Good explanation.
The problem with any non-self hosted website like this though is it ultimately still relies on trusting that the maintainer or anyone breaking in without the maintainer knowing, is logging.
You're absolutely right! For now, the best way to defend against this is to just save the webpage (lol), and use that local page as your client. We will also be releasing some kind of Electron app or Chrome extension (open to suggestions) to mitigate this kind of attack. That way, we can do code signing, have people audit the code, etc. A mobile app will also be a good way to ensure that you are running a secure client.
reply
Not to be overly negative, I agree, but it raises a question. If a user has to download and run specific code to make queries more safely, why not have that code be the more general Tor Browser? It has more eyes on it still, which is useful since running any extra code in your browser or otherwise adds many other risks.
The user can then visit any explorer, disregarding whether it logs or not, though care should be taken not to make multiple queries using the same identity to avoid linkage. It's a neat thing and all, but what's the actual value over visiting this or another explorer via an anonymizing tool?
reply
That’s a totally reasonable question. The biggest reason is that Tor is just not making any kind of cryptographic guarantee of your privacy; it’s just kind of ‘statistically mixing’ your behavior with others.
The privacy guarantee we provide is categorically stronger. It’s a cryptographic guarantee, like the one that underlies ECDSA signatures or SNARKS. Tor is more analogous to going to a library and using their WiFi to make queries, whereas Spiral truly cannot learn your queries. You could of course always use both, if you’d like.
As you point out, in both cases, you need to run code on your machine. We hope that, over time, we get lots of eyeballs on our client code, and in fact, it would be cool to get it integrated into Brave, Tor, or as an extension for Chrome or Firefox.
reply