Founding Fundamentals | part 2

This is a repost of a Medium post. Please feel free to support the original article with claps.

Photo by Benjamin Yang on Unsplash

Fundamental #11: Scrub all Client IP addresses from Hop 1 of the overlay network (i.e on SAFE).

Once a User has started to communicate directly with anyone else after connecting to the first SAFE Network node, the User’s IP address is scrubbed and untraceable. For clarity, the phrase ‘Hop 1’ here means the data transfer directly after that connection to the first SAFE Network node (not the hop that may take place from your computer to your home WiFi router, for example).

Fundamental #12: The SAFE Network will only accept more Vaults when it needs them.

The Network will balance supply and demand without relying on external controls (such as a committee choosing who can take part and when). Like any species or group of organisms, unbounded growth leads to its demise. The SAFE Network could be attacked by a bad actor adding millions of nodes: perhaps it closes them down suddenly or maybe it attempts to use malicious nodes in order to bring the Network to a halt. To help prevent this, the Network will only allow new nodes to join when it needs the extra resource. This slows down attackers, diluting their influence with the good actors who are also trying to join.

Fundamental #13: The Network autonomously increases farming rewards when it needs more resources (i.e. Vaults) and decreases rewards when resources are plentiful.

This is crucial functionality for a system that is autonomous and manages itself without the intervention of any third parties. If the Network simply accepted every Vault immediately, it would likely be targeted by a botnet attack or an attacker trying to set up an overwhelming number of malicious nodes in the early days of the Network.

This is why the incentivisation mechanics are crucial: with Safecoin, the Network must be able to balance the supply of Vaults. This avoids a Network with a large number of nodes with very little data (which would then push the farming, i.e. reward, rates down).

Fundamental #14: The #SAFENetwork ranks nodes over time and increase trust in higher ranked nodes.

One of the ways in which the Network defends itself from attack is by choosing to permit only the most trustworthy nodes within each of the Close Groups to vote on the Network decisions. This is known as Node Ageing, when only the most trustworthy nodes with a history of following the rules and requirements of the Network are allowed to vote, which means malicious behaviour is prevented dynamically = no third parties required.

Fundamental #15: The SAFE Network will never use servers.

The SAFE Network will never rely on servers because they represent a weakness that would undermine the entire Network. Servers represent the opportunity for someone — or a group of people — to control everyone else on the Network.

Fundamental #16: The Network will digitally sign all transactions to make sure that the transactions have been authorised in accordance with the rules of the Network.

A Network that requires all transactions to have been signed digitally is one that can ensure that all transactions have been carried out according to the rules of the Network.

Fundamental #17: All messages sent directly between Clients will be free on the Network. If those messages need to travel across the SAFE Network more indirectly, the Network will charge.

Direct Client-to-Client messages (remember: Client just means the software that lets the User access SAFE) will be free but those that involve other parts of the Network and the Clearnet will incur a cost to enable the Network to cover the costs of that travel.

Fundamental #18: The SAFE Network will never use time as a network tool (although nodes may use local durations).

If SAFE used the concept of time, it would mean that Network nodes would have to connect to centralised third party servers or services in order to synchronise times — and you already know third parties don’t exist on the SAFE Network. Instead the Network is event-driven: it responds to the actions of users.

This is very similar to nature where systems will respond to the events and actions that take place. An example of this on SAFE is within our consensus algorithm #PARSEC which is also not driven by time.

Fundamental #19: The SAFE Network will only ever allow encrypted traffic and encrypted services.

Put simply, everything, including web traffic is encrypted by default. Everything. This is non-negotiable for a Network that demands privacy for every one of its users. You can of course choose to make information public — but this has to be your choice alone. So this means you can be safe in the knowledge your data will always be secure.

Fundamental #20: The Network will allow real-time upgrades in a secure manner. The Network will refuse to implement any upgrades that might break it.

The Network be able to upgrade its software without disruption. It must be able to validate each suggested improvement by checking the new proposed software against the current software and accept the change only if can see that it brings improved performance. Why is this so important? Because a network is a living organism and in order to work efficiently, iterative changes have to be possible.

So there we go. All 20 Fundamentals. Each decision, thought, idea and piece of code is tied to at least one Fundamental. They govern everything we do. And these principles will stay with us as we continue to build and grow the SAFE Network.

You can also listen to the man himself, David Irvine, founder and CEO of Maidsafe, discuss these at length on the SAFE CrossRoads podcast here


That has 2 meanings.

  1. hop1 could be home pc to the first node OR
  2. hop1 could be the first node to the 2nd node

The problem is your clarifying comment in the ()s It raises questions questioning what is actually meant.


Just a reminder that to implement this fundamental, the problem raised by @nevel in community network must be solved (currently immutable data with size <= 3KB are not encrypted)


well I guess there will be a minimum cost to just store if its heads or tails today. I mean I imagine 5KB would be dirt cheap anyways so you could protect your valuable small data by including some extra “junk data” to get it big enough

I mean I guess this is a question more then a statement… would doing that sever the small data to be encrypted or would it just be encrypted to the level of 3KB chunks but the small grains are still visible?

1 Like

Feels like “The Core 100 Fundamentals of SAFE” :smile: (no harm meant, just longer than I expected for this type of thing)