summary of commits from minimal-enhancements

3 files changed, 138 insertions, 324 deletions

diff --git a/content/about/index.org b/content/about/index.org
new file mode 100644
index 0000000..b583085
--- /dev/null
+++ b/content/about/index.org
@@ -0,0 +1,27 @@
+#+title: About
+#+slug: index
+
+Hey, I'm */~cmc/*.
+
+I'm a technology audit manager, working on financial statement audits (SOX/MAR),
+SOC 1-3 reports, and other attestations for KPMG.
+
+Read up on my [[https://cv.cleberg.net][CV]] or [[https://cleberg.net/salary/][salary]] for more information.
+
+In my spare time, I like to:
+
+- Run linux servers
+- Enhance my home lab network
+- Write personal programs, mostly in Python
+- Research various topics (history, geography, science, etc.)
+- Write blog posts and general documentation
+- Converse with others on IRC and Matrix
+- Play video games and watch television
+
+If you want to chat, you can find me in the following spaces:
+
+- [[mailto:hello@cleberg.net][hello@cleberg.net]] ([[https://cleberg.net/gpg.txt][GPG]])
+- [[https://lemmy.cleberg.net/u/cmc][@cmc]] on Lemmy
+- [[https://matrix.to/#/@cmc.:matrix.org][@cmc.:matrix.org]] on Matrix
+- @cmc.01 on [[https://signal.org/][Signal]]
+- [[https://sr.ht/~cxc][~cxc]] on Sourcehut
diff --git a/content/blog/2025-06-02-private-ios-apps.org b/content/blog/2025-06-02-private-ios-apps.org
index b015bc2..14c744c 100644
--- a/content/blog/2025-06-02-private-ios-apps.org
+++ b/content/blog/2025-06-02-private-ios-apps.org
@@ -4,16 +4,14 @@
 #+slug:        private-ios-apps
 #+filetags:    :ios:privacy:security:
 
-In a world where our phones are extensions of ourselves, balancing convenience
-with privacy can feel like a losing battle — especially on iOS, where platform
-restrictions narrow the options. But it's not impossible. There's a growing
-ecosystem of privacy-respecting apps, tools, and communities focused on helping
-iPhone users take back some control.
+The world is evolving into a privacy nightmare, where our own devices are being
+used by numerous parties to constantly track and report on our activities. This
+is especially prevalent on iOS, where platform restrictions leave users without
+many options to lock down their data.
 
-Below is a curated list of privacy resources, directories, and testing tools
-specifically useful for iOS. Whether you're looking for a better email client, a
-trustworthy VPN, or simply places to learn more, these links are a solid
-starting point.
+However, there are apps that exist that can help enhance the privacy of an iOS
+device. The post below details a number of privacy resources, directories, and
+tools for iOS.
 
 **Resource Table**
 
@@ -36,38 +34,28 @@ starting point.
 
 #+begin_quote
 *Note*: This list focuses solely on iOS-compatible resources and tools. No
-Android comparisons here — just options for those of us living in Apple's walled
-garden.
+Android comparisons here as I have not used Android in many years.
 #+end_quote
 
 * Email
 
-First and foremost, I like to consider email as my first app on a new device.
-However, the iOS market lacks a wealth of open-source and private email clients.
-There are a few options, such as Proton Mail and Tuta, which are open source and
-private, but they lock you into their ecosystem. Tuta doesn't allow for custom
-domains and neither allows SMTP/IMAP access.
-
-Canary Mail is a decent option, as it is a classic SMTP/IMAP client - and does
-more than most as it's one of the only PGP email clients on iOS - but is closed
-source and the company behind it seems more focused on AI than privacy.
-
-- [[https://proton.me/mail][Proton Mail]] - A more mainstream-feeling app with PGP support built-in. Good if
-  you're looking for something that feels like Apple Mail but with privacy
-  upgrades.
-- [[https://tuta.com/][Tuta]] - Tuta (formerly Tutanota) takes privacy a step further by encrypting
-  subject lines, message content, attachments, and calendar events. It also
-  avoids using phone numbers or third-party services for registration. The iOS
-  app is reliable for the basics. Downsides: no IMAP/SMTP support, so you can't
-  plug it into your own mail clients, and notifications require a premium plan
-  if you want them in real-time. Great if you care about metadata exposure.
-- [[https://canarymail.io/][Canary Mail]] - A more polished, user-friendly email client that supports
-  end-to-end encryption using PGP and their own “SecureSend” feature for
-  encrypted messages. Canary works with multiple mail providers (Gmail, Outlook,
-  etc.), so it's more of a privacy enhancement for existing services rather than
-  a private mail provider itself. Downsides: it's a proprietary, closed-source
-  app, and some privacy features require a subscription. Better than stock Mail
-  for security, but you're still trusting their implementation.
+First, I like to consider email as my first app on a new device. However, iOS is
+\extremely\ lacking in this area. Certain options are private, such as Proton
+Mail and Tuta, but they have certain restrictions and ecosystem lock-in methods
+that I try to avoid.
+
+Canary Mail was a decent option for a while, although a bit mysterious, but they
+have recently leaned into the AI hype pretty heavily, which is concerning.
+However, it's still one of the only options for PGP emails on iOS.
+
+- [[https://proton.me/mail][Proton Mail]] - One of the more popular private email options available on iOS.
+  Allows custom domains, but does not allow for IMAP/SMTP usage, so you're
+  locked into using their apps. Open source.
+- [[https://tuta.com/][Tuta]] - Tuta also locks you into their clients and they do not allow you to use
+  custom domains. Open source.
+- [[https://canarymail.io/][Canary Mail]] - Closed source, so you can't verify anything about what they are
+  building into the app. However, it's one of the only options for PGP mail on
+  iOS. Advanced features are locked behind a paywall.
 
 Another suggestion is to use a browser-based web client. You can install browser
 mail clients as progressive web apps (PWAs). For example, I have been using
@@ -91,35 +79,29 @@ releases for iOS, I will probably use that.
 
 * Browsers
 
-Your browser is basically the front door to the internet — and also the window,
-mailbox, and security camera. It's where trackers, ads, fingerprinting scripts,
-and data leaks happen most often. Even on a locked-down phone, if your browser
-isn't protecting your traffic, your personal info can quietly leak out through
-third-party scripts, embedded media, and background connections. Choosing a
-privacy-respecting browser is one of the most impactful decisions you can make
-for mobile privacy.
-
-- [[https://apps.apple.com/us/app/firefox-focus-privacy-browser/id1055677337][Firefox Focus]] - A stripped-down, no-nonsense browser from Mozilla. It
-  automatically blocks trackers, erases your browsing history with a tap, and
-  skips extras like tabs or bookmarks. Great for one-off searches and quick
-  visits to privacy-sensitive sites.
-- [[https://duckduckgo.com/app][DuckDuckGo]] - A full-featured private browser with built-in tracker blocking,
-  HTTPS upgrades, and a clear data button. It also integrates DuckDuckGo search
-  and email protection. Solid for daily use if you don't want your browsing
-  activity tied to a bigger tech company.
-- [[https://onionbrowser.com/][Onion Browser]] & [[https://orbot.app/][Orbot]] - Your best bet for anonymous browsing on iOS. Onion
-  Browser routes traffic over Tor, while Orbot can proxy other apps system-wide
-  through Tor. Slower than normal browsers, but excellent for masking your IP
-  and avoiding surveillance.
-- [[https://brave.com/][Brave]] - Privacy-focused with ad and tracker blocking built-in, Brave also runs
-  its own private search engine and supports things like Tor tabs (on desktop,
-  not iOS). On iOS, it's basically a privacy-enhanced Safari/WebKit shell —
-  better than nothing, but subject to Apple's browser engine limits.
-- [[https://www.apple.com/safari/][Safari]] (with caveats) - Surprisingly decent for privacy if you tweak the
-  settings. Enable “Prevent Cross-Site Tracking,” block all cookies, and disable
-  preload for best results. Still, it's tied to your Apple ID and iCloud syncing
-  unless you're careful, so don't treat it as anonymous. For a great baseline
-  configuration, read PrivacyGuide's [[https://www.privacyguides.org/en/mobile-browsers/#safari-ios][Safari]] section.
+Your choise of browser is very important if you're concerned with privacy. Any
+and all links you click will be opened in your default browser, so you need to
+make sure you choose the right browser and configure it properly. Trackers, ads,
+fingerprints, and data leaks are constant threats that should be avoided when
+possible.
+
+- [[https://apps.apple.com/us/app/firefox-focus-privacy-browser/id1055677337][Firefox Focus]] - In my opinion, the best option for privacy on iOS.
+  Automatically blocks trackers, erases data and history upon app close, and
+  focused on private usage. However, it won't support your bookmarks or keep you
+  logged into sites long-term.
+- [[https://duckduckgo.com/app][DuckDuckGo]] - Another good option, built on chromium. Like Focus, it allows you
+  to clear all data with a button tap.
+- [[https://onionbrowser.com/][Onion Browser]] & [[https://orbot.app/][Orbot]] - Tor - what can I say? It's been the most popular
+  privacy browser for ages for a reason and now it's available on iOS. Onion
+  Browser is a Tor browser and Orbot can proxy any number of iOS apps through
+  Tor. As with all Tor traffic, it will be slower than "regular" traffic.
+- [[https://brave.com/][Brave]] - Another chromium-based privacy browser. Can sync with other Brave
+  browsers via a secure linking process (no account). Fully-featured and great
+  privacy defaults. There have been some concerns in the past about the company
+  behind Brave, but I still think it's a decent option for most peoplel.
+- [[https://www.apple.com/safari/][Safari]] (with caveats) - Great option if the browsers above don't work for you.
+  Be sure to read PrivacyGuide's [[https://www.privacyguides.org/en/mobile-browsers/#safari-ios][Safari]] section for more information on what you
+  need to do to lock it down before relying on it full time.
 
 #+begin_quote
 *I use*: Hardened safari in private mode for every day use, and Onion Browser
@@ -128,30 +110,26 @@ for anonymous browsing.
 
 * Messaging
 
-If you're trying to keep conversations off surveillance infrastructure, choosing
-the right messaging app is crucial. Between metadata collection, insecure cloud
-backups, and shady server practices, most mainstream chat apps aren't
-privacy-friendly by design. On iOS, you're a little more limited than on
-Android, but there are still solid options built around end-to-end encryption
-and metadata minimization.
-
-- [[https://signal.org/][Signal]] - The gold standard for secure messaging. Open source, end-to-end
-  encrypted, and runs its own private push notification infrastructure so Apple
-  can't read your message content. Downsides: phone number required for signup
-  (a known metadata weak point).
+Next up are messaging apps. If you have an iPhone, it's a good bet that you will
+be messaging other people on it. The threats for messaging apps tend to be
+metadata/data collection from cellular providers, ISPs, and Apple itself. If you
+want to protect the privacy of your messages, who your messaging, and the
+metadata around those messages (time, method, location, etc.), you'll need to
+think about which apps you're using.
+
+- [[https://signal.org/][Signal]] - My personal favorite and still the gold standard for secure and
+  private messaging. Open source, end-to-end encrypted, and runs its own private
+  push notification infrastructure so Apple can't read your message content. A
+  phone number is required to sign up, but you can create a username immediately
+  after signing up and share that with others instead of sharing your phone
+  number.
 - [[https://simplex.chat/][SimpleX]] - A decentralized, phone-number-free messaging system. Uses anonymous
-  message relays and asymmetric keys. Great for pseudonymous chats or if you're
-  tired of number-based identity systems.
+  message relays and asymmetric keys.
 - [[https://getsession.org/][Session]] - A fork of Signal's protocol that eliminates phone numbers entirely.
-  Routes messages through a decentralized onion network (like Tor). Excellent
-  for metadata resistance, though message delivery can sometimes lag.
+  Routes messages through a decentralized onion network (like Tor).
 - [[https://element.io/][Element]] - Based on the Matrix protocol, offering decentralized, federated
-  chat. Great for groups and communities, with optional end-to-end encryption. A
-  little heavier on resources than the others.
-
-Privacy-friendly messaging isn't perfect on iOS — background sync restrictions
-and notification relay challenges exist — but these tools will cover most needs
-while keeping your data away from corporate servers.
+  chat. Great for groups and communities, with optional end-to-end encryption.
+  Other client options are available for Matrix on iOS, as well.
 
 #+begin_quote
 *I use*: Signal for private chats with known people, and Matrix for group chats.
@@ -160,8 +138,8 @@ while keeping your data away from corporate servers.
 * VPNs & Networking
 
 Network traffic is where most surveillance happens. Even with encrypted
-messaging and browsers, your IP address and DNS queries reveal a lot. A good VPN
-or alternative network routing tool masks this, but not all VPNs are
+messaging and browsers, your IP address and DNS queries reveal a lot about you.
+A good VPN or alternative network routing tool masks this, but not all VPNs are
 trustworthy. Avoid “free” services or those lacking transparency.
 
 - [[https://mullvad.net/][Mullvad]] - A no-logs VPN that doesn't require an email or personal info to
@@ -174,10 +152,10 @@ trustworthy. Avoid “free” services or those lacking transparency.
   polished for mobile but useful for hobbyists or building private networks
   between devices.
 
-If you can't self-host or build your own mesh, Mullvad is hands-down the
-cleanest option here. There are other VPN options available, but I haven't
-tested them all so I will simply put my vote for Mullvad here and let you
-research other options if you don't want to use Mullvad.
+If you can't self-host or build your own mesh, Mullvad is hands-down the easiest
+option here. There are other VPN options available, but I haven't tested them
+all so I will simply put my vote for Mullvad here and let you research other
+options if you don't want to use Mullvad.
 
 #+begin_quote
 *I use*: Mullvad for 24/7 usage, and Tor when anonymity is required.
@@ -185,12 +163,12 @@ research other options if you don't want to use Mullvad.
 
 * Password Management
 
-Weak, reused passwords are still one of the biggest risks for personal security.
-A good password manager makes it possible to use strong, unique credentials
+Weak and reused passwords are still the biggest risks for personal security. A
+good password manager makes it possible to use strong, unique credentials
 without memorizing them all.
 
-- [[https://bitwarden.com/][Bitwarden]] - Open source, audited, and free to self-host. The iOS app
-  integrates with system autofill and Face ID. Solid for most users.
+- [[https://bitwarden.com/][Bitwarden]] - Open source, audited, and free to self-host (e.g., Vaultwarden).
+  The iOS app integrates with system autofill and Face ID.
 - [[https://keepassium.com/][KeePassium]] - A KeePass-compatible client for iOS. Local database storage,
   optional cloud sync, and no external accounts. Excellent if you want full
   control over your credential store.
@@ -198,8 +176,8 @@ without memorizing them all.
   your database with a secure method like [[https://cryptomator.org/][Cryptomator]]-protected cloud storage,
   Syncthing, or local-only transfers.
 
-Good password hygiene matters more than people realize, and these apps give you
-control over your vault.
+Good passwords matter are extremely important, and these apps give you control
+over your vault.
 
 #+begin_quote
 *I use*: Bitwarden Families ($40/year) to protect passwords, passkeys, TOTP
@@ -210,17 +188,20 @@ myself, I would prefer KeePassXC + Syncthing.
 * Multi-Factor Authentication (MFA)
 
 MFA is essential, but relying on SMS codes or untrusted proprietary apps defeats
-the point. Use open, local, encrypted authenticators where possible.
+the point. Use open, local, encrypted authenticators where possible. Also, use
+passkeys if you can! I prefer passkeys, then TOTP, and then SMS/email, if other
+options are not possible.
 
-- [[https://bitwarden.com/products/authenticator/][Bitwarden Authenticator]] - Integrates with the password manager or works
-  standalone. Encrypted backups through Bitwarden.
+- [[https://bitwarden.com/products/authenticator/][Bitwarden Authenticator]] - Integrates with the password manager or works as a
+  standalone TOTP app. Optional encrypted backups through your Bitwarden
+  account.
 - [[https://ente.io/auth/][Ente Auth]] - Open source, end-to-end encrypted TOTP manager. Syncs encrypted
   via Ente's infrastructure.
 - [[https://www.tofuauth.com/][Tofu]] - Minimal, offline-first TOTP app. No cloud, no telemetry.
 - [[https://raivo-otp.com/][Raivo OTP]] - Open source, native iOS app with secure iCloud backups. Clean
   interface.
 - [[https://apps.apple.com/us/app/otp-auth/id659877384][OTP Auth]] - A longstanding, trusted TOTP manager with encrypted backups and
-  Apple Watch support. Not open source.
+  Apple Watch support. *Not open source.*
 
 I recommend pairing one of these with strong passwords and a VPN for everyday
 security.
@@ -231,9 +212,8 @@ security.
 
 * Notes & Personal Data
 
-iCloud Notes and Google Keep aren't exactly privacy havens. If you're storing
-sensitive personal notes, account details, or journal entries, opt for
-encrypted, local-first apps.
+If you're storing sensitive personal notes, account details, or journal entries,
+opt for encrypted, local-first apps.
 
 - [[https://beorgapp.com/][Beorg]] - An Org-mode-compatible outliner and task manager for iOS. Great for
   Emacs fans and those managing plaintext files.
@@ -248,15 +228,15 @@ These options help decouple your data from major cloud platforms while keeping
 notes portable and encrypted.
 
 #+begin_quote
-*I use*: Beorg, since I love org-mode and no longer use markdown.
+*I use*: Beorg, since I love org-mode.
 #+end_quote
 
 * Photos & Media
 
-Your camera roll quietly feeds metadata and images to iCloud by default. If you
-want to self-host or encrypt your photo library, here's what works on iOS. At a
-minimum, I suggest disabling iCloud for the Photos app, so the data stays local
-on your device.
+If you're using iCloud Photos, your camera roll quietly feeds metadata and
+images to iCloud by default. If you want to self-host or encrypt your photo
+library, here's what works on iOS. At a minimum, I suggest disabling iCloud for
+the Photos app, so the data stays local on your device.
 
 - [[https://immich.app/][Immich (self-hosted)]] - Open source, feature-rich, self-hosted photo manager
   with facial recognition and live photo support. Requires a home server.
@@ -290,14 +270,12 @@ require Instant PGP since Migadu's webmail client (SnappyMail) supports PGP.
 
 * News & Social
 
-Mainstream news and social apps leak all kinds of usage metadata, even when
-you're just lurking. These tools let you follow content with less exposure.
+News and social apps leak all kinds of usage metadata, even when you're just
+lurking. These tools let you follow content with less exposure.
 
-- [[https://netnewswire.com/][NetNewsWire]] - Free, open source RSS reader for iOS. Follow sites without
-  tracking.
-- [[https://www.talklittle.com/three-cheers/][ThreeCheers]] - Privacy-friendly Reddit client for iOS. No official API calls,
-  built-in filtering.
-- [[https://getvoyager.app/][Voyager]] - Clean, independent Mastodon client.
+- [[https://netnewswire.com/][NetNewsWire]] - Free, open source RSS reader for iOS.
+- [[https://www.talklittle.com/three-cheers/][ThreeCheers]] - Privacy-friendly Tildes client for iOS.
+- [[https://getvoyager.app/][Voyager]] - Clean, independent Lemmy client.
 - [[https://joinmastodon.org/][Mastodon]] - Federated, open source alternative to Twitter.
 - [[https://joinpeertube.org/][PeerTube]] - Decentralized video platform, accessible via web or PWA.
 - [[https://pixelfed.org/][Pixelfed]] - Federated, open source alternative to Instagram.
@@ -305,17 +283,23 @@ you're just lurking. These tools let you follow content with less exposure.
 If you're going to be online, at least let it be on your terms.
 
 #+begin_quote
-*I use*: NetNewsWire (via FreshRSS) for RSS feeds, and Voyager for Lemmy. I have
-used all of these apps and they are great, but I am not very active on social
-sites.
+*I use*: NetNewsWire (via FreshRSS) for RSS feeds, Voyager for Lemmy, and Three
+ Cheers for Tildes. I have used all of these apps and they are great, but I am
+ not very active on social sites.
 #+end_quote
 
 * Final Thoughts
 
-This isn't about paranoia — it's about awareness. Every app you use, every
-service you sign into, quietly collects and trades your data. iOS makes true
-anonymity harder than other platforms, but these tools and services give you a
-fighting chance to keep your personal life personal.
+Whether you just want to improve your privacy in small steps or you're
+fashioning a tinfoil hat as we speak, moving to privacy-focused services and
+apps does two things:
+
+1. It protects your privacy by ensuring that your data is being protected
+   through the many methods mentioned above; and
+2. It provides money (for paid apps), support (in terms of download count,
+   reviews, ratings, etc.), and motivation for the developers and companies
+   behind these apps that provide a privacy haven for users on iOS.
 
-If you have other privacy-friendly iOS tools you enjoy, [[mailto:hello@cleberg.net][email me]] — I'm always
-looking for new things to test.
+Every app you use, every service you sign into, quietly collects and trades your
+data. iOS makes true anonymity harder than other platforms, but these tools and
+services give you a fighting chance to keep your data private.
diff --git a/content/blog/2025-06-27-how-blockchain-works.org b/content/blog/2025-06-27-how-blockchain-works.org
deleted file mode 100644
index c31e5a8..0000000
--- a/content/blog/2025-06-27-how-blockchain-works.org
+++ /dev/null
@@ -1,197 +0,0 @@
-#+date:        <2025-07-07 Mon 00:00:00>
-#+title:       Blockchain Series #1: How Blockchain Works Under the Hood: Hashes, Keys, and Signatures Explained
-#+description: Dive into blockchain's cryptographic foundations. Explore how hash functions, Merkle trees, and digital signatures secure distributed, tamper-resistant ledgers.
-#+slug:        how-blockchain-works
-#+filetags:    :blockchain:encryption:
-#+draft:       t
-
-/This is Part 1 of a series I'm writing on blockchain. Stay tuned for further
-editions./
-
-Blockchain is one of those technologies that seems to generate more marketing
-buzz than real understanding. Everywhere you look, people talk about
-decentralization, trustless systems, and the next big disruption. But beneath
-the hype, blockchain systems rely on well-understood cryptographic building
-blocks to do something very specific: maintain a secure, tamper-resistant ledger
-without needing a central authority.
-
-If you're serious about understanding blockchain, it's critical to understand
-the cryptographic primitives that make it work. Hash functions, digital
-signatures, and public-key cryptography aren't just jargon—they're the core
-mechanisms that let a distributed network agree on a shared history no one can
-easily rewrite.
-
-This post is Part 1 of a multi-part series on blockchain. Here, we'll focus on
-these fundamental building blocks—how they work, why they're used, and how they
-fit together to provide the security and trust that blockchain promises.
-
-* What is Blockchain?
-
-At its core, a blockchain is a distributed, append-only ledger shared among
-participants in a network.
-
-What does this mean? Essentially, we can think of a standard, non-technical
-ledger (book of accounts where transactions are recorded against accounts). When
-introductin the idea of a blockchain, let's extend the idea of a standard ledger
-and make a few connections:
-
-- Each block of transactions is connected cryptographically to the block before
-  it, via a [[https://en.wikipedia.org/wiki/Cryptographic_hash_function][cryptographic hash]]. This is what forms a =chain= of blocks, or
-  records.
-- Each block consists of:
-        - A list of validated transactions
-        - A timestamp
-        - A cryptographic hash of the previous block (ensuring immutability)
-- Each transaction within a block is initiated between addresses, signed with
-  cryptographic keys, and sent to the blockchain for validation (e.g.,
-  proof-of-work, proof-of-staking, etc.).
-- The blockchain is shared amongst nodes in the network, who agree on the state
-  of the blockchain through consensus mechanisms.
-
-As we can see, the decentralized nature and cryptographic linking of
-transactions and blocks ensures that modifying the history is infeasible.
-
-If you're more of a visual person, here's a very basic diagram of a standard
-blockchain structure.
-
-#+begin_example
-+------------+    +------------+    +------------+
-|  Block 1   | -> |  Block 2   | -> |  Block 3   |
-|------------|    |------------|    |------------|
-| Data       |    | Data       |    | Data       |
-| Prev Hash: |    | Prev Hash: |    | Prev Hash: |
-|  00000000  |    | <hash1>    |    | <hash2>    |
-| Hash:      |    | Hash:      |    | Hash:      |
-| <hash1>    |    | <hash2>    |    | <hash3>    |
-+------------+    +------------+    +------------+
-#+end_example
-
-* What Problems is Blockchain Trying to Solve?
-
-I will be diving into the technical details of blockchains later in this post,
-but what exactly is the reason blockchain exists?
-
-You may know of cryptocurrencies, such as Bitcoin, but that is only one of many
-use cases for blockchains.
-
-As we learned in the section above, a blockchain can be equated to a ledger.
-With this in mind, let's dive into a few interesting use cases:
-
-** Immutable record-keeping
-
-If you simply need a ledger that cannot be modified easily and can establish a
-decentralized network to support that, blockchain is a great technology.
-
-** Trust without central authority
-
-The use of a decentralized system means that we do not need to rely on a
-centralized authority (e.g., Social Security, a bank, etc.) to store and provide
-access to information you need to record.
-
-Think of the US Social Security Number (SSN) system. Each time you want to
-perform actions that require verifying your identify (e.g., opening bank
-accounts, investment accounts, child birth, etc.), you are currently required to
-provide your SSN.
-
-However, this is a singular number - which means that if someone learns it, they
-can (essentially) now act as you.
-
-Now imagine a scenario where the SSN system is a blockchain where you have both
-your private key for providing evidence to people that you are you. For example,
-you open a bank account and sign your form with your private key. Now, the bank
-can take that and use your public key to decrypt the message and verify that you
-are you, without needing to know your private key.
-
-Another scenario is that, during a background check, a company could use your
-public key and consult the related blockchain to validate specific pieces of
-information. For example, if your identity alone is in one block, you could
-provide that information to your employer without providing your full SSN and
-all related personal information for as long as they keep your SSN on file.
-
-** Double-spending problem
-
-With the introduction of digital assets, such as cryptocurrencies and
-non-fungible tokens, a new risk is introduced: without control, these assets
-could be copied and reused at-will.
-
-To solve this problem, digital assets are transacted on a blockchain to ensure
-that the decentralized system of nodes provide consensus on validating
-transactions, transactions are recorded in a transparent and tamper-resistant
-manner, and cryptographic functions are performed to order the transactions
-logically on chain.
-
-* The Role of Cryptography in Blockchain
-- Why cryptography matters
-- Confidentiality vs. integrity/authenticity
-- Core goals:
-  - Tamper-evidence
-  - Secure identification
-  - Non-repudiation
-
-* Hash Functions
-- What is a cryptographic hash?
-- Properties:
-  - Collision resistance
-  - Pre-image resistance
-- How blockchain uses hashes:
-  - Chaining blocks together
-  - Block headers
-  - Transactions
-- Example command:
-  #+begin_src bash
-  echo -n "Hello, Blockchain" | sha256sum
-  #+end_src
-- Optional diagram: chain of blocks with hashes
-
-* Merkle Trees
-- Summarizing many transactions in a single root hash
-- Use case: efficient inclusion proofs
-- Example diagram (ASCII art if desired)
-- Why Merkle roots are in block headers
-
-* Public Key Cryptography
-- Quick refresher
-- Public/private keypairs
-- Addresses derived from public keys
-- Importance of keeping private keys secret
-
-* Digital Signatures
-- Purpose: proving authorship without revealing private key
-- Mention ECDSA / EdDSA
-- How transactions are signed
-- Example snippet:
-  #+begin_example
-  Alice signs transaction with her private key
-  → Anyone can verify with her public key
-  #+end_example
-- Why signatures prevent forgery
-
-* Bringing it All Together: Blockchain Data Structures
-- Block structure:
-  - Block header with previous block's hash
-  - Merkle root
-  - Timestamp, nonce
-- How the chain ensures immutability
-- Example flow:
-  1. User creates a transaction
-  2. Signs it
-  3. Transaction included in block
-  4. Block hash links to previous block
-
-* Proof of Work (Optional)
-- Hash puzzles to add blocks
-- Why it's hard to modify history
-- Keep this section simple
-
-* Conclusion
-- Summarize how these primitives work together
-- Tease next post: "Next, we'll explore security threats and how blockchain
-  networks mitigate them."
-- Optional links to further reading:
-  - Bitcoin whitepaper
-  - Ethereum docs
-  - Cryptography references
-
-* Optional Extras
-- Glossary box with terms (hash, signature, Merkle tree)
-- External references (e.g., NIST docs on hashes)