SAFE network upgrades

Cool beans :smile: No complaints here. I looked at a bit of your presence on this forum and your as diplomatic as ever. Truly deserving of your position. Keep leading the way. Your a contagious forum borne anti-virus :smiley:

1 Like

I could be wrong, but I don’t think the network is that smart.

I don’t see where @tonda’s warnings would be triggered.

The user self authenticates – The client is basically generating get requests to GET request the files needed to construct the User’s profile and file list… The network returns the files, the client reassembles them and has all the information it needs to find the rest of the user’s files…

I don’t even think the network knows that these are user profile files. Just another GET request… Correct?

Please correct me if I am wrong.


AFAIK, the SAFE Network doesn’t care what client you’re running. Technically, you’re vulnerable to any client. So choose wisely…

The SAFE App Launcher, is meant to be a “trusted” client to protect your credentials.


I’m unsure if this question was directed at me based on the yearly federate elections and what not. I’ll take a quick crack at though.

To clarify, elections are held yearly (a somewhat arbitrarily chosen interval). Those elected will naturally hold the position and its responsibilities for the entire term.

The responsibilities of those elected would include:

Analyzing any proposed code that effects the core network (i.e patches, updates, vulnerability response, etc).

Writing their own code if so inclined.

Holding discussions about current proposals, user voice votes on requested features, network performance statistics, and future plans with the other elect.

Broadcasting network wide messages to all users in case of important or critical events.

All the above among other things that naturally fit the role.

Nothing dramatic can be done to the network without a quorum (preferably consisting of more than 30 people but can at first be as low as 5)

As this is a decentralized system, vote manipulation, election rigging, and or collusion is made dramatically harder than present day politics. As the network grows, so will the candidate pool. No doubt many will be pseudo anonymous each with their own goals and ideals. This diversity I believe will foster scrutiny and thus facilitate honesty. This system rewards code ethics and rejects malicious intent. The elect themselves must always reach a consensus before moving forward with any plan. An individual can be re-elected as many times as the community wishes. Those previously elected with strong community ties and a favorable reputation can be, if so desired by that individual, used to fill an open position in a federate predicted to consist of fewer than the minimum number of members necessary by the end of elections to operate it optimally.

During the year long election process, medium to high rated vault owners and core developers (Initially. Then the ex-elect will take this position) will place their votes using their public key coupled with the public key of their chosen candidate. When the election period is over, the selected candidates enter their private keys to then be authenticated against their public key. The system awaiting the candidates verify that they are indeed who they claim to be and registers them into the federate. Their term then begins. Each now holding a tiny piece of a large Maidsafe key. Their private key or one generated by the SAFE network is used by each individual federate member to vote on any changes made to the network.

Hope this help!

Feel free to expand, modify, or reject any part of this you feel needs to be.

I look forward to you response. :smiley:

The client is a module and like all modules it can be checked and likely will be verified. It wouldn’t be too hard to program the network to detect altered/custom clients if not already done. Furthermore, those that attempt to do more than allowed by the network can in theory be rejected in the case that it exhibits unusual behavior as an extension of the previous capability.

Client: hello uhhh I’m the client.
Maidsafe: cool let me check you out before we start doin business partna…
Maidsafe: you don’t look like a usual client
Client: how can you tell?
Maidsafe: cuz a yo ID brutha!
Maidsafe: hole on a minute. I gotta tell the BOSS.
Maidsafe to the user: Yo this fool is not the regula, he might be shady.
User: I see. Deny him access them shoot him up. Alternately: He’s cool, let him through.
But the plot twists
Maidsafe yo boss he’s trying to take yo money!
Maidsafe don’t worry imma blast his ass!
User good looking homey, wit you around I’m SAFE fo sho!

(Alright, cue stereotypical rap music with a quick fade out)

Hope I didn’t bore you with my dry attempt at humorous anthropomorphic verbal illustration and a dumb gangster overtone. Weariness brings the best out of me :wink:

Seriously though, I think it can be done and without much effort.

1 Like

It’s not already like that except for:

Alternately: He’s cool, let him through.


I don’t think it would be possible that the network will be able to check “the client module”. How???. This project is Open Source and I will always be able to make a custom client and the network has no way to check it !!

Then, give us a hint !

1 Like

Interesting, important and timely discussion, so I thought I would throw in my first 2cents.

I’m not a fan of decisionmaking by committee. Debian is an example of how this can devolve into paralysis and endless political infighting. I hope SAFE doesn’t end up like that. Bitcoin is heading that way, thanks to the grandstanding of some of the BTC foundation hacks.

I’m also quite sceptical of the claims of AI, and even more sceptical about the wisdom of handing over decisionmaking to it.

It may sound very boring and even fascistic to some people, but I think the empirical evidence provided by a sampling of successful and unsucessful large open source projects strongly supports the “Benevolent Dictator For Life” model:

Any ideas on who that might be? :smile:


Dictators in free and open source software:

1 Like

with or without rap music, don’t think that is going to work :slight_smile:

1 Like

It’s a funny idea, but I don’t think it works either. Van Rossum might be the godfather of python, but I can organise my life without Python, and even if I would depend on Python, if I don’t like the new Python, I can without much pressure stick to the old one, or move to a different language. This is just one example, similar for Git; albeit for the linux kernel your example might be stronger.

For the SAFE network, we want to organise it solely as the users versus the network (without a hidden godfather). That said, for as long as David likes, it will almost be inevitable that he maintains an influential role.

[ADDED] I must say the link you posted is a good read and the author makes some good points. We’ll need to give another push for more independent groups (once called SAFE pods :wink: ) to emerge, to balance the BDFL :smile:


The July 4 bitcoin forks demonstrate an issue with the “trust but verify” style system…

If you want to make a very efficient version to compete against the standard client, removing all of the “verify your neighbors” code is a pretty nice shortcut to getting that done…

Of course lack of verifying could be categorized as non-standard behavior, and could result in downgrading.

Python seems annoyingly forked right now… 2 vs 3… I generally like benevolent dictators, but that is something that just happens because everyone listens to the smartest guy in the room, Not something that you hardcode into the upgrade process…

1 Like


As a biologist, I wanted to weigh in here …

I think it may be appropriate to bring in the biological definition of ‘NICHE’.

noun, plural: niches
(1) The specific area where an organism inhabits.
(2) The role or function of an organism or species in an ecosystem.
(3) The interrelationship of a species with all the biotic and abiotic factors affecting it.

Evolution is the way in which we adapt to the ever-changing niche in which we inhabit.

Intelligent beings (meme users!) create tools (hardware and software, as well as ideas and mental filters) and these tools have the ‘purpose’ of assisting our ability to thrive in our niche.

In a way, our tools have their own niche. We alter our tools over time - (engineering/directed evolution) to increase our ability to thrive in our niche. However if we change the tool too quickly, then it may fall out of use in it’s niche.

IMO, SafeNet has a purpose as it is a tool - perhaps it will be a tool that can self-adapt by responding to particular goals/imperatives that we place within it’s code and in this manner it ‘evolves’, however this would still be engineering and still involves an engineer.

The engineer’s of any tool are ultimately those who derive benefit from the tool - otherwise the tool loses it’s purpose (becomes dormant or disappears) or is re-purposed by those who DO engineer it … and hence ultimately it will always serve those that engineer it.

Given that SafeNet is open-source and that it can be forked and hence it cannot be forced out of a useful niche, then the directed evolution of SafeNet will be ongoing.

1 Like

@digipl I first liked it, and I can see your point that we should not have a BDFL - whomever it is - but I do believe that such an image helps no-ones cause. I know that as a European (Belgium was occupied during WWII) I might be more sensitive to such jokes, but overall I do feel it falls short on respect towards the whole community, but David in particular.

I think it’s a scene from the George Orwell film, where the big brother is always watching…
It’s based on a fictional book named 1984, written in 1949.
The comparison between the BDFL and the Big Brother is only a joke. There isn’t anything related with the WWII.

@bcndanos I don’t purport myself to be expert nor intermediate level in my understanding of this network but one idea comes to mind. The network can keep a list popular clients and their hash. Whenever the user starts up SAFE, the network hashes the client. If the hash matches the clients’, it proceeds normally. If not, the warning is issued.

@BenMS (shh, shh, the rap music didn’t add any value to the previous argument. Turn it off. :smile: ) Now that we can hear ourselves think, do you think the above could work? I mean even if everything is open source, doesn’t it all get compiled into binaries? All builds should be reproducible like Tor software no? If that’s the case then all clients should initially be bit for bit identical. All should have the same hash. I guess I might be missing something. :anguished:

@Hoppy I like the idea. Though it is ideal, David has made it clear that he’d rather place the network in the hands of the people. Too many times have I read him state that he and the team should soon after launch become irrelevant. Debian is somewhat different in it’s approach. In my baggy as f@ck understanding as @Al_Kafir once put it, no election process occurs nor is their term limited.

With short and temporary terms, the network and it’s stake holders can weed out crippling members or redesign the federate in whatever way the members of the network deem fit.

Personally I’d rather temporary political paralysis over any kind of dictatorship any day. No offense to David. Remember he’s just a man, and medieval torture techniques could get the fart out of any man. :stuck_out_tongue_winking_eye:

I know it’s a scene taken from the movie 1984, following the novel by Orwell, but that book itself is influenced by WWII and the threat of a totalitarian regime.

I’m not against a BDFL, at least at the beginning, but, of course, is inconsistent with the principles of the network. About the image, consider it a silly joke I hope not bother anyone.

The truth, I don’t see any clear solution. The logical path is, for the moment, only an idea but seems extremely difficult to realize. The biological scares me (the nature does not care that a specie disappear from the earth). And the standards (BDFL, small group, large group, voting…) all have pros and cons.

The only idea that comes to mind, and possibly is other nonsense, is to create a parallel network, a ProtoSAFE, consisting of a few hundred or thousands of volunteers guinea pigs, willing to try new features. Only the weighted votes of the volunteers and the DEV allow to accept Important upgrades.

P.S. I was born and raised in the Franco’s dictatorship but the day I can not make jokes about this is when I start to worry.


The network cannot do such things, because:

  • it doesn’t know the client “hash”.
  • this “hash” is not fixed: The binaries depend on the OS and also people can start from the sources, add modifications to them and recompile them. They can even completely rewrite them, possibly in another language.

The client is a program on your computer that has an interface to the network. You can do all the modifications you want to the client, as long as it conforms to the protocol it will be accepted by the network. The same is true for the vault running on your computer.

The network protocol can only be upgraded with new clients and vaults that are both:

  • compatible with previous ones so that they are not rejected by the network
  • effectively used by the the vast majority of people so that a consensus can be reached to trigger the new methods of the interface.

IMO only programs developed or blessed by the MaidSafe team will be able to satisfy the latter point. And I don’t believe in a “natural” evolution of the network.