本集简介
双语字幕
仅展示文本字幕,不包含中文音频;想边听边看,请使用 Bayt 播客 App。
比特币星期五快乐,朋友们。
Happy Bitcoin Friday, freaks.
这里是你们的主持人奥德尔,为您带来《Citadel Dispatch》。
It's your host, Odell, here for Citadel Dispatch.
这档节目专注于可操作的比特币与自由科技讨论。
The show focused on actionable Bitcoin and freedom tech discussion.
这边今天早上特别忙。
A busy morning over here.
我刚结束另一档节目的‘兔子洞’回顾,但我们今天准备了一场精彩节目。
I just wrapped up rabbit hole recap my other show, but we have a great show planned today.
我对它非常期待。
I'm very excited for it.
但在开始之前,和往常一样,《Dispatch》由我们的观众资助。
But before we get there, as always, Dispatch is funded by our audience.
我们没有广告或赞助商。
We have no ads or sponsors.
谢谢你们,朋友们,继续支持这个节目。
Thank you, freaks, for continuing to support the show.
上一期节目最大的两笔比特币打赏。
The largest two Bitcoin zaps from last episode.
我们上期节目嘉宾是Vexel,主题是非KYC的比特币。
Our episode was Vexel, focused on no KYC Bitcoin.
比特币捐赠。
Bitcoin donations.
彼得·马祖尔,20,1000萨特。
Peter Mazur, 20 1,000 sats.
我得承认,我常常忘记这一点,因为我通勤一个半小时时都在听播客。
I have to admit that I often forget to that because I listened to podcasts during my hour and a half long commute.
等我到停车点时,就忘了,尽管很多内容我听不太懂,但我正努力多学一点。
And then I forget by the time I get to a stopping point, although much of this is over my head, I'm trying to learn as much as I can.
这个确实激励了我。
This one definitely inspired me.
谢谢您的支持,先生。
Thank you, sir, for your support.
从这个角度来看,这正是我今天所知的许多内容的学习方式。
And just on that perspective, that's how I've learned a lot of what I know today.
让自己沉浸于那些超出你理解范围的事物中。
Just immerse yourself in things that are over your head.
这意味着你身处对的地方。
It means you're in the right room.
看到这样的情况我真的很喜欢。
Absolutely love to see it.
第二大的打赏来自死忠粉丝map '21,10,000个聪。
And then the second largest app was from ride or die freak map '21 a 10,000 sats.
他说:干得漂亮。
He said great rip.
和往常一样,朋友们,所有相关链接都在saledispatch.com。
As always freaks, all relevant links are at saledispatch.com.
我知道sats很稀缺。
I know sats are scarce.
我知道比特币,你们正在努力积累尽可能多的比特币。
I know Bitcoin, you're working hard to accumulate as much Bitcoin as possible.
如果你们无法提供比特币捐赠,支持节目的最佳替代方式就是分享给你的朋友和家人。
If you cannot spare the Bitcoin donations, the next best way to support the show is to share with your friends and family.
Dispatch可以在所有主流播客应用中通过搜索‘Citadel Dispatch’找到。
So Dispatch is available in every major podcast app by searching Citadel Dispatch.
拿上你朋友和家人的手机,打开播客应用,搜索Citadel Dispatch,然后点击订阅。
Take your friends and family's phones, open the podcast app, search Citadel Dispatch, press subscribe.
他们根本不会意识到发生了什么,但他们会因此受益良多。
They won't know what hit them, but they'll be better better off for it.
另外,各位freak们,正如你们所知,我一直深陷人工智能的世界。
And freaks on that note, by the way, I've been as you all know, I've been neck deep in the AI world.
我重新构建了citadeldispatch.com。
I rebuilt citadeldispatch.com.
它仍然包含你期望的所有相关链接,同时还实时从Nostr获取顶级打赏者的数据。
It still has all the relevant links you would expect, but it also is live polling Nostr for the top zappers.
所以这是累计的。
So it's cumulative.
你打赏得越多,你在网站上的排名就越高。
The more you zap, the higher you get listed on the website.
这还有一点正在完善中,因为它实时从Nostr获取数据。
It's a little bit of a work in progress because it's polling Nostr live.
所以有时候结果会有所不同。
And so sometimes it does different results.
但我的愿景是,支持节目最多的人,前10名将始终在citadeldispatch.com上被突出显示,你只需点击他们的头像,就能直接跳转到他们的Nostr个人主页。
But the dream is that the people that support the show the most, the top 10 will always be highlighted on cilladispatch.com, and you can just click their profile picture, and it goes straight to their Nostr profile.
我对这个功能感到非常兴奋,但它还在完善中。
I'm pretty excited about it, but work in progress.
举手。
Hand up.
总之,朋友们,今天我们有个精彩的节目。
Anyway, freaks, we have a great show today.
你们很多粉丝以前听过我聊过SimpleX加密聊天应用。
A lot of you freaks have heard me talk about in the past, the SimpleX encrypted chat app.
你们知道,我非常喜欢Signal。
You freaks know I love Signal.
你知道,Signal有它自己的权衡,但它的存在对市场来说很棒。
You know, Signal doesn't Signal has its own set of trade offs, but it's fantastic that it exists in the marketplace.
两个主要问题是它需要一个中心化服务器。
The two big ones is that it requires a centralized server.
第二个问题是他们使用电话号码来防止垃圾信息和机器人。
And the second one is that they use phone numbers as a way to mitigate spam and bots.
幸运的是,他们最近取消了其他你聊天的人查看你电话号码的功能,但仍然需要电话号码。
Fortunately, they recently removed the ability for other people you're messaging to see your phone number, but it still requires phone numbers nonetheless.
SimpleX是一个非常令人兴奋的替代方案,能解决这两个问题。
SimpleX is a very exciting alternative that mitigates both of those concerns.
我很高兴能邀请到SimpleX的创始人Evgeny来到这里。
And I'm pleased to have the founder of SimpleX here, Evgeny.
最近怎么样,先生?
How's it going, sir?
你好,Matt。
Hello, Matt.
非常感谢你邀请我,我也很兴奋。
Thank you very much for having me excited too.
能见到你真是我的荣幸,先生。
It's it's a pleasure, sir.
顺便说一下,各位,我觉得这件事的促成方式还挺酷的。
I, by the way, freaks, I think the, the way this came together is kind of cool.
他在我的网站odell.xyz上找到了我的SimpleX联系方式,然后用自己的应用给我发了消息,主动联系了我。
He found my SimpleX contact on my website, odell.xyz, and messaged me on his own app and reached out.
之后我们就通过电话联系上了。
And then we got onto a phone call.
我得说,SimpleX上的音频通话现在运行得非常好,我们这样安排真是太棒了。
And I have to say the audio calls are working quite well now on SimpleX, and we set this up pretty cool how it came together.
确实如此。
That's true.
插入。
Insert.
是的。
Yeah.
我们从一开始就将SimpleX聊天作为唯一的通信工具,没错,那里的电话通话体验不错。
We're SimpleX Chat as the only communication tool, obviously, since since we began building it and yes, phone calls are fine there.
我得说,先生,我一生中很幸运地成功将大部分通信迁移到了Signal,这比普通电话、短信和邮件有了巨大改进。
I have to say, sir, my whole life, I've been fortunate enough to successfully have moved the majority of my communications to signal, which is great, massive improvement over regular phone calls and texts and emails.
但当它出现故障时,我会感到非常脆弱。
But when that thing goes down, I feel quite vulnerable.
最近我们遇到了几次服务中断。
And we've seen a couple of outages lately.
因此,我非常感激你们正在开发 SimpleX。
So I'm very grateful that you're building SimpleX.
我认为,我们在这里可以从一个宏观的角度开始。
I think a great place to start here is just high level.
SimpleX 是什么?
What is SimpleX?
它为什么存在?
Why does it exist?
人们为什么应该关注它?
Why should people care?
我认为,我启动这个项目、设计协议并开发它的主要动机从来不是关于技术。
I think, my primary motivation to to start this, to design the protocol, and to build it was never about technology.
而是关于我所观察到的世界正在走向的悲惨状态——人们因为说出真相而失去工作,这种现象在过去几十年里变得越来越明显。
It it was about all the sad state of I've been observing the world is going to, how people were losing their jobs for stating the truths, and it all has become more and more pronounced in the last couple of decades.
所以,我可能得做一些有点尴尬的坦白。
So I I should make some, like, embarrassing admissions, probably.
我从未真正深入过任何加密货币领域。
I I was not never deep enough in any of the cryptocurrencies world.
那对我来说很陌生。
It was alien to me.
我也从未深入过隐私社区。
I was never deep enough in privacy community.
我甚至不知道它存在。
I didn't know it even exists.
但我没有发表过内容。
But I wasn't publishing.
我生命中相当长的一部分时间都从事出版工作,从不同角度参与,曾在出版机构担任高管。
I spent a a bit a large part of my life in in publishing, from different angles as I worked as executive in publishing organizations.
我在本国拥有一本杂志。
I owned a magazine in my country.
后来我担任过MailOnline的工程主管,那是最大的新闻网站之一。
Then I worked as a head of engineering at at MailOnline, one of the largest tablets.
对我来说,出版和沟通始终是一回事。
To me, publishing and communication was always one of the same.
对我来说,说出真相的能力是社会的根本基础。
And to me, ability to say the truth is is fundamentally foundational for the society.
对吧?
Right?
如果我们不能分辨对错,不能说出真相,我们就无法继续存在,因为一切都会崩溃。
If we can't say what's right, what's wrong, if we can't say, what's truth, we we we we can no longer exist even, right, because everything breaks.
在 retrospectively 构建 SimpleX 时,我们可以说它几乎建立在与比特币相同的价值观之上。
And when we were building SimpleX retrospectively, we can say it's built pretty much on the same values as as Bitcoin.
它的主权是首要价值,是我们所依托的根本真理。
It's sovereign says primary value, primary foundational truth that we build on is sovereign.
用户应当拥有自己的对话、频道、联系和身份,以及他们使用的一切。
Users should own their conversations, their channels, their connections, their identity, everything that they use.
我们通过移除用户在网络范围内的身份来构建协议,这意味着用户现在真正拥有一切,完全掌控自己的数据。
The fact that we build protocol by removing network wide identity for the users means that now users own everything, that now they are in full control.
就像你持有比特币私钥一样,你拥有你的SimpleX身份。
In the same way you hold your Bitcoin keys, you you own your SimpleX identity.
你的身份是你朋友和联系人所看到的内容,它并不存在于任何网络上。
And your identity is what your friends see, what your contacts see, and it's not something that exists on a network.
这就是你想要的。
That that's why you want.
第二个原则是去信任化。
And the second principle was that it's trustless.
对吧?
Right?
我们一直认为,如果一项技术的功能依赖于你必须信任你的技术提供商,那就不够好,因为今天技术提供商可能奉行‘不作恶’的原则,但明天一旦出现压力,一切就可能变得邪恶。
So we we we always thought that I always thought that if a technology is built on the idea that for it to function, I have to trust my technology provider, then it's not good enough because today, technology provider can be practicing don't be evil principle, and tomorrow, some pressure has come along, and it all ends up quite evil.
我们已经一再看到这种情况。
And we've seen it over and over again.
所以,唯一能防止这种情况发生的方法,就是从架构上杜绝它,即设计一种技术,即使提供商想这么做,也无法损害用户利益。
So the only way to to make it not happen is to architecturally prevent it, right, to build technology in a way that single provider cannot act against users even if they want to.
对吧?
Right?
所以,主权和主权在这里始终是最重要的价值。
So it's like sovereign and sovereignty has always been number one value here.
因此,我们和隐私社区进行了很多讨论。
So, like, we had a lot of discussions with privacy community.
显然,隐私社区是第一个发现我们所构建的东西的。
So, obviously, privacy community was the first to discover what we built.
而且,他们自然有自己的想法,关于我们应该如何构建它。
And, obviously, they had their own ideas about how we should build it.
传统的隐私聊天应用会认为,即使消息被对方设备接收了,你也能随时删除你发送的消息。
And traditional privacy messenger would be like, you can always delete messages you send even if they lend it on another person's divide device.
对吧?
Right?
这种做法在Telegram中变得越来越普遍。
And this kind of approach was kind of more and more pervasive and happens in Telegram.
iMessage 也是这样。
It happens in in iMessage.
我认为到目前为止,我们一直拒绝这样做,因为对我来说,这就像是我的电脑上的文件。
I think to this at this point, we've been consistently refusing to do it this way because to me, it was like, have files on my computer.
我得允许别人删除这些文件。
I have to allow somebody else to delete those files.
这太不对了。
It's just wrong.
对吧?
Right?
所以,我的电脑由我做主。
So I have sovereignty on my machine.
对吧?
Right?
那么,为什么我要同意这种事发生呢?
So why should they it happen unless I agree to that?
那就很有趣了。
Then that's what's interesting.
所以,每当隐私和主权发生冲突时,我们都认为主权是安全和隐私的根本。
So, like, whenever privacy and sovereignty were in conflicts, we were saying sovereignty is foundational both for security and for privacy.
从根本上说,这就是我们构建产品的理由。
So fundamentally, that's that's that's why we're building.
我们最近写了一些近乎哲学性的声明。
We we wrote some, like, some philosophical almost statement recently.
在我们的网站上提到,我们并不把隐私视为某种附加功能。
It's on our website about that we we we don't we don't see privacy as some as some add on.
对吧?
Right?
它不是像盾牌和钥匙那样的东西。
It's not like a shield and key.
它不是一种保护措施。
It's not a measure of protection.
这本质上就是一直存在的东西。
It's just literally a thing that they always existed.
对吧?
Right?
在互联网出现之前,我们一直都有隐私。
We always had privacy before the Internet.
我们可以和人交谈。
We could talk to people.
对吧?
Right?
当时没人知道我们和谁交谈,也没人追踪我们去哪里,没人监控我们和谁说话,我们能够进行真诚的对话,因为这种与人进行真诚交流的能力,恰恰建立在没有人知道谁在和谁交谈的基础上。
And nobody knew that who we are talking to or nobody was striking where we go, nobody was striking who we talk to, and we could have genuine conversations because this whole ability to have genuine conversation with people is is predicated on the fact that nobody else knows who is talking to whom.
而这一切正是我们想要回归的初衷——让通信重新回到近乎自由互联网的状态,当我们能信任这个环境时,对吧?
And that was the whole the whole premise to to return it to the to return communication to free Internet state almost, right, when we can trust the the environment.
说得太好了。
Incredibly well said.
我的意思是,我经常提到这一点。
I mean, is something that I bring up all the time.
首先,人们没有意识到,人类的本性就是把现状当作一直如此的东西,但我们从未生活过像今天这样高度数字化的社会。
Think first off, people don't realize the human condition is to accept the status quo as something that's always been, but we've never lived in a society that is as digital as it is today.
而且生活正变得越来越数字化。
And it's getting increasingly more digital.
我们的生活越来越在线化。
Our lives are increasingly more online.
因此,我们失去了非数字化生活中许多隐性的隐私和自主权,我们需要保护它们。
And as a result, we've lost a lot of the implicit privacy and sovereignty aspects of non digital life and we need to protect it.
我喜欢这样总结:没有隐私,就没有自由;没有自由,就没有财富。
I like to distill it as I say, no privacy, no freedom and no freedom, no wealth.
它们都是相互关联的。
They're all interconnected.
我知道财富这一部分,当我们回到比特币本身时,真的很重要。
And I know wealth piece, I think is really important when we're bringing it back to Bitcoin specifically.
但如果你没有自由,那财富就不是你的。
But if you don't have freedom, it's not your wealth.
别人在控制它。
Someone else controls it.
我先快速道个歉。
I just want to apologize real quick.
我开场白搞错了。
I did mess up the intro.
所以我现在快速过一遍。
So I'm just gonna run through real quick.
今天是3月20日,UTC时间17:00。
Today is March 20 at seventeen hundred UTC.
当前区块高度是941454。
The current block height is nine four one four five four.
当前每美元的数值是1,432。
Current stats per dollar is 1,432.
这让我们得出比特币价格为69,792美元,目前一比特币可以兑换15盎司黄金。
That brings us to a Bitcoin price of $69,792 and one Bitcoin will get you 15 ounces of gold right now.
在一天、一周和一个月的时间周期内,比特币对黄金的走势都是上涨的。
We're up on the one day, one week and one month chart against gold.
抱歉刚才的中断。
Sorry about that interruption.
我想多聊几句,所以没注意到你的背景是出版业。
I wanna talk so I didn't realize your background is publishing.
你是做出版相关的工程师吗?
Is it were you what were you an engineer involved with publishing?
你主要是从言论自由的角度出发,而不是隐私的角度。
You came from the free speech side, basically, not the privacy side.
很难说清楚我的背景是什么。
It's hard to say what is my background.
我一直喜欢编程,但不知怎么的,我只把编程当作个人业务的业余爱好。
I I always enjoyed codes and but somehow it happened that I only did codes and as a hobby hobby for my own businesses.
我可能只是一个做有效事情的创业者。
I I probably am just entrepreneur who is doing what works.
我花了很多时间在不同的生意上。
I spend a lot of time in in different businesses.
但没错。
But yes.
我最初并不是作为出版业的高管,而是非技术高管。
So I I wasn't originally, was on publishing as a as an executive, not technology executive.
大约十二年前,或者更久一点,可能十四年前,我全职转向了科技领域。
I moved to technology full time about twelve years ago or, like, a little bit more, maybe fourteen years ago.
是的,我当时在Mail Online的科技部门工作。
And, yes, I was working at Mail Online at on technology side.
但我确实是带着言论自由的视角来到这个设计的,有趣的是,SimpleX协议几乎和Nostr协议在同一时间被创造出来。
But, yes, I came to this design from Freedom of Speech Angle, and interestingly, SimpleX protocol was created, invented, you can say, pretty much at the same time when Nostr protocol was invented.
但你知道,你肯定知道那个xkcd漫画,一个极客对另一个说,他的电脑有,你知道的那样。
But but to me, you know you know this x k c z comic when one guy one nerd says to another, oh, his computer has, like you you know that.
对吧?
Right?
比如,4906位的RSA加密。
Like, 4,906 bits of RSA encryption.
它在某些年份被交易过。
It's kind of traded in some years.
美元
The dollar
扳手一。
wrench one.
对吧?
Right?
是的。
Yeah.
是的。
Yeah.
去拿个五美元的扳手。
Go get go get $5 wrench.
对。
Right.
我们在比特币圈里开玩笑说,由于通货膨胀,现在这个扳手值20美元了,但没错。
We joke around in Bitcoin that with inflation, now the wrench is, $20, but, yes.
是的。
Yeah.
没错。
Exactly.
是的。
Yeah.
所以对我来说,言论自由如果不能在不暴露身份的情况下说出真相,那就是不可能的。
So to me to me, like, freedom of speech is just impossible if you cannot say say the truth without revealing who you are.
对吧?
Right?
所以隐私并不是我认为它来自密码朋克宣言中的加密概念。
So privacy is not about I think it's like it's it's in cipher from cipherpunk manifesto.
对吧?
Right?
隐私是关于有选择地向世界展示你自己。
You privacy is about selectively revealing yourself to the world.
对吧?
Right?
它并不是关于……对吧?
It's not about Right?
根据你所说的内容,你可能希望用真名发表,也可能希望用化名发表,而这种能力对于批评权力至关重要。
And depending on what you say, you may want to say it under your name, or you may want to say it under a pseudonym, and it's essential to to ability to criticize powers.
这种能力对于分享一些令人不安的真相也至关重要,而这正是它的意义所在。
It's essential to ability to share some uncomfortable truths, and that's what it also was about.
但当我们设计用于私密发布、能抵御针对个人攻击的协议时,我们说:哦,这是一个消息协议。
But when we designed the protocol for private for for publishing that's resistant to attacks on individuals, we said, oh, that's a messaging protocol.
显然,我们做了什么?
Clearly, what we did?
那我们为什么不先做一个即时通讯工具呢?
So why don't we make a messenger first?
对。
Right.
我们现在正接近于实现他们最初希望构建的技术部分——即高效的内容发布渠道,能够扩展的大型社区。
And we're just now approaching to the piece of the technology that they always originally wanted to build as effective as publishing channels, large communities that can scale.
我们距离在 SimpleX 网络上推出可扩展频道的第一个版本,只剩下几周了。
We're, like, weeks away from launching the first version of scalable channels on on SimpleX Network.
就像一个更好的 Telegram 频道或 Telegram 群组。
Like a better version of Telegram channels or Telegram groups.
对吧?
Right?
是的。
Yeah.
我们确实遇到过一些大型Telegram社区,它们真的尝试迁移到SimpleX网络。
We've had we've had, like, large Telegram communities that literally tried to migrate to SimpleX Network.
显然,这行不通,因为尽管经过诸多改进,当前的实现对数千名成员的规模还能较好支持,但还达不到许多Telegram社区拥有的数万人规模。
Obviously, that didn't work because, like, the current implementation scales to maybe thousands of members reasonably well after all the improvements, but not to tens of thousands as many Telegram's communities have.
所以,是的。
So yes.
因此,Telegram社区对我们网络有很高的兴趣,因为它们能真正拥有这些频道。
So we we have a lot of interest from Telegram communities to use the network because because they would own that.
对吧?
Right?
我们设计的方式是,每个社区都可以在多个中继上运行。
We we developed in a way that each community can run on multiple relays.
从某种意义上说,这与Nostr在抗审查方面有相似的设计,但在隐私方面却完全不同,因为要在Nostr上发布内容,你必须连接到中继。
So in a way, it's a it's a similar design to Nostr with regards to censorship resistance, but it's very different design with regards to privacy because to publish on Nostr, you have to connect to relay.
而在SimpleX频道上发布内容,则完全不需要直接连接。
To publish on SimpleX channel, there would not be no direct connection.
与中继的连接将通过消息网络进行,这意味着传输层上的隐私得到了保护。
The connection to relay will be through the messaging network, which means the privacy is preserved on a transport layer.
是的。
Yeah.
我的意思是,我们不妨深入探讨一下,因为对我来说,我一直把这两个协议看作是……
I mean, let's dive in here a little bit because to me, I've always considered the two protocols.
这确实挺有意思的,对吧?
I mean, it is interesting how that works out, right?
它们几乎在同一时期诞生,彼此之间更像是互补而非竞争,无论是在功能集还是使用场景上。
That they both get birthed around the same time that they're more complimentary than competitive in terms of their feature set and use case.
我的意思是,Nostr 首先试图解决的是点对多点的广播问题。
I mean, Nostr is kind of trying to solve this one to many problem as a broadcast protocol first.
如果我想向全世界广播我的想法,就像 Twitter 那样,对吧?
If I want to broadcast to the world, my thoughts, something like Twitter, right?
这正是 Nostr 试图解决的那种使用场景。
That would be a comparison that, you know, that's the kind of use case Nostr is trying to solve.
此外,与此相伴的是一个固定的身份,这个身份可以像你希望的那样公开。
And then also on top of that kind of goes hand in hand is an associated fixed identity that can be as public as you want it to be.
你可以创建这些身份,而无需获得任何许可。
You can be, you know, it doesn't, it doesn't require permission to create these identities.
你可以拥有许多一次性身份,但大多数人会将它们与现实生活中的某些元素和真实身份联系起来。
You can have many disposable identities, but most people are using it in a way that they're connecting it to some elements of their real world life and their real world identity.
然后他们将其用作广播媒介和发现协议。
And then they're using it as a broadcast medium and discovery protocol.
而SimpleX则使用的是动态身份。
And then with SimpleX, you know, you have rotating identities.
你可能会在应用中根据不同的人和群体使用不同的身份。
Maybe you use different identities in fluid in app with different people and different groups.
我可以把它比作……
And it's more like, I would compare it.
如果Nostr像是你站在街角向全世界广播想法的讲台,那么SimpleX更像是一个黑暗的酒吧,你和当地的社群在一起,喝着啤酒,谈论一些你可能不想留下记录的重要话题,但你只是想进行自由流畅的对话。
If Nostr is like the soapbox that you're standing on the corner broadcasting your thoughts to the world, SimpleX is maybe the dark pub where you're with your local community, having a beer and talking about really important things that you maybe you don't wanna be on the record about, but you just wanna have free flowing conversation.
当你开始接触频道之类的东西时,情况就有点不一样了。
Now, when you start getting into the channels and stuff, it gets a little bit different.
对吧?
Right?
Telegram频道,我认为Telegram是这个领域里的巨头。
Telegram channels, I would say Telegram is the behemoth in the room.
这就是为什么我们还会不断提到它。
That's why we're gonna probably keep bringing them up.
你知道,目前他们已经有二十亿用户,并且做出了很多在技术上站不住脚的隐私声明。
You know, they have 2,000,000,000 users at this point, and they make a lot of privacy claims that technically are bullshit.
是的。
Yes.
所以这些社区之间有相当多的重叠。
So there's a decent amount of overlap in the communities.
但Telegram聊天最初是作为私信开始的,然后他们增加了群聊。
But Telegram chat so Telegram first started as DMs, then they had group chats.
群聊,我认为在规模较小时更像公共场景,直到它们变大。
Group chats, I would say, would put more in the pub kind of scenario until they get bigger.
有时候群聊会变得很大。
Sometimes group chats get big.
它们可能有上千人的群聊。
They're like a thousand person group chats.
那时你就像是在一个礼堂里一样。
Then you're in like an auditorium maybe or something.
但Telegram频道更像是广播媒体的竞争对手,比如Twitter、Nostr之类的,实际参与者几乎无法互动,最多只能有个评论框或者发表情,本质上是一个人向大量人群广播。
But then Telegram channels are like more of a competitor to broadcast media, whether that's Twitter or Nostr or something like that, where the actual participants are not able to interact more so than maybe there's a comment box or maybe there's emojis, but it's really one person broadcasting to a bunch of people.
我提到这一点的原因是,归根结底,你想要的是那些Telegram频道或大型群组。
And the reason I bring this up is because net net you want those Telegram channels or large groups.
我认为你可以把小型群组和个人私信(DM)归为同一类。
I think you can kind of put them in the same small groups and and personal messages DMS.
大型群组和大型频道可以归为另一类。
Think could be in the same group and then large groups and large channels can kind of be in the same group.
总而言之,你希望它们是端到端加密的,但历史上一直存在的问题是,2000人中只要有一人被入侵、手机被攻破,或者本人与群组对立,就会出问题。
Net net, you want them to be end to end encrypted, but you always historically have the problem of all it takes is one person out of 2,000 people to be compromised or their phone compromised or themselves would be against whatever the group is.
他们可以记录群内发生的一切。
And they can be recording everything that's happening in there.
因此,当你进入这一功能集时,你是如何思考这种场景下的隐私问题的?
So as you move into that feature set, how you thinking about privacy in that scenario?
因为如果是一个千人群组,再次强调,我认为无论怎样,端到端加密都是基础,是所有功能的根基。
Because if there's a thousand person group, once again, I think it's important that it's an end to end crypto regardless, it's the basis that everything's built on.
但如果有一位记者身处其中,或者随便谁把内容写成《华尔街日报》的报道,你该如何应对这种情况?
But if one journalist is in there or whatever, just writing it up in The Wall Street Journal, how much, how are you dealing with that?
你对这个问题是怎么考虑的?
How are you thinking about that?
我认为,马特,你倾向于混淆‘隐私’的含义,而我们这里讨论的是隐私的两个不同方面。
I I think I think, Matt, you you you will have tendency to conflate what what privacy means, and here we're talking about two different aspects of privacy.
我完全同意你的观点:一旦群组是开放加入的,任何人都能自由加入,那么在这种群组中期望任何程度的内容隐私都是不现实的。
I I 100% agree with you that once group is free to join, right, and anybody can join, then it's unrealistic to expect any degree of content privacy in such group.
依赖内容隐私是危险的。
And it's just dangerous to rely that there is a content privacy.
因为如果你期待隐私,但实际上没有隐私,你可能会以为自己在进行私密对话,而实际上是在上千人面前发言——顺便说一句,这正是我对MLS规范进行严厉批评的根本原因。
Because if you if you expect privacy but there is no privacy, then you may be saying something as if it is private conversation, like, beyond thousand that's, by the way, the basis of my scathing criticism of MLS as specification.
对吧?
Right?
你懂的,我写的这个消息层保密机制。
You know, this message layer secrecy I wrote.
是的。
Yeah.
我本来就想提这个。
I was gonna bring that up.
顺便说,
By the
你出身于出版业,这并不奇怪,因为你的博客是科技领域最值得追随的博客之一。
way, it's not a surprise that you came out of publishing because your blog is one of the best blogs in tech to follow, by the way.
谢谢。
Thank you.
你继续。
You're Continue.
你有一个关于MLS的博客,而Signal正打算转向MLS。
Too You have a blog about MLS, which is what Signal wants to move to.
听好了。
Look.
老实说,我觉得这太荒谬了。
I think it's nonsense, frankly.
我可以谈谈这个。
I can talk talk about it.
不。
No.
实际上,基于Nostr并叠加白噪声实现的东西是另一回事。
Actually, what what Nostr what Nostr what what was implemented on top of Nostr with white noise is a different thing.
对吧?
Right?
因为他们准确地指出了MLS设计的弱点,并且完全绕过了它,因为Nostr的标识才是关键。
Because they correctly identified the weak spot of MLS design, and they completely sidestepped it because Nostr identity is the key.
所以实际上,身份验证与身份是捆绑在一起的。
So effectively, authentication is bundled with identity.
但这是一种……我甚至可以说这几乎是个特例,因为在大多数系统中,人们并不会把密钥视为身份。
But that's a that's an I would even say it's almost like an edge case because in majority of systems, people don't see key as identity.
对吧?
Right?
人们并没有被固有地训练去将身份等同于密钥。
People don't are not hardwired to to kind of equate identity to the key.
我的意思是,比特币社区非常固有地将这两者等同起来。
I mean, Bitcoin community is very hardwired to equate those things.
对吧?
Right?
或者更广泛地说,加密货币社区。
Or just generally cryptocurrency community.
但在现实世界中,身份就是名字。
But in normal world, identity is a name.
对吧?
Right?
你怎么知道这个名字符合
And how do you know that this name
或者电话号码。
Or a phone number.
没错。
Exactly.
所以是某种次要的、不具备密码学强度的东西。
So something secondary, something which is not cryptographically strong.
你如何将这种身份与某物关联起来?
And how do you equate this identity to something?
所以,是的,MLS 试图解决大型群组中的密钥协商问题,但这有点徒劳,因为一切都依赖于认证服务,而该服务仍然依赖于提供商。
So, yeah, MLS MLS tries to solve the problem of key agreement in large groups, but it's it's kind of futile because it all depends on authentication service, which is still depends on provider.
对吧?
Right?
而端到端加密的全部意义就在于保护用户免受提供商的侵害。
And the whole point of end to end encryption is to provide protect from providers.
因此,实际上,我们需要信任提供商来保护我们免受提供商的侵害。
So effectively, we need to trust the provider to protect from provider.
对我来说,这就像一种逻辑上的不可能。
And to me, it's like a logical impossibility.
我一路上暂停了一下,因为我的用户们前后二十多次追着我,问我为什么我们不采用 MLS。
I on the road this pause because I was asked by, like, 20 different times members of our users were chasing me and asking me to explain why we are not adopting MLS.
但在我解释了二十多次之后,我说,好吧。
But, like, after I explained it, like, 20 times, I said, alright.
是时候我写点关于这个的东西了。
It's time I write something about it.
所以,我并不是因为有什么既得利益才去批评MLS。
So it's not like I had some kind of vested interest into in criticizing MLS.
但关键是,一旦群组成员超过几千人,就有两种可能性。
But but the point is, like, once the group goes beyond thousands of members, there are two possibilities.
这是一个公开群组。
It's a public group.
它是公开可用的,内容根本无法保护,试图要求保护它也是毫无意义的。
It's it's publicly available, and content is impossible to protect, and there is no point trying in a strong to expect us to protect it.
另一种可能是,这是一个企业群组。
Another possibility, it's a corporate group.
对吧?
Right?
它托管在企业服务器上。
It's hosted on corporate servers.
对吧?
Right?
所以,不管我们多么讨厌企业,它们确实存在。
So however much we may all hate corporations, they exist.
对吧?
Right?
如果数据存储在它们的服务器上,问题就在于保护它们的服务器,而不是端到端加密。
And if it's on their servers, again, it's about protecting their servers and not end to end encryption.
是的。
Yeah.
而且这里要明确的是,谷歌有19万名员工。
And to be clear here, Google has a 190,000 employees.
对吧?
Right?
所以你可以很容易想象出一个5000人的企业群组。
So you can easily imagine a 5,000 corporate group.
没错。
Exactly.
是的。
Yeah.
完全正确。
Exactly right.
是的。
Yeah.
但为什么在这种情况下他们需要MLS呢?
So but but why do they need MLS for this case?
对吧?
Right?
那么,他们到底是在保护我们免受谁的威胁?
So they who they who who are they protecting us from?
对吧?
Right?
他们只需要保障基础设施的安全。
They they they just need security of infrastructure.
他们需要纪律。
They need discipline.
他们需要合适的上层安全和谷歌。
They need proper upsec and Google.
对吧?
Right?
所以他们不需要为此使用MLS。
So they don't need MLS for that.
所以他们可能在某些情况下使用它,但仍然不清楚他们为什么要用它。
So they may use it for some cases, but but it's still it's still unclear why would they use it.
但事实上,关于隐私,最重要的是参与隐私,我认为。
So but but reality the main thing about privacy is participation privacy, I think.
对吧?
Right?
因为我们一再看到,不仅出版商,还有平台、银行,甚至有人被高薪职位解雇。
Because we've seen it all over and over and again that not only publishers are being, like, the platform, the banks, high fired from jobs.
对吧?
Right?
或者更糟。
Or worse.
对吧?
Right?
所以,比如,你因为在公共场合说了什么而被拖上法庭,这其实并不重要。
So, like, it doesn't matter that, like, the the like, if if you're being dragged to court for whatever you said in public.
对吧?
Right?
这其实挺好的,说明法律系统还没完全崩溃,最终你还是会被无罪释放。
It doesn't, I mean, it's kind of great that the legal system is not completely broken, and eventually, you are released without verdicts.
对吧?
Right?
但问题是,整个过程本身就是一种惩罚。
But the problem is that the whole process is the punishment.
展开剩余字幕(还有 480 条)
对吧?
Right?
你被拖着接受审讯。
You're being dragged through interrogation.
你被拖着走法律程序。
You're being dragged through court process.
你得花大笔钱请律师。
You have to waste money on lawyers.
你得参与这一切。
You have to engage with all that.
是的。
Yeah.
所以整个过程本身就成了惩罚,这才是问题所在。
So so the process becomes the punishment, and that's the problem.
所以出版商们渐渐明白了。
So publishers kind of learned.
如果他们发表有争议的内容,就必须使用化名。
If they publish something controversial, they have to do it behind the pseudonym.
他们必须采取一些合理的措施来保护自己的身份。
They have to do some reasonable upset to protect their identity.
对吧?
Right?
而且即使从法律角度来说,也有些强势人物不喜欢这些法律观点被说出来,因此他们保护自己。
And and rather even if they say legal sense, there are some strong and powerful people who don't like those legal sense to be said, so they protect themselves.
但他们的受众可能不会这样做。
But their audiences may not do that.
对吧?
Right?
我们已经看到过不同国家的人们。
And we've already seen people in in various countries.
不幸的是,这种情况甚至发生在一些欧洲国家,也在俄罗斯发生过。
It happens in some even European countries, unfortunately, and it happens in in Russia.
对吧?
Right?
你喜欢某样东西,接下来发生的事是,你甚至都不对此发表评论。
You like something, and the next thing that happens, you don't even you don't even comment on that.
你只是点赞了一些有争议的内容,然后就因为点赞这种行为而被罚款,这
You simply like something controversial, and then you're being riddled with some fines for liking thin, which
或者你根本就没有点赞。
Or maybe you're you're not even liking it.
我的意思是,你在那个群组里。
I mean, we you're in the group.
是的。
Yeah.
你在某个政治家的Telegram频道里,他们只是把整个群组成员名单都收集起来,然后用来对付你。
You're in a far you're in a you're in a certain politician's Telegram channel, and they're just taking a full list of who's in the group and using it against you.
完全正确。
Exactly right.
这正是至关重要的地方。
And that's that's what's critically important.
参与的隐私性非常重要,所以我们现在生活在一个某些权力机构认为他们不仅需要监管说了什么,还需要监管听了什么的世界,这更加危险。
Privacy of participation is is very so so we currently live in a world when when some, powers believe that they have to regulate not just what's being said, but also what's being listened to, and it's even more dangerous.
对吧?
Right?
人们希望如此,但对此并没有法律依据。
So people want and there is no law for that.
对吧?
Right?
这完全不在法律程序之内。
There is no it's it's completely outside of legal process.
这完全超出了我们历史上见过的任何先例。
So it's completely outside of any precedent we've had we've seen in history.
因此,人们合理地希望保护自己的身份,不希望将自己的身份混为一谈。
So people reasonably want to protect their identities, and they don't want to conflate their identities.
所以在 Telegram 中,如果你关注了 20 个不同的频道,那么每个人都知道你关注了哪些频道。
So the in Telegram, if you follow, 20 different channels, then everybody knows all the channels you follow.
对吧?
Right?
有一张图片。
There is a picture.
没错。
Right.
接下来发生的事是,你会被贴上阴谋论者的标签,但这还不是最糟的结果。
The next thing that happens, you're branded as a conspiracy theorist, and it's not the worst outcome.
而且,不幸的是,Nostr 也有类似的问题。
So and, unfortunately, Nostr has similar thing.
对吧?
Right?
所以,我要么得自律,创建多个个人资料,但这真的很不方便。
So either I have to have a discipline and create multiple profiles, and it's just inconvenient.
对吧?
Right?
我得好好想想,还得走一堆流程。
I have to think about it, and I have to go through the hoops.
而且,所有的应用都没办法轻松地创建多个身份来参与讨论。
And, like, all the applications don't really make it simple to create alternative identities just for participating.
对吧?
Right?
所以你最终只能用同一个身份加入,这样一来,所有人都知道你在看什么、听什么、参与什么。
So you end up just joining with the same identity, and now everybody knows what what you're reading, what you're listening, what you're engaging with.
所以 SimpleX 协议的实现方式是,每次你加入一个社区,都会使用一组新的密钥。
So so what SimpleX protocol achieves is that every time you join a community, it's a next set of keys.
是一组新的地址。
It's a next set of addresses.
是一组新的凭证,你的参与行为就能保持私密。
It's a next set of credentials, and your participation remains private.
如果你想要
If you want
默认使用新身份。
to new identity of by default.
这甚至不是什么新身份。
It's not even a new identity.
网络并不基于身份这个概念运行。
The network doesn't operate on the concept of identity.
我想,我想,让我解释一下。
I think I think I think let let me explain.
我认为,重要的是要理解,我们并没有真正打造单一的东西。
I think I think it's important to understand that we didn't really build one thing.
人们以为我们只打造了一样东西。
People think that we build one thing.
但即使你看我们最早在2021年撰写的白皮书,那时公司都还没成立。
But even if you take our earliest white paper, like, written in 2021 even before the business was started.
所以它写得非常清楚。
So it says very clearly.
所以我们构建了一个用于在应用程序之间传输数据包的网络,因为这是万维网中缺失的一环。
So we built a network for delivering packets between applications because this is what's the missing bit in the World Wide Web.
对吧?
Right?
我曾经是一名网页开发者。
I was web developer.
我只是想在我的网站上建立一个通道。
I just wanted a channel on my website.
对。
Right.
对吧?
Right?
那么你该怎么做呢?
So how do you do it?
你需要一条消息和协议来实现这一点。
You need a message and protocol to achieve that.
要进行发布,你需要消息传递。
To do publishing, you need messaging.
因此,我们创建了一个传输网络,用于在端点之间传递数据包。
So we created a transport network that allows to deliver packets between the endpoints.
如今,这个传输网络已经超越了SimpleX聊天应用程序的使用范围。
And this transport network today already used beyond SimpleX Chat application.
它被用于低端设备。
It's used by low end devices.
人们正在用SimpleX网络试验物联网设备。
People experiment with IoT devices using SimpleX network.
这个传输网络的一个重要区别是,如果你看一下互联网,互联网就是一个传输网络。
One substantial distinction of this transport network was if you if you look at the Internet, Internet is a transport network.
互联网的作用是,它拥有像设备这样的端点。
What Internet does, it it has endpoints like devices.
对吧?
Right?
它将数据包传送到终端节点。
And it deliver packets to the endpoints.
对吧?
Right?
而互联网使用的是所谓的终端寻址。
And Internet uses what's called endpoint addressing.
对吧?
Right?
每个终端都被分配了一个地址。
Each net each endpoint is assigned an address.
对吧?
Right?
我们把它完全颠倒过来了。
We flipped it upside down.
这位设计师说,好吧。
This designer said, okay.
我们不会为终端分配地址,原因有很多。
We're not gonna assign addresses to endpoints for various reasons.
这会损害它们的安全性。
It compromises their security.
这也会增加它们的电池消耗。
It also compromises their battery consumption.
因为如果你想想移动设备,对,它们没有固定地址。
Because if you think about mobile devices, right, they don't have fixed address.
它们会在不同网络之间不断切换。
They keep switching between networks.
它们分配的是动态地址。
They assign dynamic addresses.
所以网络最初设计的互联网是相当对称的。
So the problem that network initial Internet was quite symmetric.
对吧?
Right?
所有的网络节点和终端都有地址。
All net point all endpoints had addresses.
对吧?
Right?
固定的地址。
Fixed addresses.
而现在,互联网发展到这样的阶段:一些被称为服务器的节点有固定地址,但所有其他节点和终端设备都没有固定地址。
And now Internet evolved to the point that some kind of nodes we call servers, they have fixed addresses, but all other nodes and end user devices, they don't have fixed addresses.
它们有可变的地址。
They have variable addresses.
这使得寻址变得非常困难。
And that makes addressing really hard.
这使得同步通信变得极其困难。
It makes a synchronous communication really hard.
这使得所有应用程序都变得非常困难。
It makes all application really hard.
因为为了接收消息,你现在必须不断轮询。
Because in order to receive messages, you now have to poll.
你得去服务器那里不停地问:我有消息吗?
You have to go to the server and ask keep asking, do I have messages?
我有消息吗?
Do I have messages?
人们以为SimpleX网络是这样工作的,但其实并不是。
Do I have mess people believe that's how SimpleX network works, but that's not how it works.
这种不断询问的问题在于,每次询问都会消耗电量。
The problem with this asking is that you lose power every time you ask.
所以我们想,好吧。
So we said, okay.
如果我们以一种完全不同的方式来设计传输网络呢?
What if we design transport network in a very different way?
我们不是将身份分配给端点地址,而是将身份分配给端点之间的连接。
And instead of assigning identities to the endpoint addresses, we assign identities addresses to connections between the endpoints.
这就是SimpleX网络的构建方式。
And that's how SimpleX network is built.
我们只是在网络中构建了数据包路由,当地址被分配给端点之间的连接时。
We simply built a packet routes in network when address is assigned to connections between endpoints.
所以每次你想连接到端点时,你都会创建一个连接,并在这个连接上附上一个地址,就这样。
So every time you want to connect to endpoints, you create a connector and slap an address on this connector, and that's it.
所有的创新就在于此。
That's that's all the innovation was about.
把地址和方案颠倒过来,不是将地址分配给端点,而是……听众的技术水平很高,我希望我不会这么做。
Flip the address and scheme upside down, and instead of assigning addresses to endpoint you said the audience is quite technical, so I hope I'm not going to do it.
你是在告诉我,我会不会这么做吗?
You you're telling me if I'm going to do it.
所以,这就是整个想法。
So that that's the whole idea.
对吧?
Right?
将地址分配给端点之间的连接,这样就解决了问题。
Assign addresses to connectors between the endpoint, and it solves the problem.
它解决了端点安全问题,因为网络知道第二个端点的地址。
It solves problem of endpoint security because the second endpoint address is known to the network.
它可能被攻击,并且它解决了功耗问题,因为如果端点没有固定的互联网地址,就很难建立连接。
It can be attacked, and it solves problem of power consumption because if endpoint cannot have fixed Internet address, it it becomes problematic how to connect.
SimpleX节点就是路由端点之间数据包的路由器。
And what SimpleX nodes are is routers that route packets between endpoints.
所以端点使用这些路由器——或者叫路由器,不过这可能取决于你所在的国家,我想——来在端点之间传递数据包。
So endpoints use these routers or routers, however, it depends on which country you're in, I guess, so to to deliver packets between endpoints.
这就是我们构建的东西。
That's what we built.
然后他们说,好吧。
And then they said, alright.
我有开发开源应用的经验,我知道如果你构建了一个终端用户不直接使用的组件,就很难让它变得有价值。
I have experience of building open source applications, and I know that if you build a component that's not used by end users, it's really hard to make it valuable.
很难让它融入每一个企业。
It's really hard to make it into every business.
很难获得采用,因为你实际上是在构建一个大型系统中的技术部件,你必须说服人们——我指的是我的数据验证库。
It's hard to get adoption because you're effectively built a technological cog in a large way, and you have to convince people to I'm talking about my library for data validation.
对吧?
Right?
我从2015年开始构建的。
I built, like, from 2015.
我开发了一个JavaScript库,现在每月下载量接近十亿次,因为它可能被绝大多数JavaScript应用所使用。
I built a JavaScript library that now has close to a billion downloads every month because it's used probably by, like, I don't know, most JavaScript applications.
这取决于
It depends on
就是这个。
this one.
确实是。
It is.
对。
Right.
这是使用最广泛的库之一,因为它被众多应用程序独立依赖,但大多数人并不知道它的存在,因为它就像一个小小的零部件——不过也不算太小。
It's it's it's one of the biggest used libraries because it's an independent chain of many applications, But most people don't know it exists because it's it's a it's a little cog well, not not so little.
它是轮子中一个高度可靠的零部件,目前正经受着人工智能攻击的考验。
It's it's a it's a highly reliable cog in the wheel that's surviving AI led attacks right now.
人们在寻找高度可靠的解决方案。
People try to find highly reliable.
它得到了强有力的支持,并被大量用户使用。
It's been highly supported, used by lots of people.
我们在设计这个传输网络时的思路是,必须并行开发应用程序。
My my kind of thinking when we design this transport network is we'll have to build application in parallel.
我们不能只构建传输网络,然后指望它能被自动使用。
We we cannot just build transport network and hope that it's somehow used.
我们必须开发一些使用这个传输网络的应用程序。
We have to build some application that uses this transport network.
你正在验证这个使用场景。
You're proving the use case.
实际上。
Effectively.
所以我们开发了 SimpleX Chat。
So we built SimpleX Chat.
SimpleX Chat 是什么?
And what is SimpleX Chat?
SimpleX Chat 是一个使用这个传输网络的点对点即时通讯工具。
SimpleX Chat is a peer to peer messenger that uses this transport network.
SimpleX Chat 不需要终端用户拥有身份,这正是由于传输网络没有端点地址,而只有连接器地址所导致的直接结果。
And the fact that SimpleX Chat doesn't need identities for the end users is a direct consequences of transport network not having endpoint addresses and instead having connector addresses.
这两者一直是在并行发展的。
So and these two things have been evolving in parallel.
它们位于不同的代码仓库中。
They live in different code repositories.
显然,SimpleX Chat 应用使用了 SimpleX 软件提供的库。
They obviously, SimpleX Chat application uses library provided by SimpleX software.
但对我们来说,这一直就是两件事。
But for us, it's always been, like, two things.
我们一直在并行发展,努力让整个生态系统协同工作。
We're evolving in parallel and try to make this whole ecosystem work, but together.
对吧?
Right?
而这正是我们所构建技术的基础。
But and and that's that's that's the foundation of technology we built.
这对我来说很有道理。
That makes a lot of sense to me.
我的意思是,理想情况是会有许多不同的应用和用例基于这个协议,而 SimpleX 是第一个,它在开路,证明了这个协议如何运作以及它的韧性。
I mean, so the dream is that you have that there'll be many different applications and use cases on top of this protocol, but SimpleX is the first one and it's paving the way and proving how it works and how resilient it is.
对吧?
Right?
没错。
Correct.
SimpleX,是的。
SimpleX yes.
没错。
Correct.
是的。
Yes.
我们也将SimpleX Chat平台视为一个类似于浏览器的应用平台。
We we see SimpleX Chat platform also as a potentially platform for applications similar to a browser.
对吧?
Right?
我们已经在探索采用一种编程语言,以支持在图表中嵌入具有客户或活动等功能的小部件等。
We're already playing with the idea of adopting programming language that will enable to have widgets in a chart that have some customers or activity, etcetera, etcetera.
所以SimpleX Chat本身也是一个可以进行开发的平台。
So SimpleX Chat in itself is also like a platform you can develop on.
而且人们已经开发了聊天机器人。
And people already developed chatbots.
对吧?
Right?
所以,有来自Unstoppable的团队,你知道的,就是那个Unstoppable钱包的团队,我看到他们时非常兴奋。
So there was, like I was very excited to see that guys from unstoppable you know you know this unstoppable wallet people probably.
对吧?
Right?
他们开发了一个聊天机器人,可以通过SimpleX Chat聊天机器人进行交易兑换。
So they developed a chatbot that allows to do swaps via SimpleX Chat chatbot.
而且好处是,你进行兑换时无需连接任何外部服务,无需暴露你的IP地址,也不共享你的交易信息。
And the good thing is, like, you're doing swap without connecting to any without exposing your IP address, without sharing your transferred information.
你实际上做到了。
You're effectively yeah.
当然,它并不是完全去信任的。
There is it's not completely trustless, of course.
是的。
Yes.
你需要信任某些兑换提供商。
You you trust some swap providers.
对。
Right.
但SimpleX Chat本身是相当去信任的。
But SimpleX Chat itself is rather trustless.
对吧?
Right?
而且你
And you
通信协议本身就是最小化信任的。
just The communication protocol is is trust minimized.
是的。
Yeah.
对。
Yeah.
所以他们做的是私密的。
So And they do private.
是的。
Yeah.
我的意思是,这很合理,因为我认为真相其实介于两者之间,虽然有很多炒作,但我确实觉得,人们与这些技术互动的用户体验正在转向类似AI聊天界面的形式。
And I mean, it makes sense because I mean, I do think, you know, I think the truth is somewhere in the middle and there's a lot of hype, but I I do think the UX of how people interact with a lot of these things is moving to like the AI chat interface.
我们正从点选点击的世界,转向提问即得的世界,也就是你直接向智能代理提出需求。
We're like going from we're going away from the world of point and click and more to the world of ask and get, you know, where you're like, just asking an agent for something.
然后问题来了,我们已经从开源运动中看到了这一点,这是有史以来增长最快的开源项目,而且是面向终端用户的开源项目。
And then as the question becomes, and we've seen it with the open call movement, which is the fastest growing open source project, end user open source project of all time.
每个人都在使用Telegram或Discord这样的中心化平台,完全不私密。
Everyone's using Telegram or Discord centralized and not private at all.
对吧?
Right?
完全同意。
100%.
我完全同意你的观点。
And I I I I agree with you.
你知道吗,我曾经在一家通过WhatsApp销售时尚产品的初创公司担任CTO。
You know, I was a CTO at startup that was selling fashion via WhatsApp.
对吧?
Right?
在我看来,商业正在向聊天环境迁移。
To me, commerce move into messaging environment.
所有与服务的交互都将迁移到聊天环境中,这是技术发展的必然趋势,因为这种点选界面需要大量思考该点什么、点哪里。
All interaction with services move into messaging environment was, like, inevitable future of technology because this whole kind of point and click interface, it requires a lot of, like, thinking about what to point and what to click.
对吧?
Right?
有时候只是想问一下。
Sometimes just want to ask.
而一直以来的限制在于,系统是否具备理解我们用平实语言提出请求的能力。
And the constraint was always an intelligence of or or or, like, some ability to interpret our requests if they are said in plain language.
对吧?
Right?
当我们能从大语言模型中获得非常有价值的回应时,这确实是个明显的优势。
And they're certainly positive points when we can get very valuable responses from LLMs.
对吧?
Right?
但现在的问题是,围绕大语言模型的整个通信渠道都极其不安全——不仅模型提供商能读取我们的内容,就连其周围的传输环境也并不安全。
But the problem now is that the whole kind of communication pipes around LLMs are extremely insecure, not just LLM provider can read what they say, but, like, all the transport environment around it is not quite secure.
而且,我们在使用时也缺乏隐私保护。
Plus, we are not private with that.
所以我认为,我们正在构建的东西,可以成为与模型交互的一个有趣的传输层。
So I think I think what we're building can be an interesting transport layer for interaction with with models.
是的。
Yeah.
我的意思是,你尤其能在发展中国家看到通信作为商业渠道的应用。
I mean, you especially see it, the commerce as messenger in the developing world.
比如,每当我身处拉丁美洲时,这一点非常明显。
Like, whenever I'm in Latin America, it's very obvious.
而且,再回到比特币的话题,人们进行点对点比特币交易的最主要方式是通过WhatsApp等现有即时通讯工具,而不是通过专门的应用程序——他们直接使用WhatsApp。
And I mean, to tie it back to Bitcoin again, the number one way that people do P2P Bitcoin trades is through WhatsApp is through existing messengers, not through like application They're they're going into WhatsApp.
他们有自己的经纪人或交易商,然后直接在WhatsApp上与对方私信交换信息。
They have their broker dealer or whatever, and they're just messaging them directly there and exchanging information.
我想稍微退一步说一下。
I I saw I wanna pull it back for a second.
所以关键在于,SimpleX服务器,对吧?
The so the key here, the SimpleX servers, right?
任何人都可以运行一个SimpleX服务器。
Anyone can run a SimpleX server.
它们是路由器。
They're routers.
它们在彼此之间路由通信。
They're routing the communication between each other.
这个负担有多重?
How heavy is that burden?
比如,用户对服务器的信任体现在哪里?
Like, and what trust is being put in the server by the users?
路由器所承担的负担很大程度上取决于流量。
The burden that router holds is very much dependent on the traffic.
如果你只是为一个小群体运行一组路由器,可以用一个单核虚拟机,配备半GB内存甚至更少。
If you're just running a set of routers for a small group, you can have single core virtual machine with, like, half gigabyte of RAM or even less.
它只是
It's
最低限度。
just minimum.
是的。
Yes.
是的。
Yes.
它的资源消耗极低,因为它所做的只是接收消息。
It's it's extremely low resource consumption because all it does, it receives a message.
我们默认的实现不使用任何数据库层。
We our default implementation doesn't use any database layers.
它可以运行在一个单一的可执行文件上,该文件在内存中保存状态,并通过追加日志来实现后备状态。
It can run on like, it's a single executable that keeps the state and memory with a fullback state in a append on the logs.
因此,即使发生硬重启,它也不会丢失连接。
So effectively, it it wouldn't lose the connections even on hard reset.
在硬重启时可能会丢失一些消息,但如果正常终止,则不会丢失任何消息。
It may lose some messages on hard reset, but if it's if it terminates normally, it wouldn't lose any messages.
它会在停止时持久化这些消息。
It will persist them on stop.
所以我们不再在内存服务器上运行这个了,对于那些配置足够高的场景。
So we we don't we don't we don't run this in memory servers anymore for those that are preset enough.
我们使用PostgreSQL数据库来做这件事,我们也知道不少其他人也迁移到了PostgreSQL数据库,他们在公司或工作小组中使用它。
We use, Postgres database for that, and we know quite a few people who migrated to Postgres database as well who run them in their companies or in their working groups.
所以他们使用这些路由器搭配PostgreSQL数据库。
So they use use those routers with with Postgres databases.
在高流量情况下,效率更高。
With high traffic, it's it's more efficient.
但即便如此,我们讨论的仍然是相对低功耗的机器或虚拟环境,它们可以传输数百万条消息。
But still, we're talking about relatively low power machines or virtual environments that can transfer millions of messages.
所以我只是想弄清楚,你所认为的‘是的’具体指的是什么。
So I'm just trying to like, I'm trying to key in here on what you perceive as yeah.
继续说。
Go on.
你提到第二个问题是信任。
You said you asked the second question that was trust.
对吧?
Right?
信任的级别。
The level of trust.
是的。
Yes.
我认为,多亏了我们的顾问,我们对信任模型一直非常明确。
I think I think we probably thanks to our adviser, we have been very explicit about trust model.
这在我们的白皮书中有所说明。
It's it's in our white paper.
显然,服务器和路由器可能会中断通信。
So servers obviously can routers disrupt communications.
对吧?
Right?
所以我们相信路由器不会这么做。
So we we trust routers not to do it.
但它们不能做的事情也很重要。
But what they cannot do is important.
它们无法破坏端到端加密,因为它们不参与密钥交换。
They they cannot compromise on to end encryption because they do not participate in key exchange.
密钥交换是通过带外方式进行的。
Key exchange happens out of band.
它们无法悄无声息地丢弃消息。
They cannot drop messages undetectably.
它们无法悄无声息地插入消息。
They cannot insert messages undetectably.
因此,服务端能做的最好的事情就是延迟通信,或者向终端用户的设备发送大量垃圾流量。
So the best the service can do is just delay communications or, like, send loads of spam traffic to the end user's device.
换句话说,可靠性和正常运行时间就是信任的基础。
Like, reliability and uptime is the trust, basically.
对吧?
Right?
是的。
Yes.
是的。
Yes.
实际上。
Effectively.
对。
Yeah.
至于服务器和路由器,我们运行的那些设备几乎没有出过问题。
And and with servers, there's a routers that we run that had very we had no no much problem.
对吧?
Right?
我遇到过一个特别有趣的情况,四年前在首款移动应用发布那天我联系过一个人,最近他给我发消息说:‘你好。’
I I had, like, very funny situation when somebody who I connected, like, on the day of the first mobile app launch four years ago recently messaged me and said, hello.
我说:‘好的。'
I said, okay.
这件事是四年前发生的。
This thing was, like, four years ago.
这种连接竟然一直维持了这么久。
The connection somehow survived through all this time.
所以是的。
So yes.
所以我们力求最小化信任。
So so we we we aim to minimize the trust.
而且,如果最初的设计在消息传递链中只有一个路由器,那么显然,尽管在SimpleX协议层上服务器没有身份,但在IP协议层上还是有的。
And, also, if initial design had a single router in a message passing chain, and, obviously, even though on a SimpleX protocol layer, servers don't have identities, there is IP protocol layer.
对吧?
Right?
如果服务器或路由器能够观察到一方的IP地址和另一方的IP地址,
And if server can if router can observe IP address of one party and IP address of Yep.
那么他们就能知道谁在和谁通信。
Another party then then they can see who talks to whom.
所以在IP地址层面。
So on on IP address level.
对吧?
Right?
所以我们更改了这个路由协议。
So we changed this routing protocol.
现在消息总是通过两个路由器转发。
So now messages are passed always through two routers.
即使第一个路由器和消息传递没问题。
So even though the first router and the message passing okay.
每个对话都涉及这四个路由器。
So each conversation with these four routers.
对吧?
Right?
当我提到两个路由器时,指的是单向通信。
When I say two routers, it's a one way communication.
对吧?
Right?
好的。
Okay.
所以我可以通过一个路由器给你发消息,同时用另一个路由器连接到你的路由器。
So so I can be messaging you through one router and using our another router to connect to yours.
当你回复时,你也会使用两个路由器。
And when you're replying, you also will be using two routers.
因此,实际上,你选择接收消息的路由器,而我选择将消息转发到你路由器的路径。
So effectively, you choose the routers to receive messages from, and I choose the routers to forward the messages to your router.
他们必须全部串通才能关联起来,这真的很难。
And they would all have to collude to connect the It's it's really hard.
是的。
Yes.
他们必须这样做,而且这真的很难,因为这意味着他们需要协调更改协议,并在消息信封中添加一些额外的元数据。
They'll have to and it's really hard because it means they'll have to do some coordinated protocol changes and introduce some additional metadata in the message envelopes.
所以我会说,这当然不是不可能的。
So I would say it's not impossible, of course.
如果路由器串通,它们可以进行时间分析和相关性比对。
If routers collude, they can do time and correlation and compare those things.
对。
Right.
但技术门槛相当高,而且客户端已经被编程为使用路由器,而不仅仅是不同的路由器,而是不同运营商的路由器。
But but the technical bar is quite high, And the clients are already programmed to use router, not just different routers, but routers of different operators.
我们引入了路由器运营商的概念,应用程序理解这一点,目前已经有两个预设的运营商。
We introduced the concept of router operator, app understands that, and it will tell already has two preset operators right now.
以后还会增加更多。
There will be more.
所以如果你把你的路由器加入进来,那就成了第三个运营商。
So and if you add yours to the routers, then it will be a third operator.
因此,应用程序了解的不仅是路由器,还有路由器运营商的概念,它会选择不同的运营商,也就是不同的实体。
So App knows this concept of not just router, but of router operator, and it chooses different operators, so different entities.
顺便说一下,这是我对于Tor最大的批评,因为确实如此。
That was my biggest criticism of Tor, by the way, because Right.
Tor网络基于这样一个理念:每个数据包会经过三个中继节点。
Tor Tor network is built on the idea that you choose three relays on a on a packet pass and pass.
对吧?
Right?
你无法控制中继节点的选择,或者只能有限地控制。
You don't control the relay choice or you have limited control of relay choice.
对吧?
Right?
我们知道,在Tor网络中,有一些大型实体控制着这些中继节点。
And we know that there are large entities separating those relays on Tor network.
对吧?
Right?
我们也知道,有一些实体在出售流量数据。
And we know that there are entities who sell traffic data as well.
所以,这种认为不同服务器、不同中继节点就不会串通的想法其实是值得怀疑的。
So so if actually this whole kind of idea that different servers, different relays means that they don't collude is kind of questionable.
对吧?
Right?
所以我们
So we
整个模型的基础是路径中至少有一个诚实的节点。
Like, the whole model is based on at least one honest actor in the route.
但如果所有节点都是同一个实体,那么这个假设就崩溃了。
But if it's all the same actor, then the the assumption breaks down.
没错。
Exactly.
是的。
Yeah.
而且由于你对这些中继节点的控制权有限,虽然有一些高级设置,但默认情况下你无法选择,这意味着你可能无法保证这条电路的隐私性。
And and given that you have limited control of those again, there there are some advanced settings, but by default, you don't choose, and it means that means that you potentially don't don't have privacy of this of this circuit.
我认为这很重要,因为对于SimpleX协议来说,比如你把它和Tor做比较。
I think it's important since for SimpleX protocols, like, if you compare with Tor.
对吧?
Right?
在Tor中,你会创建一个持久的电路。
On Tor, you create a persistent circuit.
所以你会建立一个电路,然后所有数据包都通过这个电路传输。
So you build a circuit, and then then all the packets come through the circuit.
而这个电路可以看到所有数据包,并且能够理解。
And then the circuit can see all the packets, and they understand.
它们都知道这是同一个电路。
They all understand it's the same circuit.
这是一个持久的电路。
It's persistent circuit.
对吧?
Right?
是的。
Right.
所以,即使这本质上是一种会话设计。
So even even though like, for example, it's it's it's a session design.
对吧?
Right?
因此,你可能会通过这个网络给不同的人发消息,但接收你消息的服务器会知道这些消息来自同一个人,因为它们都是通过同一个电路传输的。
So you may message different people through this network, but the the the server that receives your messages would know that they come from the same person because they come through the same circuit.
你明白吗?
And you understand.
对吧?
Right?
所以,因为会话是相同的。
So, like, because the the session is the same.
不同的数据包都来自同一个会话。
Different packets come out of the same session.
这意味着,至少你知道所有这些不同情境下的通信都来自同一个人。
It means that you know at least that it's the same person communicating all these different contexts.
对吧?
Right?
在SimpleX网络中,我们采用了不同的设计。
With SimpleX Network, we designed it differently.
我们和Mixnet的做法一样。
We do the same as Mixnet do do.
因此,实际上并不存在电路。
So, effectively, there's no circuit.
这是一种基于数据包的匿名性。
There there is a packet level anonymity.
接收方路由器无法判断数据包是来自同一会话还是不同会话,它只知道这些数据包是发给不同接收者的。
And, the recipient router, it doesn't know whether packets come from the same session or from different session, so it only knows that they come to different recipients.
对吧?
Right?
而且,路由器中的转发节点同样不知道会有多少个地址,因为在发送方和更深层的接收路由器之间没有加密机制,这是更技术性的细节。
And the forwards in router, again, it doesn't know how many addresses would be because there isn't an encryption between sender and the receiving router going deeper in technical details.
因此,实际上他们无法在密码学层面确定谁在和谁通信,因为每个数据包在这个消息系统中都是匿名的。
So, effectively, they cannot establish who talks to whom on a cryptographic level because because the each each packet is anonymous in this message person.
这太棒了。
That's awesome.
是的。
Yeah.
默认情况下,这使得共谋变得困难得多,这一点很关键,因为如果默认设置才是最重要的,大多数人根本不会去更改任何设置。
It makes collusion significantly more difficult by default, which is key because if defaults are what matter, most people are not gonna actually be changing things.
是的。
Yes.
你们是怎么处理发现问题的呢?
How do you how do you handle the, like, the discovery problem?
所谓发现问题,我的意思是它可能包含很多不同的含义。
The and by discovery problem, I mean, it can mean a bunch of different things.
我的意思是,你给我发消息,而我连接的路由器和你的不一样。
What I mean is you message me and I'm connected to a different router than you are.
那么路径是如何确定的呢?
How does the path get determined?
它是怎么到达我的?
Like, how do you how does it how does it get to me?
对吧?
Right?
你明白我的意思吗?
You know what I mean?
你发布了一个地址。
Your address, you published an address.
对吧?
Right?
所以协议或操作中没有任何内容能帮助我发现你的地址。
So we don't have have anything in the protocol or in the op to help me discover your address.
那就是未来的事了
That's that's the future
这是一个独立的发现问题。
That's a separate discovery problem.
我不是在说这个。
That's not what I'm talking about here.
是的。
Yeah.
是的。
Yeah.
是的。
Yeah.
是的。
Yeah.
你去了我的网站,那里就有我的地址。
You went to my website, and there was a there was my my address was there.
所以我们只是用了一个传统的网站来处理这部分的发现问题。
So we just used a traditional website for that part of the discovery problem.
正确。
Correct.
地址的工作方式,以前和现在一样,地址本身包含了路由器地址。
The address the way it works now the way it worked before, the address itself contained the router address.
好的。
Okay.
现在的方式是,地址包含一个加密数据片段的引用,而这个加密数据片段又包含了我必须提到的地址引用。
The way it works now, the address contains a a a reference to an encrypted piece of data, which contains the reference to the address, which I have to mention.
因此,地址本身在密码学上与我必须转发消息的节点绑定。
So the the the address itself cryptographically bound to the point I have to forward my messages to.
所以你的路由器由你的地址决定,而我选择用来转发发往该地址的数据包的路由器,则是从我的客户端配置中随机选取的。
So your your router is determined by your address, and the router I choose to forward messages to this address packets is randomly chosen from my configurate from my client configuration.
所以我的客户端说,好的。
So my client says, okay.
我会选择任何路由器,但会尽量使用与你不同的运营商的路由器。
I will choose any router, but it will try to use a router of another operator than you use.
对。
Right.
所以当我向你的地址发送第一条消息时,客户端会包含一个端到端加密的回复地址。
So and that's what and when I send the first message to your address, when the client sends the first message, it includes the reply address, end to end encrypted.
所以你的客户端
So your client
会给你一个发现路径,以便你能返回。
gives you a discovery path, basically, to get back.
是的。
Yeah.
是的。
Yeah.
你的客户端会了解到如何联系到我。
Your client learns where it can reach me.
当我给你发消息时,整个过程非常顺畅。
When I message you, it's all it's all works rather seamlessly.
从技术层面来说,发现机制并不是问题。
And on a technical level, discovery is not a problem.
显然,我们的整个理念是,比如我们有一个客服人员来回复用户的需求。
Obviously, the the whole idea is, like, for for us, right, we have a a support team member who answers user's request.
最常见的问题是:我该如何连接到别人?
The most common request is how do I connect to people?
比如,你在哪里输入名字?
Like, where do you where do you where do you type the name?
你是输入电话号码吗?
Do you type the phone number?
这到底是怎么运作的?
How the hell like, how is it even working?
对吧?
Right?
所以,必须创建一个链接并分享给他人才能建立连接这个想法,对绝大多数人来说都是完全陌生的。
So the whole idea that you have to create a link and share the link with somebody else in order to connect is is alien to absolute majority of people.
我们目前正在大力 redesign 这个初始连接体验,使其更容易理解。
We're doing a lot of redesign of this initial connection experience right now to make it easier to understand.
我们还没有改变它。
We we don't change it yet.
面对面的方式更直观。
Say the in person is more intuitive
是的。
Yes.
因为面对面时,你只需扫描二维码即可。
Than not because in person, you just scan a QR code.
搞定。
Boom.
是的。
Yes.
是的。
Yes.
是的。
Yes.
是的。
Yes.
那确实是应用的第一个版本,除此之外什么都没有。
That's that was like that was literally version one of the app had nothing else.
对吧?
Right?
你可以扫描二维码,然后开始发送文本消息。
You could scan a QR code and you can start sending text messages.
这是我们四年前发布的功能。
That was what we released four years ago.
但,是的,这对我来说说得通。
But, yeah, that makes sense to me.
好的。
Okay.
所以,MLS 试图解决的一个问题是:加密聊天中群组规模扩大时的性能问题。
So one of the things that MLS does attempt to solve is this idea of groups scaling poorly in encrypted chat.
所以,很多时候,最基础的情况是——如果你觉得我理解错了,请纠正我。
So a lot of times the most basic and you can correct me where I'm wrong here.
我对标准加密群聊工作方式的最基本理解是:如果群组里有50个人,每当我发送一条群消息时,实际上是在发送50条独立的加密消息,只是界面看起来像只发了一条群消息。
My most basic interpretation of how standard encrypted group chats work, whether it's Signal or Matrix or any of the existing ones is I'm basically if there's 50 people in the group, I'm sending 50 individual encrypted messages every time I'm sending a group text, but the UI is making it look like it's just one message in a group text.
但在后台,真正发生的是:每条消息都必须分别加密并发送给群里的每一个成员。
But in the background, what's really happening is every message has to be sent to every group member and private, you know, encrypted separately.
我的理解是,MLS 规范的一部分正是为了解决这个扩展性限制,因为这种机制可能在20人左右还能工作。
My understanding is part of the MLS spec is trying to solve that scaling limitation because maybe it works at like 20 people.
可能50人也还行。
Maybe it works at 50.
但一旦人数达到2005人,那就完全不可行了。
But once you get to like 2,005 people, it's insane.
你们基本上是在互相发起分布式拒绝服务攻击,服务器的负载自然也会大幅增加。
You're like basically DDoS each other and then the servers would obviously have a lot more overhead attached to them.
那你对此是怎么考虑的?
So how are you thinking about that?
这是一个真实存在的限制吗?
Is that a real limitation?
如果是,你们又是如何缓解这个问题的?
Is that and how are you mitigating it?
好的。
Okay.
这里涉及几个问题。
So there are several questions.
我会尽量一一回答。
I'll try to answer all of them.
首先,这并不是Signal的工作方式。
So first, that's not that's not that's not that's that's not exactly how a signal works.
对吧?
Right?
你并不是向每个成员发送消息。
You're not sending messages to each member.
你所做的,是为这条消息生成一个随机密钥,然后为50个人分别加密这个密钥,但消息本身只加密一次。
What you do is you generate a random key for this message, and then you encrypt the key itself for 50 people, but the message is encrypted only once.
所以,举个例子,如果你的消息有200个字符,但密钥很小,你就无需发送50次消息,也不需要在Signal中向50个人分别发送消息。
So for example, if your message is, like, 200 characters, but your key is rather small, you don't need to send message 50 times, and you don't need to send message to 50 people in signal.
你用同一个密钥加密消息,然后用不同的密钥分别加密这个密钥——如果我说了,然后你发送一个包含一条用该密钥加密的消息和50个已加密密钥的组合包,但这些密钥都很小,因为它们是固定大小的32字节密钥。
You encrypt message with the same key, and then you encrypt key with different so if I say and then you send one bundle, which contains one message encrypted with this key and 50 encrypted keys, but they are small because it's, a fixed size 32 bytes bytes key.
对吧?
Right?
所以,这并不是完全准确的。
So so it's not it's not exact.
然后服务器会进行分发和广播,对吧,发送给所有接收者。
And then the server does the fan out, the broadcast, right, to to the to the recipients.
但服务器无论如何都得这么做,不管你怎么说,密钥。
And server has to do it anyway, however you agree, keys.
对。
Right.
因为他们必须看到这条消息。
Because they have to see the message.
对吧?
Right?
是的。
Yeah.
对。
Yeah.
没错。
Exactly.
所以他们就像,要么就是简单地说是。
So they they like, it's either, like, in simple yeah.
所以,如果你通过Signal或Matrix通信,整个机制是这样的:你发送一次消息,然后服务器将其分发给群组的所有成员。
So if you if you communicate via signal or matrix, then the the the whole way it works, you send the message once, and then the server distributes it to all the group members.
对吧?
Right?
服务器显然比你的移动设备有更强的处理能力,这就是为什么它能正常工作。
And server obviously has more power than your mobile device, and that's why it's it's it's it's working.
对吧?
Right?
你需要为每个接收者分别加密发送50个不同的密钥,这并不等同于发送50次消息。
And the fact that you have to send 50 different keys encrypted for each recipient is not, like, the same as sending message 50 times.
这当然有一些开销,但开销并没有那么大。
It's it's obviously some overhead, but it's not as much overhead.
因此,这种方案可以扩展到数千名成员。
So this approach scales to some thousands of members.
好的。
Alright.
它无法扩展到五万人,但可以扩展到几千人。
It doesn't it doesn't scale to 50,000, but it scales to several thousands.
但我想问一下,我是不是说得对?我的意思是,我曾经参与过非常大的加密Matrix群组,也许他们的实现方式有所不同,但当人数达到一定数量时,使用起来几乎变得不可用。
But it am I right that there there is a little bit of a I mean, I will just say, I've been in very large encrypted matrix groups, And maybe it's something else with how they have it implemented, but it like become it becomes nearly unusable as you get to the higher numbers in terms of people.
而且,人数还没到特别高的程度。
And, like, not that high.
我不确定。
I don't know.
比如,一千二百人左右。
Like, 1,200 people or something.
内容良好的意识。
Content good consciousness.
谈谈Matrix为什么有效,它是如何工作的。
Comment on why matrix works, how it works.
这么说也有道理。
So Fair enough.
是的
Yeah.
所以我会把这个问题留给他们的良知。
So I will leave it on their on their conscience.
所以是的。
So yeah.
所以我认为,对于几千人来说,它完全可以做到合理可用。
So I think it can be done reasonably usable for several thousand people.
但好吧。
But Okay.
问题是,我们之前讨论过。
The problem is that, we discussed it before.
对吧?
Right?
我的观点很简单。
My my view is simple.
对吧?
Right?
一旦你的群组成员超过一万人,你就需要一个可信的服务器。
Once your the group gets past 10,000 members, you need a trusted server.
对吧?
Right?
你真的需要,你不可能保护参与者的隐私,但也没有合理的方式能保护内容隐私,因为群组里总有人能接触到这些内容。
You you really need you you you can't you can't protect participation privacy, but there is no reasonable way you can protect content privacy because somebody in the group has it anyway.
对吧?
Right?
是的。
Yep.
设计一种能保护你免受服务器侵害的通信协议是一个有趣的方向,但MLS并不能解决这个问题,因为MLS最终仍需依赖一个可信服务器才能实现保护。
And trying to design communication protocol that protects you from server is an interesting direction, but MLS doesn't solve this problem because MLS arrives to the point that in order for this to be protected from the server, you still need a trusted server.
他们只是称之为身份验证服务。
They just call it authentication service.
这是一个不同的可信服务器。
It's a different trusted server.
是的。
Yeah.
是的。
Yeah.
你仍然需要某种程度的信任。
You still need some trust.
对吧?
Right?
这在某种程度上是有疑问的。
And kind of that's that's questionable.
他们也承认这一点,这仍然是一个正在进行的研究领域,他们同意这是一个严重的局限性,因为这正是信任的核心所在。
And and they acknowledge that, and it's an ongoing area of research, and they agree that this is a serious limitation because that that's kind of the whole foundation of trust.
因为端到端加密的理念就是让你的通信提供商无法访问你的内容。
Because the idea of end to end encryption is that you are protecting content from your messaging provider.
如果消息提供商能够将一个参与者注入群组,那么你就不再能保护内容了。
And if messaging provider can inject a participant into the group, then you're not protecting content anymore.
而正是对这个认证服务缺乏信任,才导致了这种情况。
And that's what the lack lack of trust to this authentication service achieves.
你可能会遇到被注入的参与者。
You can have participant that is injected.
所以,是的。
So so yeah.
因此,SimpleX 针对群组的设计问题有所不同。
So the problem of SimpleX designed for groups is different.
我们目前并没有广播功能。
We do not have a broadcast thing at the point.
对吧?
Right?
如果你在 SimpleX 上有一个群组,每次发送消息时,你都必须将消息发送五十次、一百次,甚至一千次。
If you have a group on SimpleX, you really need to send message fifty, hundred, or thousand times every time you send a message.
但人们仍然在 SimpleX 上使用群组。
And people still use groups on SimpleX.
我们自己运营了一个小型实验性目录,人们可以在那里提交群组。
We have lots of, like we host a small experimental directory ourselves where people can submit groups.
这算是我们对它可能形态的早期构想。
It's kind of our early view on what it may be.
所以存在拥有五千人的群组,而且它们确实能运作。
So there are groups of 5,000 people, and they kind of work.
对吧?
Right?
是的。
Yes.
发送消息时会产生大量流量,但人们还是在使用。
You to send a message, you have to incur lots of traffic, but people use it anyway.
我们现在设计的频道功能,实际上是增加了一个聊天中继,用于执行这种重新广播。
And the the design for channels we are now doing is effectively adds in a a chat relay that would be doing this rebroadcast.
关于 Bayt 播客
Bayt 提供中文+原文双语音频和字幕,帮助你打破语言障碍,轻松听懂全球优质播客。