Login

Redecentralize

We’ve had enough of digital monopolies and surveillance capitalism. We want an alternative world that works for everyone, just like the original intention of the web and net.

We seek a world of open platforms and protocols with real choices of applications and services for people. We care about privacy, transparency and autonomy. Our tools and organisations should fundamentally be accountable and resilient.

Home

Parent
David Geib [LibreList] Re: [redecentralize] Thoughts on decentralization and deperimeterization 2014-09-02 23:05:21 (4 years 10 mons 16 days 06:20:00 ago)
> Perhaps the simplest way to look at [secure-scuttlebutt] is as many simultanious master-slave replications

If the primary node is offline or busy you can get an authenticated copy of the data from one of the secondary nodes. So then how do you find out which nodes are secondaries for a specific primary?


On Tue, Sep 2, 2014 at 7:55 PM, Dominic Tarr <dominic.tarr@gmail.com> wrote:
thanks Paul,

I'd just like to make clear that secure-scuttlebutt is *not* a crypto currency,
and does not use a proof of work scheme. I get the feeling that cryptocurrencies
are used as some sort of decentralization hammer. Don't get me wrong,
bitcoin is a brilliant design, but the assurances it gives you (total
ordering & consistency)
are just not necessary for many applications.

Secure-scuttlebutt is somewhere inbetween a blockchain (globally
consistent long chain)
and a DHT (maybe consistent, flat lookup structure).
To contrast with the Blind Idiot God concept from adam's
http://adamierymenko.com/decentralization-i-want-to-believe/

It's more like each individual node is their own centralized authority.

Richard, thanks ;)

Dominic

On Tue, Sep 2, 2014 at 4:25 PM, Paul Frazee <pfrazee@gmail.com> wrote:
> Adding some thoughts to Dominic's --
>
> The challenge to decentralizing the application layer is that it involves
> distributing authority.
>
> For instance, we need to authenticate users. The only distributed auth in
> wide use right now is PKI. Since PKI only works well for organizations, the
> user-identities have to live within the orgs. That's a centralizing effect
> that would still occur in an open IP/routing layer.
>
> After you've distributed identities, you need to distribute data-structures
> as well, or we rely on central nodes to keep data-bases. Then, the messages
> that construct the datasets need to be verifiable, so that Alice can rehost
> messages from Bob without possibly altering them. So there are three
> distinct challenges: authentication, message-verification, and dataset
> coordination.
>
> Bitcoin, for example, solves all three of these problems. Broadly...
>
>  - Authentication: RSA keypairs.
> (https://en.bitcoin.it/wiki/Address#Proving_you_receive_with_an_address).
>  - Message-verification: transaction signatures.
>  - Dataset coordination: the global blockchain and total ordering via PoW.
>
> After all that, you need to deal with abusive actors in the network (DoSers,
> attackers) and with schemes to share resources (bandwidth, sometimes
> disk-space). This is where the reputation system gets involved.
>
> For some interesting reading, I'll refer you to Dominic's project,
> https://github.com/dominictarr/secure-scuttlebutt.
>
>
>
>
> On Tue, Sep 2, 2014 at 4:44 PM, Dominic Tarr <dominic.tarr@gmail.com> wrote:
>>
>> I was very happy when I first saw ZeroTierOne, and also thought your
>> "I want to believe" post was brilliant,
>> but I think there is another challenge to decentralization that simply
>> having addressability is not sufficient to address.
>>
>> Security.
>>
>> Building truly p2p systems must deal with not only regular distributed
>> systems problems,
>> but also the problem of incenting the participants in the network to
>> behave properly.
>> This is trivial if I own all the computers that run my system. But the
>> system runs outside
>> my own datacenter, on other people's computers then I need some was to
>> ensure that
>> they cooperate.
>>
>> Now, "ownership" is a concept deeply imbued into human society, but
>> it's worth remembering
>> that it is essentially a solution to this same problem. It all boils
>> down to using coersion to ensure
>> that participants in society behave in a approximately helpful manner.
>> Animals don't really have
>> property. Sure, some animals have territory - but they tend to enforce
>> those "rights" personally.
>> So what they have is a "possesion" (a non-abstract form of property).
>> There are no absentee landlords in the non-human animal kingdom.
>>
>> Humans on the other hand, have an abstracted notion of property, I
>> maintain control of my bicycle
>> by chaining it to something when I am not using it, and you maintain
>> ownership of real estate by
>> interfacing with systems of contracts and laws that date back
>> thousands of years. Basically, you just
>> punish people who transgress the property rights, this requires police
>> and lawyers and courts and prisons,
>> and a millitary to protect your property system from neibouring
>> property systems...
>>
>> Given the property system, it's easy to build a distributed system,
>> you just have a datacenter,
>> and you can hire people to run it, and build it and if theyfdo not do
>> as you wish you fire them etc.
>>
>> Now - if you want to build a true p2p system, a decentralized system -
>> that depends on people
>> freely choosing to run your program, and also choosing not to abuse
>> your protocol, or try to
>> trick or deny service to other nodes in the network. You can't apply
>> coersion to incent cooperation,
>> you probably don't know where the other computers are, except very
>> approximately,
>> and you can't exactly send a computer to jail
>>
>> There is the distributed systems problems, but this is the easy part.
>> What if my blog post becomes insanely popular? will my laptop have to
>> serve terabytes of data?
>> what happens while I am disconnected from wifi inbetween cafes?
>> Obviously the answer is to distribute the data - prehaps you can get
>> my blog post from
>> other people who have read it, not just from me. If a few hundred
>> people from around the world
>> have seen it, then there is probably a pretty good chance that someone
>> currently online has it.
>> But then what if they refuse to serve it, or serve the wrong thing?
>> (this could be malicious or by accident)
>>
>> What you do have is crypto, and information processing powers many times
>> greater
>> than when the property system was created. Would it be possible to
>> create a system that enforced cooperation using just information?
>>
>> I think this is possible, not just because there are computer systems
>> which achive this within specific
>> contexts, but also, because humans can already do this naturally.
>> Small scale groups do not use coersion,
>> they use information - everyone involved pretty much knows what is
>> going on, and if someone is being
>> abusive they get blocked out. Certainly, this system is not
>> invunerable, but it *is* a system.
>> A reputation system. It's not very scalable, and it's not very
>> accurate (human gossip is quite lossy)
>> but we do have something to go on here.
>>
>> could you use crypto and computers to scale and secure a reputation
>> system, without giving any particular
>> node too much implicit trust?
>>
>>
>> On Tue, Sep 2, 2014 at 12:52 PM, Adam Ierymenko
>> <adam.ierymenko@zerotier.com> wrote:
>> > Thought of another point about this…
>> >
>> > Decentralization doesn’t necessarily imply that all peers are of equal
>> > size, just that all things have equal opportunity to be peers.
>> >
>> > That being said, I think the current network deployment pattern pretty
>> > much guarantees the domination of the ecosystem by massive players by
>> > writing inequality into the network topology itself. Even if a more
>> > democratic many-smaller-players solution could win in the ecosystem and even
>> > in the market place, it can’t right now because it is too technically
>> > challenging to deploy.
>> >
>> >> Network routing is certainly one important aspect of decentralization.
>> >> But suppose Google now served Search & Gmail via a ZeroTierOne Earth
>> >> Address.  I'd think they would again quickly be able to create a rather
>> >> centralized traffic point within the network topology because of:
>> >
>> >
>
>

: