On 03/09/17 21:01, Matthew John Toseland wrote: > On 03/09/17 20:53, Arne Babenhauserheide wrote: >> Hi toad, >> >> Matthew John Toseland <matt...@toselandcs.co.uk> writes: >>> Thoughts? I'm not a dev any more, but thinking about Bitcoin and other >>> stuff maybe there are some ways forward that we've missed... >>> >>> Dispute resolution, spam and distributed data structures >>> --------------------------------------------------------
I'm actually more interested in your view on the second part, but this is worth discussing too... >>> >>> A key is disputable if: >> … >>> For any disputable key, any darknet node can vote at most once. >> >> Can you explain why we would want to bind darknet nodes (=real life >> identities) to voting about content? Currently this is done in the truly >> pseudonymous inner layer. To be clear, a disputable SSK vote is pretty much the same as an insert: It is routed from node to node according to a probabilistically decremented HTL. It doesn't take effect (it doesn't check the datastore) until it has travelled a reasonable number of hops, for security reasons. In fact, it might *be* an insert. Then the client fetches the SSK, and when it sees something it approves of, it inserts the blob. If it finds something it doesn't approve of (e.g. violation of the consistency rules), it doesn't insert, or it creates an alternative and inserts that. But we probably want to change the request/ULPR mechanic too, so that the client will see both versions if there is a dispute going on nearby. >> >> What is the gain from disputable keys? Answered below. But this also gets us some of the advantages of PSKs, without necessarily needing PSKs. Or if we do have PSKs, it allows us much more flexible verification. So we can maintain arbitrary data structures while keeping DoS attacks manageable. In particular when managing a shared tree structure everyone needs to keep to the rules. Applied to spam, for example, we could justify banning somebody by showing some of his messages. Does it still allow for spam amplification? Probably, if we immediately propagate inserts to everywhere. But maybe we can resolve the fight within a few small random parts of the network. And the fact that you can only vote once per darknet connection on any given key severely limits the mischief you can do... so maybe it's manageable even with full propagation. > > Because it's our only source of scarcity. The whole objective of this > part of the proposal is to create spam-proof, adequately-scalable > distributed keyword search. Or distributed data structures of whatever > other kind, where we can maintain the structure in a collaborative > manner, obtaining a consensus, without having to poll every outbox and > every fork. > > IMHO this is one of the remaining fundamental research questions for > Freenet. > > It's that or a block chain. And we don't want a block chain. > > Or stick to the current approach of hoping that outbox polling scales > well enough. But even if it works for chat I doubt it will work well for > search. I believe my proposal will scale further even for chat. > > And I'm not binding them - it's no more traceable than any other key AFAICS? >> >> Best wishes, >> Arne >> >
signature.asc
Description: OpenPGP digital signature
