Does Safenetwork fail against massive NSA snooping?

I’ve been lurking here for 3 months now and asked myself “what would I do if I was a snoop who wanted to break Safenet?”

The encryption seems solid, no way could I crack that. So I need to attack the communication, all those unique hashkeys look very promising.
It is a “pity” :wink: that I can not log all IP/Hashkeys combinations unless there is a solid ground for suspicion, this is Europe after all. But who cares, I will only log hashkey combinations, there is no law against that.

  • First I’ll attack those Safecoins, Current owner and previous owner registered, I’ll just follow the money. Even if they remove the previous owner, as long as I can see the actual transaction, I don’t mind.

  • Then all those files, I may not be able to decipher them, but I can uniquely identify them.

Sooner or later some crook will make a mistake and then we will be able identify some of the wallets he used and/or some of the “trespassing” files he has access to and suddenly there will be lots and lots of other suspects, then we have legal grounds for monitoring any IP associated with Safecoins this crook received or paid and any account requesting any file we know has illegal content.

So I build just slightly modified Vault software that logs all hashkey combinations that its associated managers handle. Accounts, Safecoins and Files, that should be enough.

Now I need to know how many Vaults I need to achieve reasonable coverage, say 90%.
I haven’t done statistics for a looong time, but I guess it goes like this:
If I own one percent of all vaults the change to be included in a random transaction is also 1%
The change to be excluded is 99%, there are however 32 managers in any “Close Group”.
The change that none of those 32 managers are owned by me should be 0,99 to the power of 32, that reduces the risk of being excluded to 72,5% Much better :grin:

Running the numbers shows that, when I have 7% of all available Vaults, I will be excluded from only 9.8% of all transactions.

After this, it is trivial to determine the needed number of Vaults. Set up a big server with a best guess number of logging vaults. Set up a small server too, executing a known number of random transactions. As long as less then 90% of these transactions turn up on the big server, add more vaults.

Sooo… Please shoot holes in my nefarious career :slight_smile:


Cheers for this always good to analyse. The person you are snooping here may not exist. If you use a throw away ID to spend safecoins you will get a throwaway public key or XorName. So for IP addresses you need to have folks bootstrap off you. So some may? but how many. So have many nodes as you say. So there is an avenue to follow. Prob here is that if the 2nd last hop encrypts to last then it goes though you encrypted which does not help much :frowning:

So it’s perhaps silly crooks we are after, maybe lets look at just normal users who are not trying to hide as much and don’t want throw away id’s and happily use their public key to xfer data. You need to map that to a person maybe, in the network that is easier if they decide to publish that info through say their web site etc.

Maybe a person though will not do that and you have a public key. Then it’s a case of resort to graph theory etc. to build metadata graphs. A valid route?

So a person uses a public key and does not publish it to buy stuff via a poorly deigned wallet which always buys as that ID. You then have a chance, however maybe this does not happen and it’s a bit harder (their wallet continually uses throw away ID’s). Just a harder graph with more vertices, so not blocked only harder.

So it comes down to you being in every group for every data item (or a large part of them) to identify “stuff”. Maybe you cannot change stuff as you need a quorum and that’s way too hard, but perhaps just to snoop and sniff out “some” data. We all know “some” is bad and many small bits of info make a nice story with modern analysis tools.

So you do not try for quorum you try for 1 node per group.

Maths gets more interesting here in xor, but not ridiculous. You think 1% = 1% of groups but not quite. It is only 1% of nodes. So assume best case the 1% is evenly distributed (easy the network will do this for you). So you have every 32nd node in the network. So let’s ignore the cor group stuff and consider it linearly like this (lets error on side of attack as that is the most efficient analysis). So you have 1/32 and can see all data being transmitted.

So from here assume you have a node per group (probably a good bit higher than 1/32 is required, but lets assume that). So what can you do?

A person downloads content - you may know the xor name of target but not IP so that’s a bit tougher. You need to get a node to bootstrap off you and not relocate to a known ID. You also don’t want folk using home vaults to connect to network via as that’s a pita as well. So you need to be in between the bootstrap node and the data direction. That’s a bit difficult now. You may get an xor address as I say, but it needs tied and those pesky generation of keys per session are causing you trouble now. Need under the netowkr to the IP layer to start doing messing with more success.

So under the network you go to the IP layer, so SAFE network, that must be Tcp (maybe) or Udp (maybe) and what port again (ah it’s random). So this gets a bit harder to, not impossible some clever pattern matching maybe, but no MiTm attack unfortunately, even if you own the router. All key exchange is above the network layer so that’s a pain, but we are not finished if we are evil attackers.

We command your ISP to pattern match all traffic to find SAFE traffic and we do ! so we know your house is on SAFE (luckily SAFE has not introduced mesh and similar yet, phew lucky escape :slight_smile: ) We now need you to bootstrap off us and then get another node in the route from you to a bit of data, so we get stuck a bit again.

So then you get in a route to data, but when you sniff the data requests, they make no sense, not even to you. They are in bit’s (shamir scheme) and that is now a pain. We need to also be in the target group Luckey we agreed we nabbed one node per group. But then we decipher at the target and wonder where the request came from. But we have a target and we took over the ISP and tried really hard to understand the XOR address but it was not disclosed to us. So again we also are your bootstrap node and we work that out.

Then you can start a graph analysis, but this is proving very expensive per house, we need a better plan.

I am sure we will get better plans and hopefully obviate them as well with this kind of thinking, but I am off again as usual. I will jump back into the thread later tonight. It makes sense to prowl and poke around the sides, especially playfully as you have done.

Bet I have not answered everything, but I am sure you will get great responses here and more questions, possible even more attempts to hack etc. lets see, in any case welcome out into the light :smiley:


SAFE uses 512 bit addresses and has the option to use different tag_types (64 bit). So the total number of all the possible addresses is (2 tot the power 64 -1) times (2 to the power 512 -1). That’s like a lot of possible addresses :thumbsup:.

Now think of this:

  • Your Safecoins have their own addresses. let’s say you own nr. 001 to 007. Each coin has a different close group.
  • Your wallet has it’s own addresses.
  • Your Vault has it’s own addresses.
  • Your messaging App uses it’s own addresses.
  • Your data (for Chunks) uses different addresses.
  • Your email uses it’s own address.
  • Decorum (like forums etc.) have their own addresses.

See where this is going? Each application uses a different tag_type so has it’s own address space. This means it’s close to different group as well. So for your Vault you might be close to “ABC” but for messaging you might be close to “XYZ”. And now think of that in 512 bit address spaces (like infinite number of possibilities).


Can’t comprehend what’s being said here (nice honesty), but I have an additional question for potential musing among all the other variables:

What if there’s somehow a group dedicated to compromise anything on the network (such a specific description, I know)—before it can ever reach critical mass? So, is it possible, in one ‘unlikely’ super unfortunate scenario (where there’s somehow some nefarious group, immediately starting out), that the network keeps being crippled before it reaches “a point of mass-adoption, where it would be much more impossible”?

Indeed, and since the proposed attack involves building a social graph of a suspect from one address, then am I right in thinking that the “social graph” (because of all those address spaces used by everone) would quickly encompass everyone on the SAFE network. I.e., it would be like the story of the leprechaun and the tree:

Leprechauns are bound by a law that obliges them to do whatever you say if you catch them. One day, a man caught a leprechaun and ordered him to reveal the location of his pot of gold. The leprechaun was furious, but he had no choice. He led the man through the forest to an old tree and said, “There. Me treasure is under the roots of that tree,” and that was the truth.

The man needed an axe and a shovel to get at the gold, so he tied a ribbon around the tree to mark it while he went back to town for some tools. He commanded the leprechaun not to take down the ribbon or move his gold or anything like that. The leprechaun, still under obligation, grumbled but agreed. When the man returned with his tools, the tree was still marked by its ribbon, but so was every tree in the whole forest. He never found that treasure.


I love the leprechaun story.

From David’s post:

You can build your graph all you want, but that graph is only true relative to you (on top of what @polpolrene said) So not only is every possible person in your graph, but as soon as churn happens and you move groups… BAM your graph is useless. At least that’s my understanding of how XOR space works in this context.


True. But then there must be a possibility to assign your Safecoins to this temporary ID outside Safenet. Otherwise the same 90% risk applies there too. [quote=“dirvine, post:2, topic:8332”]
So a person uses a public key and does not publish it to buy stuff via a poorly designed wallet which always buys as that ID. You then have a chance, however maybe this does not happen and it’s a bit harder (their wallet continually uses throw away ID’s).

Now that is a challenge I would like to throw to the application developers around here:
If Safenet provides a truly lightweight throw-away ID, safenet security will be immensely improved by executing anything that does not need a personal ID over such an Id.

Secure Maid: use Taid! :grin:

Especially for browsing and safecoin payments, the default should be to use a privacy mode over a taid.[quote=“dirvine, post:2, topic:8332”]
So you do not try for quorum you try for 1 node per group.
Exactly. I do not believe any safenet traffic can be decrypted as long as quantum computing stays vaporware. However I do believe in human stupidity and lots of competent people with the three letter agencies.

Sooner or later someone from their target groups (terrorists, child pornographers) will make a mistake outside safenet, accidently letting the FBI find his Safenet login data. Once they have such a minimal entry, graph analysis will allow them a rapidly expanding insight in which safenet accounts this person contacted, what data was downloaded, who else downloaded that data…


As far as I can judge, 512 bit is already so immensely much, that those extra 64 bits don’t really make a difference :smile:

I come from the database world, the core of my job is to extract data by connecting keys. I thought of a usefull analogy since writing my first post.

Compare hashkeys in this immense keyspace to the stars in space. Even the smallest distance is immense, light takes hundreds of years to travel from one star to the other. Nevertheless your eyes can wander between them in fractions of seconds. To your eyes that distance is irrelevant as it gets reduced to a small angle for us earthworms. So it is in keyspace too, it is irrelevant how far away points are in XOR space, the only question is: Can you connect the dots??

Once an attacker has the ability to store a significant portion of all Safenet transactions, those extra 64 bits actually help this attacker. Instead of storing XYZ123 did someting with QRS543 and XYN654 he can now store Wallet Z123 paid Safecoin S543 into Wallet N654. It attaches meaning to otherwise indistinguisable keys.

Thanks, a nice story and a helpfull way to look at these problems.

Now imagine a wood full of tattletale leprechauns where every tree has a unique address and you want to have them store your own gold under some random tree… :cry:

The only way to solve this, would be the ability to move your gold to another tree without any of the leprechauns knowing about it.

In other words, for additional security it is necessary to have the ability to change keys to “data” you own, without any “close group” knowing about it.

1 Like

That’s a powerful analogy.

I might further add to it by saying some of the stars I see cannot see each other, a blackhole separates them, but one star can know the location of the other by asking me :smiley:

Planning on it staying vaporware to any degree is bad strategy given how much interest and investment is now going into it and how you have people saying essentially they know how to do it and the engineering challenges have been solved they just need to build it now. That is engineering challenges have been solved on the general purpose quantum computer and they just have to build it now, still not easy but per Google’s chief guy Martinis the feasibility demonstration for a full GP quantum computer has been demonstrated and it just needs to be scaled and he knows exactly how to do it. That is the kind of talk that is being put forward and Google thinks its future is wedding this tech to its AI learning software. Google even said ten years out it will be everywhere. Less than ten years now.

Now this quantum AI learning machine will then be used by the agencies in their social hacks.

I know it’s not always useful to take analogies further than they were intended, but let me give it a shot: we can connect the dots only from looking at those stars from the proper frame of reference; if you’re on a planet around the next star, your view is different enough that those connections no longer exist. Similarly, your view of XOR space depends on your own location within that space.