:IF: Autonomi Browser Suite - Unleash Autonomi

That would be cool and would e.g. Enable local signing without exposing your private key to the

When using them for write operations/when you read your private Scratchpad

I think a wallet app that works over the REST API is also interesting. Maybe using your invite with funds mechanism this can be made really simple, and have everything stored on Autonomi, and accessible from any device that been added the REST server.

Aaaah - working through rest but doing everything client side and just storing the stage encrypted via rest on the server that indeed would be pretty cool!

A metamask version not being installed locally but pulling pushing the data to/from autonomi

Minimalist, just the essential features for using Autonomi with a great UX for non geeks.

Just mentioned metamask because that is a browser plugin and has the needed libraries for doing arbitrum txs… But probably not for BLS signatures de/encrypting…

Yeah upload functionality without the local client would require wallet implementation in the extension itself. As we move towards the native token we will likely also need to move away from metamask too (unless they support it, so doubtful), so it might make sense to just build the wallet/private key management into the extension.

Making the extension into a fully contained wallet has now been added to the roadmap

BLS (+multisig) signing (and encrypting/decrypting) for writing without exposing private keys to the remote server too?

What about security, local vs server, which is more safe, what are the risks and so on?

Would be interesting to hear some thoughs on security.

Yeah once downloading is working, I’ll start looking into how meta-mask & some other extension wallets work and do a deep dive.

It will be alpha-alpha so would eventually need an audit before anyone actually puts significant funds on it Perhaps if there is enough interest the community devs can come together and contribute to make it as secure as possible.

And multisig will have to come later but could open some cool features like percentage ownership of nfts, decentralized organizations, maybe p2p trading? and who knows what else.

I’ll likely create a wiki on usage for the release.

There’s pros & cons between security & privacy & convenience.

If you use a remote server ( you can decide which one you trust most ), your extension will be sending a request to download a file. The server can see what file you have requested, along with other metadata that might exist on the request. Depending on if the server logs or not, they can use this information. This could also lead to potential Autonomi search engines in future.

Other than that it would still be secure, as it’s much like requesting from any website on the internet. This is assuming your browser is secure (no weird extensions, malware etc). The extension is open source so you can see what it does with the permissions you give it.

If you wish to not have these requests potentially collected by an endpoint server, you can use the local client.

Thanks, good answers. So you have to trust the server owner, on the regular internet people know that they can trust certain organisations, companies, people and so on. Calls to the server, there might also be tracking and such outside the server owner?

I guess things like these questions probably will be mentioned on a wiki, info page or something, as you mentioned, just a little curious.

BLS does support multisig out of the box (n out of m)

I’m not talking about ANT multisig but multisig for Scratchpads/Pointers/GraphEntries

or are you planning on limiting the use cases for the browser extension to chunk retrieval without writing any data to the network (/fetching private scratchpads which is as well only possible with the private key)

@riddim I am assuming nodes only see the requests from other nodes when a chunk they are hosting is requested. Since the nodes ask closer nodes until they get to the chunk, would the request just show which node sent the request and not the original IP request of the user?

Haven’t dived deep enough into the nodes to know this part

Yup you have to trust the server you decide to use. It’s why we are moving away from the internet model with Autonomi, just need things like this to bring over users to the new way

Ah I see, not sure regarding multisig for those, will have to look into it. Plan is to first implement features of anttp & the wallet UI for the extension.

Yup priority is download first, and upload later (uploading is currently working with local client atm though)

hmmm - I happen to really have looked at the forwarding part in the code … they just seem to forward the query … which eventually gets answered and magically propagated all the way back xD … but (!) I don’t know if the query object contains the IP of the one requesting the data or it is more like onion-routing in tor … so I’m not smarter than you here .. I don’t know …

while remote client would now either require the remote server operator to pay for all uploads or you to expose your private key to the remote server …

Also a short thing, I think that I’ve read people asked you to use the Autonomi logo for the add-on but in the future it might be better to use a different add-on logo. So that the add-on is not mistaken for something released by Autonomi.

Yeah I mean if the final node has the IP it would seem a bit wasteful to have to propagate all the way back.

I was planning to have some polling to see if payment has been made to the servers address. Once payment has been made it would pay for the upload. Perhaps there is a better way.