• simplymath@lemmy.world
    link
    fedilink
    arrow-up
    2
    arrow-down
    7
    ·
    edit-2
    15 hours ago

    what? Git is very much distributed and while you can have a main branch, you can set as many up streams as you want and merge things sideways.

    It’s trust less in the sense that commits can’t be easily forged and are signed with cryptographic keys and identities-- as in, I don’t have to trust that the source code is genuine since I can verify the commit history myself.

    Consensus is just a pull request.

    That wiki article literally lists Bitcoin and Ethereum as implementations of Merkel trees.

    • I Cast Fist@programming.dev
      link
      fedilink
      arrow-up
      3
      ·
      18 hours ago

      It’s trust less in the sense that commits can’t be easily forged and are signed with cryptographic keys and identities.

      I’m pretty sure being able to verify that the person responsible for a push is an actual maintainer is the opposite of trustless.

      • simplymath@lemmy.world
        link
        fedilink
        arrow-up
        2
        ·
        edit-2
        18 hours ago

        How is it any different than verifying that a transaction occurred?

        How is a trusted repository different from a hard fork?

        Isn’t “proving someone is a maintainer” just an IRL proof of stake?

        • I Cast Fist@programming.dev
          link
          fedilink
          arrow-up
          3
          ·
          18 hours ago

          How is it any different than verifying that a transaction occurred?

          With a centralized trust source (bank), you ask for the records.

          How is a trusted repository different from a hard fork?

          Because you check who owns and maintains it. A notable example was with Simple Apps for Android, earlier this year the main repo was sold to a company. Trust was lost, thus a fork was created to keep the original stuff.

          • simplymath@lemmy.world
            link
            fedilink
            arrow-up
            2
            ·
            18 hours ago

            Right, but isn’t the “main chain” of Ethereum based on a similar principle wherein it’s the main chain because it’s the one the devs use?

            What about BTC vs BTC lightning.

            I’m genuinely failing to see a distinction here, and, again, the wiki article says that blockchains are special cases of Merkle trees.

            • I Cast Fist@programming.dev
              link
              fedilink
              arrow-up
              2
              ·
              18 hours ago

              Right, but isn’t the “main chain” of Ethereum based on a similar principle wherein it’s the main chain because it’s the one the devs use?

              No clue, I don’t keep an eye on that, I’m partially aware that there are several similar forks (and eth classic was a result of scammy shenanigans) but, afaict, none try to pretend they’re the “real” ethereum.

              I’m genuinely failing to see a distinction here

              A distinction between trust and trustless? Because my initial point was that git isn’t trustless, because it works just like any other online system that requires a login, where a central server/database checks if the user sending inputs was properly identified by some mean (password, cryptographic key, something else). Implementing a Merkle or any other hash tree doesn’t make something trustless

              • simplymath@lemmy.world
                link
                fedilink
                arrow-up
                1
                ·
                18 hours ago

                does git require authentication with a central server? I know that’s common practice and true of github, but my recollection was that it was meant to fix the problem of distributed kernel development via an email listserv in the early 2000s. This stack exchange post discusses how it’s not really centralized

                • I Cast Fist@programming.dev
                  link
                  fedilink
                  arrow-up
                  1
                  ·
                  17 hours ago

                  Not being centralized has nothing to do with being trustless. The fediverse is also decentralized, yet you, me and everyone else has to log in to a specific server. If I try to login via lemmy.world, it’ll fail. I have to login via programming.dev. Does that make lemmy and the fediverse trustless? No.

                  Even the top answer on that SO question explains that the use case of hash trees for git is different from that of blockchain