Login

u/Party-Ear-517

▲ 1 r/iam

curious what people think of decentralised IAM built around Keycloak compatibility

crossposting this from another sub, not trying to spam duplicate threads, just trying to get more feedback from people who know IAM better than me.

ive been following Tide Foundation and their TideCloak project. from what i understand, its a Keycloak-compatible IAM layer built on top of a decentralised security fabric.

the part i find interesting is that it seems to change what the app has to store in the first place.

instead of the usual model where identity data, secrets, or key material ends up depending on one central system, Tide splits trust across the network. so the idea is there isnt one central pile of sensitive stuff sitting there to steal.

from what i understand, devs dont need to store user passwords the normal way or manage one central private key. key material is fragmented across the network, and the password flow uses crypto where the browser aggregates and validates partial results.

the Keycloak-compatible part seems important because most devs probably wont touch decentralised security if the dx is painful or requires relearning the whole auth stack.

curious what people here think of this approach.

does decentralised IAM/security fabric make sense in practice, or does it add too much complexity compared to existing IAM patterns?

reddit.com
u/Party-Ear-517 — 9 days ago
▲ 1 r/cardano

thoughts on decentralised Ed25519 signing?

been thinking about decentralised key management and how it could apply to Ed25519 signing.

the idea is that instead of a private key existing in one place as a normal stealable secret, the key material is fragmented across a network, and signing requires cooperation rather than one machine/wallet/server holding the whole key.

from a Cardano angle, this seems interesting because Ed25519 signing is everywhere, but im not sure how practical this model is compared to normal wallets, hardware wallets, multisig, or custody setups.

does this kind of decentralised signing model actually reduce risk in a useful way, or does it mostly just move trust into a more complex system?

curious what people here would need to see before trusting something like this in production.

reddit.com
u/Party-Ear-517 — 10 days ago
▲ 5 r/IdentityManagement

curious what people think of decentralised IAM built around Keycloak compatibility

maybe this is the better place to ask.

ive been following Tide Foundation and their TideCloak project, which from what i understand is a Keycloak-compatible IAM layer built on top of a decentralised security fabric.

the part i find interesting is that it seems to change what the app has to store in the first place.

instead of the usual model where identity data, secrets, or key material ends up depending on one central system, Tide splits trust across the network. so the idea is there isnt one central pile of sensitive stuff sitting there to steal.

from what i understand, devs dont need to store user passwords the normal way or manage one central private key. key material is fragmented across the network, and the password flow uses cryptography where the browser aggregates and validates partial results.

the Keycloak-compatible part seems important because most devs probably wont touch decentralised security if the dx is painful or requires relearning the whole auth stack.

curious what people here think of this approach.

does decentralised IAM/security fabric make sense in practice, or does it add too much complexity compared to existing IAM patterns?

TideCloak: https://tide.org/tidecloak

u/Party-Ear-517 — 10 days ago