Another very busy week on the development front and as you will see we have a few things to get through in this update, much of which will come as welcome news to anyone following our development progress.
SAFE Network goes mobile
As you will soon notice, this update comes with binaries, but unusually these are not only for desktop, these also include mobile binaries. The two mobile apps in this repository; a mobile Authenticator and SAFE Messages, a mobile email app, are tech previews. These are not meant as end user applications, this example is to show developers one way to integrate from these platforms. We will allocate time and resource to create a full developer experience on mobile via native SDKs, including an easy to use API and documentation. This preview merely showcases the network’s mobile compatibility. Currently, these applications are created with Xamarin as it allows for a simple unified codebase to test the compatibility concepts. We wanted to confirm the authenticator capabilities from mobile platforms and check out any unforeseen issues pre Alpha-2 and were pleasantly surprised that the native code was very close to plug and play for mobile platforms (a few changes were needed, we’ll probably cover the mobile integration and the journey of bootstrapping with the network from mobile platforms in a separate post to not turn this into an essay )
The Android binaries require a minimum of version 5.0 (Lollipop) and will be running against the live Test 19 network, so you should be able to continue with your existing account if you have already been participating. You might have to enable installing apps from unknown sources. Please note that iOS still needs updates to the code in addition to app certification prior to user testing and is currently limited to testing via the iOS simulator.
Account data should be exchangeable between the various platforms, so you should be able to pick up from where you leave in a different platform.
We are also are releasing updated binaries for SAFE Browser, Web Hosting Manager and SAFE Mail Tutorial, you can find those below.
Alpha 2 - The Authenticator
We would also like you to know that we will be releasing Alpha 2 next Thursday, the 21st of September.. We have been happy with the stability of the last few test networks and look forward to reaching the next major step in our roadmap. Many will already know that this release’s major difference with Alpha 1 is the addition of the Authenticator, a new SAFE Network access mechanism that is network enforced, and as we can now prove, plays nicely with mobile devices. More on that next week.
These binaries will connect to Test 19, so you shouldn’t need to create a new account. See the Test 19 topic for more information.
SAFE Authenticator & API
Today we started testing the new version of the Web Hosting Manager application which incorporates a lot of enhancements in the UI/UX, and this will be one of the important tasks for the next few days to make sure it’s stable and ready to be shared/released.
As part of the efforts to automate the release/packaging process, which is still an ongoing task and hoping to have the first automated packages early next week, we are already publishing the safe_app_nodejs package on npmjs.com/org/maidsafe. Therefore, safe_app_nodejs can be now added as a dependency to a Node.js SAFE application by doing
yarn add @maidsafe/safe-node-app instead of using the GitHub repository.
As several people from the community already know since some of them were also helping us, we were troubleshooting some issues related to errors being thrown when an app was trying to connect and the maximum number of client connections was being reached. After a lot of debugging and troubleshooting this across several layers of the client software (i.e. front-end applications and safe_client_libs layers), we enhanced the browser to avoid making an unnecessary connection which was helping to reach the limit even though it was being released correctly. In addition to this, some enhancements have been made to the Crust library to gracefully and explicitly shut down the socket connections with the proxies. This has proved to make the overall functioning of the browser and web apps more stable, releasing the client’s socket connection immediately. We also noticed that in some circumstances, a client connection is not released immediately but after a few seconds, presumably due to network latency causing the proxies to receive the socket finalisation message with a delay. However, in this scenario we still see that the clients are released just after a few seconds, which allows new connections to be made after that short period of time, improving the overall experience using any client application.
We are also seeing that when there is a network latency, the browser can freeze for a few moments while it’s trying to communicate with the network for different operations, like reading/saving bookmarks & history entries, loading a website, etc. We are planning to investigate this further and try to enhance this behaviour in the browser so a network latency/delay doesn’t affect the user experience. We are aware that some people are experiencing this type of behaviour so we will try to make sure it’s the same issue in all cases and work on solving it.
A new patch version of the SAFE Mail Tutorial application is now available which supports switching between email IDs, or even creating new ones, without restarting the application.
In parallel to the mentioned tasks, we continued solving some minor issues which are listed below, as well as making minor enhancements to the applications. As you will see, some of the issues solved were related to the API documentation for safe_app_nodejs and the DOM API. We have updated the DOM API documentation and the SAFE App Node.js API documentation.
SAFE Browser v0.5.2:
MAID-2321: connection errors due to maximum number of client reached too often
MAID-2318: solved the issues preventing the browser to save the state on the network
MAID-2308: issues when closing applications windows on OS X
MAID-2106: deleting files from a website was causing problems to the browser when loading the website
MAID-2338: a temporary tab was open when claiming token but not being automatically closed
MAID-2335: remove default list of bookmarks and history
SAFE Authenticator plugin:
MAID-2317: dependency was causing issues in signing OS X package
SAFE App plugin:
Web Hosting Manager app:
MAID-2330: deleting a service now deletes all the files contained in it.
SAFE Client Libs
This week we finished MAID-2313, which uses moz-cheddar to automatically generate C header files for our FFI. As part of this development, we refactored FFI for safe_core and safe_authenticator to be contained within a single module, making our API less scattered and much more discoverable in the documentation. We also finished writing missing test cases for all FFI functions in MAID-2083. No major bugs were uncovered, but this exercise increased our confidence in the API and allowed @marcin to become more comfortable with the code. These two tasks have been raised as PRs and are being reviewed.
We improved security by modifying the code so secret keys and other sensitive data are not copied. Instead, if such data are needed from multiple places, they all refer to the same instance via shared pointers. This modification prevents potential rare attack vectors. The PR which improves the app authentication was improved based on the review comments it received. We also created a
dev branch for cutting edge stuff (potentially breaking backwards compatibility) that is not yet ready to be included in the next release.
Apart from that, we discovered several other issues that resulted in dangling pointers and memory corruption. These are fixed now by this PR, which also fixes some incorrect error messages.
Routing, Vault and Crust
Routing efforts this week were focused on designing a secure, efficient and reliable way of passing messages between sections in the network. The old approach, although working, has known weaknesses that we were trying to address. We eventually settled on a solution that we consider the best tradeoff between various kinds of costs and the implementation has already started. Some opportunities for simplifying the code were also identified and we are planning to take advantage of them.
A bug was fixed in Crust which would cause it to not close TCP connections gracefully on Windows. This would lead to people being unable to reconnect to the network repeatedly without exhausting their connection limit.
Work has also continued on our uTP implementation. A couple of well-hidden bugs (Heisenbugs) have been rooted out and several new features have been added such as the ability to half-close a connection, control the keepalive timeout, and emulate packet loss for the sake of testing. The test suite has also been expanded and improved.