Hello all!
Our original grant funds have run out and although a continuation of our work was previously discussed, we never received a response to our proposal sent months ago. So, this is our final report on the progress of our grant work, the work we did beyond it and a call for input on some outstanding items. Least Authority has been a significant contributor to the Tahoe-LAFS open source project for the last 14 years through self-funded work, numerous external grants and more recently, this grant from the Tahoe-LAFS Software Foundation. One of our products, PrivateStorage <https://private.storage/>, utilizes Tahoe-LAFS and another, Winden <https://leastauthority.com/product-development/winden/>/Destiny <https://leastauthority.com/community-matters/destiny/>, utilizes Magic Wormhole. We hope to continue to contribute to the project and community, maintaining it and moving it forward into the future, but at this time our role in the project going forward is uncertain. Unfortunately, the end of our grant work also includes the additional maintenance work we have been doing while working on the grant. In addition to having no decision on our proposal, we have also not received a response on if we can continue that maintenance work or if someone will be taking over that work. Below is an item that is currently in flux because there is no plan for continuation of it. - VPS hosted by Hetzner - Least Authority will continue to pay for and maintain these servers through the end of the year. At that point without any instruction from the stakeholders as to the future plans for them, we will have to shut them down. As our maintenance work was often hindered by the state of Trac, it was decided that we would also tackle the Move Off Trac <https://tahoe-lafs.org/trac/tahoe-lafs/wiki/MoveOffTrac> project. However, our work on this has been made more difficult than necessary by the lack of direct access to the required resources (DNS records and Linode server). Now more than 6 months after our initial request (in February), despite the workarounds we’ve tried and the demonstrated improvements of the status-quo, the delays and the resulting overhead have made this lack of access issue an insurmountable obstacle for us. In order to wrap up this work, we are putting out one last call to the community for input and consensus on the following items. Without a response from the community within the next two weeks, we will be unable to complete this migration. - Write access to the DNS records of the tahoe-lafs.org domain (#4162 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4162>) - Interactive access to the Trac instance via SSH on Linode server (#4161 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4161>) We have detailed in the summary below the work we have completed for the Tahoe-LAFS Foundation under the grant, including for the added Move Off Trac project and the maintenance and community building work we have done: Original Grant Scope Work: Mobile app - Start with the "PrivateStorage Mobile" Android-only read-only app - Status: Completed - Available on the Google Play Store <https://play.google.com/store/apps/details?id=org.tahoe_lafs.tahoe_lafs_mobile> . - All Tahoe-LAFS formats are readable and mostly verified. - Launches Android intent to view files. - Magic wormhole or raw cap input. - Detailed reporting of errors on cap-by-cap basis. - Downloaded data retained through grid changes. - Minimizes demand on storage servers. - Multithreading on client for user-perceived performance. - Improvement opportunities include: - Some aspects of SSK validation (2 days work remaining). - Reasonable memory demand when processing large files (5 days). - Indicate already downloaded data at restart. - Support more magic folder functionality. - More comfortable grid selection and editing. - Support arbitrary grids - Status: Completed - The app now supports custom grids (instead of just PrivateStorage). It defaults to the Tahoe-LAFS public test grid. - The app now also reads Tahoe-LAFS directory capabilities (in addition to the Magic Folder format), and they may contain both CHK and SSK files. - Individual CHK or SSK files supported (in addition to folders). - Port to iOS - Status: Partially Complete (70% Complete) - Worked out licensing, set up development environment & CI, updated dependencies and framework, complete successful build, set up CI. - ToDo: Wire app actions to iOS, Publish on App Store, Integrate as iOS FileProvider. - Add upload - Status: Partially Complete (10% Complete) Research/implement "recovery phrases" for rootcap management - Status: Completed - Due to being blocked on new releases of zero-knowledge-access-pass-authorizer <https://github.com/PrivateStorageio/ZKAPAuthorizer>, and python-challenge-bypass-ristretto <https://github.com/LeastAuthority/python-challenge-bypass-ristretto> (to support ZKAPs with Tahoe-LAFS 1.20.0), the ZKAPAuthorizer plugin was made optional so this work could be completed. - Supporting work: - Tahoe-LAFS: ticket #4096 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4094> and PR #1365 <https://github.com/tahoe-lafs/tahoe-lafs/pull/1365> (“Support the creation of a new directory capability with a pre-determined signature key”). - Published “deterministic-keygen” Rust crate <https://crates.io/crates/deterministic-keygen> (with accompanying Python bindings <https://pypi.org/project/deterministic-keygen/>) for generating RSA keys deterministically. - Published "lafs" Rust crate <https://crates.io/crates/lafs> (with accompanying Python bindings <https://pypi.org/project/lafs/>) for independently verifying the derivation of dircap URIs. - Gridsync: Tahoe 1.20 support (Issue #737 <https://github.com/gridsync/gridsync/issues/737>; PR #738 <https://github.com/gridsync/gridsync/pull/738>), optional ZKAPAuthorizer (Issue #733 <https://github.com/gridsync/gridsync/issues/733>; PR #736 <https://github.com/gridsync/gridsync/pull/736>), Recovery Phrases user interface and integration (Issue #674 <https://github.com/gridsync/gridsync/issues/674>; PR #740 <https://github.com/gridsync/gridsync/pull/740>). Additional Out of Scope Work: - Move Off Trac - Status: Current status below - details and deliverables are described in the MoveOffTrac <https://tahoe-lafs.org/trac/tahoe-lafs/wiki/MoveOffTrac> wiki page - Deliverable 1- self-hosted server (#4161 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4161>) - COMPLETE - PoC (retired) - COMPLETE - VPS with Forgejo only - Managed from code with CI/CD with sops+pass secrets. - Backups with BorgBase. - SSO with CodeBerg, GitHub and GitLab. - Took longer then required due to the lack of access to the DNS (#4162 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4162>). - Workaround using `of.tahoe-lafs.org` sub-domain. - BLOCKED - Website only with redirect/proxy rules to legacy resources - Jekyll sources with CI/CD are hosted on Forgejo. - Hosting and redirect/proxy rules are managed from code. - Taking longer than required due to the lack of access to the DNS too. - Workaround: manual DNS update (#4183 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4183>) and related asynchronous changes - still no date after 6 weeks. - The Hall of Fame still needs to be migrated as a post or a page. - PENDING - Issues and wiki hosted by Forgejo - Require the completion of the previous phase. - Migration plan ready as described in Deliverable 2. - Will take longer than required due to the lack of access to the Trac server. - TODO - Other resources from the Linode server - Replace the current binary repository for Tahoe-LAFS releases. - Deliverable 2 - detailed migration plan from Trac to self-hosted Forgejo - COMPLETE - Tested and described in the MoveOffTrac <https://tahoe-lafs.org/trac/tahoe-lafs/wiki/MoveOffTrac> wiki page - Deliverable 3 - high-level migration plan from self-hosted to an SaaS provider - COMPLETE - Migration plan for the Forgejo repository/ies - IN PROGRESS - Migration plan for the static website - Maintenance Work - Recreated the Test Grid <https://tahoe-lafs.org/trac/tahoe-lafs/wiki/TestGrid>. - Tahoe package back in Debian 13 “Trixie” <https://packages.debian.org/trixie/tahoe-lafs> (and its downstream distros <https://repology.org/project/tahoe-lafs/versions>). - Fixing Tahoe’s CI: - 8/18 tickets <https://tahoe-lafs.org/trac/tahoe-lafs/query?status=assigned&status=closed&status=new&status=reopened&changetime=2024-12-01..2025-01-27&keywords=~ci&col=id&col=summary&col=keywords&col=status&col=owner&col=type&col=priority&col=changetime&desc=1&order=changetime> - #4098 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4098>, #4114 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4114>, #4128 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4128>, #4132 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4132>, #4134 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4134>, #4136 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4136>, #4140 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4140>, #4141 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4141>. - ZKAPAuthorizer CI revival: - Issues #462 <https://github.com/PrivateStorageio/ZKAPAuthorizer/issues/462>, #468 <https://github.com/PrivateStorageio/ZKAPAuthorizer/issues/468>, #470 <https://github.com/PrivateStorageio/ZKAPAuthorizer/issues/470>, #472 <https://github.com/PrivateStorageio/ZKAPAuthorizer/issues/472>; PRs #463 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/463>, #465 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/465>, #467 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/467>, #469 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/469>, #471 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/471>, #476 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/476>, #477 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/477>, #482 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/482>, #483 <https://github.com/PrivateStorageio/ZKAPAuthorizer/pull/483>. - Python Bypass Ristretto CI revival: - Issues: #57 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/issues/57>, #58 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/issues/58>, #60 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/issues/60>, #64 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/issues/64>, #65 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/issues/65>, #67 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/issues/67>, #68 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/issues/68>; PRs #61 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/pull/61>, #62 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/pull/62>, #66 <https://github.com/LeastAuthority/python-challenge-bypass-ristretto/pull/66> . - Monitoring Web/Ticket/Wiki and TestGrid with Upptime <https://tahoe-lafs.github.io/infrastructure-upptime/> (#4175 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4175>). - Document recurrent Trac downtimes in tickets (#4176 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4176>, #4178 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4178>). - Manage DNS records from code (#4162 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4162>). - Ideally for the whole `tahoe-lafs.org`domain, but could only do it for the `of` subdomain due to the lack of access. - Fix GitHub Actions (org. wide) due to an outdated CC (#4182 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4182>). - Release updated PyCDDL <https://gitlab.com/tahoe-lafs/pycddl> after its main dependency had been yanked. - Fix Tor integration tests (#3943 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/3943>, PR #1435 <https://github.com/tahoe-lafs/tahoe-lafs/pull/1435>). - NixOS 25.05 Tahoe-LAFS service definition fixes (PR #407172 <https://github.com/NixOS/nixpkgs/pull/407172>). - ZFEC compatibility and interface improvements (PRs #119 <https://github.com/tahoe-lafs/zfec/pull/119>, #130 <https://github.com/tahoe-lafs/zfec/pull/130>, #131 <https://github.com/tahoe-lafs/zfec/pull/131>). - Python 3.13 fixes for txi2p, foolscap and pyutil. - Community Building - Onboarding new members to the community (Blaise, Jeff, and Rodrigo from the SnakeDev team). - Represented Tahoe-LAFS at: ZconV, DWeb Camp, Web3 Summit, AI & Data Summit, Interledger Summit, Devcon, SplinterCon, ETHDam, BOB2025 <https://bobkonf.de/2025/> and gave Lightning Talk at the 38C3 Off-the-Grid P2P Communication Meetup <https://events.ccc.de/congress/2024/hub/en/event/off-the-grid-p2p-communication-meetup/> and FOSDEM 2025 <https://ftp.belnet.be/mirror/FOSDEM/video/2025/k1105/fosdem-2025-6674-lightning-lightning-talks.av1.webm#t=2742,2943> . - Discussed Tahoe-LAFS-related possible collaborations with the Filecoin Foundation for the Decentralized Web, Spritely Institute, Superbloom, Ford Foundation, OTF, eQualitie, and the Tor Foundation, amongst others, in 2024. - Assisted with SnakeDev’s Documentation project during the months of August to December 2024. - Provided support to other members of the community and their work through regular pairing sessions with non-Least Authoritarians over the course of the grant timeframe. The above noted Move Off Trac, Maintenance, and Community Building activities were not originally included in the planned grant project. These additional contributions utilized time and resources originally planned for the following development activities and therefore were not able to complete them: Research ZKAP/Storage-time sharing, new capability types (append-only, rainhill), and a browser-based WASM client - Status: Started - Reviewed past efforts and designs (“Rainhill”), began researching other projects (Spritely’s “OCapN”), started investigating “append-only” caps, misc. discussions with community Improve/complete Cloud Backend so servers can delegate storage to S3/etc - Status: Started - Work ongoing in tahoe-s3 <https://gitlab.com/tahoe-lafs/tahoe-s3> and tahoe-great-black-swamp <https://gitlab.com/tahoe-lafs/tahoe-great-black-swamp> Despite the challenges we faced, our team enjoyed working on this project and with the rest of the community and we would like to extend our long history working with Tahoe-LAFS into the future. We look forward to hearing from the community and hope to get input and consensus regarding the following issues: - VPS hosted by Hetzner - Least Authority will continue to pay for and maintain these servers through the end of the year. At that point without any instruction from the stakeholders as to the future plans for them, we will have to shut them down. - Write access to the DNS records of the tahoe-lafs.org domain (#4162 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4162>) - Interactive access to the Trac instance via SSH on Linode server (#4161 <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/4161>) Please let us know if you have any questions or would like to work on anything together in the future!
_______________________________________________ tahoe-dev mailing list tahoe-dev@lists.tahoe-lafs.org https://lists.tahoe-lafs.org/mailman/listinfo/tahoe-dev
