Record locking; and getting into SAFE

A couple of simple questions, so I’ll post here. :smile:

  1. How will SAFE manage multiple users’ access to a file? Will there be some form of record locking or is it entirely upto the users to coordinate their updating and versioning of the file?

  2. How will users access SAFE in a way that is not some portal that’s vulnerable to DDOS or other attack AND that is trusted? I think it’s suggested there is no software downloaded, which perhaps suggests logging into madesafe.net or other. If there are multiple hosts of the portal into SAFE, then how will we know to trust that they are all acting client side and not sending the passphrase+ to server?

1 Like

Great question! I really have no explanation for you on that one.

Every user has it’s own client. When you “log on” to SAFEnet you actually request your own personal data-atlas. So if your username is “Username” and your PIN is “4726” A single Hash is made of both of these values. That Hash points to your personal file. When your client get’s the files (probably 3 Chunks in the network) it will provide your client with your personal file. A password will unlock it for you. That private file contains all your private keys etc. And all the links to your personal files. So you don’t log on to a server, you log on to the network by getting your own file. So there’s no server to be DDoS-ed. You don’t use a website to log on, but a client that you need to download.

This is a really great read. Worth every minute.

2 Likes

To clarify for @davidpbrown, your client can connect to any node that is part of the SAFE network in order to do this. So every node can act as your “login server”. Your credentials never leave your own computer though. This is the essence of the “self-authentication” feature of MaidSafe.

4 Likes

1.- You can manage groups by MSID.

MSID (Maidsafe Share ID) - The client identity to manager groups of
MPID’s to privately share data (structured and non structured). A client
can have many of these. This type of identity has no NAE holder for
security purposes.

2 Likes

SAFE has a basic versioning system, so older versions are preserved. I believe editing existing files is actually also an atomic action and that it works like this: If two people are both modifying a file of version X, and they both save the file, there will afterwards also be a version X+1 and X+2. X+2 won’t have the changes of X+1 though.

A diff/merge tool could then be used that retrieves all three versions and creates a merged version X+3 file.

1 Like

What does this mean precisely? Does it mean the credentials never leave the computer you logged in on, even if you log into multiple machines at once. It can’t mean they never leave a particular piece of hardware because that hardware could be destroyed or sold or cease to function.

It means your username, pin and password are never sent over the internet or any other network. You type them in locally, they stay locally. Depending on how the client works, the credentials are probably discarded from local memory the moment you retrieved and decrypted the blob of encrypted data from SAFE that contains your actual private keys, since that is the only function of your credentials. As for the private keys themselves, they are probably kept in local memory until you log out, exit the SAFE client, or reboot your system.

2 Likes

@Seneca, thank you. That sounds big.

1 Like

It is, it is one of the most innovative things about SAFE if you ask me. Definitely one of the main features.

2 Likes

Does it point back to SAFE chips, SAFE OS, SAFE browser, SAFE net? Very funny that SAFE Browser and even SAFE search could be bundled into core OS. They can scream at open source all they want about anti competitive and it just rolls off doesn’t even compute.

1 Like