In this topic I will try to explain “Sentinel”. There is a nice document about it on the Maidsafe-Github but it get’s quite technical quite fast. At the top it’s stated that Sentinel is about “network consensus, authority and crypto usage”. David did a presentation on Sentinel which can be found here.
Let’s start at the beginning. Your client connected you on ip-level to the network using CRUST. That’s the part where you can have connections based on UDP, TCP, etc. It creates holes in your firewall/NAT when needed and makes sure you can connect on ip-level to start with. The next step for you is to join a group with a maximum size of 32 nodes. When you want to do anything at that level, you need at least 28 of them (over 85%) to reach consensus and give you permission. At the same time, you’ll control others in that group in the same way. But let’s step back a little. How do we know who is who? Not only on a local level within the 32-nodes, but outside these nodes as well? We can be all safe and well within our group, while on the other hand some very corrupt nodes try to connect to us with bad intention. This is where Sentinel comes in. While we’re in our own group, we need to connect to other groups to be part of SAFEnet. All nodes on SAFEnet will use private and public keys for communications. So if node “ABC” connects to node “XYZ” it will encrypt all data with the public key of “XYZ”. On the other hand “XYZ” will encrypt all data using the public key of “ABC”. After encryption, only the person with the private key will be able to decrypt the data. Next to this PKI (Public Key Infrastructure) we’ll use digital signatures as well. So when node “ABC” says “I’m a very happy node” and it uses a signature (like “xxGhdljsdsjKbndghwh”), all other nodes can confirm that the line of text came from node “ABC”. If one would change only one letter or space in that line of text, the signature from “ABC” would be invalid. So nodes can decrypt data that was sent to them, and sign data and messages using it’s own digital signature.
Groups will do the same as well in SAFEnet. So when you want to PUT data to the network (like uploading some pictures of your dog) you need at least 28 nodes in the group to sign your request. But now let’s go back to the question: How do we know who is who? How do we know that the group that wants to connect to our group is indeed a valid group in SAFEnet and not some Skype-nodes that got drunk? Well here’s the magic of Sentinel. We want nodes that are close to each other to form groups. So let’s think lineair for a second, and assume we have nodes with addresses like 110, 111, 112, 113 and 114. They’re quite close to each other so they should be part of the same group. If a bad node shows up in that group, and it got corrupted we might see that a node with address 998 got into the same group as well. The group shouldn’t allow it (the network prevents this) but what if the group was completely corrupt?
The solution to this problem is quite simple but very great at the same time. When our group get’s a request from another group who want’s to connect to us, we’ll just ask the network if this group is valid. We do this by sending a message to the closest nodes of the group, and ask them if they confirm that this group, containing these nodes exists. So we might find node 109 replying to us and says: “Yes, I know these nodes, they’re quite close to me”.
Now we have at least some confirmation that these nodes are recognized by SAFEnet and we can try to get more info. So Sentinel will ask the group to give us all their public keys and signatures (of all the 32 nodes), and a message signed by the whole group as well. When they do, we now have some more info about them. But Sentinel is still not satisfied and will ask for more info. So it will encrypt a message to all the nodes in that group using their public keys. As we learned in this topic, only the nodes with the private keys will be able to decrypt that message. So when they just sent some random signed info, they can never reply to us. But on the other hand, when they indeed gave their public keys and are fair nodes, they will reply. And that’s the moment Sentinel is satisfied. It learned about some new nodes who are in a group. It sended a message out of the “backdoor” to the group’s closest nodes in the network. These closest nodes replied and confirmed to us that SAFEnet has indeed a group of nodes like that. Sentinel got their public keys and tested if they indeed are the owners of the private keys as well. Now all is well and confirmed, Sentinel got some new friends. A group of up to 32 nodes it trusts. But as you might have guessed. The other group has their own Sentinel as well. And it did the same research on us. Just to make sure that our group wasn’t a bunch of drunk Skype-nodes as well