How private is Autonomi network?

With so many changes and little communication about their impact on the fundamentals I’m at a loss to know how we are doing against those precious, vital goals.

We’re fairly decentralised, but yet to test a lot of that (eg a non empty network etc), but it’s a process.

But privacy, security, and freedom from censorship and surveillance are what decentralisation is meant to deliver. So how are we doing on those with the current design, and how can that be improved if it needs to be?

I don’t know if current marketing focusses on any of these characteristics because I don’t do Twitter or YouTube, but if it does, then I think it needs backing up with answers to the above questions.

If it doesn’t, then what’s going on here?

I’m a long term follower and advocate for the project with some understanding of the technical challenges here, and really have no clue how we’re doing on the fundamentals.

My guess is that downloaders are fairly safe and that once content is up it will not be censorable.

But people self censor if they think they could be tracked down, and I think there’s an important question about the risks of uploaders being linked to what they upload. Who here would upload whistleblowing secrets to this network without extreme precautions? That’s a big speculative topic so not much point arguing about it IMO. It remains a significant risk until we can understand why it isn’t, and undermines the fundamentals considerably until then so I’m giving it a

And noderunners will be identifiable via wallet addresses as soon as they or someone they transact with hits fiat services and KYC. That’s not a terrible risk unless you live in an oppressive regime soo, er, um

@Gill_McLaughlin are these questions which Autonomi can answer or have a path towards?

Marketing? Are people under the illusion that the team is doing marketing? I’d certainly like to see it. I’m on X occasionally, and follow the ANT channel there, but rarely see anything. I’ve been barking for months about a lack of it - I don’t think it’s their focus at all at this point - I don’t know why and they don’t seem eager to say IMO.

Onto your topic though Mark … tracking is certainly possible as far as I see it. Using a VPN seems critical for users who desire anonymity. It is possible AFAIK to use Tor with the network (at least via a tool like proxychains) if higher level anonymity is desired. But as we know, the node ‘hops’ were not baked into the Autonomi cake.

A VPN, Tor etc mitigate some risks but are not enough on their own because of the risk of wallet ownership leaks.

Being able to earn and pay purely in ANT will make it possible for a noderunner to upload using an untraceable wallet, and I understand the ability to pay purely in ANT is being worked on. But people will need to be aware of that and the risks of ever using earned ANT for anything but their own uploads, and as you point out of leaked IPs.

It would be good to drill down into this a bit.

1. What data is being exposed by Autonomi that Tor or a VPN would prevent?
2. Who is able to view this data?
3. What does the data prove?

For me, as an engineer, but not a security specialist:

1 is about connectivity. Can we see that IP address X, connected to IP address Y.

2 is the node runners and routers in the middle.

3 is that the user on IP address X, had some connectivity with IP address Y. They don’t know what was downloaded (encrypted in transit), nor what was hosted on IP address Y (chunks are encrypted and constantly on the move through churn). Given a file is made of many chunks, across many nodes, it would be very hard to understand what what requested.

Unless… there is a huge majority of spy nodes, run by a party who wish to try to correlate network activity. AFAIK, this would require pretty much taking over the network, to be able to see all the traffic, flowing to all the groups. That would be extremely expensive, especially if there is competition for node running.

So, I get VPN or Tor may help, but whether it is to a useful degree, it isn’t obvious to me, especially for downloads.

For uploads, I’m not sure the picture changes substantially. The uploader may leave more of a trail for making the payment (in fact, this may be the key for VPN benefit), but the data will still be chunked and the receiving nodes are still spread out.

Even with the payer IP exposed, what is that proving? That they uploaded some chunks of data. Without controlling most of the ant nodes, it would seem impossible to derive what this data is/was, given it is encrypted at rest and in transit.

Just my thoughts anyway.

expensive for you and me probably. Do not underestimate billionaires.

There must be a way to prevent billionaires from running billions of nodes

We need to consider an ‘attacker’ who has the original data and so can generate and match chunks, which may - or may not - be linked to an individual via either IP or wallet address.

This is an area where I think we need caution and to be sure of privacy for one or other roles and define it’s limits for different situations. Nothing is guaranteed but we can see that if you have enough data or resources you can build a picture and then use that to identify individuals to target by conventional methods (search warrants etc).

If someone like the FBI is running ~1% of all nodes (which would be cheap for them unless autonomi is truly massive scale), they could log IPs for a lot of chunks for a long time and get a pretty complete picture of who uploaded which public files, since larger files like movies would be spread over hundreds of nodes.

I’ve been pretty hard on these guys about marketing as well, but I can understand the reluctance to a degree. When the real marketing starts, the objections will be fierce. Bux and Jim are great promoters, but in all reality, David is the only one who can handle that kind of heat.

kill them

eat the rich

My first post on this forum was, that the autonomi client libs are using public Arbitrum servers, which log ip addresses. So basically ALL wallet related traffic, including passive reading of wallets and transaction publishing is submitted to a central server which logs IP addresses. Total failure by design. What is more, I tried to change the URLs to something else, and it was so much hidden in the client libs, that I was able to find after hours of debugging that I need to set up custom network, with all the params, know exactly what the params are to be able to change that public API RPC server url for arbitrum.
I developed rust app, that can hide that public url behind tor, but there were literally 0 people interested in it. People do not understand absolute basics of privacy in crypto space. Crypto space privacy is a topic well discussed for more than decade. Autonomi internal privacy risks will have even much lover interest from public.

Also the fact, that CLI by default uses private key from ETH wallet to derive keys for uploaded data is another privacy nightmare. It should be avoided at all costs, or at least should warn everyone and introduce a password like trezor has. (seeed + password) >>> new seed.

This is a strong argument for using a VPN for uploads. IIRC, it was also the original argument for having relay nodes for uploads too.

I would say that one chunk does not mean someone uploaded the whole file though. It implies they may have, but it isn’t evidence that they have. It could trigger further investigation though.

Was this app shared on the forum? It sounds like a number of folks here would be interested.

(I know you mentioned something like this in the AntTP thread, but not sure how many folks would have seen it)

More fuel for the native token fire!

So, it isn’t just nodes that are aware of the IPs, the Arbitrum servers are too. Much easier to seize those logs than run lots of nodes on the network too.

EDIT: Saying that, they would still need to control nodes to understand what was being paid for. Without that, it would just be to pay for ‘something’, right?

I plan to publish it to git, together with browser launcher in next days.But it will not help much, because that app requires people to run CLI with specific set of parameters, which create custom network, with exactly same arguments as originla netwrok and the only change is the url. Url is somethink like htttp://localhost:8080/[urlEncode(originalRPCUrl)], this is a localhost http server that routes any URL via TOR to that original URL. But this should be native part of the client libraries. And it will not help yourANTtp, since you would need to change the code, to create autonomi client using custom configuration. We need the dev team to understand this mistake and let them at least give us an easy option to specify that url on network start.

Is it these statics that are the cause or something else? autonomi/evmlib/src/lib.rs at 817b151609a9cd868a68f2bba6a4d2d38749e2ae · maidsafe/autonomi · GitHub

You can set some a bunch of stuff in ClientConfig, but it looks like setting the EvmNetwork always uses a fixed RPC URL.

The fastest solution is simply to run my rust app implementation by autonomi on let say arbitrumRPC.autonomi.com domain, and configure all the client and node apps to use that.

1. they will have under control the URL where is everyone connecting.
2. they can run clearnet or tor routed solution and let user pick by config
3. they can have policy of no logs.
4. they would have an option to switch to any other or they own operated arbitrum server. Right now single external server can kill the network payment mechanism and would force instant need for update of all client and server software.

Edit: there is likely a limit on that public server for single IP, so direct connect would not work because of limits. Tor routing should work.

I wrote here how to set that custom network:>> Privacy issues in autonomi client and ant-cli libraries - #6 by Herodotos, the last post there.

It’s very strong indication because chunks will almost always be unique to a file. And we aren’t talking about evidence to satisfy a court, but to trigger targeting of an individual for investigation.

@Herodotos thanks for adding that which I had forgotten. It is something I didn’t anticipate which further shows that the move to ERC20 has left the fundamentals of security and privacy, as well as being for everyone in tatters.

We may still have secure storage and perpetual data (fingers crossed) but until we shed Blockchain the network is not going anywhere near the fundamentals on privacy, surveillance and censorship, or being for everyone.

I pointed that out back in September and @JimCollinson said I was wrong. Perhaps you can review that Jim, and we can come together to move this network back towards the fundamentals.

Until Autonomi are credible and transparent about the situation - eg by explaining where we are wrong and confirming where we are right - we can’t expect people to promote an apparently false prospectus or trust what Autonomi say. That’s a terrible situation IMO. Particularly as we approach a marketable system.

It feels to me that the blockchain integration could have been done at the periphery, rather than central to payments.

We could have had a situation (and still can, of course) where blockchain tokens were exchanged for native tokens in an async flow. Native tokens could then have been spent on storage.

Ofc, node operators would have been paid in native tokens then too, but it feels like that would have been a reasonable compromise to stay closer to the fundamentals.

Having blockchain in the middle of everything transaction has been bad for performance and privacy. Just having it at the periphery could have allowed folks to exchange ANT for native tokens in small numbers to build up trust in it.

Hind sight is 20:20, but still. It feels like the network went ‘all in’ on blockchain a bit prematurely. I hope we can row it back.

I have a daring theory: David wanted to time the launch so the holders don’t miss out on another bullrun. He probably even thought the blockchain dependency would enhance the returns. Alas, it unfolded quite differently.

Now we don’t even have whining lambo kids anymore. The greedy people have gone. And while it seemed very unlikely until recently, I can definitely imagine the community go for a fork that aligns with the originally declared principles slightly better.