I must say that I’m disappointed by the attitude in some of the answers here. @anthro1 / @anthro2is asking specific questions. When he gets pointed to another thread or article he reads it and then comes back, specifies why he is not satisfied with the answer there and asks follow-up questions. That is as far from trolling as it gets.
Comments like this is more troll-like to be honest:
I would love to help out but I haven’t fully grasped the inner workings of MaidSafe yet. I am here because I love the idea of the SAFE network and I would be thrilled if it works. It hasn’t been proven yet though, and critisicm like the one in this thread is good! We all want SAFE to work, but don’t make it a religion and don’t be blind believers.
@anthro brings up a number of good points. I generally try to ask how such issues will be overcome, instead of stating that they are flaws in the design and that the fundamental concepts must be scrapped, but that is just me. We should discuss the questions, whether or not his apparent lack of social graces are intentional.
In my conversations with the Maidsafe team, it has been clear that these issues have been well considered. There is no public code yet released for ranking or consensus chains, so there are not currently definitive answers to these questions. I personally have faith that these issues will be solved by the team. This is based on the innovative and elegant solutions that exist in the current code base as well as the well reasoned arguments provided by the team. The combined concepts of encrypted deduplication and security through immutability are beautiful, IMHO. While there are issues to be solved, I don’t see any intractable problems with the design.
As others have said, this project is very different from Bitcoin. Bitcoin is surprising in it’s elegance and simplicity. The blockchain can be explained in nine pages. I can read the whitepaper and come out with some level of confidence that it is a viable solution. I don’t think you will catch anyone saying that safecoin is simple or easy to understand. There is true innovation and genius in the maidsafe design, but it personally took me a month to get my head around it.
Here is my cocktail party explanation of the concept of consensus:
Every coin has a record stored on the network with a coin ID and an owner.
Within the network, there are a set of nodes randomly chosen to act as the manager of a given coin. A group is currently 4 nodes.
When nodes enter or exit the network, churn events are generated. These churn events will periodically change which nodes make up the management group for any given coin.
There are a set of rules that define how a coin record can be changed (for instance, the current owner must sign a request to transfer ownership).
The management group is responsible for maintaining the current state of the coin and for validating any change requests. 3 of the 4 members of the group must sign off on any change for it to be valid. Similarly, when you request the current state of the coin, you must get an answer from 3 of the 4 managers for the response to be valid.
Now, 3 out of 4 nodes is not secure enough for a currency, so this is where the chain comes in. Each of the 4 manager nodes has a manager group of its own. All actions and responses of the coin manager group are monitored by the node managers. In the same way as with coins, any action must be signed off on by 3 out of the 4 members of the manager’s management group for it to be valid. This management of manager nodes concept can be continued to chain as many management groups as is required together. In this way, the designers can choose how many nodes must be included in any decision to reach consensus. This is in contrast to a blockchain based system where every node in the network must validate every transaction ever recorded in the chain.
This description naturally brings up a number of questions, a couple of them being:
How are nodes randomly chosen to form a group.
How is communication to/from/between groups and members done.
How does one verify which nodes are required for consensus on a given coin, and how do you verify all the nodes agree.
What level of security does each level of group chaining provide.
etc.
These are discussed elsewhere (mostly on the google group). I will touch on the Sybil attack though. The below is my understanding of the plans. Again, there is not yet any code to back any of these statements:
There is no absolute defence against Sybil attacks. Bitcoin doesn’t provide one either, the 51% attack is a Sybil attack. The goal is to make the attack so expensive to perform that it is not feasible. The size of the network is the main determinator on how expensive a Sybil attack becomes; the larger the network, the less likely of a successful attack.
The first line of defense is the fact that a node is expensive to run. A node must provide an amount of storage space and it must respond to requests in a timely manner. The number of coins a node may be responsible for is directly related to the resources it provides to the network. If an attacking node does not participate productively in the network, it will be pushed to the outskirts of the network, increasingly ignored by the other nodes.
The next line of defense is the ranking system. In order to increase and maintain rank, a node must continue to expend increasing amounts of storage space and bandwidth. There is also a natural limit to the speed at which a node may acquire the higher ranks. A malicious node may need to spend weeks working as a productive member of the network before it has a high enough reputation to participate in the attack. The exact parameters have not been set, but consensus groups will likely be made up of nodes with varying rank, which will drastically increase the complexity require to successfully implement an attack.
Finally, it is not possible for an attacker to flood the network with a large number of fake nodes, all of them validating the rank of each other.
First off, the rank of a node is maintained through consensus (in the same manner as coin consensus). Synthesized fake rank then becomes a chicken and egg problem. The attacker can only set his nodes’ rank once he gains enough rank to be responsible for managing rank.
The best an attacker could do is create a self contained evil network, parallel to the real one. When the network is first initialized, this is protected against through centralization, but the centralization requirement fades over time. Let us consider a mature network that is several years old and has hundreds of thousands of nodes.
Nodes join the network and discover other nodes within the network based on known nodes it has communicated with in the past.
A mature network forms a graph of inter-related nodes (much like the reputation graph in a community of people). This effectively limits the evil network to a MITM type attack, which would be very challenging to perform due to the nature of the routing layer (I can go into more detail on this if you need).
Not read this whole thread yet, but atomic transactions are accomplished through consensus of the (usually 4) nodes storing the data (vaults).
Bitcoin requires all nodes to agree. Safecoin only requires the nodes responsible for storing that specific Safecoin to agree.
The two techniques produce quite different things. Bitcoin is a journal creation system, where as Safecoin is a data transfer system. Both allow something to be transferred from one person to another, but they use different solutions to the problem.
The result is that Safecoin is better for privacy (no public journal), could be far faster (as fewer nodes needed to gain consensus) and can scale massively (as very little data is moving anywhere). It remains to be seen whether this technique will work in practice.
Edit: note that this is a little simplified, as there are additional mechanisms used outside of the 4 storage nodes, which help to keep them honest.
All - I agree with @David that @anthro1@anthro2 is not trolling, though he did give a good impression of it so I’ll not apologise for being suspiscious! Right now he is raising valid questions, but I don’t believe he has “read everything there is to read on maidsafe”, at least not read it and put the bits about Sybil etc attacks together. We’ve been doing that for him, which is fair enough. It helps all of us (certainly me), and others who come later and will now find some answers more easily in this thread.
There is a thread on reddit where @dirvine responds to similar questioning, and gives a lot more information about this than any of the bits and pieces we’ve dug out so far. I wish I had remembered this earlier in this discussion, but as you know I’m an old guy and it takes us longer to get it up, the memory that is, but generally its worth the wait so I’m told. You be the judge:
The above links to the comment, but you might want to explore the whole thread if anything is not clear.
What anthro has done is very positive IMO.
That he didn’t do it in the way we might have found easier makes no matter - it is my problem if I find it hard to listen to or respond to someone, no matter how they behave. Anthro’s learning would be - if you don’t mind me saying - you’ll more likely get what you want if your are more thoughtful about the reactions you might provoke.
In either role, to re-enforce the value of sticking with our “irritation” in situations like this, I highly recommend David’s timely What is a vision? blog post. I’ll let you each find your own slot in David’s categories
One thing is for sure, if Irvine succeeds in creating a CryptoCoin that needs no blockchain and solves an issue even Satoshi could not, This network could very easily surpass Bitcoin, Ethereum and Even VISA/MasterCard.
Agreed @interested_in_2 It is almost too scarily good to believe isn’t it!
This is why it is also important for us to understand the limitations of MaidSafe, as expressed in the Doubts thread. Everything has its limitations, and it is important to be aware of them, otherwise things can go horribly wrong!
I agree that sybil attacks are less of an issue if the attacking nodes are required to perform some actual work like actually storing and serving files. This would make a sybil attack more in line with Bitcoin’s 50% attack. The problem is who verifies if a node has actually done work? Is there anyway to prove that a node has been faithfully storing and serving files for the past day or week? If not then all you can do is rely on trusting the other nodes to tell you who is good or bad. But now we’re back to a sybil attack, the bad nodes will lie and tell you they are good and that the good nodes are bad. This same reasoning goes for ranking.
And the problem is if nodes aren’t required to actually do any work you can sybil, really, any number of nodes very easily (even billions).
Bitcoin introduced an interesting idea that as long as you can get a small amount of data (the block headers) from one honest source you can prove if bad nodes are lying to you (about which blockchain has the most work in it). I don’t see where something like that exists in maidsafe, where you can prove to a new client who is good or bad.
I understand this is very possible using a partially centralized approach like hardcoded trusted nodes (as you stated may be used in the beginning) but, no matter how big the network, I don’t see how this can work once you remove that centralization.
Let me restate one more time what I think the simplest question I’m asking is. How does a brand new maidsafe client coming onto the network for the first time, who is connected to some good and some bad nodes, differentiate between who is good and who is bad?
First I’d like to apologize. My frustration was only about half with this thread, the rest completely unrelated, so mybad. I normally do a much better job putting my frustrations aside and explaining things. While I still contend most of these questions could be answered with more reading, getting frustrated is not the answer.
Private
Private content will be known to be false instantly. There is no way to fake private content due to how the self encryption + obfuscation + deduplication works.
Public
In order to fake public data there would be a process. See what the public data looks like, make your own “bad” version of it and serve it up in whole to the end user. That would require ALL members of the colusionnew users group to be malicious. Any one member serving up different data than the others will result in garbage. (if at any point the network connects you to 4 members all colluding together, the network is ruined anyway - see the collusion resistance thread on the dev list)
Ownership
I Believe this is where your question really lies, but I put the other info just to cover the bases.
We’re entering the territory of “this is my understanding” and not “this is how it is” here.
Using the idea of consensus chains (which I had forgotten about, thank you) and my understanding that each consensus group is responsible for a single coin, this makes it increasingly difficult mess with. It’s not that a group controls “the coins,” it controls “a coin.” This is an important distinction. You would need to control all 4 nodes for a particular coin in order to steal it. If you only control 3 (which is incredibly hard in it’s own right) then it will get bumped up to the next level of the chain. If there is a problem, it will bump up again. All of this to steal a SINGLE coin. It is nearly impossible to control what group you’re in. So you would have to control a HUGE majority of the network as whole…
To me, this makes it MORE secure than Bitcoin. If you control 51% of the bitcoin network (though that’s hard now, it didn’t use to be) you can control ALL of the network. What transactions go through, redo transactions you don’t like, complete control. With Maidsafe, that percentage is much higher - and with significantly less control over what happens with them.
I think I agree with you and understand almost everything there. It seems that the idea is that sybilling a large % of the network should be very hard. Because if it’s not then you can do very bad things. So now I’m trying to understand exactly what mechanism makes sybilling hard.
In Bitcoin there isn’t really any sybil attack other than a simple DOS attack to prevent you from talking to anyone at all. The Bitcoin 51% attack has to do with hashpower not # of nodes. In Bitcoin sybilling is easy because no node is really required to do any work, so if it was vulnerable to sybil attacks it’d be dead already. I’m still trying to figure out what mechanism verifies and enforces maidsafe nodes to do work so that you can’t easily sybil millions of nodes to take over a large % of the network.
I have to disagree wholeheartedly, this type of thing is neither “criticism” nor “good”. Constructive criticism may be good, but this isn’t it. This appeared to be a guy refusing to read anything, though claiming he had read everything and moving the goalposts of his questions in a very rude manner. I found this irksome and spoke my mind and I will continue to do so, .I have absolutely no idea who “don’t make it a religion and don’t be blind believers” is aimed at or why it was thought relevant to thread, nor do I feel that saying “goodbye” out of sheer exasperation constitutes “trolling”.
I missed much of this thread while travelling. Of that I am delighted We are not journalists so please everyone lets call each other by our handle or fist name. Irvine says … is not endearing This will cause grief.
It is false to imagine that only proof of work is a valid consensus mechanism IMHO. A sybil attack in this environment is being able to take over the mechanism for consensus. In Bitcoin it’s 50% of the hashing power, so that can be done in many ways as any sybil type attack on any species or system can. So segment the network for one, that would cause chaos, or get >50% of hashing power etc. Bitcoin has been great and will be for a long time. There are debates all over about what it is, a public ledger, a transaction system, currency, store of wealth, … and more, I know it will not be everything.
So if you can see there requires to be a greater than 50% attack (anything over this is very good, very good indeed). So then how to get >50% or whatever the attack is becomes the issue. If there are 500million nodes and you need another 400million to attack a single coin, then the odds are in our favour. If you think nodes are to easy to create then you may believe this is easily possible. That would make us pretty incompetent an would have an issue easily fixed by a competent person. This is another important point, I have made it before, do not expect a Model T Ford with ABS brakes or a bitcoin blockchain with > 7 transaction per second on day 1 (5 years ago).
The thread referred to earlier does show the attack model is >50% (won’t go into detail, it is above that and being verified at the moment. So then we need to consider off-line attack, the easiest. This would be where you create huge lists (crypto hard) of nodes to try and get 4 close to each other in an XOR space. Then insert into the network. If we only used this single group as a manager then we have another issue (birthday paradox related). Again would be easily fixed by a competent person.
So in a quick reply and until we have time to document properly this part, here is a precis, I hope it helps.
1: A Node creates key pairs (as per PKI paper on wiki)
2: Node inserts into DHT, the 4 closest to this ID insert an agreed placement addition to the key, thereby distributing the node in the DHT to a place not chosen by the node (this kills the off line attack).
3: The network actions are chosen in a manner that requires several of these groups to act on data in a deterministic manner (like reversing the birthday paradox to state which day they share and then stating these sharing must also have another birthday related value that is deterministic and confirmable cryptographically). This is the chained consensus.
There are a huge amount of advances here, such as using the node rank to place nodes in a manner that’s distributed based on average rank per group and some more as discussed previously. Rank itself can weight answers, but that’s a much bigger area to discuss.
I hope you do not see this as hand waving or flannel (some of the top cryptographers did not get bitcoin for many years, scientists did not get relativity etc. it’s not unusual), I am answering lots of people and repeating many answers while being told I need to document much of this better. (so be here and there at the same time) So it’s a no win at the moment. I think many of the community get this process and can see where we are going, I hope you can now a bit better to.
This is an area we have been working on recently a little more and the safecoin has allowed us to re-factor much of the vault complexity. The vault paper does explain the chain of events better than I will here, but it will change and simplify. Best not to focus purely on the network, the access mechanism and encryption are other parts of the circle that are very important. Google scholar has a lot of papers etc. as well which will help a bit.
The most important point is innovation never stops, we are part of an evolving species and new things will be invented all the time. We need to encourage this. I spent a few days talking with bticoin ‘experts’ (a term I detest) and going over much of this with them as well. It is not being evaded in any way. It is not clear as it should be an if we get a tech author it will help a lot. There should be enough to ask a very specific question though and that will help us all.
For very large ranging questions like this, perhaps the hangouts will help as it requires a huge amount of typing and we could document it faster without the many questions. A whiteboard and questions works really well as we can show exactly the processes and math as well.
BTW I like questions a lot and love criticism, to critique something is very hard though and can come across as a blind attack. I think this has happened in this thread. This community has had some troll attacks as well and these are very destructive so awareness is high. This project is to important for many people in this world to ruin it with such things. Hope this all helps in some wee way though.
@dirvine First off, thanks for repsonding. I absolutely don’t think that proof of work is the only valid consensus mechanism and I don’t mean or want this to turn into a debate of X against Y. But everyone knows Bitcoin and it’s helpful to draw anologies to certain aspects of it. It’s also a sort of measuring stick in terms of attack resistance.
Maybe I’m missing something but I still don’t see an answer to what makes it hard to bring on huge numbers of nodes. Or how you establish a decentralized consensus on rank among untrusted nodes.
Nothing will stop people bringing on a huge number of nodes at any cost. Making this hard is the issue. So hard as in bitcoin means expensive (more expensive to attack than what you would get) and the network effect means this number gets hard very quick. I do not think there is any such network (including bitcoin) that can prevent a massive attack from destroying it. Its all in the difficulty. If this has been your debate then I agree, no matter what sheer weight of numbers will eventually win.
This is where we use cryptography and a very efficient DHT implementation (this part has never existed), to:
1: Identify nodes (PKI)
2: Measure the distance from a crypto secured node to another in xor space
3: Use distance from an action (or node, or data element etc.) to evaluate responsibility and authority.
4: Use the non euclidean distance to create a huge network of connected events and groups in xor space (like a 3d connected venn diagram)
5: Where owned malleable data (such as directory entries, coins, contracts, computations etc.) are involved then use signatures as authority to mutate, but only allow the responsible nodes to give this data
6: Use network synchronisation, (this includes accumulate and account transfer as per vault paper in wiki) to ensure the network atomically can mutate any data.
7: Maintain strict deterministic consensus groups to manage a chain of events that complete a ‘transaction’
Hope that helps a little, it does need detail and a doc, there will be a vault paper soon from Greig at the Uni, another paper specifically on consensus chans is also required. It need to identify all the above plus access, account creation and immutable data (self encryption). The problem is the reading required is huge, This is why I like a whiteboard, I have used this with many many professors and industry leaders to go over the whole process. It is huge and very hard to summarise as you may imagine. It’s hard to summarise this, as is bitcoin (i.e. how does the p2p network work in bitcoin (hint it’s not detailed in the paper) as this is an essential part of bitcoin working).
Public data could still be signed, in theory. I am not sure whether this is currently being done, but I don’t see why it wouldn’t be possible. This way, even public data can be verified to be as the author (who can still be anonymous) defined.
This is one of my favorite threads so far. It’s summarizing a lot of stuff I didn’t quite understand while trying to read up on the history of the project.
Started off rocky with a lot of offensive/defensive stuff, but I had a lot of the same questions and the answers are all being summarized well. Thanks all.
Yes this was due to the language used. I see it a lot more now, Irvine is hand waving, Irvine is useless at explaining etc. This is what gets folks backs up on this forum. I agree and would hate to see others spoken about like that, its not the community we want. I did note this discussion went straight on bticointalkforum which did lead to our old troll pal chiming in attacking again. So I do not think there was trolling, but can understand completely why folk thought there was. This is a huge problem for public forums and is crazy as it is the free speech we want, just without the nutters
Lol, yes, I did have my hackles raised but nobody got hurt and people got informed…so result! I’ll try to refrain from getting defensive and being trollfinder general in future though (I’ll try.no promises…lol)
There are stupid troll topics and then there are technical topics (albeit maybe worded aggressively or with an undesirable tone). As a non-techinical(-ish) person who supports the ideas behind Maidsafe, I actually want it to be attacked on these grounds, technically that is…I want to see it to go through the fire. Bitcoin survived the same skepticism, if not worse – this is expected, in a public forum no less.
The cryptocurrency space is rife with scams, and is only natural that people remain skeptical. I would argue it is beneficial. People want to see these ‘attacks’ won – not evaded, especially early on when there is not much proof yet beyond whitepapers. At this stage, this is what builds trust and support.
In essence, let’s make sure we’re not throwing the beneficial topics(baby) out with the real troll topics (bath water).
I agree, but there is a balance. I spend a huge amount of time trying to answer points raised and this is great when points are actually quizzical and intrusive into the tech. Its hard to encourage somebody to win a race or competition by using slander or foul language and asking them to die (all in caps).
So with limited time I think we need to be as encouraging as possible in finding answers. That is all Engineers and innovators do, find answers. Doing so in a sea of hostility is very harmful. So yes critique and debate by all means is to be encouraged, improper language and insults in my opinion should be quashed. It would not happen in person I am 100% sure of that.
I for one would welcome all efforts to ensure we have critique, debate and morality with a helpful dose of scepticism where appropriate.
We are not journalists so please everyone lets call each other by our handle or fist name. Irvine says … is not endearing