanese. I know multiple colleagues who've had the same issue for years.
It's incredibly rude, and wrong, to assume that a woman was hired because she "checks off a bunch of HR checkboxes" rather than skill or hard work when you know nothing about her.
An iolist isn't a string, you can't pass it to the uppercase function for instance. It's really meant for I/O as the name implies. Regular string concatenation is optimized to avoid copying when possible: https://www.erlang.org/doc/system/binaryhandling.html#constr...
> According to federal reports, the contractor ingested some of the reactor water before being yanked out, scrubbed down, and checked for radiation. They walked away with only minor injuries and about 300 counts per minute of radiation detected in their hair.
> That sounds like a lot, but apparently it isn't terribly serious. He underwent a decontamination scrubdown and was back on the job by Wednesday.
reply