The Sovereign Project - Call for assistance

Misc topics about I2P
Post Reply
User avatar
sovereign
Posts: 4
Joined: 12 Apr 2024 13:50

The Sovereign Project - Call for assistance

Post by sovereign »

Background:
The Sovereign Project is attempting to expand Monero beyond financial use cases, with a focus on privacy technology and cyber security tooling.

A fantastic document describing the technology opportunity is provided in Jason P. Lowery’s Softwar thesis (link below). When reading Softwar, just substitute Monero when Bitcoin is mentioned.

Jason does a great job describing nature’s use of Power-Projection technology in the Softwar thesis, however, he only briefly mentions camouflage. Camouflage is used extensively in nature as an effective security technology. Camouflage enables privacy and anonymity. The Sovereign Project is leveraging I2P and Monero for camouflage.

The Sovereign Project is in the very early stages (alpha phase) and has developed a Linux PAM module that uses Monero signatures for authentication into Linux computers. We have also developed the authbot which is a personal digital assistant that automates key management and signature services. These tools will be free open source.

The power of the technology described in the Softwar thesis has been implemented in the Sovereign PAM Resource with a recently added Proof-of-Payment feature that uses a Monero proof-of-payment in authentication to lower the Benefit-to-Cost Ratio of Sovereign PAM Resource secured systems. This significantly increases the Cost-of-Attack by leveraging the power of the entire Monero network proof-of-work (measured at 646 GWh in 2018). For additional detail visit the eepsite mentioned below.

Assistance:
We could use assistance in testing the Sovereign PAM Resource, so if you have any interest, let me know.

sovereign@mail.i2p

The Sovereign Project eepsite: http://sovereign.i2p

Softwar thesis: magnet:?xt=urn:btih:bcc2b0b4ad634bc71dffe18e7d50ba80a1a87c11
anikey
Posts: 28
Joined: 30 Nov 2023 20:08

Re: The Sovereign Project - Call for assistance

Post by anikey »

How is this all different from using SSH key-based auth? It also uses cryptography to verify identity/authenticate.
User avatar
sovereign
Posts: 4
Joined: 12 Apr 2024 13:50

Re: The Sovereign Project - Call for assistance

Post by sovereign »

anikey wrote: 14 May 2024 21:42 How is this all different from using SSH key-based auth? It also uses cryptography to verify identity/authenticate.
SSH is just one of our use cases and in comparison to SSH key-based auth, the Monero key authentication is not much different than SSH key-based authentication. Our authbot also appears similar, in principle to the SSH agent. Our Monero Proof-of-Payment feature is intended to increase the Cost-of-Attacking the secured system and for a nominal (Monero network fee) secures the system with the power of the entire Monero network proof-of-work (it leverages the work performed by all the Monero miners to secure the Sovereign PAM Resource system). So it would be a more powerful approach to securing the computer.

But the Sovereign Project has other use cases as well (that SSH key-based auth can't address. The Sovereign Project is meant for secure resource management and resources can be digital or physical resources. For example, I use the Sovereign protocol for my home automation to lock/unlock doors, turn on/off lights, power on computers after power outages when away from home. I developed a mobile app to open my garage door. My home automation is on my local private network so I primarily use ssh tunnels rather than I2P for performance reasons and I don't need anonymity. However, I2P can be used in cases where I'm remote. (In the Sovereign protocol the I2P and SSH message protocols are interoperable).

The Sovereign protocol can be used for digital resources as well, I have written several custom apps that use the Sovereign protocol for authentication/authorization, apps like end-to-end encrypted messaging, interfaces to datastores, messaging services for apps, etc.

So to answer your question, it is very similar to SSH key-based authentication, just that we are attempting to expand the use beyond just SSH to any application to access digital and physical resources through a secure message passing protocol.
Post Reply