What do you think of Blockstack’s rejection of DHT

“ However, DHTs are still vulnerable to routing attacks . Instead of trying to mess with the key/value pairs, an attacker can add and remove nodes in order to take control of individual hash buckets. These nodes can simply deny requests for data, censoring keys. If they take over all nodes with a copy of a key/value pair, they can simply discard it, leading to permanent zone file loss. This is a fundamental challenge to using structured overlay networks for decentralized storage (DHTs being one example). Since nodes do not store a full replica of the state, they have to route data requests to each other. Since anyone can add nodes to these networks, attackers can take control of routes to deny service and destroy data.”

So they moved to an architecture where every node stores everything.

I realize SAFE Network has node ageing, churn and being kicked around, but an attacker can inject sleeper nodes and so on. If SAFE Network is permissionless then anyone can join and eventually take over large sections.

This was analyzed in many threads, including “the google attack” as well as a few days ago.

I think the key is in figuring out how TWO or more malicious actors would cancel each other out, in the same way that if someone invented a new proof of work ASIC with a huge improvement in hash rate, as long as they sold it to multiple parties, then overall the hashrate of the network would catch up again. In the language of SAFE, it would dilute the attacker.

7 Likes

Interesting development but Atlas Network has a fundamental scaling problem as each node needs full index of data available to the network. This makes it suitable for a small scale network as Bitcoin but not for a global network like SAFE.

In the end it’s not more than the well-known Sybil problem. Problem that SAFE defends itself using several levels.
.-Temporal limitation of new nodes
.-Random placement within the network
.-Punishment to the attempt of voluntary relocation
.-Random relocation to gain status
.-A reputation system like Node Ageing
.-Control of certain malicious behaviours in the consensus system

The key question is whether all of these actions are sufficient to prevent an attack and, especially, what size the network must reach to consider such attack as impossible.

10 Likes