Content pfp
Content
@
https://www.quilibrium.com
0 reply
0 recast
0 reaction
Samuel ツ pfp
Samuel ツ
@samuellhuber.eth
What are the Q API failovers? Q Inc providing these is a US company. meaning it has to follow US regulation or am I mistaken since it's all on Q? Though then loosing access to Q Storage / KMS how would one continue operations? Say one moves some keys to Q or uses Q for storage of documents. Follow up if I want these documents (e.g. business or personal PDFs) to remain secret how's that ensured? Like I don't want someone to just have it and in 20 years decrypt it cc @cassie https://docs.quilibrium.com/docs/api/overview/#available-services
2 replies
1 recast
6 reactions
Samuel ツ pfp
Samuel ツ
@samuellhuber.eth
how the network stays decentralised and doesn't have a long term security budget issue is well documented https://docs.quilibrium.com/docs/discover/how-does-quilibrium-maintain-decentralization Though of course that relies on always having enough participants. Now if I have a certain shard of data i particularly care about can I pin that like in IPFS? so that at least I maintain it? I can think of that as being on top of normal network participant who just gets part of the network as the designated shard from Q Worry here is any kind of data loss in what I store on Q via QS3 or directly
2 replies
0 recast
2 reactions
Cassie Heart pfp
Cassie Heart
@cassie
For managed services where we are doing more than simply proxying requests with no visibility to the encrypted request (e.g. QStorage's public bucket functionality requires visibility to Q Inc to function, however is optional and users can run their own proxy to do this instead), if we are compelled by court order to take action with respect to a public bucket, we have to comply. The network, however, will replicate data provided nodes do not all collectively blacklist the shard. If you want documents to remain secret, however, you would not want to use the public bucket feature anyway. Regarding 20 year security, we would advise against using verifiable encryption alone – that relies on discrete logarithm assumptions and under that timeframe you would want potential QC resistance, so a hybrid scheme should be employed, e.g. first encrypt the data using a PQC algorithm, then save it with verifiable encryption to ensure integrity of the uploaded content.
0 reply
0 recast
5 reactions
blackMT pfp
blackMT
@black1004
11111$hunt
0 reply
0 recast
0 reaction