Is MaidSafe ‘Internet 2.0’ or ‘Internet too’?
Mon 9 Feb 2015
“You can’t think governments will be too keen on this,” says Nick Lambert, COO of MaidSafe, which has spent nine years in development with the ambit of creating an encrypted, ISP-free and decentralised internet. “One of the great strengths of decentralisation is that it can’t be turned off, and so once the network is launched, there’s nothing that can be done to stop it.”
In the nine years since its inception MaidSafe [Massive Array of Internet Disks – Secure Access For Everyone] has only occasionally emerged from its cloistered evolution, either to attract new development talent or raise additional funding. Its originator David Irvine and main proponent and investor Nick Lambert – CEO and COO of MaidSafe, respectively – demonstrate a rare and very underplayed idealism, considering that they’re working on a project which, if widely adopted, would effectively reset the technical basis on which the internet works – and overturn most of the financial infrastructures that have grown on top of that basis.
Whilst working on the problems that beset small business servers in 2002, it occurred to Irvine that a server-dependent network might in itself be the actual problem. “I would probably say that 2002 was the ‘eureka’ moment,” Lambert tells The Stack.
The SAFE system employs the users’ own computers to store information for the entire network – a global ‘mesh’ which rewards those who contribute data throughput and storage space with the system’s own cryptocurrency, Safecoin.
With privacy and security, you either provide it or you don’t. You can’t pick and choose who gets it.
The end-user logs into the SAFE network with a PIN, a keyword and a password, which serve as untraceable entry credentials for any of the applications running on it, obviating the need for traditional granular login systems. “One password,” Lambert tells us. “will replace everything,”
Information stored is split into four encrypted ‘chunks’ and dispersed around the network on a rolling basis – a necessity that is actually a boon to security, according to Lambert. “One of the hard things to [contend with],” he says. “is where people turn their computers off and on; that’s obviously a very tricky thing to take account of. It actually provides a huge amount of security, because it means that the data is being continually moved around the network, so the location of the encrypted chunk is never known.”
Gaining currency
The project has arguably gained traction because the rise of Bitcoin has forced a non-technical world to take an interest in the Mesh, and because Safecoin appears to be another ‘interesting’ cryptocurrency for visionary investors to consider, as they did with unexpected results during MaidSafe’s ‘crowdsale’ in April of 2014. But for Lambert, the comparison is arbitrary:
“It’s inevitable that people compare Safecoin and Bitcoin.” Says Lambert. “I would certainly avoid saying that one is better than the other. They’re two very different beasts.”
Safecoin has no ‘central ledger’ equivalent to Bitcoin’s blockchain; transactions which take ten minutes to confirm under Bitcoin can take place at a reputed 20 milliseconds on the MaidSafe network. Lambert notes that the speed will vary according to network size, “But it’s quick, and certainly much quicker than the arbitrary ten minutes that Bitcoin has. I suppose there are other networks confirming transactions confirming transactions quite quickly as well, such as NXT, and some other platforms,”
However Lambert does not believe anything equivalent to MaidSafe’s scope and potential can be achieved with sidechains or other extensions of Bitcoin/blockchain technology:
“People think you can decentralise the internet using Bitcoin,” he explains. “but there are set reasons why you can’t. It doesn’t scale very well, and they need to sort that out. What [these systems] have in common is that they’re basically distributed consensus mechanisms, which all distributed networks need, because they don’t have this centralised server, and the network needs to be able to reach decisions without a central point.
“So they work in very different ways. Bitcoin is very good at being a public ledger, and being a great way to share information that way, and it’s also auditable – it publishes every transaction that ever happened. Safecoin doesn’t work like that. It doesn’t have a blockchain at all, so all you can really tell is the current and previous owner. In many ways it can be likened to digital cash. And that’s great for speed, and great for many other things, like anonymity and privacy; but what it’s not good for is if, for example, you’re a bank wanting to be transparent. As it stands right now, Safecoin’s not well-suited to that.”
The Safecoin economy is capped internally at 4.3 billion units, but in the event of mass uptake, the currency can theoretically be divided a further 4.3 billion times, making the cryptocurrency very suitable for micro-payments.
“Because it confirms these transactions at network speed,” says Lambert, “it starts to become quite exciting.” One of Lambert’s favourite theoretical uses of this deeply-integrated systemic currency is the possibility of paying for movies on a frame-by-frame basis – which would mean that the movie trailer industry might have to join FTP clients, data centre providers, network consultants and many other industries on the post-MaidSafe scrapheap.
“Many aspects of file-sharing I don’t agree with at all,” Lambert emphasises, “because people have put in a lot of time and effort, in many cases, to put these things together. But I think that there’s maybe a way that there’s a win for both sides, and that we can start to pay more reasonable amounts for movies, and not have to buy them several times over.”
A private matter
MaidSafe’s vision of complete anonymity and security, Lambert admits, flies in the face of current government rhetoric about the need for ‘data transparency’. Lambert is dismissive of Prime Minister David Cameron’s recent criticism of any encrypted communications which are unreadable to investigating authorities, but is unaware of any ‘official’ enquiries into the project: “We’re not quite wearing tinfoil hats yet!” he laughs. “I think the comments that David Cameron made were ill-advised, or perhaps there’s something deeper behind that…they’re completely unworkable.”
The company’s founders laud MaidSafe’s security and privacy features, suggesting the real prospect of an ‘unerasable’ network where, for instance, the messages of activists in oppressive regimes will be untouchable by government censors. However Lambert concedes to my suggestion that, as with any new communications arena, the earliest and most enthusiastic users are likely to be pornographers and drug-dealers, declaring “Technology is neutral”, though he feels that MaidSafe’s main user-base is likely to be composed of privacy advocates and users concerned about security.
Citing a recent blog-post on the issue at a MaidSafe forum, Lambert says: “One of the key things about privacy is that you can’t give it to some and not to others. If you’re able to make that decision, it means that someone’s controlling it, and if someone is controlling it, then you’re in the situation that we’re already in.
People think you can decentralise the internet using Bitcoin, but there are set reasons why you can’t
“So you’re reliant on legislation and privacy policies to protect you when we all know that’s clearly not working. So there’s no provision there – the network is the network, and unsavoury people will use it. There’s little doubt about that. But unsavoury people use the internet today, unsavoury people drive cars today…it’s just a neutral technology that’ll be used for nefarious purposes, unfortunately.”
Just to clarify the extent of the resilience of MaidSafe data, I suggest to Lambert that Silk Road [X], if established on MaidSafe, would never be able to be taken down.
“I think that’s correct,” he admits, but contends “I think that a lot of this kind of thing today is not solved online – a lot of it is solved by off-line police work. I don’t think [MaidSafe needs] to be any different; it certainly makes it slightly more problematic, because there’s no central point to just take down…We’re not unaware of these issues, but with privacy and security, you either provide it or you don’t. You can’t pick and choose who gets it.”
Vulnerabilities
The SAFE network has no Tor-style exit nodes for the NSA to set up and monitor, and thus is theoretically more secure from interception than The Onion Router protocols. It’s likewise resistant to DOS attacks, which rely on disrupting central servers. Some have mooted that Sybil attacks might be viable, in which an antagonist invests in controlling so much of the network via important contributing nodes as to be able to disrupt information integrity or availability with a ‘mass unplugging’.
“It depends on the network size.” says Lambert. “If the network was very small and a large chunk of it was turned off by someone, then it’s possible that it would create too much information for the smaller network to handle – a bit of data would be lost, potentially. But that would [only be possible] in the early days. Once it’s well-resourced, I think that’s less likely to be an issue. [A government] would be competing with billions of people. I don’t know at what level governments are looking into this type of stuff, and what resources they have available, but there’s no obvious way that I can think of that would enable them to try and control the network.”
Regarding the ‘master password’ aspect of MaidSafe’s security model, Lambert allows that minimising a network’s potential attack vectors to just one user/pass-style entry is likely to focus any eventual attacks upon that single point. “Key logging, for sure, is a risk.” he says. “Once we have the network up and running, which is the current priority, we’re needing to look at solutions to that.” Lambert believes that an external hardware solution such as Trezor is likely to provide the solution. “That would be a way around it,” he says, “but certainly keylogging and hacks are a concern.”
The serverless network
MaidSafe is set for a beta launch later this year, after progressing through three test networks encompassing a number of countries. Lambert recognises the need to balance the attention and interest that the project attracts with a common-sense circumspection. “It’s a slight chicken and egg situation,” he says. “I think we’ve been able to get the right level of interest through the crowdsale, and that was enough; then we’ve tried to keep it lower-key.
“We’ve been working at this for some considerable time. We’ve had much of the concepts peer-reviewed by universities and people within the development community and the cryptography community…this has not been an overnight thing by a long stretch, and so we feel comfortable where we are. You never really know until you launch, but we’re looking forward to that.”
Lambert is likewise cautious regarding the potential of a ‘Bitcloud-style’ network to substitute the existing internet in short order; but he admits that the goals at hand are quietly revolutionary in nature.
“We’ve used the phrase ‘decentralised internet’ because it’s easier for people to get their heads around, but what we’re really doing is decentralising all web-services. It sounds kind of naive, I think, to say that we’re going to replace [the internet and servers]. I think in the early days [MaidSafe] will complement the existing internet and give people a choice, so people that are more privacy and security-conscious are more aware of all the issues that are around it.”
Driving uptake
Admitting that the system is likely to be given its most useful momentum with the uptake of a ‘killer app’, Lambert says: “I think that providing a storage application is possibly the early killer app for us. Showing, for example, DropBox users that they can go onto this network, create their own credentials, without requiring a computer in America to do it for them… they can store a large volume of data and if they’re providing a sufficient amount of resource to the network can store that data free from monetary charge – and be totally in control of it; nobody can delete it without their say-so, nobody can look at it.
I think getting Mesh to the state where the ISPs are right now, that’s a number of years away.
“We’re working on one internally, and it’s basically what I just described. It’s DropBox with full end-to-end encrypted messaging built in.”
The developer mailing list for MaidSafe stands at over a thousand, with hundreds of projects in active development. Later in the year Lambert will be raising developer awareness further at Mobile World Congress and at Collision in Las Vegas. “It’s really a year of launching the network and then raising awareness to all the appropriate groups.”
Beyond those mailing list figures, statistics may prove hard to provide after the launch of the SAFE network.
“Interestingly, we’re possibly never going to know a huge amount more, because we’ll be able to estimate the number of nodes in the network, but it’s so anonymous that not only do we not know who our users are, we’ll only be able to estimate how many we have. And we’ll probably need to do that by trying to estimate how many [Safecoins] have been generated.”
A tentative apocalypse
Whilst clearly visionary, both Nick Lambert and David Irvine approach the semi-apocalyptic possibilities of a high-traction ‘ISP-free internet’ with a measure of reserve. Regarding cross-over initiatives such as Vitalik Buterin ‘s Ethereum and IBM’s Adept, Lambert envisions a great deal more academic-style cooperation before competition becomes an issue: “It’s all so small and so nascent,” he says, “that it’s hard to really see people as competitors right now.
“We were actually bouncing a lot of emails back and forth with Vitalik Buterin this week on consensus mechanisms, and just sharing some ideas. So for me it doesn’t feel like we’re competing; it feels like we’re sharing information. Whether that remains the case as we move forward and become commercial entities is difficult to say. But it doesn’t feel that way just now.”
“I’m not sure if [Adept] represents a serious attempt by IBM to say that they see the Internet of Things becoming and being served by a decentralised network, or whether that was a marketing exercise designed to appeal to the Bitcoin community. I’ve read both the IBM Device Democracy paper and also the Adept paper, and it really is very interesting. And it’s encouraging. If that is a serious attempt, it really is a good thing.”
As to whether Mesh is the future of communications in general, Lambert says: “It’s certainly one way to get around ISPs. I think getting Mesh to the state where the ISPs are right now, that’s a number of years away. It has the potential, and there are lots of different projects talking about satellites being used.
“Whether it’s Mesh or whether it’s the internet served from space, I think the future is not ISPs, for sure.”
