Possible attack vector

Apologies if this has already been covered in the forum. It may well have been but I don’t remember seeing it. It concerns a possible obfuscation attack through forking designed to make SAFE irrelevant.

Among the core goals of SAFE are censorship resistance and maintaining information in perpetuity. There will also be no controlling entity and no way of knowing who or how many people are using the the network. All well and good so far, but as always there are trade-offs.

The first thing is ‘censorship’ is no longer about blocking. That has become increasingly difficult in the digital age, and even China struggles to stop information getting in and out. Instead it’s about obfuscation and spreading disinformation, propagating multiple versions of a fact or story, some true-ish, some wildly inaccurate, making the truth hard to discover.

To the main point, what’s to stop a large corporation or nation state forking the code and creating their own version? Nothing wrong with that perhaps, it’s how open source works, but it’s here that a lack of a controlling entity could be problematic. The megacorp or nation state would have far more resources to throw at their forked network. They could claim a billion users (who could argue they are wrong?), hire celebrities to endorse it and quickly create a network effect that would leave SAFE as a backwater. Then they could set about obfuscating stuff they don’t like, creating alternative versions, building in backdoors etc. They could even pretend to be SAFE, who could stop them? Then when some investigative journalist goes looking for that secret tape recording of a politician there’s be multiple different versions.

I’ve pondering this for a while, and this morning I read this article Bitcoin’s Existential Crisis (Medium :dragon_face: ) which brought it back into focus.

To be considered truly leaderless, you must surrender the easy solution of having an entity that can designate one chain as the legitimate one. Political consensus as to the true, genuine protocol must be continually sought and found. Without a stable identity, the system is guaranteed to splinter into pieces.

I guess one solution is to copyright certain features and attributes or change the licensing of key parts of the code to a less permissive form (as Redis and MongoDB have recently done), but I’m not sure if that is part of the plans for the MaidSafe Foundation.


Yes its been discussed, but not recently, and is something to consider

I wonder if after a couple of years people will be like they are with social media now, looking for alternatives that do not have the censorship and what would be better, the original network that works the same but has no censorship.

But yes it would be an issue.

All the more reason to grow the network early on before anyone else gets the idea they could do as is suggested.

Doesn’t any company that incorporates SAFE core have to pay Maidsafe license fees?

My thought is that at this time the only one that could pull this off is China since it has some ability to widespread censor their citizens. All the other significant population areas/groups are either too small or have a major lack of censorship to stop the word getting out.

Imagine CNN reporting the fake SAFE network to the world.

1 Like