Evicting vaults - brainstorm


Only if your from the USA where incorporated companies are consider people. Elsewhere in the world (mostly) commercial enterprises are not consider in the group of everyone. You and I are part of ones. Businesses and commercial enterprises are the many including self employed if being commercial.


Joe and Jane have no reason to want to do this. “You want me to let you hold more of the money I earned and work harder / have more responsibility?.. How 'bout no”. (Sounds like government tax brackets)


I had never considered the “everyone” to exclude a corporation because they weren’t human. In the context of the network, why does it matter?


In the context of the network not much at all, they are free to use it and we hope they will. But in the context of pandering to their commercialism of the network then why pander to them.

Its the for everyone. That means everyone has the opportunity to have secure access. But if commercialism of the network is enabled under the guise of secure access for everyone then do we have secure access for everyone anymore. Its more like yea you use the network and we (companies) profit from your use.

My post is in the context of commercialism of the vaults.


IMHO there is going to need to be a decent balance between non-profit and for-profit vault owners in order for the network to be successful. For profit ventures are going to allow a guy like @mav to quit his day job and manage a million nodes and keep them running in perfect condition (not a bad thing for the network). The for-profits are also going to be the ones pushing the technology improvements.
Some for/non ratio is ideal for the network, I would think the simple 50/50 split would be a good target, or maybe the 80/20 rule will be shown to be most appropriate. Not all corporations are big monsters… can be as small as a couple guys working out of their garage… Maidsafe is a corporation, should they not run vaults to generate earnings in addition to ptd?

Sorry… Getting off-topic… Back to brainstorming…


Doesn’t mean they are included in the Everyone as far as giving them special treatment above the home node/vault. And to give them equal footing (equal profits per vault after losses) is to actually pander to commercialism which will make businesses become the controlling force.

No we allow them but everyone is considered (that is people) above commercialism. The commercialism has to compete against everyone rather than being given concessions. Equal footing as in they have to wear their losses, they have to adhere to security initiatives (eg perhaps limit elders from same IP subnet in one section) and so on.

But commercialism is not a part of the ones. But they are not excluded either but have to adhere to the rules that benefit the ones. (ones here equates to real people or “live” machines which don’t exist yet - not programmed robots.)

Maybe, but if he is in the group of ones then he is included. I did not mean for people to be able to run only one vault. But mass commercialism is not going to benefit the goals of the SAFE project. Because mass commercialism will end up controlling development and the implementation of said development for the likes of google etc.

Better (80% home vaults 20% commercial vaults or pools)

But google has the money and if you give concessions to or pander to commercialism then you give google a later day opportunity to take over the network. It has to be a lot more unprofitable to commercial vaults than for home vaults. Obviously there will be commercial vaults but they must not be give an advantage over home vaults.

No but BIG corporations usually lose sight of right from wrong and see the people as a means to earn even more money and SAFE will be no different. And if it means taking control of development then they would. And that will happen if commercialism is given an advantage.

At this point I would worry. How is it profitable to do so. What happens if some unfortunate event causes the pool to close down. What if he sells his vault pool. or any of 100s of other things.

As being off-topic, its a side issue that relates to why evict vaults. And commercialism could be one reason to evict so that no pool of vaults becomes too entrenched.


You’re exactly saying they are not everyone. “If they’re equal it’s not equal” which I cannot agree with. There is no way to tell the difference between a commercial node and home node. To try and algorithmically do this would make me lose faith in the network. A node is a node period.

I’m okay limiting elders from an ip as elders in a close group for security reasons. It is way more likely to be a bad actor. Nothing to do with commercialism.

No. We need to benefit the network. If the network is “happy and healthy” it will benefit everyone.

As an aside: I think emotive words like pandering, commercialism (which needs to be defined), are not well suited for technical discussion. I got very frustrated emotionally reading this comment which made it hard to think logically about the topic. Even just changing those two words throughout with less emotive synonyms would change the way it reads.
I’m not bashing or trying to attack in any way. Just something I noticed as I was reading this.


I am talking about not giving anything special for companies. And the equal but not equal comes from the company being MANY people and are not equal to a singular person.

I am also saying that a company made up of many should not be treated as one. There is a major power imbalance if you treat say microsoft or google or maidsafe as a single entity. They should be treated the same. If they have 100000 vaults then its treated as if they have 100000 vaults not one vault. The issue was that a company is not just one person. They could effectively be 1000 people or more. And a company is not a person either even if in the USA they are legally a person. And a company the size of google can take over SAFE if you give advantages to companies and treat them as if they were a singular person. No advantages to companies and no changing algorithms for them to earn same after losses profits as home users. Keep the algo the same for both. And in my opinion we need numbers. Home users must be encouraged to be nodes as this gives the greatest number of vaults possible. You will get the datacentre nodes anyhow so we need the billion or more home users to have nodes too. some 10 times datacentre nodes is one estimate.

The network is for secure access for everyone. Not commercial access to the profits.


I completely agree with this. 1000 notes should not be considered one node. Ever.

I guess part of my confusion is

  1. no one has suggested treating a “company set of nodes” as a single node of
  2. any seperate algorithm or advantage being given to them (either as a company proper or their set of nodes)

Yet you seem so passionate to prove your point that no one has suggested or argued for.

Am I missing something? Did I miss a post that sparked this?

Can we agree that “a node is just a node regardless of owner, and must follow the exact same rules as every other node”?

If so, I think we’re on the same side of this discussion, just coming from different angles.


I’ve been working on a safecoin simulation for a long while now but it depends very heavily on the inputs (not surprisingly). Do you think a simulation could offer meaningful insights?

What about an interactive MMO-style game with a substantial reward for the winner, where the game involves the same mechanics as safecoin?

Will testsafecoin really test and encourage all the behaviours? I have my doubts.

There’s plenty of innovative options for the design and development and testing of safecoin / incentives / punishments, but seems to me like something that can be very well planned before even a single line of code gets written. Sorta what this thread is about I guess!


Don’t have doubts. It will not do all. Hopefully it does give plenty of useful insights though.

I did a simulation of growths of the network/user/nodes a couple of years ago and the inputs to it were a series of spreadsheets that grew and grew. It got to the point where the input data was more difficult than the simulation itself. Choosing the reactions of people to various network conditions incl safecoin was difficult. I tried many scenarios to get a feel of what might happen. That was back before MD data when SD data the changeable data.

Anyhow its way outdated with all the changes to consensus/groups/sections that has happened. And now PARSEC will change the typical size of sections. And safecoin rfc is old and by necessity will be changed even if just a little bit.

I am glad to hear someone is doing a simulation.


Good to hear that you are brewing on a simulation.
Ever since I did that hastily crafted divisibility simulation of safecoin, I have been waiting for some more specs, to do a more complete one.

I think there will be many aspects that can be simulated, even though a grand “all” covering one can be made too.

It sounds to me you want to simulate user behaviour in the presence of safecoin.

We have the set of possible network conditions that we want to capture in our model.
Then we have the set(s) of possible user reactions to these different network conditions.
And then we want the likely distribution of user reactions to a given condition.

If we could setup something where these sets can be easily expandable (and reasoned about), I think there’s a chance to actually get a feeling for how well we are covering the space, instead of just be looking at a result (which imo would easily be the case when trying to simulate something so complex).


@mav @neo

Any chance these simulators could be put up on git … errr, microsoft-hub? Maybe we can work to improve them?


I wonder if using a genetic algorithm (or two really) one for nodes, and one for users, could provide good coverage.

Back in the eighties there were some fascinating experiments with this approach to test gaming strategies (search tit-for-tit-for-tat) although I guess there’s much more up to date work on this to look at.

Today it seems designing a fitness function is the toughest challenge (because AI tend to find loopholes and exploit them rather than solve the intended problem), but I don’t think that’s an issue for us because the problem is real code and any ‘loopholes’ would be real things we need to fix.


I think we need to explicitly / separately describe/summarize the issues and solutions for the case of well intentioned vault operators (goodies) and adversarial nodes trying to manipulate a section or break consensus (badies).

Does this sound right?

  1. The goodies could care less if they are an elder, all they want is to maximize safecoin generation rates and minimize their expenses. Some will be altruistic and willing to support the network even when farming rates are low.

  2. The badies want to maximize the number of elders they control in order to compromise the network. They may be willing to invest significant resources and time to do so and may not care about farming rates. We might also want to lump the speculating farmers into this group who will turn off their vault on a whim if farming rates get low, thus increasing churn.

  3. The network wants to minimize the number of badies, maximize the number of goodies, and equalize the number of child, adult, and elder nodes across the sections… While meeting all other SAFE objectives.

Prior to a full blown genetic algorithm, thought experiment can serve us well. As I mentioned before, I think randomly evicting nodes will be counterproductive because it will reduce the number of goodies more than badies due to simple probability. You will also end up angering the goodies, while the badies will just modify their strategy.


In particular, safecoin_simulation.go.

The simulation

  • initializes ico coins in rough distribution according to the unique addresses on the assumption that 1 address = 1 user (using stats that are no longer available from omniexplorer) for approx 12K clients with various amounts of safecoin
  • creates 1000 initial vaults on the network to simulate the maidsafe bootstrapping process
  • simulates each passing day by
    • creates new clients from the general public at a growth rate of 0.3% per day (this is the hardest part to simulate accurately and also the most important in terms of the results imo)
    • all clients do their behaviours which may include
      • uploading / downloading data (safecoin spending by clients and safecoin earning by vaults is automatically built in to this)
      • starting / stopping vaults
      • managing expenses including buying / selling safecoin

For sure, but I consider this codebase basically as a toy for me to play with at the moment so it’s prone to rapid changes and might have some odd assumptions and ‘stylistic flair’ here or there.

Absolutely. In the code, there’s some behaviours specified for consistent client, inconsistent client, and holder client. Could definitely be expanded but this was at least a starting point for modelling behaviour. I’d be interested in what people think are useful behaviours to simulate. I think ‘backups-only client’ and ‘browsing-only client’ are two important ones.

Really interesting idea. My main interest is searching combinations and variations of various safecoin creation algorithms but the user/node behaviour aspect is also critical.

I care about my vaults being elders because my vote prevents baddies taking over, which in turn keeps the network useful to me because my data remains safe and my safecoin valuable. Maybe there are two types of goodies - the profit ones and the security ones.

Seems like a good place to mention a few other things (ok a lot) that are desirable - safe network health metrics. How many metrics can be ‘controlled’ with the safecoin dial? It’s a really interesting activity to ask ‘what is health’ and ‘how can it be managed’. I definitely don’t think it’s clear at this stage of development, but we’re getting closer to understanding it all the time. Hopefully safecoin can be the main dial, but eviction may be another one, and relocation strategy may be yet another.


Wow! reading through the health metric doc I can get a grasp of how much thought you’ve put into it - even if you think you haven’t, for idiots like me it is a lot! :wink:

Will take me a long while to look through the git and even longer for me to grok it. Also your concern over your ‘stylistic flair’ is lost on those of us with the coding prowess of a tortoise. Hopefully more capable minds than my own will dive in there and help out!

Thanks for sharing! :+1:


What I was getting at with my previous post is that randomizing the rewards (or death of elder nodes) is actually the most optimal choice both from the behavioral psychological perspective as well for the entropy of the network.
It would be a win-win


Those are important. I would toss in a few clients with higher/lower bandwidth as well as higher/lower RAM and memory resources as well. These should be mixed into all categories to help simulate people who, for example, resurrect old machines for use on the Maidsafe network on their 1 TB a month bandwidth limit internet versus those who go all out and buy strong machines and pay for fully unlimited internet.

Looking over the link brought up an interesting point: “Vault age should be relatively similar across the network. A concentration or starvation of ages in any section may indicate a lack of health.”

I’m also not sure removing elders is even a good idea, especially at the late stages of network maturity.

At first everyone is around the same age. This is the starting stage of every network. There is no need to remove elders yet.

Then you get the wide interest stage with a lot of new additions, many of which drop out within a year or less. In this stage you will have some elders and some adults, but mostly young vaults. The elders can be re-arranged in this stage instead of removing them. There should be more than enough new vaults around to keep the average age reasonable.

Then you hit system maturity/decline where eventually it’s mostly elders and adults with less new additions coming in. With everyone reliable and still around being older, killing off elders seems very detrimental to the network.