Decentralized Apps

How will decentralized apps work in Maidsafe? Will the application code itself be chunked and distributed and executed from there? Or will people need to download something akin to a plugin in order to use a particular app?


Was just about to ask this.

I’m really confused about how applications built on MaidSafe are supposed to work. Are these just regular client-side applications that users download and enter their credentials into, and those applications then access the Maidsafe network on the user’s behalf? I’m assuming that’s not the case, as that wouldn’t be very secure, and the Maidsafe website implies that these applications are network services running on the Maidsafe network itself.

How do users access these applications? Through a browser? How are the applications deployed? Where do they run? Honestly everything I’ve read about Maidsafe so far mentions the network being able to run applications, but only seems to explain data storage and authentication.

This topic should clear things up for both your questions…


So a Maidsafe app is no different from any other app installed on your computer?


You should login only once when you login to the SAFE-client. So you give your username and PIN. From these data and some “salt” a hash is created, pointing to your own personal file (which is chunked). That file get’s downloaded and needs your password to open. To you as a user, this will happen all under the hood. You don’t see it. You just give your username, PIN and password and you now have your own "datamap"containing your personal files, private keys etc.

When you use an App, that App runs locally on your computer. You don’t have to log in to that App, you “prove” that you are you by using a private and public key. Again, this all goes under the hood. You don’t see it. Same for a website on SAFEnet. Let’s say you browse to safe://myblog If you want to join that site, it won’t ask you for a password and login name, it only ask you to prove that you are you. So you digitally sign something using a script. Probably the click of a button called “join”.


The SAFE App launcher is just like JAVA/Dropbox, you need to install it to your computer if you want to join SAFEnet. After you install it you need to login using username:PIN:password. When you open the SAFE App launcher, you can use Apps inside a “browser” (see screenshot in topic below. Viv is a developer for Maidsafe). So the Apps run on your computer, in the SAFE App launcher. But other programs on your computer can use the API to connect to the network. Something like a plugin for Firefox would help you to browse SAFEnet in your own browser.

1 Like


Thanks, those links are definitely helpful. So let me see if I have this right. (Please correct me if I’m wrong on any of these points, or missing any important details.)

  • The MaidSafe core provides the following raw resources to users:

    1. Access to a decentralized, private, persistent file store on the MaidSafe network
    2. A PKI, which can be used to look up the Public Keys of other users
    3. Access to public data from other MaidSafe users
    4. The ability to contribute portions of your system resources to performing the above services, in exchange for Safecoins.
    5. Something else? I feel like I’m missing something here, as the above functions don’t seem like enough to allow for some of the suggested use cases mentioned on MaidSafe’s website, like VOIP or dynamic websites.
  • MaidSafe compatible applications can be distributed through any means, including by utilizing the access to “public data from other MaidSafe users” mentioned in the list of raw resources above.

  • The MaidSafe app launcher launches regular desktop applications that are built to work with MaidSafe, and gives them sandboxed access to the above MaidSafe resources.

  • The MaidSafe launcher does not do any additional special sandboxing of the applications it runs. If you want to stop them from (for example) stealing your local files or wiping your hard drive, you’ll have to either trust the application you’re running, or use something like AppArmor, just like how it is with other desktop apps.

I’m especially interested to know about this last point.

popcorn time would be a perfect app it is open source and a nice looking video interface.

You’d need to rig it to use SAFE instead of bittorent.

Okay so is it psosible to log out or what? Say I wander away from the computer or want to let someone else use it. How do i let User B use the computer without assuming my SAFE identitiy and using my files?

Here’s another useful bit of information I found which gives an example of how a MaidSafe app might work: (AFAIK it doesn’t use the launcher though.)

This is not the case, the network is designed to be completely trustless. It is not possible for third party apps to steal your files, or wipe your HD. I think you will find the following thread helpful, specifically the part about the privalidges given to each app:


That’s a great question. When you are logged in, others who use your computer can use your identity. Think of it like letting open your Facebook-page and leaving your computer. So to be safe, you need to log out, or maybe the client will lock after some time, and asks for a PIN again.

I took that to mean that the application doesn’t get direct access to the user’s files on the Maidsafe network, not that the application has restricted privileges on the user’s local box. E.g. If I install a MaidSafe app on my desktop, it won’t be able to access my MaidSafe files, but it could still compromise files and programs on my local machine. Am I interpreting that wrong?

If the applications are sandboxed to not have access to the user’s local files (e.g. files not stored on MaidSafe), could you explain how? Is it like the JVM or a browser sandbox, where apps have to be built entirely around the MaidSafe APIs? Or is it more like AppArmor, where you can code in any language you want and use standard system APIs freely, but have to comply with the security policy defined by the sandbox.


Going off of that video I linked a few posts ago (, it seems MaidSafe also provides some means for encrypted peer-to-peer connections between individual MaidSafe users?

This is correct, please take a close read at this topic by Viv. He’s a developer for Maidsafe and wrote a very large explanation on this topic. I think most of your questions are answered there.

In the standard behavior, the Apps in the Safe Network will be associated to a concrete PMID (Proxy Maidsafe ID) and a sandboxed user space associated with this PMID.

Go beyond this allowed space will require the express permission of user.

1 Like

Yes, I read that earlier when you linked it previously (well, the main topic anyway, I only skimmed over the 68+ replies that came after it). There didn’t seem to be any mention in there of restrictions on the actions apps could perform on the user’s local box, only on actions taken within the MaidSafe network. That’s what I was confused about.

Also, I didn’t see anything in that topic about allowing encrypted peer-to-peer connections between specific, individual MaidSafe users. (E.g. Like what would be required for chat applications like the one in the video I linked.) It only discusses connecting to “the MaidSafe network”. Maybe I’m just not understanding what capabilities “the MaidSafe network” provides beyond file storage?

Okay, that makes sense. So apps run with the launcher are basically executed in a chrooted Linux container, or whatever the MaidSafe equivalent of that is?

The system is pretty big and some of the thread discussions are quite specific. The Crust library is responsible for connections between nodes. To give this some context the network stack is demonstrated here.

In terms of the networks capabilities, it is possible to run any web service possible on the current Internet: VOIP, streaming sites, exchanges, storage, social networks…etc…on the SAFE Network. The difference being that the infrastructure is decentralised and privacy and security and user control over their own data is the default setting.


Yeah, I think that’s partly why I’m having so much trouble wrapping my head around the whole thing. MaidSafe seems to be a fairly complex system with a lot of interconnected components; so even with all the reading I’ve done so far it’s still difficult for me to see how all the pieces fit together.

I guess what I’m really trying to ask is, laying aside all the implementation details for now, what specific abstractions does MaidSafe provide to me as an application developer? Based on my current understanding of the platform, I believe that MaidSafe provides my application access to the following resources:

  1. Access to the underlying MaidSafe network. This network is an overlay network built on top of the internet, and behaves very much like the internet itself. Every node and every piece of data on the network has it’s own unique 512-bit address (which also doubles as a public key?). If I have an address, I can send messages to the node associated with that address (just like TCP/IP on the regular internet), or retrieve the data associated with that address. All connections on the MaidSafe network are encrypted (only the message receiver can decrypt), and private (no third parties can find out what node I’m talking to or what data I’m retrieving). (If this is all true, big :+1: for that.)
  2. Exclusive access to an initially empty filesystem that my application can use however it likes. This filesystem is private and stored on the MaidSafe network.
  3. Optionally, with the user’s permission, access to files or directories on the user’s personal storage space on the MaidSafe network.
  4. Computational resources on the network… somehow? :confused: I don’t really get how this works or what exactly it lets me do. An explanation would be appreciated.
  5. Maybe some kind of DNS-style directory for helping me find other users or files on the network? :neutral_face: I don’t really get how in that example of a chat application both users were able to find each other, even though they both only knew each other’s username. Or did that employ a distributed database of some kind, shared by all users on the network? I’m not really sure.
  6. Maybe other stuff I’m missing? Or does that about cover it?

Is all that accurate? I think I’m starting to understand the vision here, but I’m still having a bit of trouble understanding exactly what MaidSafe really is. The abstract description on the home page saying “MaidSafe is a fully decentralized platform on which application developers can build decentralized applications” is probably accurate, but it’s difficult to understand all that that implies without a better understanding of the specific capabilities MaidSafe provides to applications.