[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [freehaven-dev] New trading/trust proposal for FH online




> Looks like a reasonably self-consistent idea.

Thanks!

> My nit-picks:
> a) what if C returns an incorrect hash of share+nonce? how does B know
> it's incorrect?

As B traded the share to C, it also has a image of the share (pre-image
of the hash query) in its trade db.  Thus, it can compare the thing
it received from C against things in its trade db.  For efficiency,
I guess then we can store both share, hash(share) in trade db.
Of course, this would be an O(n) test to "find" the matching share,
where n is # elts in trade bd.  Not that bad...

> b) need to keep track of how frequently a given document is queried --
> I can see a scenario where A and C are conspiring: A queries B which
> queries C, and A does this every 5 minutes. B pumps up its trust in C
> greatly, because it's just done ten thousand successful queries. this is
> easier to solve than the issue above.

I'm sure we can add a log...

> we should seriously consider if we can get the same data persistence
> guarantee out of exploiting massive parallelism (like what mojo
> nation is trying to do, or like what prof rivest originally suggested
> with the 'send it to everybody and some of them will keep it'). because
> trying to control data in a fine-grained micromanaged approach really
> isn't going to work as well as we want.

I'm somewhat in agreement, although we should need to be careful to
ensure that things actually do get spent.  It's probably not all
that hard to implement Chaumian coin stuff, if we do need to go 
down this path like Mojo Nation, but I forget the means by which
they ensure they don't get caught in a central issuing/online
verification model - obviously a central point of attack and weakness
for a distributed system.

We should talk more about this.  Soon....

> i'm also in the process of mulling over our notions of anonymity, since
> mojo nation does not provide server anonymity (i can look up via the
> contenttracker which sites are hosting which blobs, and i know that
>they have a chunk of the document) but obviously it would be impossible

To my understanding, Mojo currently doesn't provide *any* anonymity.
Jim McCoy said (at the conference) that they could always plug mixnets
in between links - which is our idea of "build the backend, just stick
in anonymous comm links."  Anyway...

--mike

------- End of Forwarded Message