When creating a new post, Bitpost offers you a number of choices to make such as whether to store your content on-chain, or how to encrypt your content.
This article takes a look at some of these options and explains what they mean.
Content as Bitcoin transactions
Whenever you create a new post, your content is signed by your keychain and encoded inside a Bitcoin transaction. This raw transaction can be seen as a kind of envelope of data — a self-contained wrapper for your content that in theory can be downloaded, stored and shared with other apps and services.
When you hand us a transaction we store it in two ways:
- We store the original raw transaction as it is, so we always have that original and signed envelope of data.
- We also decode the content and store it in a way where we can make it searchable and indexable, so we can serve your content to other users.
It’s worth underlining this point as it is important to understand when it comes to our approach to encryption. There are two versions of your content: the original, raw transaction; and the decoded, semantic version.
Storage: On- or off-chain
Bitpost allows you to choose whether to store your content on- or off-chain. When you chose to store the content on-chain, we broadcast the raw transaction to the Bitcoin network for you, as well as storing the two versions above.
The benefit of putting your data on-chain is that it is immutably etched in to the Bitcoin blockchain. This allows you to treat the blockchain as a kind of digital archive and backup for your content. It also enables novel integration options with other apps and services.
“Forever” is of course a very long time, and precisely how historic blockchain content will be accessed in future decades is something we can only speculate about. Some argue all non-spendable data will inevitably be pruned whereas others are certain someone somewhere will always store and make available that archived data (for a fee).
Storing large binary files on-chain could turn in to a pretty expensive hobby, so for binary files Bitpost offers a third storage option: storing only the hash on-chain. In this case, the transaction contains a 32-byte digital fingerprint of the data, and the data payload itself is sent to us outside of the transaction. This allows you to benefit from the time-stamping properties the blockchain offers, at a fraction of the cost of putting the entire data payload on-chain.
Bitpost also lets you chose if and how to encrypt your content. You have three choices:
- Plain text / unencrypted
- Shared encryption
- Private encryption
To understand what these options mean and when to chose which, let’s look at each in turn.
By default, new posts are created without encryption. Your content is encoded in the Bitcoin transaction in plain unencrypted text (or binary data).
The benefit of no encryption is that if you chose to store the transaction on-chain, the blockchain really can be treated as a public archive. You can fight back against censorship and de-platforming. Your content will be etched in to the Bitcoin annals, accessible to all.
The flip-side to this is that what goes on-chain stays on chain. Whilst Bitpost will always allow you to delete your content from our database, the blockchain is another matter. Typos, drunken rants, incriminating evidence, and all those silly naive things you say when you’re twenty years younger — all remain signed by you and etched in to the Bitcoin annals, accessible to all.
The shared encryption option uses an ECDH derived secret to encrypt your content. What this means is that both yourself and Bitpost can derive the secret to decrypt the content, but no-one else can.
If the transaction is put on chain, no-one else can decipher and read the content. But should Bitpost disappear in a puff of smoke, you can still recover and decrypt your content.
On the Bitpost side, we index the unencrypted version of the content so that we can show your content to other users and make it searchable and indexable. Your encrypted content can still be public, but crucially, as you can delete your content from Bitpost and no-one else can decrypt the on-chain version, you give yourself more control and effectively grant yourself the right to be forgotten.
The private encryption option uses a secret derived purely from your private keychain. Bitpost never sees this key so Bitpost can never decrypt this content. It is truly private.
As with the shared encryption option, the on-chain data is securely encrypted but can still be restored by yourself if required.
Within the Bitpost database, we can only store the encrypted cipher. We can’t index this content or show it to other users. Therefore, privately encrypted content only exists as private notes for yourself.
Hopefully this article helps explain what some of the publishing options Bitpost offers mean, and how storage and encryption options can be combined to offer you control over your content.
In a future article we’ll take a more technical dive into the encryption algorithms Bitpost uses and document precisely how users can decrypt their encrypted posts.