We will probably want to rework the location swapping code after 0.7.0.
Here's some ideas:
- Locking doesn't work the way we want it to. Result is that swaps are
slower than they could be.
- Security. (Against internal attackers trying to bias the network
either by exploiting the duplicate location detection or by rejecting
swaps they don't like).
- Ideas:
-- No locking. Only do the swap if on both ends, we have the same values
for not only the nodes involved but also their neighbours.
--- How to enforce? Don't we lose the existing benefits of committing
before we know the details?
-- Enforcement. We can monitor our neighbours' swaps and see that they
are playing by the rules.
-- Different locking. For a shorter period, perhaps. We can separate the
finding a path phase from the actual swap, although commitment is
nice...
--- Maybe:
---- Find a path. Committed as long as up.
---- Both sides wait until get locks from all neighbours. Locks are
specific to chain ID, so we won't collide with self.
---- Re-exchange details.
---- Swap or don't swap according to details.
---- Security: Neighbours know topology for a few hops, and can verify
the location values - or at least they can verify them for the ones
they know?? (include salted identity hashes?).
I apologize for the lack of real documentation on the location swapping
implementation, we should make some... after 0.7.
--
Matthew J Toseland - toad at amphibian.dyndns.org
Freenet Project Official Codemonkey - http://freenetproject.org/
ICTHUS - Nothing is impossible. Our Boss says so.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: Digital signature
URL:
<https://emu.freenetproject.org/pipermail/tech/attachments/20060107/fb6cec3a/attachment.pgp>
