Reason I roll my eyes every time I hear "append-only log" is it's completely useless and unnecessary. We already have things called "hard disks" that can save a log, with no obligation to delete it once saved. And to use an append-only log, you have to sign new updates to it, otherwise anyone could start appending to your log. So why not use the signing key for identification? If you do that, what's the point of the log?
Just reading this code it's like INVALID_PROOF, verifyUpgrade(proof), class TreeProof, settleProof() all to prove that your current log entry refers to all past log entries. Why would you care if someone's latest log refers to all their past logs? What's invalid about them removing a past log, and publishing that as an update? Just...
1. keep a list of root hashes for every log
2. someone sends you a signed root hash for their latest log
3. it's verified. you're done. Add it to the list.
4. download the rest of the latest log later.
Why does no one do that? It's not append-only, because why would it need to be? To keep me from deleting a log entry on my own log? You have all the old root hashes! If I delete a log entry or edit one in my latest log, just look at those old ones.
#programming #rant
Cy
npub1hk…jyuns
2026-03-02 04:43:01 UTC
Author Public Key
npub1hkdldvynat33kt2za64c6ufz06nhnydvdgwgu6rp6e8ghfggcvnsejyunsSeen on
wss://relay.ditto.pubPublished at
2026-03-02 04:43:01 UTCEvent JSON
{
"id": "a5e0501740ccb8c22fe96b93faf616d42427ce292ef78e72ec7500dedca330e5",
"pubkey": "bd9bf6b093eae31b2d42eeab8d71227ea77991ac6a1c8e6861d64e8ba508c327",
"created_at": 1772426581,
"kind": 1,
"tags": [
[
"t",
"programming"
],
[
"t",
"rant"
],
[
"proxy",
"https://fedicy.us.to/cy/p/1772426581.084413",
"activitypub"
],
[
"client",
"Mostr",
"31990:6be38f8c63df7dbf84db7ec4a6e6fbbd8d19dca3b980efad18585c46f04b26f9:mostr",
"wss://relay.ditto.pub"
]
],
"content": "Reason I roll my eyes every time I hear \"append-only log\" is it's completely useless and unnecessary. We already have things called \"hard disks\" that can save a log, with no obligation to delete it once saved. And to use an append-only log, you have to sign new updates to it, otherwise anyone could start appending to your log. So why not use the signing key for identification? If you do that, what's the point of the log?\n\nJust reading this code it's like INVALID_PROOF, verifyUpgrade(proof), class TreeProof, settleProof() all to prove that your current log entry refers to all past log entries. Why would you care if someone's latest log refers to all their past logs? What's invalid about them removing a past log, and publishing that as an update? Just...\n\n1. keep a list of root hashes for every log\n2. someone sends you a signed root hash for their latest log\n3. it's verified. you're done. Add it to the list.\n4. download the rest of the latest log later.\n\nWhy does no one do that? It's not append-only, because why would it need to be? To keep me from deleting a log entry on my own log? You have all the old root hashes! If I delete a log entry or edit one in my latest log, just look at those old ones.\n\n#programming #rant",
"sig": "64a567948d9d290293c5bfe2d5234b7793070a835f563fa820d7d189ec19b57158f272b1b2c61003e65a9aaa4cf99288ab88603b73c0feea660467013cd6114b"
}