Update 14 October, 2021

19eddyjohn75 · October 14, 2021, 6:26pm

Thx 4 the update Maidsafe devs

This is a mayor milestone

Keep hacking super ants

Really hope to see a tut for the testnets, maybe ordinary or clueless people could also help

Would love to help

Nigel · October 14, 2021, 6:42pm

Just to clarify, don’t they mean 90% of the way to integrating sn_api and sn_cli into the safe_network lib?

to7m · October 14, 2021, 6:44pm

For the multiple passwords thing, wouldn’t it be simpler to use a single underlying password?

Then an app could:

Take multiple end-user passwords (typed password, hardware key, etc)
Create multiple files containing the underlying password, encrypted by any number of different combinations of end-user passwords.
Upload these encrypted passwords to the user’s public storage in case they get deleted or something.

That way, the network itself would only have a concept of 1 password per user, and a user could choose between using the officially-endorsed login system (username, password, hardware key or whatever) and the underlying system (password, possibly not even username).

Apart from keeping the core simple, surely classifying password management as an app issue would also be useful in speeding up the network release?

chriso · October 14, 2021, 7:34pm

We had some instructions in the other testnet threads, but please let me know what information you feel is missing that you need. Would love to have you involved.

19eddyjohn75 · October 14, 2021, 8:41pm

I hate to bother Maidsafe devs for this @chriso, but would be fun to have an a to z, how to set up a testnet on your own. If it’s possible @josh do make your muscle “twitch” and we’ll observe and hopefully replicate or join in. Ideally I want it students breaking the testnet over and over again and fixing/looking for bugs. It would be helpful, if this can be run from @ home.

Michael_Hills · October 14, 2021, 8:43pm

Thanks for this. I think a lot of Users forget their passwords. This will be very important for the network. Great work team!

Josh · October 14, 2021, 9:34pm

I am happy to help you, just as I was helped.
The instructions are actually pretty good and all questions I had are answered in the testnet-tool thread.
I submitted a PR today to hopefully prevent people from getting stuck where I did.

Unlike running a network locally unfortunately this method is not free so not ideal for most people who want to have a quick prod.

TylerAbeoJordan · October 14, 2021, 9:37pm

Nice update Maidsafe team!

One Repo “box” to rule them all!!

box-to-rule-them-all

stout77 · October 14, 2021, 9:42pm

Just noting it could become free if the sn_testnet_tool were adapted to work with Oracle cloud as well as DO…had a look at terraform a few months back, but this is way above my skills…

PS that would be a good community project…looks like is ‘just’ scripting…

chriso · October 14, 2021, 11:02pm

You submitted a PR to the sn_testnet_tool repo? I don’t see one.

chriso · October 14, 2021, 11:05pm

@19eddyjohn75 you can use safe node run-baby-fleming to get a local testnet.

If you want to join in, keep an eye on things next week and if there’s anything you don’t understand about how to get something running, please just ask.

chriso · October 14, 2021, 11:15pm

Why is that, because of a free tier? Most cloud providers have those, and they are generally extremely limited.

jlpell · October 14, 2021, 11:16pm

maidsafe:

We’ve been working to bring the CLI and API up-to-date, so thankfully, now we are in a position where they can be merged in, and we’re happy to say that this is almost there. sn_api and sn_cli will sit alongside the code for the network, so the safe_network repository consists of three crates that will be updated and deployed at the same time.

It’s important to be aware, this is actually quite a significant change and not simply an administrative convenience
Everything in the same crate removes confusion about which versions of the CLI and API are compatible with which version of the network. All those in any release will be compatible.
When the code for the network is updated with breaking changes, the developer will be forced to make an update to the API and CLI. This prevents the API and CLI code from going stale again.
New versions of the network are immediately available for testing with a CLI that is compatible with the network.

This is all great. Glad to see the restructuring in this direction. Nice work!

stout77 · October 14, 2021, 11:20pm

That’s true, but I believe Oracle free offering is particularly generous?

Arm Ampere 4 OCPUs and 24 GB of memory and 250GB max disk space (or 4 instances with 1/4 resources)

Would this be enough to bootstrap the network, assuming other nodes can join to strengthen the testnet?

chriso · October 14, 2021, 11:23pm

From what I can see though, it looks like it’s limited to 30 days. So you’d need to keep signing up with different email addresses all the time. With AWS, I think you can just use resources under a certain size for free, possibly for a year or something, I can’t remember. Though, they’re obviously quite small resources.

mav · October 14, 2021, 11:45pm

Yes you’re right, and what you suggest here is what will be happening on the network.

Account access will be done through a ‘root secret key’. The standard way to use the root secret key will be by combining several other secrets together (called key shares). The user is mainly interacting with key shares, not the root secret key directly.

From a technical angle, the combining of key shares into a root secret key is done using the threshold crypto scheme in the blsttc crate (previously threshold_crypto crate).

The problem here is the underlying password would only be as strong as the weakest file.

With threshold crypto it’s not enough to compromise any one credential, the attacker needs at least a certain number of keyshares before they can combine them into the root secret key.

This will still be possible. An advanced user could choose to set their own root secret key and not do any of the key management stuff.

It really comes down to how permissions work on the network. The account is accessed by reading a private bit of data on the network. That private account data can only be read by providing a signature from the root secret key. The way the user chooses to generate that signature (the obvious way using a single key, or using a threshold signature scheme, or using some other third-party way of generating a signature) is at the app level, not the network level.

What maidsafe is aiming at is the root secret key being secure by default, which means more than just being an X characters long password or being stored in Y different locations. The ability to revoke a key share from a device without changing the root secret key is one of the important aspects that’s possible when using key shares as the main point of contact (ie keeping the root secret key ‘hidden’ behind the layer of key shares). If we were directly trying to manage the root secret key the revocation process becomes more difficult.

neik · October 15, 2021, 12:25am

I can confirm it keeps working after 30 days you just don’t have support. After @happybeing mentioned them in the forum I set one up and have had a wire guard and shadowsocks vpn running on an arm version on the fee tier.

It’s also standing by for test net

Josh · October 15, 2021, 12:29am

Well apparently I omitted the submit part! done now.

Josh · October 15, 2021, 12:44am

We probably have too many threads going on this one topic but seeing as we are here.
I think 12 instances is the minimum 1 genesis and 11 nodes (default is 4vcpu-8gb).
Not sure how many Maidsafe use to start a public test though, I would think quite a few more.

to7m · October 15, 2021, 12:56am

To clarify, I meant any user-specified combinations, which would exclude single items unless the user felt like keeping it less secure.

Would be interested to see how this works.

Topic		Replies	Views
Update 04 May, 2023 Updates	15	1700	May 7, 2023
Update 27 October, 2022 Updates	70	2796	February 4, 2023
Update January 13, 2022 Updates	41	4586	February 5, 2022
Update August 5th, 2021 Updates	317	8414	August 30, 2021
Safe Network Dev Update - January 7, 2021 Updates	33	3101	January 21, 2021

Update 14 October, 2021

Related Topics