Some text in the quote above is changed and not written by me.
This is not correct. You also changed some of my text and make it look like a quote, by just changing some words my text has become invalid (although I was planning to change a bit of the text). The point is, there’s no group of 32 relay nodes. You connect through maybe 4 relay nodes to 31 other nodes.
The relay node only sees encrypted data between you and the Client Managers or the NameManagers come by. It just routes the data for you. It has no clue what’s in there, it cannot read out the Chunks that come by. It sees gibberish data, that’s all. And if the relay node becomes evil, your Client Managers will notice, because you’re not only connected through 1 node, you have more of them. So if you want to PUT 20 chunks to the network, you’ll do it over 4 different relay nodes, and the nodes have no clue what’s in there. The only thing it can do, is not forward your data.
My understanding is that the Vault ID and the client ID have different Xor addresses?
That makes things significantly more complicated to audit out–
Generally I think that the strategy of SAFE is that there is no central place that knows enough information to know exactly what is going on-- So by design a contest like this would be quite difficult if not impossible to verify, as the information that you would need to know the network intentionally avoids knowing - because if it did know that would be a potential security breach.
and therefore a “hack”. Look, I’m not saying that the theory behind the structure of the network can be tested, I’m saying that the implementation should be scrutinized.
In theory, the internet should work perfectly - but software has 0-days, and bugs. Google the “ping of death”…that’s a fun one. Anyways, it’s glitches in the code that I’m worried about, not the theory behind it.
I agree, not overly defending, but (and a big but). Client data is client side signed and there is no way for the relay to forge data from a client (or a group for that matter, due to group consensus). So what else apart from DOS type attack is not clear really. Lets keep prodding though
it’s worth it to clear up any 0 day before day 0
To who it would expose my IP?? There has to be at least 1 node that knows your IP otherwise no network at all. So it could post my address on a website saying: “Hi everyone, I’m connected to 33.44.55.66.77.88 and he’s connected to SAFE” But who would believe him? What’s the purpose of that?? he doesn’t even have a clue of what I’m doing or what my identity is.
I don’t know what the hack would look like! I don’t know if it’s even possible. But the fact remains:
If an IP address can be identified to belong to a given user, that would constitute a hack.
I agree with both of you, it shouldn’t happen. But keep in mind, most “hacks” shouldn’t happen…until they do. So while I believe in the engineering and implementation, I don’t think that anything is impossible.
However, I would place my bets that any given attack on the system will fail. (Mainly because it will be uber simple even at version 1.0, but that’s besides the point.)
The point being made is that one node will know your IP address. It has to because that is the design.
This is completely different to what your saying in that “If an IP address can be identified to belong to a given user, that would constitute a hack.” (Except for that node the design says will know)
In other words the challenge has to be worded so that this is taken into account. No one was really disagreeing just clarifying the exception to the no one can know the IP address of client and/or the vault.
Gotcha. And looking back on the original text, it was vague. So yes, it seems like there must be an universal agreement to the wording and the meaning of the challenge.
If I submit the finding that vault 1ac63f13d8e8c1401b824b24c8b896e39a05ebd67ceccf7f52f7df4fbdea5c58 belongs to 104.200.154.86 for example.
How do you verify that I am right or wrong? There is no authority that should be able to certify such a thing as true or false. the network doesn’t know who user 1ac63f13d8e8c1401b824b24c8b896e39a05ebd67ceccf7f52f7df4fbdea5c58 is, so it is kinda hard to ask them. Unless it is a test vault by some massive coincidence you will have no idea.
It is possible that you could document a process, but it is pretty hard to verify that the process is giving true or false results…
Well, this is a competiton right? So let’s set down some guides.
There is a target vault/client.
For this type of hack (piercing the veil) you must retrieve the IP address of this target
A successful hack must be able to be duplicated and demonstrated upon request.
If you’re hung up on authority to verify the assertion - keep in mind this is a competition and we’ll be setting up a target for you to hack. We won’t just ask you to go after any random vault/client! No, this has to be a controlled process to the extent possible.
And since the whole point of the challenge is to either
Prove the robustness of the network
Expose and fix bugs
the process of the hack must be documented and verification of that process must be possible. In short, the hack must be duplicatable.
While correlating any random account’s IP address and their account info would not, I don’t think, qualify for this challenge, it is certainly something that should be brought to the attention of the devs. If there is indeed a vulnerability, then maybe there can be a bug bounty or something. But for the time being, I believe the premise for this challenge is that there should be a targed to be exploited. This is very common in CTF (capture-the-flag) type challenges (red team vs blue team – attackers vs defenders)
Remember, this is not TOR where a request can be seen by the end-node. This is different. So let me try to find what attacks are possible:
You connect to me, I’m your relay node. I’ll try to connect you to a local fake Safenet. What happens? Next to me you use 3 other relay nodes to connect to the same group in XOR. So you will find out in seconds because the other 3 nodes are giving me different information than you. Not to mention that for the first connection to the network you might use a fallback-connection to a node by Maidsafe. A bootstrap-node. Their public key is already in the software, so even if I try to be evil to you, I can’t because from step 1 my messages to the fallback node are encrypted.
I connect you to Safenet, but I will hurt your connection. I’m gonna connect and reconnect from the internet every few seconds. Well, you will find out and just take another relay node.
I’ll post your IP on the internet. I’ll say, look! This address in XOR is using IP 22.33.44.55.66.77. Because I might know an address in XOR. But that address in XOR is not your address for surfing Safenet or the address for your personal identity. It’s just an address to connect to the Client Managers or the Name Managers. And the connection between you and these managers is encrypted.
What could go wrong here?? The only thing I can find is when someone would take me serious, and believes me in saying that your address in XOR is connected to your IP and he is part of your group of 32, he might find out that you’re asking for Chunk “ABC”. Although I really doubt if even that’s possible.
Where will you buy the policy and how much would it cost? If I was an insurrance company I´d need to know SAFE and I´d need to trust that I can make a good business here. Depending on the level of trust I would offer you a policy. I hardly imagine that you find an insurrance company that will offer you a good deal. That means, someone would pay a sh*tload of money to an insurrance company for basically nothing (if you´re convinced that there won´t be a security breach).
The best way would be a smart contract - then again someone would need to put down 1,000,000 $ in SAFE
It goes without saying that the details of how this marketing strategy could unfold are not without deep thought and extensive planning. That "sh*tload of money gets paid to an insurance company out of a marketing budget in the same way it would get paid to a PR firm to strategize worldwide adoption of SAFE. I will go on the assumption that SAFE is impenetrable and use that a departure point for this marketing effort. The target markets/industries for SAFE have a full-time ear to the ground for news/developments in network integrity.
I really like some of the ideas tossed around here from some very smart people. This could be a great contest among hacker-titans - the POKERSTARS of the network world. They may well pay an entry fee just to pump their chests.
All I wanted to say is: it´s not as simple as you make it sound. Some here may know the One Million Dollar Paranormal Challenge of James Randi. James started with 1000 bucks and then after a while when his contest and personal activity gained interest he raised the bounty due to donations from potent actors.
And that´s a competition that is impossible to win. With SAFE there is a real chance to break the network (or at least: at this point none of us can say whether SAFE is ultimately going to be safe).
If you really want to do this competition, I suggest you put 1000 bucks down when SAFE is released and then slowly raise the amount. There is absolutely no need to think about large fundraisers and insurrance companies. It´s much better to start with no matter what you´ve got if you believe in the reliability.
This seems a good strategy. We could crowdfund or fund a small prize and get all the rules really clear and increase it over time. $1,000 … $5,000 … $10,000 etc That itself can be part of a co-ordinated campaign that - since no-one has managed to break this network we’re having to increase the prize etc.
