blog/soft/002-public-keys.md

# public keys (and "cypherspace")

a public key is the ultimate platform independent, fully decentralised form of
identity.  for most there are still trust dependencies involved, of course: one
must trust the design of the scheme itself, the programmers who implemented it,
and all those involved in designing and building the hardware it runs on.  as
suggested in [000-hello-world.md](./000-hello-world.md), these dependencies may
never be done away with entirely in this increasingly complex world.  still, a
public key is the closest thing to a discrete, physical body that exists in the
digital world.  all other forms of identity either introduce additional power
imbalances and trustful dependencies, or else may be easily forged.

keyed entities, signed statements, and encrypted data storage and communications
together form what may be termed 'cypherspace.'  only entities with
cryptographically sound ways of proving ownership of identities exist in
cypherspace.  cypherspace exists primarily on the internet, but it also exists
offline, in local networks, and even sneakernets.  because it is defined by
information, it _can_ exist anywhere information may be stored.  because
information is defined as a change from some initial state, this means it can
technically exist anywhere mutable (though of course many such places may be of
no utility).

because information is channel-independent and ubiquitous, cypherspace is nearly
unstoppable.  the weak points in cypherspace are the gaps in one's understanding
of the _actual behavior_ of one's tools, a lack of knowledge regarding how to
_use_ one's tools to engage in cypherspace, and the obvious nature of the most
common ways of engaging with it across long distances.  (e.g., two devices
sending apparently random data back and forth across the continent are almost
certainly engaging in some form of encrypted communication, which may itself
be enough to make one a target for malicious actors.)