We’ve had enough of digital monopolies and surveillance capitalism. We want an alternative world that works for everyone, just like the original intention of the web and net.

We seek a world of open platforms and protocols with real choices of applications and services for people. We care about privacy, transparency and autonomy. Our tools and organisations should fundamentally be accountable and resilient.


Adam Ierymenko [LibreList] Re: [redecentralize] Thoughts on decentralization: "I want to believe." 2014-08-04 15:58:16 (5 years 2 mons 9 days 22:44:00 ago)

On Aug 3, 2014, at 2:38 PM, David Burns <tdbtdb@gmail.com> wrote:

On Friday, August 1, 2014, Adam Ierymenko <adam.ierymenko@zerotier.com> wrote:
I just started a personal blog, and my first post includes some thoughts I've wanted to get down for a while:


Adam, your blog post interested me a lot. Best of luck with your efforts. One quibbly question:

>efficiency, security, decentralization, pick two.

 Assuming certain sorts of threats, decentralization contributes a lot to security. In those circumstances, your trichotomy devolves to a dichotomy, "efficiency or security, pick one." 

You're absolutely correct there. Decentralized systems are more robust against censorship, most naive denial of service attacks, and the failure of critical systems.

What they usually don't offer is a good user experience and high performance the other 99% of the time when everything is working well.

A decentralized network under attack will be more robust, but a centralized network *not* under attack will be faster, more consistent/reliable, easier to reach, consume less resources at the edge (important for mobile), and generally be easier to use... at least according to any known paradigm. Facebook is down every once in a while, but when it's up it's fast and incredibly easy to use compared to alternatives.

Everything I've written on this subject comes with a caveat: something new could be discovered tomorrow. Everything I write assumes the current state of the art, so obviously any big discoveries could change the whole picture. Personally I think a discovery in an area like graph theory that let us build *completely* center-less networks with the same performance, efficiency, and security characteristics as centralized ones would rank up there with the discovery of public key cryptography. It'd be Nobel Prize material if there were a Nobel Prize for CS.

Fortunately, your actual approach, the peer-(super) peer-peer idea, finesses the problem nicely. Instead of "I am Spartacus," "I am the blind idiot god." Still, might attackers find a vulnerability there? In order to assure the efficiency you desire, someone must provide some resources intended to act as the superpeer or superpeers. Attacker censors those nodes, network efficiency falls below the tolerable threshold, bad guys win. How do you plan to defend against this attack?

Yeah, that's basically it. All my current thinking is around the idea of minimal central hubs that allow us to have the benefits of central points without the downsides. I'm working on a follow-up blog post going into more detail about zero-knowledge hubs and what might be required there.

If I can find the time I might try to hack something up, but don't count on it in the next few months... so much other stuff going on.