This is a work in progress.

Peer identity

Having to identify and verify every Nano user every time a request is made would be an obsoletely resource consuming task. The Nano system aims to alleviate the servers from redundant authorization tasks. Nano stores the fingerprint of each peer’s cryptographic identity after successfully acquiring their keyring.

Account keyrings are used for peer verification tasks. A keyring is created by verifying the fingerprints of all public keys to their respective signing keys. This ensures consistency within the keyring.

Peer trust

For improving global protection, each peer’s cryptographic identity can be fingerprinted. These peer identities are stored on the server securely encrypted. All clients use a trust-on-first-use (TOFU) identity store. TOFU is used to provide consistency for the identity of connected peers.

This also provides protection from man-in-the-middle attacks, or if a keyring’s integrity is compromised by a malicious server.

The user interface will display identity-trust states for each peer clearly. The user will be able to discern and avoid attacks by accounts whose identity may be impersonated.

Fingerprinting procedure

Fingerprinting in Nano allows the system to simplify certain key management and verification tasks. Nano uses keys as fingerprints. These keys are made by taking the registered user’s account keys and securely creating a trust-fingerprint. This trust-fingerprint can be used as a means of identification in later processes.