Baby Fleming Public Shared Section

OK blood pressure down a wee bit

We have a communication problem, not a fundamental problem if this is in fact the case

Thank you @bochaco :slight_smile:

13 Likes

The 0.000000001 is the cost of creating a balance :slight_smile:

So from 10k coins, you are sending 500 to the new balance. Thereā€™s a cost associated with actually creating an empty balance (keypair) on the network. Itā€™s a piece of data that needs to be stored on the network, hence the cost. Hope that makes sense.

A little bit of background on this, we initially didnā€™t have it. But later we identified the possibility of an attack. Consider this scenario,

Lionel has a balance with 10k coins. If creating a balance is free then Lionel can create 10k balances with 1 coin each. And at the end transfer all the coins back to his initial key. Now he can repeat this process n number of times, and flood the network with empty balances.

We need to prevent this, hence the cost :money_with_wings:

EDIT: Didnā€™t see Gabrielā€™s reply before I sent the above :stuck_out_tongue: Hope the explanation helps anyways :slight_smile:

15 Likes

new issue created at https://github.com/maidsafe/safe-api/issues/497

1 Like

Thank you @lionel.faber, that all makes perfect sense. we simply need to tell folks about this up front.
Us testing geeks can live with this cos now we know but its another job for @JimCollinson and the GUI design to make sure this is communicated appropriately

4 Likes

Can you confirm fixed point integer is being used and the balance is stored as an integer from 0 to 2^32 * 10^9

Many in the community identified this attack long ago even before division was solved

4 Likes

Thisā€™ll kind be inherant to the onboarding process:

The cost of creating an account will be greater than just making a balance, but still tiny.

An account ā€˜packetā€™ will be circa 1MB, but thatā€™ll be all you need to create your account, set up a SafeID, profile etc, with enough left over for some basic transactions.

Youā€™ll either be getting this via an invite from a friend, earning it yourself with a vault, or via a purchase from an exchange (down the line a little way).

Itā€™s all built in to the value of in invite, and redeeming that invite pays the network for that stored value. So Iā€™m not sure youā€™ll need a particular warning about that costā€¦ if Iā€™m following you correctly.

10 Likes

Of course. I meant that we identified it as a bug in our code :slight_smile:

Itā€™s actually a u64 . See the declaration here.

11 Likes

Maybe Im being pedantic here but it would be good to keep this issue front and centre in the minds of app-developers.
So I have great faith in you sorting this out for Joe User, Iā€™m more concerned right now about app-developers - especially those who are new to the project - being caught out with this.

Thanks to @bochaco and @lionel.faber for quickly putting this to rest

3 Likes

So if there is a nano cost for creating an account -which is fine :slight_smile: - then those costs will presumably be being collected and stored in a network wallet somewhere - so we could query that account and infer how many new safe-keys, wallets etc have been created in this new public shared section - yes?

EDIT: Anyhow - back to trying to break this :smiling_imp:

1 Like

Well actually no.
The cost just ā€œdisappearā€ for now. They will be paid to the network later on.

There is a list of safe-keys created maintained in the section, yes. But Clients cannot query this and get the list of keys available.

3 Likes

@lionel.faber OK makes sense but does this mean ( for now) the devs cannot find out directly how much usage this new shared section is getting?
And thus you need to rely on feedback from us or just infer it from network traffic to the droplets?
Iā€™m a bit vague on this - sorry

Actually, good point. One way could be to look at the logs, or access the balances-db on the droplet directly. :slight_smile:

2 Likes

Tried the above again and it seems the account was created but Iā€™m still getting the timeout while bootstrapping. Any ideas?

1 Like

Are you absolutely certain you are connecting to the new shared section?
Sorry if its a dumb basic question but sometimes they need to be askedā€¦

Does safe networks return something like this?

BTW it would be just peachy if safe auth status could be tweaked to say just which network it was logged intoā€¦
This is a bit vagueā€¦ image

2 Likes

No dumb questions where Iā€™m concerned. It does indeed show the shared section:

safe networks
+----------------+--------------------------------------------------------------------------------------------------+
| Networks       |                                                                                                  |
+----------------+--------------------------------------------------------------------------------------------------+
| Network name   | Connection info location                                                                         |
+----------------+--------------------------------------------------------------------------------------------------+
| shared-section | https://safe-vault-config.s3.eu-west-2.amazonaws.com/shared-section/vault_connection_info.config |
+----------------+--------------------------------------------------------------------------------------------------+

Sorry - I had to checkā€¦

and you definitely ran safe networks switch shared-section

and then safe auth restart ?

1 Like

Could be something- could be nothingā€¦

So the first thing I did on learning the joyous news that a shared section existed was

As you can see I tried to upload a wee site but forgot the --recursive flag, tried again and it appeared all was well. No shared section capable browser yet so not much can actually be seen but it looks like it worked OK.

Fast forward a few hours and I return to thisā€¦

something wrong in the img sub-dirā€¦
so as you can see I double-checked on the original and it is as expected, two images.
So try the upload again and this time it all looks perfectly fineā€¦

safe tree output matches local tree output as expected.

Do we need to be careful with filenames with hyphens? Surely notā€¦

And for the insatiably curious amongst youā€¦

Arran from Troon at sunset

RabC paddling with his picnic

4 Likes

So, very good first impression of thisā€¦ it works :laughing: :+1: :+1:

Itā€™s getting harder to find big problems and normally try to avoid minor.
Stillā€¦ first impressions

Issue 1 core commands

Users will see certain commands that rightly follow Linux naming convention and expect that behaviour would follow through to where those commands action.
So,
safe ls
safe rm
should work?

Issue 2 recursive

safe files ls
needs recursive option as -R

Issue 3 safe man

Thereā€™s inconsistency with near top level options, having help and others requiring double dash --help
So, safe files rm help doesnā€™t work, having been encouraged by previous habit.

I wonder the big missing option then is
safe man
as reference manuals.

By all means keep help but either help is symbolic for man or other way round.

So,
safe man rm == safe help rm

As a list of options, we could see safe help subcommands as they are and then below, the set that are children but usefully there at top level as direct actionable.
Again, this all following the form of Linux CLI, that is useful naming convention for this.

Issue 4 ā€¦awaiting stdin

I have yet not to get stuck on
...awaiting link URL from stdin
So,
$safe nrs create thistest gives that and I couldnā€™t create a public name.

Issue 5 alphabet soup, as the newuk mayor would call it

What is ā€œnrsā€?.. I can see itā€™s public names but that acronym isnā€™t meaningful.
Should it become just safe names?

Test not done

What I havenā€™t tried is to test the notion that you pay for put. That is, what happens when the user disconnects part way through uploadā€¦ do they still pay?.. are you paying to try to put, or only when successful?

:ok_hand:

9 Likes

You are missing the --link flag: https://github.com/maidsafe/safe-api/blob/master/safe-cli/README.md#nrs-create

You can also just paste the link URL when you get that message you are getting.

3 Likes

but it doesnā€™t seem that allows option for input.

I wonder it could dump into a query that is expecting PublicName and then the FilesContainer address as input

$safe nrs create thistest
(two fields expected as PublicName and FilesContainer)
PublicName: inputherethistest
FilesContainer: inputheretoomanycharacters

Also, I wonder if it might be possible to consider the context within which the user is workingā€¦ even if that needs a confirmation of intention on the back of assumption about what is wantedā€¦ enhancement for the future perhaps.

1 Like