Skip to content

Commit

Permalink
Merge pull request #4 from okwme/patch-1
Browse files Browse the repository at this point in the history 
Update motivations.md
  • Loading branch information
@louisholley
louisholley authored Oct 20, 2023
2 parents 06f8987 + 2e543e2 commit acc545c
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions doc/docs/motivations.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,8 +11,8 @@ The actual content is stored in a [Content-Addressable Store](https://en.wikiped

While this approach provides on-demand HTML reconstruction as long as a node is available, it presents strong disadvantages for what we would consider to be a long-lasting backbone for an open Generative Art ecosystem:

- **interferences on artistic practices**: artists have not only to think about implementing each platform API for their project to be compliant, but also they must obey to some predefined code structure as eventually their whole code is going to be one string
- **inter-operability between assets**: while file data is content-addressed, files are addressed by their name on the system; this introduces major inter-operability issues as user can never fully trust some name faily describe the data it contains
- **interferences on artistic practices**: artists have not only to think about implementing each platform API for their project to be compliant, but also they must obey some predefined code structure as eventually their whole code is going to be one string
- **interoperability between assets**: while file data is content-addressed, files are addressed by their name on the system; this introduces major interoperability issues as a user can never fully trust some name fully describes the data it contains
- **security, vector for Supply Chain Attacks**: users have to rely on central entities to provide a list of verified files, which in essence can be composed of any arbitrary data which can only be verified by querying and inspecting such file. This introduces a vector for injecting malicious code in what would seem to be a legit and trusted file (imagine embedding a wallet drainer which would trigger past a given date on a file named `processing-1.3.1.min.js`, yet exposing all the features of its valid counterpart). While this approach may work for centralized & semi-centralized platforms, if we want to build an open ecosystem where anyone can provide libraries for public access, such system cannot fully be trusted.
- **too specialised**: outside of HTML reconstruction, it becomes hard to extend current approaches for any kind of file-based application

Expand Down

0 comments on commit acc545c

Please sign in to comment.