Show HN: VeraId, a decentralised, user-friendly, offline authentication protocol
veraid.netI'm leading the VeraId project, a decentralised protocol that allows you to securely attribute content to any domain name under your control. It's a bit like TLS, but signatures can be produced and verified without an Internet connection.
VeraId combines DNSSEC with a new Public Key Infrastructure (PKI) to produce digital signatures that can be linked to a domain name. Consequently, every signature contains enough data to be independently verified without external queries, such as DNS lookups.
Here's a Replit demo you can use locally to produce signatures attributed to your own domain names: https://veraid.net/demo/
We built VeraId in 2023 to support a broader initiative aimed at circumventing complete Internet blackouts caused by repressive regimes and wars. This might sound familiar because the main project hit the HN homepage a few months ago: https://news.ycombinator.com/item?id=41646782
VeraId underwent an independent security audit, but the US Government (which funded all our work) defunded foreign aid before the auditor produced the final report. I was never alerted to any issues, and I should have been if there were any. I can't prove that, but you can check out the audit reports for our other projects to get a sense of our security practices: https://awala.app/en/blog/2024-security-audit-part1/ and https://letro.app/archives/letro-security-audit-2024.pdf
Any questions? Feedback? Looking forward to hearing your thoughts!
No comments yet.