I like MaidSafe but I’m concerned that it doesn’t use a ledger. Can it be considered as secure as Bitcoin without one?
Apparently it’s more secure, resistant to up to 75% attacks.
It doesn’t use a ledger, instead SafeCoin remembers only the current and previous owner. Relatively small consensus groups take decisions for a SAFE user. These consensus groups are formed completely at random through a deterministic algorithm, so it’s not possible for an attacker to purposefully surround a particular user to gain a majority around their target. The consensus group around the user to which SafeCoin will be sent also needs to validate the SafeCoin transfer. The double spending problem is solved by the deduplication principle. SafeCoin transfers are atomic actions, they are only completed after all copies of SafeCoin records spread across the SAFE network are updated.
On the data storage side, there is also a reputation rating for vaults. Even if an attacker would suddenly flood the network with vaults, they wouldn’t be able to make decisions because their reputation is very low. In order to gain reputation, they would first need to majorly contribute to the SAFE network’s success, which in turn will attract more normal users, which requires the attacker to come with even more vaults (with proper reputation).
Anyway, that’s how I currently understand how it works. Don’t quote me on the details.
It’s possible to do so. Maidsafe will not be the only one without a ledger. Open Transactions will do it as well. A blockchain is not the only answer to decetralize money or coins. When cryptography is used in a smart way people and servers can sign transactions. Take a look at the video below for Open Transactions. It’s different from Maidsafe but shows another way without a blockchain.
As you see most folks are sold on the proof of stake idea.
It’s a binary question and everything works until it doesn’t, so who knows. I’m not concerned, but I am not 100% confident either.
Obviously the idea is that it will work well and at a lower “cost” than PoW. “Research” shows that it’s possible to achieve that…
We’ll see what happens after the network grows enough to become a lucrative target for attacks.
It will work because it is a whole, new, replacement internet.
Once everybody accepts it as the new official internet, then everybody will accept the SafeCoin transactions of the network as valid.
I’m not a developer or even a coder. I’m just an average joe trying to find alternatives to the current internet, data storage, social networks, and financial systems. So I can’t say that the metaphors that follow are rock-solid representations of how the code actually works, but they are how I think of them, and why I think MaidSAFE is at least as secure as Bitcoin.
When we talk about Bitcoin, what we are really talking about is the strength of the blockchain, the distributed public ledger. I think of the blockchain as a pyramid, being built on a flat plain. Every full node can pretty much see every other full node, and they all do the same, thing, they haul rocks toward the top of the pyramid. This creates a lot of transparency, you can know pretty much where everyone stands and everyone is able to go to the top of the pyramid to see the whole plain.
Now Maidsafe is based on ANTS (which I believe stands for Autonomous Network Trust System). You can look up exactly how it works, but the gist is that the SAFE network is obscured by an XOR layer, think a magical underground honeycomb that goes off an effectively infinite distance in all directions. So in an ANTS system you only talk to the people directly around you. The closest four of those are your Data Managers, and they are the only ones to know your IP address. In addition, a Maidsafe node is pretty agoraphobic, you never go father from home than 64 nodes away.
The genius of the XOR system is that people are assigned XOR numbers (spots in the honeycomb) as close to purely random as is feasible. So the space to your right might be some activist in Egypt and to your left some Russian kleptocrat (the point being that these are not people who are likely to cooperate against you). The other thing is that if someone starts behaving badly, its relatively quick and easy for you to kick them out of their spot in the honeycomb forcing them to go back and get assigned a new XOR number, which will get them assigned a new honeycomb spot far far away from you. Though actually you don’t care how far away they are, because so long as they are more than 64 nodes away, you can’t see them and they can’t see you, and there are just too many other nodes who are involved to let anything bad get from them to you.
What this means is that in order to take control of the network you would have to completely surround each honest node. Now I told you there are four data managers, but there are as I understand it 4 types of managers, (data managers, transaction managers, and two other types which I don’t know if I every got the name for) So in order to completely surround a single honest node, you would need 16 nodes surrounding each and every honest node and then I think another attacking node to actually do things (like steal data or double spend) for a total of 17.
The other thing is that this is an all-or-nothing process. So long as each node has a manager connection to one honest node, as soon as all the attacking nodes reveal their colors, the honest nodes can simply cut them off and again form a network which is composed only of honest nodes.
Again, because the honeycomb is opaque, you can only see and only be seen by your circle of close nodes.
A blockchain is famously vulnerable to a 51% attack. An ANT System by contrast is vulnerable to a 1700% attack.
That’s why I think that Maidsafe is more secure than bitcoin.
I’d like @dirvine to make a little comment on accuracy, because I very much like your style in describing the network.
Its pretty accurate (well perhaps not 1700%, 3X network size may dos access to a single chunk ) but we have upped the group to 32 now and the majority to 28. With routing_v2 we have introduced Information Dispersal algorithms and this allows a scatter gather approach to data. i.e. you send wee bits to each of our close group (32 in this case) and this is forwarded for you, so not even a whole chunk, just a bit. Sounds like a massive up from 4->32 but with IDA (information dispersal algorithm) it’s actually less traffic with substantially more security than we figured.
I need to run some tests when its up, but I think the security and ability to handle massive churn is gonna be very impressive, even more so that with smaller group and xmitting whole data elements. Anyway it again goes more nature like as the data scatters, follows different routes and when it gets close to the target is retransmitted from every node in the target group to every other node (and is firewalled) this allows nodes behind the worst of routers to be in contact and be contacted. We were already pretty good at this, but this improvement should really make it very solid.
This allows much much faster churn resolution and synchronisation of nodes churning, its very cool and a pretty large improvement (we know as it should perform much better and less code).
Anyway we are not finished coding it (2 of us), but if it does what we think then it will blow folks minds. I will write it up again when I have some test results, it has been too long since my last blog post, the wait should be worth it though. Its not affecting the progress to launch that much and would be way to hard to retrofit.
So this DOS would prevent access? But not enable copying or alteration?
Yes only access to a single copy, others would be made pretty much straight away and the network recovers immediately. Its really hard to guess the value to actually block data at all, we can work out to block a chunk, but they move and are checked, so to select where the 4 chunks are is really difficult. To block a whole 4 copies of a chunk would require immense knowledge of the network beyond what any group has on its own. So a very difficult thing.To double spend is much worse there are a chain of 7 groups all deterministic based on certain factors.
Its a huge issue, with BTC it is much easier to calculate hash power but distributed consensus like SAFE is a few phd projects for sure to try and work out. We have folks working on it, but is proves very hard indeed. With crypto signatures in different layers it makes things worse.
I should just have said yes (no corruption or alteration, copy does not matter)
Of course, copying of an encrypted chunk is an entirely worthless endeavor.
Yeah, and when I was talking about attacks earlier, that is what I meant, the ability to intercept data as its recalled to an honest node, the ability to doublespend. Essentially control of the network.
Some info about IDA’s
Will it be possible to say for certain how many Safecoins are in existence at any given time?
I seem to remember the answer to that question is “yes”, but I couldn’t tell you how it works.
It is an interesting question. I don’t understand how the XOR layer can simultaneously obscure everything except close nodes, the opaque honeycomb I was talking about above, and still have access to network wide statistics about anything.
Say that once we get the SAFE network up and running, some country really does cut itself off for a long period of time. So then you have a Safe Network within the cut off country, which keeps operating, the farmers within it keep farming and generating safecoin, and so do those outside. So there is a divergence of the network.
Is there some mechanism by which those two networks can merge? What will happen to the Safecoins generated? What about the PUT requests based on those safecoins?
That’s a very good question, perhaps @dirvine can shed some light on that.
It would mean there would be two different Kademlia distributed hash tables. I think they should be able to merge, but I have no idea how the duplicate SafeCoins could be resolved somehow.
Actually, I remember having an exchange with David Irvine a while back. I tried to find the thread on the forum but haven’t, yet.
Anyway, it is apparently a pretty difficult task to determine the total in circulation. I believe it would require polling 4.3 billion safecoin addresses to see which have been assigned and which not. I think this would be further complicated by the fact that recycling will be occurring.
So rough guestimates are, I believe, the best that will be attainable.
I’m thinking this post and the replies could be made into a good FAQ: Can Safecoin’s consensus mechanism be as secure as bitcoin’s blockchain? (or similar).
If so, post the FAQ as a new topic with a link to this thread.
I really got excited reading this thread.
If proven during TestNet3, our ANT Security could attract a mass of new interest. Add an instant, private, payment system. Oh boy!
It’s really early and we still have much to do. But it’s looking like the next level of crypto technology.
Here’s my visual interpretation.
Blockchain technology is like a snake structure. Control the head (new block generation) and you gain power until the next head grows. The goal is to keep controlling the head.
Ant technology is a honeycomb of independent groups. The amount of effort needed to control a single group is very high and the payoff very small. To me, that is a big difference in security between the two.
Credit to @kirkion for the honeycomb idea. That image works really well.