I am following Maidsafe development for a year and am very excited by the project. However, as an engineer myself, I still cannot help by feeling this relative mistrust in the project because I never took the time to review the white papers and the open-source code. The project is highly ambitious in many regards, and I’d like to convince myself that it has a chance to succeed – in particular after so many years of ongoing effort with no full proof of concept yet.
Can anyone tell me if the project – incl. white papers, the source code itself, the software produced, the madesafe’ team – has been subject to an external audit by well-known experts in the field? Do we have reasons to doubt of any of those aspects (e.g., the competence of the team, the engineering decisions, …), or can we safely conclude that it is only a matter of time before the network gets born and satisfies its set of objectives? I find it very hard to distinguish enthusiastic opinions from expert analysis when I read the forum or other media – so I’d be grateful if somebody here could summarize this with a very objective analysis.
Finally, with regards to the currency itself – MAIDcoin (or whatever the name). Here too, the paradigm seems entirely new and very ambitious so I cannot help but being a bit skeptical. Therefore I would like to ask you objective opinion on this matter too.
Thanks in advance and good luck to the engineers at SAFE.
I would be interested in learning more about this, specially because of the use of node.js as base langage for the launcher. Node.js is based on the V8 engine.
Are there security and privacy studies about node.js and V8 ? I tried to look into this, but both are huge mountains of code, it would take an army of people to review this.
I tried to build the demo_app from source, npm triggers a pile of external downloads without any checks on file integrity. How can I be certain that I am downloading the correct code ? How do I know this code is not stuffed with funny things ?
The whole project is re-written in Rust, I don’t know if they had anything tested from that point on. But this question came up earlier. @nicklambert or @dirvine know more about the current status.
If folk can audit I would love them to basically WE have had peer review on the network design as a whole in many uni forums etc. and via the world wireless forum in Germany and anywhere we can. With all papers open I hope folks can get involved but just now we do not have the time or money to get audits done. I think show the network at least works first then look at such stuff.
I like audits but also appreciate many things would fail and audit, like bitcoin as it was received by the community etc. (poorly to begin with) and more. So yes if we can great, but get eyes on and now hands on to test. I think as safecoin rolls out we will see many such things happen. I hope so anyway as it allows us to progress.
@dirvine Thanks for the details. Are the conclusions of peer reviews available anywhere? I would be very curious to read the expert opinion of external auditors on MaidSafe technology. As I said, I am highly enthusiastic about SAFE but still have this little something holding me back, and I would be very glad if you would point me to such material.
Not in writing, we presented at Universities and also this tech conference (WWRF) - paper here https://pure.strath.ac.uk/portal/files/8395548/wwrf_27_sigmoid_system_EPS.pdf There have been a few papers at conferences by STrathclyde uni, but these conferences do not give any written output AFAIK, a paper is approved or not. I am sure there will be detailed feedback as we move on though, from many folks, I hope.
@chrisfostertv
I’m mostly interested in two basic aspects:
the core features of SAFE network (data replication/maintenance, farming, …) – as in “how confident are we that it does work in practice”; as well as the scalability of the network, the guarantees on privacy (e.g., could it be “broken” like Tor, …), its robustness to major failures (e.g., one third of nodes disconnecting), etc.
the integration of madesafe currency: how confident we are that the algorithm would indeed work, and how confident are we that it would provide the right incentives for the network to operate.