this post was submitted on 14 Jul 2023
3 points (100.0% liked)
Mastodon
5257 readers
2 users here now
Decentralised and open source social network.
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I'm curious on that. Programming isn't really my part of the game, but generally with something like this there would be some sort of signing keypair for any given identity to avoid even a server admin from creating posts purporting to originate from an alternate source. Async crypto has an identity encoded into the key pair for which it's valid (look at the cert for any https website, within that big string of gibberish there is a set of encoded info that lists the site name, issuer, dates, etc) and if you just brute force changed the user ID it would no longer match the keypair making it invalid.
I'm not even sure such exists here, but without it really we all would have about much credibility as anons on 4chan, and what good is any kind of vote/karma scoring then?