32

  • Completely anonymous searches unlinked to the account (blind tokens)

  • SuggestionsDone

As you may have seen already we implemented Bitcoin/Lightning payments as an alternative way to achieve anonimity.

https://blog.kagi.com/accepting-paypal-bitcoin

Leaving this stil open as it would be a cool to have a technology solution that achieves the same without the need for cryptocurrency.

Would you still consider selling physical voucher as well?

  • Vlad replied to this.

    ruihildt We are not lacking the ideas or the will, just the resources to execute all these new ideas. Think about how difficut of an operation is to organize something like physical vouchers for billing that will work world wide and then consider everything else on our plate. Besides we already support anonymous payments with Bitcoin/Lightning so this is not a priority.

    Lets keep this thread on topic though as it is about using cryptography.

        3 months later
        Vlad changed the title to Completely anonymous searches unlinked to the account (blind tokens) .

          Using "blind tokens" to further anonymize users and their authenticated activity.

          Some prior art and references:
          [1] https://blog.cloudflare.com/privacy-pass-the-math/
          [2] https://privacypass.github.io/protocol/
          [3]
          [4] https://en.wikipedia.org/wiki/Blind_signature
          [5] https://www.rfc-editor.org/rfc/rfc9474.html

          From the Cloudflare blog post:

          In summary, this browser extension allows a user to generate cryptographically ‘blinded’ tokens that can then be signed by supporting servers following some receipt of authenticity (e.g. a CAPTCHA solution). The browser extension can then use these tokens to ‘prove’ honesty in future communications with the server, without having to solve more authenticity challenges.

          The ‘blind’ aspect of the protocol means that it is infeasible for a server to link tokens token that it signs to tokens that are redeemed in the future. This means that a client using the browser extension should not compromise their own privacy with respect to the server they are communicating with.

          From Cathie Yun's blog post:

          Blind signing is exactly what it sounds like: a protocol where someone signs something without knowing (being blind to) what they are signing. This concept was first described by Chaum in 1982 in his paper, Blind Signatures for Untraceable Payments. Basically, blind signing allows you to decouple the signing step (since the signer is blind) from the redemption step, giving nice privacy guarantees. The concept might seem a bit contrived, but is actually useful in a few situations, including digital cash schemes and voting protocols. For a really good explanation of how this works using the voting analogy, see the Cloudflare blog post on Privacy Pass; if you like talks more, I explained the concept in my talk at 0x0G.

          This feature improves the security on the backend and should be (nearly) transparent to the user.

          The only thing the user would change slightly is passing an authenticated session token for addon extensions in private-browsing searching.

            Merged 1 post from Anonymize searches and other authenticated actions via blind tokens.
              a month later
              a year later

              Vlad that’s fab! Is the extension you mentioned earlier something we can implement with relative ease?

                  9 days later

                  It's great to see this seems to now be a planned addition, this would be a significant improvement to privacy and anonymity that would make Kagi an easy recommendation to many privacy-conscious users.

                    a month later
                    No one is typing