Would it be possible for Frontier to add a cryptographic signature to each JSON line in the journal, so that we know it hasn’t been tampered with? I’ve been playing with ideas that would utilise the journal entries, but I’m hesitant to commit to anything knowing how easy it would be to spoof entries.
Something like a hash of all the other key values in the JSON object, encrypted with one half of an asymmetric key pair that Frontier keep secret, and the other half made public for us to decrypt and verify the hash.
I presume other tools get around this by aggregating the input so any ‘junk’ data a malicious user might submit gets ironed out by the overwhelming legitimate data most users likely submit. But the ideas I have require precise information per user. This feature would make it possible to trust all data submitted, and avoid needing any ‘corrective’ measures. (Well, as long as the private key remains a secret.)
Forgive me if I’m suggesting something that has been suggested before – I was unable to find any previous posts.
Something like a hash of all the other key values in the JSON object, encrypted with one half of an asymmetric key pair that Frontier keep secret, and the other half made public for us to decrypt and verify the hash.
I presume other tools get around this by aggregating the input so any ‘junk’ data a malicious user might submit gets ironed out by the overwhelming legitimate data most users likely submit. But the ideas I have require precise information per user. This feature would make it possible to trust all data submitted, and avoid needing any ‘corrective’ measures. (Well, as long as the private key remains a secret.)
Forgive me if I’m suggesting something that has been suggested before – I was unable to find any previous posts.