MaidSafe Dev Update - September 14, 2017

Trezor has been looking into supporting OMNI, which would give support for MAID.

Probably not from the off, but at some point mobiles will I think be able to contribute resources and be rewarded for it, though what precisely (storage, messaging/routing, etc) may depend on their capability.

I was wondering about this. I know it was an original aspiration to have vaults on as many devices as possible to avoid centralisation, but a typical mobile device will not make a very reliable node as it will be moving between connections of varying bandwidth and in and out of connectivity. Too many such nodes would generate a lot of churn on the network and presumably create performance problems, so it’s likely that they would fail the node aging challenges and users would not generate enough SafeCoin to make hosting a vault worthwhile. That’s my take. Happy to be told otherwise though.

Its a hope they will, but only when charging and on wifi. So several hours per night etc.

How will the network be able to tell charging is on? Also do you think it will be necessary for the sake of decentralisation to include borderline nodes like smartphones, or will there be enough stationery PCs with reliable fixed connectivity in the world to assure resilience, at least in the short term? Possibly an impossible question to answer at this stage…

The Android API handles that, but it might be a good idea to give people the choice further down the line as well as set times for when to farm.

It won’t have to the user will know this. You can tell on mobile API though when you are charging and also on wifi etc.
I can’t answer your impossible question though :D.

is it correct to say that the network will be more interested in knowing if the node is a good ressource ? the user can then make sure to turn it on when charging, so that the proof of ressource has better chances to be ok than when on the run ?

now I suppose the amount of charging mobile devices every night on earth is a HUGE amount of ressources… I have a feeling it is worth using these

It is more correct to say the network will “think you will be on for another X time” if you have been on for x/2. So if you are on for 1 hour it will expect you are likely to be on for another hour. You can replace hours with days/weeks/months etc. This is node age really. Trust proven historically nodes,

Yes I agree with your comment though.

IMO, use cases like mobile vaults illustrate how important it will be for small farming rewards to be given. Fractions of safecoin for basic, routine, tasks will help to keep the network distributed and diverse.

Agree, particularly in view of creating a global, democratic network where all can benefit by earning SafeCoin. I live in the southeast of England where fast broadband is easily accessible, but in large parts of the UK this is not the case (even parts of London lack reliable high speed broadband). Extend the picture to Africa where most internet access is via smartphones and it’s easy to see how the benefits would likely accrue to the already-haves. This is not meant as a criticism, but rather recognition of what a tricky engineering task it will be to balance the objectives of network performance and equality of opportunity.

IMO Proof of Resource is a massive step in the right direction towards democratising benefits and certainly a much better model than bitcoin Proof of Work where you now need to spend millions on kit (and waste ludicrous amounts of electricity) to be a miner. Hopefully eventually people with limited resources will eventually be able to contribute and earn in some way too, with something that doesn’t require raw bandwidth.

Also worth considering bandwidth is increasing exponentially and faster than moors law, our minimum requirements probably wont grow, but decrease. So they wont have to decrease much too fast to become ubiquitous. At least I hope this is the case.

Design for tomorrow is a big thing for me, so not considering today, but what will the world be like tomorrow, or more appropriately, in the near future. I have been taken aback mind you with many countries capping and lack of good quality reliable bandwidth, I suppose we should take into account the enormous political pressure the telco’s (ISPs) can levy on governments. Even in the land of the free markets, the USA it seems quite terrible with many places single provider and incredibly expensive mobile tariffs and capped data.

Some very interesting advances in this area are swarm of SpaceX satellites on the low Earth orbit and local mesh networks. I’m very optimistic of both

Yes, very good point. In the case of African countries no-one predicted that with mobiles people and businesses would leapfrog wired networks and start doing things their own way. Technology has a habit of changing things faster and in ways that no-one foresaw, which makes me optimistic. It’s great that nothing is set in stone.

Case in point

For safe login you only need a hardware password device. SAFE will hold the rest of your SAFE keys and SAFEcoins. Remember that SAFEcoins are addresses on SAFE and your coins have you as the owner. No hardware wallet is going to protect your coins any better than a wallet on SAFE. Once an attacker gets your SAFE credentials they can get your coins anyhow. So all you need is a hardware password device, and there are a couple of decent ones around.

I share your desire to have a checkbox to tell it to remember my login credentials. I believe my browser remembering my account info makes me much safer from keyloggers that may get installed in the years after I set up my bank account, stock account, Bitcoin account, etc. Why not have the option to enjoy similar keylogger protection on SAFE network?

That’s the essence of Trezor, no one can sneakily get hold of your pin and you never know your private keys. Trezor wallet just shows a blank grid on your monitor when it’s time to put your pin in, the location of the numbers is random and only displayed on the device, so if you don’t have the device you can’t log in, even if you know the pin. And you can’t get the pin with malware on the terminal as it only appears on the device itself, never on the screen (all private keys are always obscured on trezor). They can keylog you, but it won’t help them log in. They also can’t spam attempts to crack it once they’ve keylogged you as every attempt makes the time delay between attempts increase by a factor of 2 and the numbers move around on the grid. Correct me if I’m wrong, but it seems that would make SAFE much more secure to access from random terminals that might be infected with malware - same as trezor? I can go up to any infected device and use it safely, and I don’t have to worry about keylogging or someone getting my pin. They can’t log in without the device itself, no one can. Would it not be possible to do that same with SAFE login somehow? The pin can be different to the password and username etc, so they never need to be exposed.

The point I made is that your keys are only as safe as the login of your account.

So it doesn’t matter if you store your SAFE keys on hardware or not, it is your account credentials that are essential to keep secret. And as far as I can see a hardware password device would/could do this already.

Once logged in to SAFE then all your SAFE keys and coins are accessible.

I am not talking of other crypto coins since we already have hardware for those.

The password device I am checking out has encrypted communications from device to browser and at no time is the password in plain text till the browser has it in memory. A browser addon decrypts the password and then it is send to the website when you log on. In other words the username and password are always encrypted through the entry process. The device requires a pin and 3 wrong in a row melts down the stored passwords in the device.

Hopefully something like this can be incorporated in the sign on for SAFE and since both SAFE and the device is opensourced I am sure the hardware maker can write an addon for the SAFE login (once SAFE has enough use that is)

Oh I see. I’ve not used any other hardware security device than trezor, I wasn’t aware that there were already other options for ‘passwords’ that worked in the same way. In that case I’ll just get one of them when the network launches. Any particular ones recommended?

I think that something you had in mind as well when talking of this, that I think would be great is a device that can allow you to send some coins and only requires a internet connection. So like a RPi or CHIP or similar and it holds your credentials securely and you need a pin to use. Obviously it requires physical security of the device but has the typical destroy all data if pin is entered wrong a number of times.

The device I am checking out is mooltipass. A kickstarter project that is now in production. I am waiting till I run up my new computer before testing it further.