A presentation at IPFS รพing โ23 in in Brussels, Belgium by Brooklyn Zelenka
UCAN Decentralize Auth ๐ Authorise Everything, Everywhere, All At Once โ github.com/ucan-wg
UCAN Decentralize Auth
UCAN Decentralize Auth When speaking of computation, all too much emphasis is often placed on the [services] themselves. The fabric of a system is the dynamic reference graph. Mark Miller, An Ode to the Granovetter Diagram
UCAN Decentralize Auth Brooklyn Zelenka @expede github.com/expede
UCAN Decentralize Auth Brooklyn Zelenka @expede Cofounder & CTO at Fission discord.gg/fissioncodes @fission@plnetwork.xyz Might know a thing or two about UCAN github.com/ucan-wg PLT and distributed systems are my jam github.com/expede
UCAN Decentralize Auth Everywhere
UCAN Decentralize Auth Everywhere Far Edge Commons Cloud & Edge
UCAN Decentralize Auth Everywhere Far Edge Commons Cloud & Edge
UCAN Decentralize Auth Everywhere Far Edge Commons Cloud & Edge
UCAN Decentralize Auth Open Protocols Everywhere
UCAN Decentralize Auth Open Protocols Everywhere Compute โ Data ๐พ Auth ๐
UCAN Decentralize Auth Open Protocols Everywhere Compute โ Data ๐พ Auth ๐
UCAN Decentralize Auth How to Power a New Internet ๐
How to Power a New Internet ๐ Adoption & Audience
How to Power a New Internet ๐ Adoption & Audience
How to Power a New Internet ๐ Adoption & Audience
How to Power a New Internet ๐ Adoption & Audience
How to Power a New Internet ๐ Adoption & Audience
How to Power a New Internet ๐ Adoption & Audience
How to Power a New Internet ๐ DX & UX
How to Power a New Internet ๐ DX & UX Web3 UX is too hard for many users
How to Power a New Internet ๐ DX & UX P O Web3 UX is too hard for many users T S L L U F
How to Power a New Internet ๐ Move the Needle
How to Power a New Internet ๐ Move the Needle Realpolitik Easier, as secure, & more open than: OAuth, X.509, SAML, Macaroons, MetaMask, WalletConnect, etc
How to Power a New Internet ๐ OAuth Sequence
How to Power a New Internet ๐ OAuth Sequence
How to Power a New Internet ๐ OAuth Sequence
How to Power a New Internet ๐ OAuth Sequence
How to Power a New Internet ๐ UCAN Sequence ๐
How to Power a New Internet ๐ UCAN Sequence ๐
How to Power a New Internet ๐ UCAN Sequence ๐
How to Power a New Internet ๐ UCAN Sequence ๐
How to Power a New Internet ๐ Project Approach
How to Power a New Internet ๐ Project Approach Be a Trojan Horse Build on widely supported, familiar, well-understood standards & tools
How to Power a New Internet ๐ Tools For Mere Mortals
UCAN Decentralize Auth Case Study: IPNS
UCAN Decentralize Auth Case Study: IPNS
UCAN Decentralize Auth Case Study: IPNS
UCAN Decentralize Auth Case Study: IPNS ๐ง๐ป
UCAN Decentralize Auth Case Study: IPNS ๐ ๐ง๐ป
UCAN Decentralize Auth Case Study: IPNS ๐ ๐ง๐ป ๐คต ๐ง ๐จ๐พ
UCAN Decentralize Auth Case Study: IPNS ๐ ๐ง๐ป ๐คต ๐ง ๐จ๐พ
UCAN Decentralize Auth Case Study: IPNS ๐ ๐ง๐ป ๐คต ๐ง ๐จ๐พ
UCAN Decentralize Auth Case Study: Apps ๐คต ๐ง ๐จ๐พ
UCAN Decentralize Auth Case Study: Apps ๐คต ๐ง ๐จ๐พ
UCAN Decentralize Auth Capabilities 101 ๐
Capabilities 101 ๐ Auth Models
Capabilities 101 ๐ Auth Models ACLs ๐ Designed for sharing a terminal (one) ๐ฉ๐ค ๐ฎ โ โ
Capabilities 101 ๐ Auth Models ACLs ๐ Designed for sharing a terminal (one) ๐ฉ๐ค ๐ฎ โ โ Caps ๐ฉ๐ค ๐ โ Designed for networking (many)
Capabilities 101 ๐ ACLs: Stateful Auth
Capabilities 101 ๐ ACLs: Stateful Auth ๐ง๐พ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ง๐พ โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ง๐พ ๐ โ โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ง๐พ ๐ ๐ โ โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ง๐พ ๐ ๐ โ โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ง๐พ ๐ ๐ โ โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ง๐พ ๐ ๐ โ Not in control โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ In control ๐ง๐พ ๐ โ Not in control โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ In control ๐ง๐พ ๐ โ Not in control โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ ๐ โ In control ๐ง๐พ ๐ โ Not in control โ
Capabilities 101 ๐ ACLs: Stateful Auth ๐ ๐ โ In control ๐ง๐พ ๐ โ Not in control โ
Capabilities 101 ๐ PSA: ACLs Donโt CRDT Well
Capabilities 101 ๐ PSA: ACLs Donโt CRDT Well
Capabilities 101 ๐ PSA: ACLs Donโt CRDT Well ๐
Capabilities 101 ๐ Caps: Stateless Auth
Capabilities 101 ๐ Caps: Stateless Auth ๐ต
Capabilities 101 ๐ Caps: Stateless Auth ๐ต โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr ๐ โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr In control ๐ โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr In control ๐ โ All req info
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr ๐ โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐ ๐บ ๐ ๐ Addr โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr ๐ โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr ๐ ๐จ๐จ โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr ๐ ๐ ๐จ๐จ โ
Capabilities 101 ๐ Caps: Stateless Auth ๐ต ๐บ Addr ๐ ๐ ๐จ๐จ โ ๐
Capabilities 101 ๐ Composition โ โAmplificationโ
Capabilities 101 ๐ Composition โ โAmplificationโ ๐ฅซ โ
Capabilities 101 ๐ Composition โ โAmplificationโ ๐ฅซ โจ โ
Capabilities 101 ๐ Composition โ โAmplificationโ ๐ฅซ โจ ๐ฅ โ
Capabilities 101 ๐ Auth Should be Boring!
Capabilities 101 ๐ Auth Should be Boring!
UCAN Decentralize Auth Under the Microscope ๐ฌ
Under the Microscope ๐ฌ โWhoโ vs โWhatโ
Under the Microscope ๐ฌ โWhoโ vs โWhatโ DIDs say who you are
Under the Microscope ๐ฌ โWhoโ vs โWhatโ DIDs say who you are UCANs show what you can do
Under the Microscope ๐ฌ โWhoโ vs โWhatโ AuthN DIDs say who you are UCANs show what you can do AuthZ
Under the Microscope ๐ฌ Teaser Token
Under the Microscope ๐ฌ Teaser Token
Under the Microscope ๐ฌ Teaser Token
Under the Microscope ๐ฌ Teaser Token
Under the Microscope ๐ฌ Teaser Token
Under the Microscope ๐ฌ JWT โ UCAN
Under the Microscope ๐ฌ JWT โ UCAN Header Payload Signature
Under the Microscope ๐ฌ JWT โ UCAN Header Payload โ Signature
Under the Microscope ๐ฌ JWT โ UCAN Header Payload โ Signature
Under the Microscope ๐ฌ Anatomy of a Capability
Under the Microscope ๐ฌ Anatomy of a Capability Resource / โnounโ
Under the Microscope ๐ฌ Anatomy of a Capability Resource / โnounโ Action / โverbโ
Under the Microscope ๐ฌ Anatomy of a Capability Resource / โnounโ Action / โverbโ Extensible fields
Under the Microscope ๐ฌ Stop ๐ Moving ๐ Keys ๐
Under the Microscope ๐ฌ Stop ๐ Moving ๐ Keys ๐
Under the Microscope ๐ฌ Stop ๐ Moving ๐ Keys ๐
Under the Microscope ๐ฌ Stop ๐ Moving ๐ Keys ๐
Under the Microscope ๐ฌ Stop ๐ Moving ๐ Keys ๐
Under the Microscope ๐ฌ Stop ๐ Moving ๐ Keys ๐
Under the Microscope ๐ฌ Attenuation
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐ ๐ถ ๐ฌ ๐พ ๐งธ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐จ๐ฆณ๐ฅ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐งธ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐งธ ๐ฉ๐ ๐ถ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ ๐พ ๐งธ ๐จ๐จ ๐งธ ๐ฉ๐ ๐ถ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ ๐ ๐งธ ๐พ ๐งธ ๐จ๐จ โโ ๐ฉ๐ ๐ถ
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ ๐ ๐ฉ๐ ๐ถ ๐งธ ๐ ๐ถ ๐พ ๐งธ ๐จ๐จ โโ ๐
Under the Microscope ๐ฌ Attenuation ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ ๐ Zero Coordination โ ๐ ๐ฉ๐ ๐ถ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐จ๐จ ๐ฆ โโ ๐
Under the Microscope ๐ฌ Revocation Cascade ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ ๐ ๐ฉ๐ ๐ถ ๐งธ ๐ ๐ถ ๐พ ๐งธ ๐จ๐จ โโ ๐
Under the Microscope ๐ฌ Revocation Cascade UCAN Hash ๐ฉ๐ป ๐จ๐ฆณ๐ฅ ๐จ๐ฆณ๐ฑ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ฌ ๐พ ๐งธ ๐ ๐ถ ๐ ๐ ๐ฉ๐ ๐ถ ๐งธ ๐ ๐ถ ๐พ ๐งธ ๐จ๐จ โโ ๐
Under the Microscope ๐ฌ Composable Standard Library
Under the Microscope ๐ฌ Composable Standard Library Resource (URI) https: mailto: file: wnfs: dns: news: Ability (Cap) crud/create crud/read crud/update crud/destroy msg/send msg/receive group/ban group/join
Under the Microscope ๐ฌ ucan-ipld & CACAO
Under the Microscope ๐ฌ ucan-ipld & CACAO github.com/ucan-wg/ucan-ipld
UCAN Decentralize Auth Solving the Case Study ๐ต
Solving the Case Study ๐ต Case Study: IPNS ๐ ๐ง๐ป ๐คต ๐ง ๐จ๐พ
Solving the Case Study ๐ต Case Study: NNS ๐ง๐ป ๐คต ๐ง ๐จ๐พ
Solving the Case Study ๐ต Case Study: NNS ๐ง๐ป ๐งพ ๐คต ๐ง ๐จ๐พ
Solving the Case Study ๐ต Case Study: NNS ๐ง๐ป @alice set: foo ๐คต ๐งพ ๐ง ๐จ๐พ
Solving the Case Study ๐ต Case Study: NNS @alice set: foo @alice set: foo ๐ง๐ป @alice set: foo ๐คต ๐งพ ๐ง @alice set: foo ๐จ๐พ @alice set: foo
Solving the Case Study ๐ต Case Study: NNS @alice set: foo @alice set: foo ๐ง๐ป @alice set: foo ๐คต ๐งพ ๐ง @alice set: foo ๐จ๐พ @alice set: foo
Solving the Case Study ๐ต Case Study: NNS @alice set: foo @alice set: foo ๐ง๐ป @alice set: foo ๐คต ๐งพ ๐ง @alice set: foo Delegate ๐จ๐พ @alice set: foo
Solving the Case Study ๐ต Authorised Data Retrieval ๐ ๐จ๐พ
Solving the Case Study ๐ต Authorised Data Retrieval ๐ @bob get: @alice/photos ๐จ๐พ
Solving the Case Study ๐ต User Controlled Apps: IPFS โค UCAN
Solving the Case Study ๐ต User Controlled Apps: IPFS โค UCAN
Solving the Case Study ๐ต AWAKE: Authorised Channels
Solving the Case Study ๐ต AWAKE: Authorised Channels
Solving the Case Study ๐ต Distributed Invocation Receipt Invocation f ff Arguments Results Scheduling Con ig, etc E ects
Solving the Case Study ๐ต Distributed Invocation Receipt Invocation f ff Arguments Results Scheduling Con ig, etc E ects
UCAN Decentralize Auth Resources ๐
Resources ๐ Further Reading
Resources ๐ Further Reading Community: https://github.com/ucan-wg
Resources ๐ Further Reading Community: https://github.com/ucan-wg
Resources ๐ Further Reading Community: https://github.com/ucan-wg
Resources ๐ Further Reading Community: https://github.com/ucan-wg
Resources ๐ Further Reading Community: https://github.com/ucan-wg Capability Myths Demolished: https://srl.cs.jhu.edu/pubs/SRL2003-02.pdf
Resources ๐ Further Reading Community: https://github.com/ucan-wg Capability Myths Demolished: https://srl.cs.jhu.edu/pubs/SRL2003-02.pdf ACLs Donโt: http://waterken.sourceforge.net/aclsdont/current.pdf
Resources ๐ Further Reading Community: https://github.com/ucan-wg Capability Myths Demolished: https://srl.cs.jhu.edu/pubs/SRL2003-02.pdf ACLs Donโt: http://waterken.sourceforge.net/aclsdont/current.pdf ERights: https://erights.org
Resources ๐ Further Reading Community: https://github.com/ucan-wg Capability Myths Demolished: https://srl.cs.jhu.edu/pubs/SRL2003-02.pdf ACLs Donโt: http://waterken.sourceforge.net/aclsdont/current.pdf ERights: https://erights.org SPKI: https://theworld.com/~cme/html/spki.html
Resources ๐ UCAN Adventure
Resources ๐ ucan.xyz โ Online Explorer / Validator
Resources ๐ ucan.xyz โ Online Explorer / Validator
Resources ๐ ucan.xyz โ Online Explorer / Validator
Resources ๐ ucan.xyz โ Online Explorer / Validator
ucan.xyz github.com/ucan-wg lu.ma/wecan ๐ รพank you, IPFS รพing ๐ง๐ช brooklyn@fission.codes discord.gg/fissioncodes github.com/expede
ucan.xyz github.com/ucan-wg lu.ma/wecan ๐ รพank you, IPFS รพing ๐ง๐ช brooklyn@fission.codes discord.gg/fissioncodes github.com/expede
a h I i t s e v ! s r e ck ucan.xyz github.com/ucan-wg lu.ma/wecan ๐ รพank you, IPFS รพing ๐ง๐ช brooklyn@fission.codes discord.gg/fissioncodes github.com/expede
for free. You
can too.