This post to inform you of a change in SD deletion implementation that took place one month ago, that might be of interest to developers and that seems problematic to me.
Previously, deletion was equivalent to posting a new version of SD with an empty payload. The advantage of doing so was that history of a SD could not be rewritten:
- Only the owner of deleted SD could recreate a SD with the same name
- If the owner wanted to recreate the SD, he or she had to start from previous version number + 1
Now deletion of SD is a real deletion, meaning that it is removed from all chunk stores in the network. As a consequence, anybody can recreate a SD with the same name and restarts from version 0.
Previous functionality can still be retrieved by explicitly posting new version of SD with an empty payload. So now there is a choice on how to delete a SD:
- Issue a DELETE command when we don’t bother that someone else recreates the SD
- Issue a POST command with an empty payload when we want to be sure that nobody recreates the SD
The regression comes from the mere fact that real deletion is now possible: Previously an SD owner could claim that the content of a SD has not changed just because its version remained the same. Now this claim cannot be made anymore: To modify a SD without modifying the version a bad actor can delete the SD, put the SD with a new content and repeatedly post the new SD until it reaches again the previous version.
One might argue that immutable data are normally stored in Immutable Data objects. The problem is that their names are derived from the content, contrary to the name of a SD which is independent of its content. This name independence is convenient in some kind of apps managing object lists. The fact that these apps cannot prove that the objects they manage have not been tempered with is a regression.
What is the community opinion about this problem? Is it a sufficient concern so that Maidsafe restores previous way of deleting SD? (maybe with some exceptions like tag 7 if safecoins need real deletion for recycling implementation).