
Fog.sh – decentralized content publishing on the IOTA ledger - degif
https://fog.sh
======
Egidius
Only 4 days ago this was posted:

[http://codesuppository.blogspot.nl/2017/12/iota-tangled-
mess...](http://codesuppository.blogspot.nl/2017/12/iota-tangled-
mess.html?m=1)

Next to that I found this great article in the comments:

[https://medium.com/@neha/cryptographic-vulnerabilities-in-
io...](https://medium.com/@neha/cryptographic-vulnerabilities-in-
iota-9a6a9ddc4367)

~~~
xwvvvvwx
Not really deep into this, and haven't even read the whitepaper, but looking
from the outside there are a _lot_ of red flags around this project:

\- Use of ternary logic [1]

\- Writing their own hash function [1]

\- Claiming that the flaws in the hash function were 'copy protection' [2]

\- The Github issues page for their wallet client [3]

I've heard that the DAG approach has merit, but from what I've seen I would
not trust this team to execute on it.

[EDIT]: Almost forgot the black-box closed source 'central coordinator' [4]

[1]: [https://medium.com/@neha/cryptographic-vulnerabilities-in-
io...](https://medium.com/@neha/cryptographic-vulnerabilities-in-
iota-9a6a9ddc4367)

[2]: [https://gist.githubusercontent.com/Come-from-
Beyond/a84ab861...](https://gist.githubusercontent.com/Come-from-
Beyond/a84ab8615aac13a4543c786f9e35b84a/raw/bb00cdf3625deba453d614f55c27f769b261df56/CFB's%2520letters%2520to%2520Neha%2520Narula's%2520team%2520during%2520their%2520analysis%2520of%2520Curl-P%2520hash%2520function)

[3]:
[https://github.com/iotaledger/wallet/issues](https://github.com/iotaledger/wallet/issues)

[4]:
[https://www.reddit.com/r/Iota/comments/7c3qu8/coordinator_ex...](https://www.reddit.com/r/Iota/comments/7c3qu8/coordinator_explained/)

~~~
fijter
1: By using a ternary number system, the amount of devices and cycles can be
reduced significantly. In contrast to two-state devices, multistate devices
provide better radix economy with the option for further scaling

2: Why is explained here: [https://blog.iota.org/the-transparency-
compendium-26aa5bb8e2...](https://blog.iota.org/the-transparency-
compendium-26aa5bb8e260) \- CyberCrypt is hired to review and audit it.

3: The wallet is secure and does what it needs to do, no, it's not very pretty
or user friendly but it works. A new wallet (Trinity wallet) will be released
very soon.

~~~
DiThi
> 1: By using a ternary number system, the amount of devices and cycles can be
> reduced significantly.

How does that work? Trying to find information, it looks like it's designed
for devices of the future that don't exist; so it's built on assumptions that
may be plain wrong.

~~~
fijter
It would be ideal on trinary hardware, but it can work with a trinary emulator
for now. I expect to see a Trinary chip very soon. CfB, one of the core devs
of IOTA, founder of NXT and inventor of PoS has a team that has been working
on Jinn (trinary cpu's) for the last 6 years.

~~~
DiThi
So they're betting that it's the hardware of the future. And not something
like the Mill CPU, which has been in development for much longer and it seems
it will be able to execute all the millions pieces of existing software,
faster and with less energy.

------
forvelin
Amount of 'newbie investors' in IOTA and their over-zealous defence in any
medium is scary.

We've had Perl people, Python people, Ruby people and their arguments but none
of those invested their money in languages' success. This blockchain
programming zeal mixed with investors trying to hype their currency is
annoying and mildly scary.

~~~
DyslexicAtheist
indeed very distracting! Becomes impossible to argue when everyone is so
pumped by their possible financial ROI that they're blind to any criticism.

And then there is the fanboys / evangelists who sign up to forums like this
just for spreading their belief. Like mindless bots. The whole technology is
fascinating but it's a pain for researching facts when half the community is
biased the other half are morons.

~~~
caruana
I know this will get down votes (but I'm generally a sarcastic guy so please
take this in that spirit): if half are biased and half are morons what camp do
you fall in? :)

~~~
DyslexicAtheist
You don't have to be part of the crypto-zoo. You can just stand on the side
observing and shaking your head.

Disclaimer: I personally don't gamble/speculate and therefore don't have any
crypto currencies in my possession. (this argument is usually used by IOTA
fanboys to discredit critics of their currency/ICO)

~~~
caruana
Standing on the side lines, indirectly referring to participants as animals
(crypto-zoo), shaking your head from your percieved superior position,
generalizing participation as gambling / speculating demonstrates you are
squarely in the biased 50% camp.

My Disclaimer: I have positions in several crypto projects (not IOTA
specifically b/c I don't like some of the decisions they've made). I make no
predictions as to which (if any) cryto projects will succeed but ultimately I
think that the long term outlook is positive for a few.

edit - typo

------
zaidf
What's actually stored on the ledger? Like if I make a blog post with title
"Hello world" and body "1234", would those two strings be on the ledger?

~~~
degif
Hey, one of the authors here. Short answer - yes. Together with some meta
data, the published content is signed by the author, encrypted (read more here
on how exactly [https://blog.iota.org/introducing-masked-authenticated-
messa...](https://blog.iota.org/introducing-masked-authenticated-
messaging-e55c1822d50e)) and stored on the Tangle.

Fog CMS helps with the content publishing and is one of the ways on how to
read and display the content from the Tangle.

------
mntmn
Just remember that all the message/transaction metadata is purged when the
IOTA team makes a “snapshot”. One of my first evaluations of IOTA was to store
IPFS URLs in transactions. Then came a snapshot and all the data was gone.
This probably wouldn’t happen in a system with transaction fees.

------
degif
Hey, one of the developers here! Happy to see this on Hacker news, thought the
CMS is still in heavy development. Happy to answer questions and I hope we can
stay on the problem/technology/product topic and oversee all the crazy
speculation stuff ;)

~~~
xwvvvvwx
Nice work! This seems really slick :)

How has your experience of building with IOTA been? Is there a good SDK /
documentation somewhere? I've just started digging into Ethereum and so far
I've been a bit disappointed by the standard of the tooling... :/

~~~
degif
Right now IOTA works as a content storage and distribution "database"
regarding to what we are building, so it's more simple than Ethereum smart
contracts and their own language. The API SDK's are all there and are working
great for us!

~~~
xwvvvvwx
Does the SDK call out to some server running a node somewhere, or does it
actually implement a client side IOTA node in JS?

~~~
degif
To check the data authenticity it's connecting to a node server for the data
synchronisation, the data encryption happens on the client side. Client side
nodes are on IOTAs roadmap as it's a technical challenge to synchronise with
the network by just storing a small chunk of it.

~~~
xwvvvvwx
Who runs the server?

What incentive do they have to expend resources to commit data to the ledger?

How can you trust that they have committed what you asked them to?

------
hasa
Does the particular content object live as single chunk of data in the
decentralized network or as multiplicated copies as in case of virtual
currencies ?

------
DennisP
This seems like it might be interesting if there were some technical detail
about how it actually works.

------
leichtgewicht
I don't see an advantage to [https://datproject.org](https://datproject.org)
?! Do I miss something?

