Dstar Note

A privacy first blockchain notebook based on Internet Computer

Comment 14

Inspiration

Traditional note-taking applications are cloud-based, which are hosted by a bunch of centralized servers. They are operated and controlled by certain entities normally big companies. All your data exist on their centralized cloud servers.

Cloud-based note-taking applications cannot be trusted, because data can be lost due to hardware problems or other problems even with redundant backups. Cloud-based note-taking applications cannot be trusted, because data can be leaked. Anyone that has database access can erase or leak all your notes, which could be a disaster obviously. In fact, every year we have seen a large number of cases that users data are lost or leaked. Due to technical limitations, many traditional cloud-based note-taking applications cannot even present data to users in a secure way. Login credentials leakage, data transmission leakage, and server data leakage all contribute to the theft of user data.

Centralized cloud-based notes are not open. It is impossible for different notes hosting entities to share notes. Hence it is very difficult or impossible to migrate notes between applications. For users, it is very inconvenient to switch between different applications. It becomes a luxury for users to enjoy free services at low cost.

Centralized cloud-based notes are expensive to develop and maintain. Due to the large amount of middlewares in the traditional technology stack and security issues, the development cost is huge and easy to go out of control. In addition, they need to pay huge amount of money to maintain. Users eventually will have to pay for these costs. Therefore, many softwares charge quite a big amount of monthly fees. The moment you stop subscription, they will cut all your favourite features.

We only list some of the shortcomings of traditional cloud-based note-taking applications, and this list is long. Any one of these shortcomings in the list are fatal and not welcome in the blockchain era.

What it does

Dstar note a blockchain-based note-taking application built on top of Internet Computer. It has the ability to run at the speed of the traditional Internet. It does not have the shortcomings of traditional cloud-based note-taking applications. It run 100% on Internet Computer network, with Canister as a unit. It use Internet Identity to ensure anonymous login. It leverages Internet Computer to build the top secure note-taking application.

How we built it

When users create a notebook on Dstar, behind the scenes, it creates the canister on Internet Computer. Users will have 100% control over the Canister. Later users can migrate the notebook to another notebook on Internet Computer if they prefer to do so. This is done easily and securely. There are three design principles listed below:

  1. The authorization of Internet Identity controls the read and write permissions of the data, and the transfer of this permission means the transfer of the read and write permissions.

  2. Canister Controller has control of Canister’s code maintenance authority, and the transfer of this authority will give up the code maintenance right.

  3. The shared key controls the decryption authority of the data.

Based on the above three principles, we will be able to create a completely free note-taking system. Examples of scenarios:

  1. User A is a professional programmer. So he set Canister’s Controller to himself so that he can update Canister code by himself because he think that is fun and challenging. All he need to do is to set himself as the code maintainer of the Canister Controller. All future note feature updates will require himself to do. That reflects the fact users controls 100% of the Canister, not the platform.
  2. After some time, Dstar release a series of exciting new features and open source the all the Canister code. User A then go ahead and update all the features himself. But user B also set himself as the code maintainer of his notebook Canister. But he is way too busy this week to update the Cainister himself. So he reset the code maintainer to dstar so that he can enjoy the new features. This is how easy and flexible the system is.
  3. There will be more similar note-taking applications running on Internet Computer. Users can choose to migrate their notebook canisters from dstar to other platforms. And the migration will be done seemlessly and no data loss will happen since the migraiton happen only on the permission level not the data itself. This is a truly exciting thing on Web 3.0, open and secure.
  4. Not only that, notes can also be considered as an asset. People can transfer or sale as they wish. That will generate unlimited combinations and opportunities in the future.

Sync across multiple devices

Since Internet Identity is secure and trustworthy, we build a bridge through Internet Identity. We use Key Sync Canister to synchronize shared secret keys on Internet Computer to achieve the purpose of sharing secret keys between different devices. First, the main device generates an AES key, and other devices generate public and private keys. Other devices then forward the public key to the main device through Key Sync Canister. The main device uses different public keys to encrypt the shared secret key and then returns it to the corresponding devices. These devices use the private key to unlock the ciphertext to obtain the shared secret key. The transmission of keys is encrypted in the whole process. Key Sync Canister will not read the secret keys, so secret keys remain 100% secure.

Even though the data itself is not visible on Internet Computer, in order to achieve higher level of security, all the notes are encrypted and persisted in the Canister. No one including the node operators of Internet Computer are able to access your notes except the data owner.

Notes are only stored in Canister, and users access notes by interacting with Canister directly. It is an end to end data transmission system, there is no middle layer involved.

Only Internet Identity authorized users have read and write permissions to data. The smart contract restricts the read and write permissions of canister’s internal data. Only the authorized persons have the permissions to read the encrypted content.

Accomplishments that we're proud of

As of now, Dstar note is up and running for 5 months. We have achieved

  1. 2829 active note users
  2. Over 280 icp fee collected
  3. 1404 note canisters created

On twitter, we have over 2400 followers receiving lots of positive feedbacks and comments regarding our product. We have done a strong step forward into web3 thanks to Internet Computer.

What we learned

Building has never been easy, especially there are noises along the way. What we have learnt is to focus on the product and listen to the feedbacks and keep building. By doing that, we have iterated multiple versions of dstar notes since January this year and continue improve the product and add new features such as multiple language support and mobile compatibility.

Built With

+ 66 more
Share this project:

Updates