Blogger "unsafecoin" claims SafeNet needs Proof of Work

Reading about SafeNet I stumbled upon the blog unsafecoin. The author posts a lot of inflammatory posts about MaidSafe, but he also tries to write criticism of SafeNet’s consensus mechanism in a couple posts.

In the posts Proof of Ridiculousness and Node aging for centralized and immobile SAFEnet , the author basically claims that SafeNet’s consensus mechanism will not work or will only work if some kind of Proof of Work is added.

Has anyone looked at his arguments? I found some posts about the blog on the forums, but nothing directly addressing any of his points. Are they based on misunderstandings of how the network works or is any of his criticism valid? I don’t really know well enough how SafeNet’s consensus works at this point to tell, and while his writing style may be inflammatory, that in itself isn’t enough to dismiss his criticism.

More specifically some points from the blog posts

So – in theory – group members (nodes) would have to progress from the lowest Relay level up before they can participate in more important group tasks such as voting in group leader election.

I’m not a PoW expert, but what’s to prevent me to modify my (SafeNet) client to do exactly the opposite and that is to simply change the RelayNode algorithm and rebuild the client, so that the result is to stop using a Relay Node if it is (rather than isn’t) responding?

With such modified client one can easily and quickly find his rogue nodes (because they aren’t responding/relaying as they should) and help them get easily and quickly promoted to more advanced roles so that they can take control of the group at a later time. If anything, this “solution” actually makes it easier to overtake groups!

He then goes on to write about node aging

The outcome will be that an attacker or large participant in the network has an amount of work that must be carried out that is prohibitively expensive.

It’s not prohibitively anything, it just postpones the inevitable. A rogue node with 1MB vault takes almost zero resources and thousands can be set up and left idling until their status advances enough to be able to overtake a group which they dominate. The cost of grooming a 10,000 strong botnet like that is tiny (few hundred dollars per month).

and

The maths model of age based relocation is, as yet, incomplete, although it’s very difficult to imagine this does not significantly increase security, whilst also allowing nodes to accrue an age that allows them to store significant amounts of data (archive nodes).

In comments posted on the community forum, MaidSafers state that nodes that go offline will have to start from the lowest “status”.

There is no way for SafeNet to know which nodes are mobile, so mobile nodes (if they ever support them) would take a long time to join (due to the calculation that must be performed) and won’t be able to advance their status due to interruptions (due to power and/or signal loss).

And all clients from areas with unstable Internet connectivity will have the same problem, which guarantees centralization and fewer vaults (which probably makes it even easier to take over a group).

about resource proof

Based on a variant of Hashcash with the addition of the requirement to transfer an amount of data, this library does provide a “proof of work” like algorithm. This work requirement forces joining nodes to perform some calculation and data transfer. The expected use case is to require the work is done and data transferred within a time duration.

It should be clear to anyone that the both of these tests can be easily manipulated. (Start with the obvious: modify the source code to do trivial checks, or simply report a made up result).

But, how does it work?

This crate hopes to combine mechanisms that attempt to validate resources on remote machines. This validation though, is a spot check and also best effort. It is not guaranteed to be accurate over time and this consideration must be clear to users of the crate.

In other words, this is completely useless, but they’ll still spend resources on it.

The important point is that checking the proof is very fast and given enough difficulty, creating the proof is work intensive. This is a critical consideration that will mitigate some attack vectors on decentralised/p2p networks. It is by no means a security solution and should not be considered without continuous ongoing checks on a nodes “behaviour”.

The more important point is that SafeNet has no way of knowing whether the check has been tampered with.

Another important point is that they have no way of knowing of much RAM or flash cash a system has. If test datasets go up to 500M (which can be observed, but also learned from the source code), one has to create a 550M cache and can continue using the slowest HDDs out there.

Another important point is the CPU check program can be assigned a lot of resources while the rest of MaidSafe can be given minimal resources.

1 Like

I have seen this, but not worth time debating with a ghost. There’s lots of invalid assumptions and strange language, there are tons of consensus algorithms, in design we have looked deeply at raft, paxos (any vairants) tangeroa, several flavours of PBFT etc. In any case I would not waste to much time in one sided debates without any ability to comment etc. This is somebody trying to be famous and this post helps I suppose. The resource proof thing for instance is quite funny really, but that’s not the point. The forum is the place for conversations where it’s open and debated properly IMHO.

Good to see hate sites actually, it follow the normal pattern of human behaviour.

20 Likes

There are a few well-known MS haters but this is more likely

In particular

Stock Bashing: “This scheme is usually orchestrated by savvy online message board posters (a.k.a. “Bashers”) who make up false and/or misleading information about the target company in an attempt to get shares for a cheaper price. This activity, in most cases, is conducted by posting libelous posts on multiple public forums. The perpetrators sometimes work directly for unscrupulous Investor Relations firms who have convertible notes that convert for more shares the lower the bid or ask price is; thus the lower these Bashers can drive a stock price down by trying to convince shareholders they have bought a worthless security, the more shares the Investor Relations firm receives as compensation. Immediately after the stock conversion is complete and shares are issued to the Investor Relations firm, consultant, attorney or similar party, the basher/s then become friends of the company and move quickly to ensure they profit on a classic Pump & Dump scheme to liquidate their ill gotten shares. (see P&D)”

9 Likes

Basically this guy has constructed a network structure from bits and pieces said here/devs and then added his own flavour then attacks that. So while there is some facts, it is actually a fabricated construct that he is attacking and not what the SAFE network will be.

6 Likes

He is attacking himself lol
What a masochist

4 Likes

This is all mute until the network is live and in action to test. Until then it is nothing more than theory and speculation. People said that the Byzantine Generals Problem couldn’t be solved until Bitcoin was live and proved everybody wrong.

2 Likes