Lets nail this down. We need a solid breakdown of how SAFE works. Freenet peeps want to know

The key to avoid running out of storage space on SAFE is safecoin. Because it has real-world value (traded against BTC) people are motivated to earn it. And you can also use it to pay fees to save data on the network. When you sign up as a SAFE “farmer” you allocate capacity to the network, and earn safecoin when resources are requested from your machine. This reward is dynamic, increasing when there is less capacity and more demand. The network attempts to keep a certain level of redundancy to account for farmers going offline.

The source for all this safecoin given to farmers comes either from: (1) fees paid to save data on the network or (2) currency minted from nothing (up to a max of 4.6 billion coins).

Lots of people trade SafeCoin for dollars these days too! SafeCrossroads Podcast Ep. 12

4.3

Freenet itself has no accounts. You can store and retrieve data without signing up to anything. Some applications built on top of Freenet use accounts. There is the Web of Trust plugin that provides an account and trust system. This is used by Freemail (distributed anonymous email) and Sone (microblogging). The FMS forum uses its own account and trust system.

IP addresses are hidden from users. Freenet has a ‘Darknet’ and ‘Opennet’ mode. In Darknet you explicitly connect to a node - presumably a friend or trusted person. In Opennet peers are discovered. You only know the IP addresses of your peers. You can’t determine what content is being requested or who is doing it.

We need a technical explanation from start to finish then iteratively add edge case scenarios, known attacks, current system gaming techniques.

Something like:

There are so and so number of modules. These include routing, launcher, vaults, etc.

The functions of each module is as follows:

Routing - This module controls the flow of data throughout the network, etc.
Launcher - ?
Client - ?
Etc - ?

SAFE uses a token based currency system that is used for resource management by doing so and so.

An example of how a typical use of the SAFE network would occur in technical detail is as follows:

Alice starts up the SAFE client. The SAFE client proceeds to communicate with the SAFE launcher. The launcher requests so and so credentials from the client. The user enters all the necessary information necessary to decrypt their data map. The data map contains the etc.

Defenses against common attacks:

Sybil is largely thwarted by means of so and so.
etc, etc.

You get the idea. Together we can refine this introductory technical explanation. I’ll try to help but I’m not as well versed as most on this forum. @dyamanaka compiling and organizing this is what we need from you. This I have noticed, is what you do very well.

Thanks for reinforcing my point.

I believe the burning question is “How is Maidsafe different from Freenet?”
My answer remains the same. Let people try both Networks and see for themselves. I can’t give you any stats for comparison until the SAFE Network is public.

By the way… I was familiar with Freenet (3 years ago) and emailed Ian Clarke about creating a Freenet cryptocurrency. He didn’t feel it would add any benefit beyond what Bitcoin already does, so there’s no need for it. We also talked about other things like the future of Meshnetworking, which he pointed me to some good material.

IMO, I believe the philosophical goals are similar: privacy, security, freedom. But the mechanics vary, as pointed out by other member posts.

ok then here the two projects then are very similar
the safe network can be compared to freenet in the darknet mode

and here is a huge difference
every safe network user has an account with private data
applications can access parts of this private data (so you don’t have to login every application seperately but you log into the safe network once with a secure password and every app then just has access … no 4523 different weak passwords)

Freenet data is inserted encrypted with a symmetric key, it’s private by default unless you share the symmetric key. I’m not sure this is so different either.

yes you are right - huge was too much but i think the underlying principle is just the other way round with the projects

at the safe network your account is where it starts - you have your one account and from there it goes right to the data - and this data then can fuel apps with your user preferences
at freenet you have this open network with public data and you need apps to create an account because it is not built into the system

where are these keys stored if you don’t have an account …?
something like a local account/encrypted key-safe inside your client …?

This is the intent of the web of trust plugin. It’s the recommended way of doing accounts on Freenet. The systems that don’t use it tend to pre-date its creation. It’s not needed for browsing sites or uploading sites though.

Private keys are stored in the local node or application that you use. You can back these up and use them on other nodes. I regularly upload new versions of my blog on Freenet on different nodes for example.

Personally I’m happy with the non-realtime communication, but if this thread produces a desire for something like that, it might be interesting to do.

I wrote that several month ago and I still think the same:

Freenet provide no guarantee that data is not lost and always has been extremely slow.

These two features already ensured their failure.

[quote=“digipl, post:31, topic:5640, full:true”]

Freenet provide no guarantee that data is not lost and always has been extremely slow.

These two features already ensured their failure.
[/quote]Given that Freenet has thousands of nodes and plenty of users spread across Sone, FMS and Frost, I don’t think it counts as a failure just yet.

It is slow, but not extremely slow - especially recent versions. Sone works well. FLIP, the “IRC over Freenet” system, is usable. Browsing sites is reasonable unless they are image heavy - then things slow down due to the large number of requests for each image.

Yes, data loss is annoying. More users will help resolve this. I’m sure SAFE will encounter “storage full is annoying” when users can’t afford the cost of inserting. I don’t think there’s an easy solution for limited data store. I am interested in seeing how SAFE’s ideas work out there. IPFS have considered similar cryptocurrency based solutions (Filecoin?) IIRC.

Is not annoying, is a basic characteristic which makes both systems not comparable. Without the guarantee of data existence, the possibilities of any system are very limited. In the end only offers an unsafe system of exchange and communication that make it useless for most cases.

The SAFE network aims to be a complete distributed data an communication management.
That includes things like:
Managing of public and private data.
Automatic control and maintenance of data
User Management
DNS decentralized
Messaging System
App
An much more…

Well, we are here because we think Maidsafe has found the solution. Unfortunately I fear that are needed several hours of reading and study, and in several different sites (web, papers, forum,…) to start to realize the beauty of the system.

I urge everyone new to SAFE to take a quick glance at some of the potential SAFE Apps at my site www.tiny.cc/appsite !!!

Not sure about that, but that is exactly the sort of thing I’m working on in the SAFE Network School. For instance, Class IV it really kick ass. Think I’ve cracked explaining XOR, consensus, and a few other things for the plebes like myself. Should be up on soundcloud later to night.

I need help gathering info. I’m creating a somewhat crude graphic (among other things) of how SAFE works and I need a few details to complete it.

These are the sections I’m working on. Any new sections are welcomed.

=======================================

–LAUNCHER–

The launcher is a software module (installed on any compatible computing device) that sits between the client and the network (or is it the client). Its basic purpose is to package the information provided by the client into something the network can understand.

Authentication:
To store private data on the network, an account must be created. Upon creation, only your files are encrypted with your username and password. Your keys are never stored on the network or your machine. They don’t even get sent to the network. This avoids theft.

When you desire to access your files or personal apps, the network uses your username and password to find a map of your files. Once found your client uses your key to decrypt them the moment they get to your machine.

Network drive:

Users with accounts will be provided a personal network drive that will allow them to store as much data as they can afford via safecoin. This drive is similar in functionality to other cloud storage services. The key differences are that your data is encrypted by a key only you have, your data is spread throughout the world with no companies in control of it, you only pay for it once and it will remain in the network for as long as you want.

======================================

–CLIENT–

The client is a software module (installed on any compatible computing device) that sits between the user, the vault, and the launcher. A hub if you will. It communicates with the network via the launcher, monitors and controls a users’ vaults, and receives input from the user to send/retrieve resources on the network.
I think I have the launcher and client roles reversed. Do I?

Ease of app development:

The launcher has been designed to simplify app development by handling…???

======================================

–VAULTS–

Data vaults are devoted portions of a users hard drive that store chunks of encrypted data uploaded to the network. Vaults also allow for anyone with free hard drive space to earn safecoin by providing that unused space to the network.

Data redundancy:

Data is self encrypted before upload and split into 1MB chunks. Each chunk is again self encrypted and stored with a minimum of 4 redundant pieces spread throughout the network.

Farming:

Whenever a user accesses a chunk stored on your node, you are rewarded with safecoin.

Reputation system:

The reputation of your vault depends on the stability of your vault. Your reputation is reset the moment it goes offline and all of the data it stores becomes invalid unless a massive outage occurs. Fortunately, a decent reputation is quickly regained.

========================================

–E-MAIL/MESSAGING–

How is this expected to work?

========================================

–SAFECOIN–

Safecoin is a digital coin that is created and protected by the SAFE Network and stays on the SAFE Network. Safecoins will only come into existence once the network is launched. Wallets will actually ask the network what their balance is. The network maintains only current owner ID and previous owner ID. The value of safecoin is based on the amount of storage space available on the network. More space means less value/cost.

More info here: https://safenetwork.wiki/en/FAQ#What_is_safecoin.3F

======================================

–DATA MANAGER–

Data managers are deterministically chosen remote vault groups responsible for handling data requests. They ensure that data is routed properly throughout the network by verifying the flow of data from node to node.

=======================================

–SELF ENCRYPTION–
Self encryption is the process by which data is encrypted using its own hash and user credentials as entropy. Files that are split use the hash of it counter parts to further layer the encryption.

Is this accurate?

================================

–CLOSE GROUP–

The close group quorum is a set of nodes that must reach a 28/32 consensus before safecoin can be transferred to another owner.

Any other responsibilities/functions?

================================

–TRANSACTION MANAGERS–

Transaction managers verify and assign ownership of the cash like currency called Safecoin. No block-chain is used. Instead these managers keep track of the previous and current owner of a safecoin.

Did I get this right?

================================

–SOLVED ATTACKS–

Birthday paradox/Sybil Attacks:

In this attack, an attacker floods the network with Vaults it controls, to surround a single Vault with a majority or more malicious Vaults in order to exert control over that Vault.

The SAFE Network requires all requests be processed by at least two groups of Vaults. The Client passes a request to it’s Data Managers, who verify the request based on the Client’s signature. The request is then passed to a deterministically selected group of other Vaults which also verify the request based on its signature. By deterministically selecting the second group of Data Managers, this attack no longer holds true for the SAFE Network, since it is not possible for the attacker to gain control over a Vault by simply surrounding it.

To circumvent this, the attacker would require the ability to surround specific Vaults in the SAFE Network. This cannot be achieved, as it would require being able to effectively generate different values which, when hashed with SHA-512, result in close hashes around one particular point.

More here: https://safenetwork.wiki/en/FAQ#Attacks_on_the_SAFE_Network

Can anyone elaborate or simplify?

ISP attack:

In this attack an ISP creates a simulated or fake network. In this case the Client or Vault will not be able to connect to the bootstrap Vaults listed in the cache file. This file contains the IP port and public key of bootstrap Vaults. Without the public key of any bootstrap Vaults, the connect request will fail. The SAFE Network Client then detects this is not a valid network.

Alternately. An ISP’s machine pretends to be the user’s machine and asks for the bootstrap information on the users behalf. The ISP could request the information and pass it back to the user. That information is encrypted to the user, so an ISP cannot really access it (unless they can break RSA 4096). If the closest Vaults are fake they will not be able to process the connect request, which is encrypted to each end. So again this attack fails.

This attack is only applicable for SAFE Network Clients that have not yet logged in. On receipt of the login packet, the SAFE Client encrypts a close Vault request to the bootstrap Vault. Again this is returned encrypted, so the attack is circumvented.

Denial of service:

Denial of service attacks are circumvented by the lack of DNS. Can someone further expound on this for those used to a DNS networking model.
What other protection does this afford the network?
What are the anonymity implications?

================================

–XOR USE IN THE NETWORK–

What part of the network determines a nodes XOR id and what keeps an attacker from associating the IP with the XOR id?

What scrubs the IP after the first hop? Data managers?

How is routing handled after the IP is scrubbed?

Can someone list and detail all of the uses of XOR in SAFE?

================================

–PATENTS–

Several defensive patents were received by CEO and co-founder David Irvine. These were subsequently transferred to a non profit humanitarian organization. This ensures that others cannot abuse the systems developed by maidsafe in an attempt to hinder communicative freedom provided by the technologies employed in networks Like SAFE and any future forks.

================================

Please help by responding to each point separately so that I can easily organize this information. This is not just about how Freenet compares to SAFE but the ease of technical orientation for newcomers. A succinct overview to wet the palate and encourage further exploration. Help me out guys.

@nicklambert, @19eddyjohn75, @Ross, @happybeing, @jreighley, @BenMS, @frabrunelle, @anon86652309, @janitor, @zankfrappa, @smacz, @4M8B, @atleticofa, @jm5, @riddim, @fergish, @betterthantrav

And anyone else I can’t remember at the moment. Sorry to call you guys out like this, but I really think this can be helpful. An all in one overview of the safe protocol. I am shooting for two versions. A very simplified and a moderately technical one. Both will point at each other and to the wiki.

It’s better to provide links to existing info (preferably the Wiki or Github) - for example potential attacks are outlined here (SystemDocs/en/attacks at master · maidsafe-archive/SystemDocs · GitHub, but also on the Wiki, in a user-friendlier form) - rather than copy information and ask people to verify it (hopefully the Wiki and Github has been verified and at least checked by multiple people).

Probably it would be better to add questions (or requests for information) for which no one from this thread has answers, then after we find the answers, put that info on the Wiki.

Hmmm, thanks but that isn’t the goal. As I stated before, It would be nice to have a relatively thorough but succinct overview for newcomers to read and point others to. I personally am not a fan of jumping around via links or reading through loads of material to get a fair understanding of a project and it’s various components. Again, my target is the casual explorer/researcher. Thanks again though. I appreciate you coming through. I hope I haven’t disturbed you from something more important. Please feel free to help out if you wish. I could really use it. @everyone.

Hi @Tonda,

If you are looking for material to show, you probably want to include the SAFE stack, that can be found here. This visually demonstrates how all the components link together.

Reading your post I have come across quite a few people that have a vested interested in another project and even if you described how SAFE would keep their data safe, clean their house and cook their dinner they still wouldn’t get involved. I’m inclined to agree with @happybeing and suggest that we wait until the end of Rust-6 and then entice them with the installers and the network API.

I do commend you for the effort and if you are still keen to progress this I would confirm that MaidSafe is open source. The MaidSafe patents were transferred to the MaidSafe Foundation, which is a Scottish charity. I would also maybe link to the self encryption video in your description.

Great to have discussions like this.
This is one very big difference really. We have gone a different route from a web of trust and instead create an autonomous network (a network of rules that allows secure private & public data and complete freedom of access/publish etc. strictly do not include humans if you like, no admin, no trust and certainly no physical login locations)

I recently did an email to try and quickly describe some issues I will post and see if it helps.
I generally do a 3 point overview of what you need for truly secure private server free networks.

1. Data security
so we have encryption → logical security only (been done for a while) PLUS
Physical Security, this is a hugely important one. ZERO systems today provide physical security of your private data. By this I mean if it’s held somewhere by you or a cloud provider, can somebody break physical security, i.e. prevent access, corrupt or delete it (all cloud providers fail this test badly). So a very important part is logical security (beyond encryption) and Physical Security, i.e. no way to damage/delete or prevent access to your data.

2. Autonomous network, this is a tough one, it requires all nodes self manage, self heal and continually and dynamically adjust based on ANY factors. This is all without human intervention so very much autonomous. The only aspect of human help is supply of a computer and the software installed. This network would have to be secure, resilient and ensure and guarantee data is held and returned on request in perfect condition. It’s sole purpose is to secure data and give it when asked (by anyone). It cannot decrypt data, it treats it like a black box, but each node must know it’s health depends on good curation of these black boxes. Sounds simple, it’s not

3. Self Authentication - Or: so no servers, dynamically constant changing network, How do I log in?
This is a weird one as no computer scientist has ever tried it (well before 2006 AFAIK) or perhaps even thought of it, because we are trained formally to log into a server or database where there is a physical presence. So there is no target physical machine, how do you log in?
The answer of course is you do not log into a machine or database, but to the network itself!

Also note self authentication - was only you and the network, nobody else, no intermediary. Just run the program create details and your in, nobody can stop this or know you have an account unless you tell them.

This means to an address on the network that may have a machine or not, it does not matter, we are logging into the logical network, the heart of the beast. So we create a data element that gets a name and we beg the network to store this data element (only we know it’s name and we encrypted it with credentials not transmitted to the network or stored locally) We pay safecoin to do this begging

We can then go to any machine and use the same credentials to get the same name and ask the network to give us that exact piece of data, we decrypt it and we have our account (wallet name and all) and from there we are in the network and all our data and comms are there, secured and private to us.