SAFE Network Dev Update - September 27, 2018

I’m a tech n00b and may be interpreting the update wrong. Do correct me. Is the candidate for Alpha 3 nearly done? Are we having testnet soon? Weeks perhaps?


surely two months at least until testnets


There was something about a test of a feature and not alpha 3 soon. The NAT traversal feature that has been tested internally very recently

With Parsec i thought we would be able to have timelines. How far are we from any timeline?

1 Like

Incremental progress. Patience. Persistence. Execution. Keep it coming.


Are you asking for a timeline for a timeline? :joy:


Great to see Alpha 3 being developed. What is causing that 25% to fail hole punching? I mean it’s nice they can still port forward but still my first thought is what’s causing the problem so it can be fixed. Also those XOR links look reminicent of TOR onion urls as in they are not really all that human readable. Which means a) Bookmarking will be a big thing. b) if I were to code with those I’d probably create human readable variables of them straight away so I’d know what I was coding.

XOR seems more comparable to sharing IP addresses because people can’t really read an IP address. That’s why we have DNS systems, which are just glorified bookmarking systems. And however it works out that’s essentially what it appears that’s the route we’ll be taking with SAFE: Sharing the raw XOR addresses and having local bookmarking systems instead allowing for some middle man to screw us over and censor us.

Not a problem per se but it will raise a certain shift in how things are done and might be a bit off putting for someone coming from the clearnet when all this is done for them.

1 Like

Quick answers to quick questions

The way IP works with NAT.

Thousands of Engineers for years have been trying. For us we are likely to not need 75% connectivity, but still under review. 75% is over the 66% for instance PARSEC needs. There is more to it though.

Answers your questions about XOR, we have DNS like systems

This won’t happen very easily with immutable, signed DNS type systems.


LOL…Maybe throw in some milestones, so we can better determine where we are on the timeline for the timeline?


Ok this is where I start getting curious. So it’s an issue between IP and NAT, how so?

Parsec can function with a minimum of 66%, great, but I’d think it would function better the higher that percentage was. So also curious as to what that “more to it” is.

Yeah I remembered that from Alpha 2 but I’m not quite sure how the DNS system works in regards to XOR space. I mean you make your SAFE url using the DNS system but then also as we saw on the screenshots there there’s also the long raw XOR address. So a) What does the DNS system actually do? b) How does one do a SAFE DNS lookup to find their raw XOR address if they need it? (or perhaps find the DNS address to go with a XOR address)

Awesome. I’m still a little fuzzy on how or why but awesome. Anything to maintain our free speech and stick it to the man. :smile:

I assume it is 75% of connections and that some vaults have a higher percentage of their connections that fail? Or is it 25% of vaults where the hole punching always fails?
And what if you’re able to use port forwarding? Will it be used always or only if the hole punching fails (25% of the time)?

1 Like

Keeping your analogy with IP addresses and DNS system on the clearnet, the naming system in SAFE is only mapping a public name (domain name in the case of the clearnet) to a location in the network based on its XOR address (IP addr in the case of the clearnet). So you have data located on the network at different XOR addresses which you can fetch using a XOR URL, or you can map any of those addresses to a public name, and then fetch it using the naming system thru the public name (human readable URL).

Looking up the raw XOR address from a public name is made by simply fetching the container (MutableData) stored at the location that results from hashing the public name string.

A reverse DNS resolution wouldn’t be really possible, unless the data itself has that information, but it’ll still be impossible as data could be linked from public names and the data not being updated as more links are created.


It is not that simple. Some connections can be made between dissimilar devices. Randomised symmetric NAT is an issue to connect with. So that machine can connect out, but not in. Many other NATs can interconnect both ways.

If you are directly connectable NAT is not needed. So direct internet connection with pubic IP, port forwarded manually or upnp etc. are all cases where hole punching is not required. If we add those to the 75% then we are in great shape.


This is a huge and complex area of networking and will need extensive googling :wink:


Port forwarding implies a standard port number, which leads to ISP/Gov ability to filter out SAFE traffic.

Will the vault perhaps, generate a random port number on startup, and then instruct the user which port they should forward on their router, so we don’t all converge on a single filterable port number?

Instead of port forwarding, most (all?) routers have a DMZ setting, so that you can have one computer on your network that all port traffic defaults to. That would allow ports to stay random.


The point here is you may wish to use a standard port, but everyone will likely choose different ports.

It can, but I am not sure why everyone would pick the same port number. It could be scripted if you can write to the router config though. This is what IGD (UpNP) does actually

Yes these types of settings are fine, but not all routers do it, but certainly for routers that do then that would be OK, however, it will allow all ports on your computer to be accessible. So dangerous if you have any open baddish ports (finger, telnet etc.).

The thing about networks and NAT etc. is that it is really really clumsy and poorly spec’ed. Many manufacturers actively prevent forwarding/hole punching etc. I suspect ISP provided routers are configured like this to prevent folk hosting “stuff” or being accessible.


They won’t pick it, they will leave it as whatever the default is … if there is a default. So even if a couple smart guys know to edit their config file and change their port number, the rest of us will just leave whatever is in the config file when we install the vault. You’ll end up with a large population of vaults using whatever port is in the config file they installed, and those vaults could all now be easily filtered by ISP.

1 Like

There will not be a default, well it is set as NULL.


That works. Thanks for the explanation.


I will hope that a list of “compatible” routers will be made so that people can buy those or know in advance if their ISP supplied router will work of if some form of port forwarding is needed.

Although a number of games used to (or still do) require port forwarding so there is quite a number of non-tech people out there who know how to do this.