Decentralized Apps

This is not the case, the network is designed to be completely trustless. It is not possible for third party apps to steal your files, or wipe your HD. I think you will find the following thread helpful, specifically the part about the privalidges given to each app:


That’s a great question. When you are logged in, others who use your computer can use your identity. Think of it like letting open your Facebook-page and leaving your computer. So to be safe, you need to log out, or maybe the client will lock after some time, and asks for a PIN again.

I took that to mean that the application doesn’t get direct access to the user’s files on the Maidsafe network, not that the application has restricted privileges on the user’s local box. E.g. If I install a MaidSafe app on my desktop, it won’t be able to access my MaidSafe files, but it could still compromise files and programs on my local machine. Am I interpreting that wrong?

If the applications are sandboxed to not have access to the user’s local files (e.g. files not stored on MaidSafe), could you explain how? Is it like the JVM or a browser sandbox, where apps have to be built entirely around the MaidSafe APIs? Or is it more like AppArmor, where you can code in any language you want and use standard system APIs freely, but have to comply with the security policy defined by the sandbox.


Going off of that video I linked a few posts ago (, it seems MaidSafe also provides some means for encrypted peer-to-peer connections between individual MaidSafe users?

This is correct, please take a close read at this topic by Viv. He’s a developer for Maidsafe and wrote a very large explanation on this topic. I think most of your questions are answered there.

In the standard behavior, the Apps in the Safe Network will be associated to a concrete PMID (Proxy Maidsafe ID) and a sandboxed user space associated with this PMID.

Go beyond this allowed space will require the express permission of user.

1 Like

Yes, I read that earlier when you linked it previously (well, the main topic anyway, I only skimmed over the 68+ replies that came after it). There didn’t seem to be any mention in there of restrictions on the actions apps could perform on the user’s local box, only on actions taken within the MaidSafe network. That’s what I was confused about.

Also, I didn’t see anything in that topic about allowing encrypted peer-to-peer connections between specific, individual MaidSafe users. (E.g. Like what would be required for chat applications like the one in the video I linked.) It only discusses connecting to “the MaidSafe network”. Maybe I’m just not understanding what capabilities “the MaidSafe network” provides beyond file storage?

Okay, that makes sense. So apps run with the launcher are basically executed in a chrooted Linux container, or whatever the MaidSafe equivalent of that is?

The system is pretty big and some of the thread discussions are quite specific. The Crust library is responsible for connections between nodes. To give this some context the network stack is demonstrated here.

In terms of the networks capabilities, it is possible to run any web service possible on the current Internet: VOIP, streaming sites, exchanges, storage, social networks…etc…on the SAFE Network. The difference being that the infrastructure is decentralised and privacy and security and user control over their own data is the default setting.


Yeah, I think that’s partly why I’m having so much trouble wrapping my head around the whole thing. MaidSafe seems to be a fairly complex system with a lot of interconnected components; so even with all the reading I’ve done so far it’s still difficult for me to see how all the pieces fit together.

I guess what I’m really trying to ask is, laying aside all the implementation details for now, what specific abstractions does MaidSafe provide to me as an application developer? Based on my current understanding of the platform, I believe that MaidSafe provides my application access to the following resources:

  1. Access to the underlying MaidSafe network. This network is an overlay network built on top of the internet, and behaves very much like the internet itself. Every node and every piece of data on the network has it’s own unique 512-bit address (which also doubles as a public key?). If I have an address, I can send messages to the node associated with that address (just like TCP/IP on the regular internet), or retrieve the data associated with that address. All connections on the MaidSafe network are encrypted (only the message receiver can decrypt), and private (no third parties can find out what node I’m talking to or what data I’m retrieving). (If this is all true, big :+1: for that.)
  2. Exclusive access to an initially empty filesystem that my application can use however it likes. This filesystem is private and stored on the MaidSafe network.
  3. Optionally, with the user’s permission, access to files or directories on the user’s personal storage space on the MaidSafe network.
  4. Computational resources on the network… somehow? :confused: I don’t really get how this works or what exactly it lets me do. An explanation would be appreciated.
  5. Maybe some kind of DNS-style directory for helping me find other users or files on the network? :neutral_face: I don’t really get how in that example of a chat application both users were able to find each other, even though they both only knew each other’s username. Or did that employ a distributed database of some kind, shared by all users on the network? I’m not really sure.
  6. Maybe other stuff I’m missing? Or does that about cover it?

Is all that accurate? I think I’m starting to understand the vision here, but I’m still having a bit of trouble understanding exactly what MaidSafe really is. The abstract description on the home page saying “MaidSafe is a fully decentralized platform on which application developers can build decentralized applications” is probably accurate, but it’s difficult to understand all that that implies without a better understanding of the specific capabilities MaidSafe provides to applications.

In the future maybe you can “sell” some computation. But so far it’s a combination of being a node in the network, cache files that come around, calculate the way all the others in yours group see the network etc. Your Vault can have different persona’s, so you check for a group if they really store the Chunks they need to. That sort of things.

There’s not many known about this. But I’m told there is a way for everyone to register a name in the network. That’s public information (I believe) so when you look up Ajedi32, it points to a public key/address in which way people can find you (when you registered your name).

I wrote a piece once about different encryption layers. Maybe that clear some thing up a bit. But we don’t know all at this time. I really would like to know more as well about the name registration. Although I do know that it’s not in a blockchain :smile:

Ah okay; so for now that basically just refers to the resources used to maintain the network. Makes sense.

Good to know.

Thanks, that’s definitely helpful.

It sounds to me like the documentation on MaidSafe is still missing quite a bit of information at the moment. That’s fine, as I’m sure the devs are busy working on the code itself and there’ll be more information readily available as MaidSafe nears its release.

Anyway I think I have a much better understanding of what MaidSafe is now, and of what the overall vision is. I’ll definitely be watching to see how this project develops as time goes on; the level of privacy and independence MaidSafe aims to provide is really attractive, even if I don’t really get all the details yet.

1 Like

Apologies for the delay in getting back to you. I think you are developing good handle on what we are doing and agree that the documentation is not entirely complete. As an app dev you will be interested in the API which has been has been documented, but not yet coded.

On the subject of the SAFE equivalent of DNS, this has been discussed and the following thread may give you more insight.

The public names on the Safe Net is call Pmid (Public Maidsafe ID) and it will work something like that:

About the computational resources is a future implementation based on zero knowledge proofs, possibly zk-snark.

So instead of DNS, it’s more of a NameCoin type thing where users get first-come-first serve access to human-readable names on the network, which identify specific nodes? Or at least, that’s the current plan? That thread didn’t seem to come to a consensus, though several people mentioned that MaidSafe doesn’t need DNS (presumably because it has some kind of alternative built in?)

What kind of code can be executed in a Maidsafe app? Is it strictly Javascript?

My current understanding is that the MaidSafe network can be used by any type of application that can access the MaidSafe APIs. (Basically anything with internet access.) So no restrictions on what type of programing language you can use.

Apps launched with the MaidSafe launcher are regular native applications. So again, no restrictions there.

That’s how I understand it anyway, I could be wrong…

The names are not unique.

About the programing languages:

Hmm… okay. So the names are really encoded as name + truncated hash of public key? That sounds like it should work pretty well so long as either 1) nobody is intentionally trying to make that person difficult to contact by creating duplicate accounts with the same username and profile information, or 2) I have prior contact with the person beforehand when adding their name / website domain / whatever to my address book (e.g. I’m able to write down their complete username, including the hash.)

This doesn’t seem all that useful as a DNS system for popular (or even semi-popular) sites though. E.g. if I’m trying to reach Google and I search the global list of usernames for “Google” and see this:


…yeah. That’s not going to be very helpful.

Those are just libraries for accessing the MaidSafe API from popular languages, right? There’s no reason you couldn’t access the API from any language, even one not supported in that project, but you’d have to write the library for doing so yourself or find a third-party library, correct?

If this is the case, I’d like to confirm that it applies to Maidsafe apps that run in the Maidsafe viewer and not just apps that talk to the Maidsafe network.