Login

Redecentralize

We’ve had enough of digital monopolies and surveillance capitalism. We want an alternative world that works for everyone, just like the original intention of the web and net.

We seek a world of open platforms and protocols with real choices of applications and services for people. We care about privacy, transparency and autonomy. Our tools and organisations should fundamentally be accountable and resilient.

Home

Parent
Paul Frazee [LibreList] Re: [redecentralize] Thoughts on decentralization and deperimeterization 2014-09-02 18:25:57 (5 years 5 mons 22 days 17:07:00 ago)
Adding some thoughts to Dominic's --

The challenge to decentralizing the application layer is that it involves distributing authority.

For instance, we need to authenticate users. The only distributed auth in wide use right now is PKI. Since PKI only works well for organizations, the user-identities have to live within the orgs. That's a centralizing effect that would still occur in an open IP/routing layer.

After you've distributed identities, you need to distribute data-structures as well, or we rely on central nodes to keep data-bases. Then, the messages that construct the datasets need to be verifiable, so that Alice can rehost messages from Bob without possibly altering them. So there are three distinct challenges: authentication, message-verification, and dataset coordination.

Bitcoin, for example, solves all three of these problems. Broadly...

 - Authentication: RSA keypairs. (https://en.bitcoin.it/wiki/Address#Proving_you_receive_with_an_address).
 - Message-verification: transaction signatures.
 - Dataset coordination: the global blockchain and total ordering via PoW.

After all that, you need to deal with abusive actors in the network (DoSers, attackers) and with schemes to share resources (bandwidth, sometimes disk-space). This is where the reputation system gets involved.

For some interesting reading, I'll refer you to Dominic's project, https://github.com/dominictarr/secure-scuttlebutt.



On Tue, Sep 2, 2014 at 4:44 PM, Dominic Tarr <dominic.tarr@gmail.com> wrote:
I was very happy when I first saw ZeroTierOne, and also thought your
"I want to believe" post was brilliant,
but I think there is another challenge to decentralization that simply
having addressability is not sufficient to address.

Security.

Building truly p2p systems must deal with not only regular distributed
systems problems,
but also the problem of incenting the participants in the network to
behave properly.
This is trivial if I own all the computers that run my system. But the
system runs outside
my own datacenter, on other people's computers then I need some was to
ensure that
they cooperate.

Now, "ownership" is a concept deeply imbued into human society, but
it's worth remembering
that it is essentially a solution to this same problem. It all boils
down to using coersion to ensure
that participants in society behave in a approximately helpful manner.
Animals don't really have
property. Sure, some animals have territory - but they tend to enforce
those "rights" personally.
So what they have is a "possesion" (a non-abstract form of property).
There are no absentee landlords in the non-human animal kingdom.

Humans on the other hand, have an abstracted notion of property, I
maintain control of my bicycle
by chaining it to something when I am not using it, and you maintain
ownership of real estate by
interfacing with systems of contracts and laws that date back
thousands of years. Basically, you just
punish people who transgress the property rights, this requires police
and lawyers and courts and prisons,
and a millitary to protect your property system from neibouring
property systems...

Given the property system, it's easy to build a distributed system,
you just have a datacenter,
and you can hire people to run it, and build it and if theyfdo not do
as you wish you fire them etc.

Now - if you want to build a true p2p system, a decentralized system -
that depends on people
freely choosing to run your program, and also choosing not to abuse
your protocol, or try to
trick or deny service to other nodes in the network. You can't apply
coersion to incent cooperation,
you probably don't know where the other computers are, except very
approximately,
and you can't exactly send a computer to jail

There is the distributed systems problems, but this is the easy part.
What if my blog post becomes insanely popular? will my laptop have to
serve terabytes of data?
what happens while I am disconnected from wifi inbetween cafes?
Obviously the answer is to distribute the data - prehaps you can get
my blog post from
other people who have read it, not just from me. If a few hundred
people from around the world
have seen it, then there is probably a pretty good chance that someone
currently online has it.
But then what if they refuse to serve it, or serve the wrong thing?
(this could be malicious or by accident)

What you do have is crypto, and information processing powers many times greater
than when the property system was created. Would it be possible to
create a system that enforced cooperation using just information?

I think this is possible, not just because there are computer systems
which achive this within specific
contexts, but also, because humans can already do this naturally.
Small scale groups do not use coersion,
they use information - everyone involved pretty much knows what is
going on, and if someone is being
abusive they get blocked out. Certainly, this system is not
invunerable, but it *is* a system.
A reputation system. It's not very scalable, and it's not very
accurate (human gossip is quite lossy)
but we do have something to go on here.

could you use crypto and computers to scale and secure a reputation
system, without giving any particular
node too much implicit trust?


On Tue, Sep 2, 2014 at 12:52 PM, Adam Ierymenko
<adam.ierymenko@zerotier.com> wrote:
> Thought of another point about this…
>
> Decentralization doesn’t necessarily imply that all peers are of equal size, just that all things have equal opportunity to be peers.
>
> That being said, I think the current network deployment pattern pretty much guarantees the domination of the ecosystem by massive players by writing inequality into the network topology itself. Even if a more democratic many-smaller-players solution could win in the ecosystem and even in the market place, it can’t right now because it is too technically challenging to deploy.
>
>> Network routing is certainly one important aspect of decentralization.
>> But suppose Google now served Search & Gmail via a ZeroTierOne Earth
>> Address.  I'd think they would again quickly be able to create a rather
>> centralized traffic point within the network topology because of:
>
>

: