About segmentation of SAFE because a country is cutoff

Hi, newbie here on the forum, but at least I have tried to absorb the documentation and FAQs.

Listening to the FAQs on youtube, there was a point raised with the situation in Egypt where their access to the world was cut off. This raised a question in my mind about farming.

It was noted in the video that the network would remain working within Egypt, albeit with a measure of inaccessible data. The question is what happens with farming and the generation of safecoins. I gather safecoins all have a unique ID (32 bits).

So if coins are generated for farming in Egypt, what is to stop the ID of those coins being the same as new coins generated in the rest of the world. And what would be the final result of this conflict if it occurred.

In other words is there a mechanism to prevent this duplication of IDs occurring?

Hi there and welcome to the forum! You start with a very good question I have no answer to :smile: I’ve seen this question on the forum once before, but no clue where to find it. Normally, when a farming-attempt is done, a group looks at the address for the Safecoin that wants to get farmed. Is there already an owner of that address (a Safecoin) than no farming is done. But when the network is in a split, I have no clue.

I think it will bring trouble to the network when a whole country goes offline. Normally, when you’re running your client, your part of groups with 32 nodes. They’re all over the world. So if your in Egypt, and they cut themselves off the rest of the internet, you can’t reach your nodes in these groups. I think that the client will be in trouble.

I think the network with the significant majority of clients takes precedent. When the two networks merge again, it’s about which nodes have the closest address to the ID of that SafeCoin. The bigger network will have a more densely filled address range so is more likely to have ‘closer’ managers of that SafeCoin. This is just my guess though, so don’t quote me on it. I also have no idea how conflict resolution inside a roughly equally mixed group of managers would work.

@polpolrene

So if your in Egypt, and they cut themselves off the rest of the internet, you can’t reach your nodes in these groups. I think that the client will be in trouble.

No trouble. Just like nodes going offline, DDoS etc a new close group is formed immediately.

If the isolated network is very small, some data will be inaccessible - though any routes to the larger network will allow bandwidth limited access (long response times).

On rejoining, @Seneca is correct I believe. Coins in the isolated network who’s ownership conflicts with the larger network’s record of those same coins will revert to the state in the larger network.

So it all works as well as possible, but obviously there is no way to re merge the networks without resolving conflicts this way.

[my thoughts and may be too hard or not work]

It would perhaps be possible to account for this, but would require a change to the ID usage and when the conflict is detected the system gives one of the coins a new 32 bit ID. Since the coin is generated by the system it would be able to securely handle and validate the 2 conflicting coins. Once all the coins have been allocated then this is not possible and one coin is dropped.

I think that would open up an attack vector to create SafeCoins at will.

If done incorrectly then yes, but many systems use a method to detect duplication, even though both are generated separately. Its a matter of including another field in the ID that is generated mathematically such that it will be probably different to another coin with same 32 bit portion of the ID. Basically the coin ID is still 32 bits but the cryptography uses the 32 bit ID + additional field.

This way the coins can still be validated against the larger ID and when the SAFE system detects two coins with same 32 bit ID then it chooses one to be given a new 32 bit ID. The SAFE system still uses the same validation method for both coins as it did previously.

In effect it is having say a 48 bit “ID” but only using the 32 bit ID as the coin’s ID number.

This requires additional work to cater for something that should never happen and only has happened rarely.

I mean that a farmer with a large number of vaults (say 100+) with sufficient rank could disconnect from the main network and form his own personal SAFE network, adapt the code for his vaults for easy SafeCoin generation, generate lots of SafeCoins, revert the code changes and reconnect with the main network. How is the main network supposed to validate that a smaller, disconnected network created the new SafeCoins according to the rules? I think it simply can’t.

The idea behind consensus groups is that their random deterministic composition creates majority decisions of the network without having the entire network involved (like in Bitcoin). If we allow small, separated groups to make such decisions and have them copied by the main network after a reconnect, that principle would be violated.

Once the farmer disconnects he would start losing rank. He would also change his close group. Once he reconnects to the larger network, each node gets thrown into a new close group. When they start reporting that node x has Y safecoin, their new close groups will say “yeah… I don’t think so”

So basically the guy just lost rank on 100+ nodes for nothing. He can’t keep them in close grout with each other on reconnect.

Yes, my point is that @neo’s proposal would change that.

From the network’s point of view, what would be the difference between say Egypt getting separated through government intervention on one hand and an attacker creating his own separated network? I don’t think it can discern between them.

On the same topic, but changing direction slightly. This how I see a legitimate attack happening in this situation.

User A is from a small, not-well-networked country, and wants to buy something expensive.
He calculates that he can hire a large botnet for 1/4 the price of what he wants.
He launches the botnet at core servers managing Internet access serving that country making it still live inside, but no remote connections.
Safe does its job beautifully, reworks close groups inside and out Almost instantly
User A buys his product from the merchant. It’s accepted by all close groups and confirmed. User A holds network hostage until he’s done downloading or product shipped.
Once he has product, releases network, new close groups are formed. The ones from the smaller network report the transaction and are voted down. Coins are returned to the buyer.

Buyer just got a large purchase for free.

Please let me know if I missed something. As for “taking out countries Internet is impossible” argument… No its not. Some countries infrastructure is horrendous. It doesn’t even have to be a country for this scenario to happen either, any split of any type for even a few hours can make this happen.

The merchant would have to be inside the country in question as well. I think it’s his responsibility to notice that he’s not connected to the main network anymore. Software could detect such an event, as the close groups would completely change and the address density of close groups would widen proportional to the decrease of the network’s size.

I see your point and agree.