Imagine a standard for loopback mechanisms ultlizing the Orgin Private File System - (OPFS) standard in the browser via the origin https://localhost with encryption at rest to help solve presistent storage, privacy, security, and trust in the browser. This system would utilize a Conflict-free Replicated Data Type - (CRDT) data structure to sync data and files from Broswer Agent to Browser Agent to localhost. The localhost will have a mapped folder on a native loopback device for persistant storage and all code would originate from the localhost to help prevent Man In The Middle - (MITM) attacks and code injections.
This document is a collection of evolving research for a concept. The resources cited in this document are intended to support the research and may or may not make their way into the final draft. If you are interested in discussing this concept further, please feel free to reach out to me.
OPFS Explorer Chrome Extension
Localy Delivered Browser Secure Context
.localhost tld reserved by IETF
Android Kotlin Local Native Server
Apple's general support response to FedCM
W3C Verifiable Credentials Data Model v2.0
Open Wallet Foundation Identity Credential
Apple verify idenity with wallet
SXG Signed HTTP Exchanges CBOR CDDL for loading Cert Chains📜⛓️ = 🤯
Verifiable Credential Data Integrity 1.0
JWT.io Introduction to JSON Web Tokens
IANA JSON Web Token Claims registry
JSON web token (JWT) validation
Javascript Object Signing and Encryption (JOSE)
CBOR Object Signing and Encryption (COSE)
Securing Verifiable Credentials using JOSE and COSE
CBOR-LD 1.0 - A CBOR-based Serialization for Linked Data
(DPV) Data Protection Vocabulary Protecting your data with legal vocabulary on a granular level.This is not legal advice it's a concept idea.
ZCAP-LD - Authorization Capabilities for Linked Data
Imagine an HMAC Secret on both the IDP and RP via something like FedCM with Secure Chain Proofs that could provide a blind index CRDT for any persistent availability needed by 3rd parties on the internet. This could be for profile pics public comments, etc.
Vulcan - CR-SQLite SQLite CRDTs
Secure Contexts in Browser Windows
PIR - Using homomorphic encryption
This document is intended for research purposes only. It is not intended to be used as a legal document and should not be relied upon as such. This document is provided “as is” without warranty of any kind, either express or implied, including but not limited to the implied warranties of merchantability, fitness for a particular purpose, or non-infringement. The author(s) of this document shall not be liable for any damages whatsoever arising out of or in connection with the use or inability to use this document, even if the author(s) have been advised of the possibility of such damages.