RFC 55 - Unpublished ImmutableData

Not only that, but bad actors could use it in an attempt to gain knowledge

2 Likes

Doesn’t this undermine the automatic DOS safety of safe through caching?

(sorry if that already was raised somewhere +just something that popped to my mind and thought I’d drop it here)

And what precisely is the advantage of unpublished data over published immutables (with encrypted data map)?:face_with_monocle: when /why would I want to use this?

Shouldn’t because only the owner can request that chunk, and once approved then the cached entry can be supplied. David says the chunk address is the hash(chunk hash + ownerID) and so is just an XOR address.

1 Like

Sure - but if I know the xor address of a unpublished immutable I can just sent many many requests for the file with a false signature where I just do a bit swap somewhere then it would not be a lot of work for me but I would keep the network busy because it always needs to really check the signature and tell me I’m not the owner :man_shrugging: … So classic denial of service I would assume…

3 Likes

[If we’d only have immutable, appendable and (unpublished) mutable then immutable +appendable can be cached - certain access rights would be managed through encryption and sharing of public/private keys - and mutables could get a special (fee costing) non cached get for cases where the mutable entries need to be really up to date - we’d have the dos safety through caching and apps are incentivised to not do unnecessary get calls for data they just mutated but work with a local cache instead if possible (only do a full get on keys that have/might have been changed) - as random thought about dos safe data structures - not thought through though … ]

1 Like

There is a lot of that from everyone right now (me included). So my goal for the short term is get RFCs out to get all features in place (minimum features) and get to a complete network. The network fundamentally an incentivised data network. So for us a data network that has safecoin, at least phase I safecoin and phase I data (types). Then I think we can clear up a lot of issues and have folk see the whole picture. I feel SAFE is complex enough that having it in parts causes more work and confusion. So rather than iterate parts to get to the whole, I am pushing to iterate from a full working network to better full working networks. I feel that will help folk see the whole scope and allow much clearer ideas of changes, improvements etc. without then being told, oh no X does not do X really it kinda does XZ and we have not show you Z yet, if that makes sense. I think without all the bits in basic form we do confuse the picture.

So even these thoughts above are valuable to capture but will be clearer soon when we get the whole proof of concept out (MVP some would call it, but I don’t want to go down that road :smiley: :smiley: as many fell MVP means take away features, but we cannot remove the base features, like data, safecoin etc. even in their most crude form)

15 Likes

This is reassuring to hear and is the best plan of action, imho.

5 Likes

Sure - it’s not like everything would be set in stone with first working network

+1 for full steam to mvp :wink: just thought it would be a pity to introduce unnecessary weaknesses through data types that have no real advantage above existing ones :wink:

2 Likes

This is a valid point. If we are full steam ahead for MVP doesn’t this get in the way of that? Could we do this later - with what consequences? Or maybe just do Appendable Data for now etc?

I’d be happy to firm up the design but choose not to implement some of these changes until later if it was clear what they might involve and the ways things might be affected (eg API s) by then after beta, as well as what benefits they promise.

5 Likes

+1

I would think expanding the api because additional data types turn out to be required should never be problematic - while reducing the set of data types will almost always break stuff…

Edit/Ps: … Never wrong to consider additional possibilities and design the rest of the network to enable this… But maybe it’s not needed to implement it at day 1 like this and first go with simple and just basic functionality instead of solving issues that might not even arise because others solve it in a unexpected way (like with quick vs. Crust)

Pps/edit2: but the more I think about it the more I’m pretty certain that it is ‘a problem’ … @dirvine… Latest when it’s a couple hundred/thousand computers and becoming a DDOS attack it would probably mean trouble… ‘fake Fetching’ a large unpublished immutable that is stored in roughly all sections would even with rate limiter mean to

Keep all elders in the network busy (so one cheap request => all elders need to do a more expensive operation) and plug the network to some extend… We’d have a slow large server… You can’t stop the attacker to create a new identity after throwing him out+the request themselves are legit… (and why should elders filter access if encryption can do it by itself)

4 Likes

It could be, SPAM is an issue that is huge, in this case the same attack could be mis-signed mutation requests or safecoin transfers. I don’t think it is not an attack, but I think the attack space is not caused by this, it may add to that space, but even then the attacker probably does not care this exists. The attacker could take many routes to SPAM parts of the system with almost the same amplification. These will get closed down as we progress mind you

4 Likes

This will help dramatically. It was essential we have the foundation with Fleming but the sooner we get to a even rudimentary functioning network, the sooner we will see a large spike in interest from the greater crypto community. It is hard to envision how everything will all come together and even those who can see that vision cannot make something fully tangible to show others how the whole will work. Although it leaves some fantastic runway for those developing on SAFE to hash it all out and is an opportunity at the same time, it is overall more beneficial for the project as a whole to get the attention/traction/interest that it deserves.

10 Likes

MVP → MVTP Minimum Viable Testing product

Would be exciting to see … But is this post Maxwell? Or would this be Maxwell and its subsequent testnets?

I suspect it would kick up the price of the token a lot, which might go a ways to helping with Maidsafe funding.

Good question. Fleming Maxwell etc. are large milestones. We have internally focused on project planning in the last few weeks, for many reasons, this is one of them. I have posted internally the following message which was well received (it was part (addendum) of a larger message, thanking the team for their work in the last 2-3 weeks.

"Just add, for clarity. we are not en route to Fleming as a target. We are en-route to launch!. Fleming like all deliverables will fall out of the project plan. So please think we are en-route to launch and we will all be guided by the project in terms of Fleming/Maxwell/Beta and many other deliverables.`

In short, we will deliver many more components than just Fleming, Maxwell, Beta etc. and will get these from effective project planning. Think of these named releases as significant releases we will market like crazy.

@Nadia there is spearheading management of that and so far is transforming the team’s focus, moral and visibility of upcoming work. So yes Fleming will come before Maxwel, but will be much more clear from the plan and each of these releases will have utility (i.e. you will be able to do stuff with them :wink: ) Fleming will be slightly more than a routing node from home that has almost no utility. It will have some utility and the plan will tell us what we can give you, the community, in terms of nodes from home with utility.

To be clear, I am pushing very hard and the teams are working at a pace (and most of them happier) than I have not seen for a while, in providing that utility. The big issue for us is that I am not wishing to have Fleming as less than alpha 2, but more. In saying that we will be clear what all that means and test it is possible right now. I think this weeks dev update will allow you to see all of this more clearly (as we will) as we release the Gantt representation of all the work, tasks and critical path to launch. Fleming etc. will all become much clear that way.

20 Likes

Glad to see that @Nadia is transforming the team’s morals :rofl:

And for @opacey, I suspect David has just let slip one of those ‘tricks’.

Sounds good to me.

8 Likes

David is the ‘Elon Musk’ of the Safe Network – Just enough information slip to be borderline dangerous!!

5 Likes

That will be @dugcampbell and the marketing team :wink: Now we can feed them some solid deliverables and measurable outcomes they can fly at last and spread the word with clarity and proof :smiley: :smiley:

9 Likes

Yip … I have that kind of influence on people!!! mwaha ha ha haha :smiling_imp:

12 Likes

Final Comment Period

The Unpublished ImmutableData RFC will remain open for the next 10 days to allow any final comments to be made.

Thank you for your contributions! :slightly_smiling_face:

6 Likes

Quick update to let you know the FCP for the 2 Data Type RFCs has ended

2 Likes