That’s the exact same post as above 
The ledger being distributed isn’t relevant, that part is fine and not an issue. But you can’t think of something as Bitcoin without the blockchain because the blockchain is what secures Bitcoin and helps everyone come to a global consensus on the ordering of transactions. It does this by burning tons of energy essentially. Maidsafe claims to have some new security mechanism. What is it? How does it work? That is the “how” that I’m looking for.
Maidsafe is a distributed store of key → value pairs. Every key->value pair (KVP) is signed that it is owned by X user. The KVP is encrypted by the end user in such a way that it can not be owned/viewed/modified by any other user. That KVP is linked to a particular user. Because of the self encryption used, if a user has access to a particular KVP not marked as public, it can be accepted that that particular user owns that data and that no one else can possibly have it (deduplication prevents it). D Irvine also said this data is immutable. It cannot be changed or copied or modified after it’s been created… So this data that can’t be modified or copied and is accessible to only one particular user - who then says “make sure this data can now only be accessed by person sending money to from now on” and sends that command to the network. The network changes the KVP to be owned by this new user. Transfer of value.
All of the hows of self encryption, file ownership, and how the network keeps track of who owns what is in the documentation.
1 Like
Ok great we’re getting closer. Thank you for responding. I get distributed KVP databases. And I get the transfer from me to you part (digital signatures). Here’s the tricky part:
That’s the atomic update. You need to have everyone agree that the new guy is the owner and that the original owner isn’t still the owner. This is called (global) consensus. If not everyone has the same view and some people think the new owner owns it and some people think the old owner owns it then the old owner can potentially double spend. This is why in Bitcoin you generally wait for 6 confirmations to be damn sure you are the new owner.
What is the mechanism of atomic update (global consensus) for maidsafe?
The ledger being distributed isn’t relevant,
It Is, very relevant,and this is the nub of what you can’t seem to grasp.
because the blockchain is what secures Bitcoin
No it isn’t, it is just a ledger, the algorithms behind it secure it in just the same way as Maidsafe.
Maidsafe claims to have some new security mechanism. What is it?
No they don’t they use existing cryptography in a novel way combined with obfuscation technology.
It does this by burning tons of energy essentially
Wastefully too and not very eco friendly - Maidsafe achieves same thing with farmers but actually providing a useful resource in a much greener way.
.
That is the “how” that I’m looking for.
Then the answer I gave earlier stands - in much the same way as bitcoin except with the differences I’ve explained.
I’m sorry you don’t seem to have a very deep understanding of how Bitcoin works so I doubt you’ll be able to answer my question. I’m not trying to argue that Bitcoin or Maidsafe is better than the other. I’m trying to understand how Maidsafe’s security works. I think I’ve been very clear in my questions. I don’t know what else I can say.
lol…well I don’t seem to be on my own
I think the missing piece of the puzzle may be - how does the network ensure concensus - i.e. on who owns a coin?
I’m not familiar with the detail, so this is broad brush and I’m not sure how helpful it will be. But here goes…
Let’s say there’s a coin. It records its current and previous owner. The owner wants to spend it. He signs a message transferring ownership. I think we’re all ok with that.
Your question seems to be: how can I check the ownership of the coin (e.g. as a recipient) and be sure the answer I get is truthful (i.e. not a duplicate spend)?
To answer I’ll reverse the question - “how could it possibly be forged?” The data is “protected” by a group of nodes each of whom check that the others are truthful in their response. This is a small group, so you might think that to double spend, all you need is to control this group, and you’d be right. If you did that, you could get them to supply faked versions of the data and spend a coin as many times as you want.
The problem is that you can’t know which nodes are curating any given piece of data. Even if you knew one, it is not possible to work out which others are involved.
Thus to double spend, you need to control a very large number of nodes.
I don’t have access to the calculations, but @dirvine has said that this is far higher than the number needed to achieve the equivalent effect on bitcoin blockchaing (the so-called 50% attack). The figure on MaidSafe is more like 80% or higher.
@Anthro1 this is something that you claim to have read by the way.
Nothing I or @AlKafir have provided in answer to your questions has come from anywhere but the sources that you claim to have read. So for me you are still a potential troll.
1 Like
Yes, enough spoonfeeding the trolls. I think enough posts to ask a “very simple question”, to which no answer is sufficient, especially for somebody claiming to have read up on Maidsafe.
If this is your biggest concern with the whole system then you’re problem is not with the coin itself, but with maidsafe the system. Identifying who owns a piece of data, who can view it, modify it, etc., all anonymously, is the WHOLE purpose of maidsafe. It appears to me you don’t have a problem with the coin itself, but the system as a whole. How do you know your data is safe and other people can’t modify or view it? How do you know it will still be there when you next log on? How do you know you’ll have access to your data and it wont belong to someone else in 20 minutes?
The answer to ALL of these questions (which is in the reading material you said you’ve read) is the same reason you can prove that a coin belongs to a particular user if the network says it does.
Thanks for the reply. So let me see if I got this about right. We have a DHT basically. And it’s impossible to predict which small groups of nodes “protect” which parts of the DHT. And for anyone to verify ownership of a coin (a key in the DHT) you ask this group of nodes who “protects” it. Is it something like that?
I have read some of this before but it wasn’t as clear as you made it I think. So I guess I don’t see how this can be secure. In Bitcoin there is a 50% attack but that is you have to basically burn energy (cpu time) at a rate of >50% of the entire network. That is completely different than running more nodes than 50% of the network (which would right now mean something far less than 100k nodes).
If you’re saying to double spend on the maidsafe network all you need to do is bootup 4*N nodes (if the number of nodes on the network is N, this gets you 80% of the network) that doesn’t seem very secure. Is there any cost to entering a node into the network? Maybe I’m missing something. This seems like a classic vulnerability to a sybil attack.
goodbye
@wes Sure I guess you could say that. But my “problem” is with how it does this securely, or as close to securely as possible. My main interest is in attack resistance. Looking through all docs/blogs/social media I never saw anything mentioning attacks and how they are resisted or why they wouldn’t work. I’m really not trolling or being dishonest here, or trying to say maidsafe sucks. I’m trying to understand the security model.
So this isn’t wasted time I’d be happy to write up a concise synopsis of the information and conclusions of this thread so that things like this don’t have to be repeated in the future. Although I do need to arrive at the conclusions first
So you completely ignored advice to go and read posts at Developer forum, where you would have seen a post “are the SAFE network and safecoins vulnerable to Sybil attack?” prominently displayed. Please do your own homework, instead of asking about every aspect of everything here and wasting people’s time, when you can’t even be bothered reading anything that we have advised you to read.
Thank you
I did read it when I first started looking into this. I saw no concrete ideas or decisions in there which prevents sybil attacks. I saw what I described in my first post on this thread: a “we’ll figure it out as we go” attitude. This seems like a fundamental issue to me. If safecoin at some point is securing 100s of millions of dollars worth of value it better be able to point to a damn good security model. I was hoping that I’d overlooked something.
reread the thread on sybil attacks… If you still have questions, read it again. There is some quite in depth discussion in there on the topic.
I did just read it again. Ranking seems like the most discussed and preferred option. But the details of how you rank nodes in a decentralized system is never discussed. The problem with ranking is that it also needs a global consensus on what the ranks are. If the network is sybilld then who controls the ranking? The attacking nodes? It’s a recursive problem. I could see it working if the ranking mechanism is centralized but now it’s no longer a decentralized system.
update: For example. Let’s say the network is sybilld and 80% of it is bad nodes. I am a new client and I connect. I connect to one bad node and one good node. The good node tells me the bad node is bad (or is a brand new node, or has a low rank, or something), and the bad node tells me the good node is bad. How do I know which one to trust? Also realize in an 80% sybilling it’ll be more like 4 bad nodes telling you they’re all good and that the 1 actual good node is bad.
Keep reading bud. You’ll get there. If you’re not a troll you’re ignorant - willingly or not. You wont get more help from me without a novel question… Search and read…
EDIT: and think
Care to point me to the section that addresses this? Because I don’t think it exists.
Thanks all of you. Troll or not, you guy’s efforts to help anthro understand helped me loads.
Anthro, I don’t have the depth of understanding of bitcoin that you do, nor do I pretend to grok the maths and crypto of Maidsafe, but it seems from an exterior perspective that you’d be better off setting you knowledge of bitcoin aside and approach the SAFE network without trying to draw parallels to start with.
David Irvine in most of his interviews and articles, and many efforts to clarify on the forums, is trying to bring people out of the complete fog of no association or different tech perspective, yet into a conceptual understanding of what the network will mean. It’s not fair to dismiss his efforts to embrace a large variety of listeners as being mealymouthed (my word, your concept).
As I said, take a fresh look without your bitcoin framework. Bitcoin’s a fabulous breakthrough and will continue to have use, whether or not Maidsafe’s vision ever manifests, but there are things that are substantially different about approach and scope of the projects.