
Opening the Filecoin Project Repos - bencevans
https://filecoin.io/blog/opening-filecoin-project-repos/
======
fwip
I'd love to finally see a writeup of the "proof of spacetime" storage.
Understanding that proof seems critical to understanding what use cases
FileCoin will and won't work for.

Edit for clarity: This is the closest I was able to find, and is short on
details. [https://github.com/filecoin-
project/specs/blob/master/proofs...](https://github.com/filecoin-
project/specs/blob/master/proofs.md#proof-of-space-time)

~~~
gcbw2
The proof of storage is even trickier.

A multi-account attack (sybil?) can just store the file once, and pretend to
store it N times, inflating the cost (attacker revenue) by N fold. I can't see
how this is avoidable other than being an authority with insight into most of
the internet traffic structure. ...Maybe it is designed to only work within
china?

last question was a joke, but note that every single multi-account protection
requires a breach of anonymity. That's why most modern distributed protocols
try to completely work around any benefit of having multiple accounts.
Storage, by definition, can't.

~~~
whyrusleeping
The proof of replication provides assurance that for some given data D, a
unique replica R is created for it. What you’re proving with the Proof of
SpaceTime isn’t that you have some _data_ , you’re proving that you have the
_replicas_. Generating the replica is slow, so you can’t do it on the fly. I
gave a talk recently that goes over some of this briefly:
[https://youtu.be/GZZ2G9bPXsM](https://youtu.be/GZZ2G9bPXsM)

~~~
gcbw2
you talk for 15s about it on that video. I will try to read the secondary
paper on this... but doesn't look like it can protect against someone just
generating hashes for multiple accounts from the same stored data.

P and (the fake) P2 can both reply to V with perfectly normalized storage.

But regardless if the protection works against bad actors, it definitely
"works" _against_ good actors if you take into account storage prices. E.g. P1
and P2 are two distinct good actors. They both pay cloudProviderA for storage.
P1 and P2 bid on the same filecoin storage contract. They store that
independently of each other, but cloudProviderA normalize the storage (with
their own backup and consistency solutions). But with this protection scheme,
since the cloud provider can't normalize, the cost will eventually go up
because their normalization margin got erased. Over time, the data storage
cost for good actors will go up, while for bad actors (assuming they are
possible) the profit will increase.

~~~
whyrusleeping
To generate a response to the verifier, you have to have your replica of the
data in question. A replica (from proof of replication) is a unique encoding
of the data that is quite slow to generate. If the prover isn't storing the
replica, they will have to regenerate it before they can respond to the
challenge, which takes a noticeable amount of time.

~~~
viraptor
What scale is "noticeable"? Is it slower than "we're going to pretend the
network is slow and send you 1KB/s until we generate the rest"?

~~~
darawk
1kb is much larger than most hashes.

~~~
viraptor
I'm not sure what you're trying to say by that.

~~~
darawk
I'm saying that strategies like that won't work when the data required fits
into a single packet.

------
miguelmota
A brief for anyone wondering what Filecoin is:

> Filecoin is a decentralized storage network that turns the world’s unused
> storage into an algorithmic market, creating a permanent, decentralized
> future for the web. Miners earn the native protocol token (also called
> “filecoin”) by providing data storage and/or retrieval. Clients pay miners
> to store or distribute data and to retrieve it.

Filecoin is a project of Protocol Labs which also created the DAG based
hypermedia protocol IPFS.

~~~
gammateam
Protocol Labs wont integrate filecoin use into IPFS?

~~~
miguelmota
Filecoin is essentially IPFS with incentives for data retention and
distribution.

~~~
gammateam
Given that so many people do it all for free with very good uptime and
connectivity, do you think Filecoin will be something consumers want?

------
tribler
The interesting bit: "Legal Compliance for Filecoin Storage Miners"
[https://github.com/filecoin-
project/specs/issues/65](https://github.com/filecoin-project/specs/issues/65)

"In order to comply the with law, a miner who agreed to store the bad data
must not serve it, and delete the data from its hard drive as soon as
possible."

~~~
ijpoijpoihpiuoh
From your link.

 _Storage miners can absolutely decline retrieval requests, at any time, for
any reason.

Storage miners have to be able to access the data themselves for the purposes
of the PoSt, but since the PoSt is a zero knowledge proof, none of that data
ever leaves the miner. The PoSt simply proves to everyone else that they
actually have the data, without revealing the data (thats how we keep it
compact)._

I found this interesting too. Could a miner save on bandwidth costs by just
hoarding a bunch of data, but never serving it up? I guess that they must have
a solution for that, but is the solution decentralized?

~~~
tribler
Yes, that seems a possible attack. You can store stuff and pass the regular
audits using "Proof-Of-Storage", yet refuse to upload bits when finally asked.

Hard to protect systems from irrational attacks like that (we know from
building a similar system). They are quite transparant about their "unsolved-
problems": [https://github.com/filecoin-
project/specs/issues/63](https://github.com/filecoin-project/specs/issues/63)

~~~
dlubarov
Why do you call that behavior irrational? Seems like it would save some
bandwidth costs, as the parent suggests.

~~~
wmf
AFAIK nodes get paid for serving data and they can set the price to be higher
than their bandwidth costs, so refusing to serve data is refusing to make
money.

~~~
beambot
If you are the only surviving node with the data, then it's called extortion
or holding the data hostage.

~~~
wmf
Preventing that kind of problem is basically the point of Filecoin and similar
systems.

------
jhoechtl
This project (I mean IPFS) startet with a very interesting goal. Now it seems
they have totally derailed and went the blockchain based virtual currency way.
So sad. Instead they should have invested their energy into better integrating
IPFS eg. into browsers.

~~~
TeMPOraL
Last I checked, FileCoin was just an incentive layer for IPFS, not a core part
of the protocol. Close association between Protocol Labs and the Ethereum
community doesn't inspire me with confidence, but as long as IPFS works
without it, I'm happy.

------
asciimo
Link to the Filecoin FAQs:
[https://filecoin.io/faqs/](https://filecoin.io/faqs/)

------
jude-
What stops a filecoin miner from storing all replicas to S3? If nothing, then
why use filecoin at all? Economies of scale would dictate that the most
successful filecoin miners would simply be cloud storage providers by another
name (but paid in tokens instead).

~~~
JetSpiegel
> What stops a filecoin miner from storing all replicas to S3?

Being undercut by Amazon running Filecoin on their own?

~~~
jude-
So filecoin would just be a slower, less scalable, and more costly way to pay
for S3?

------
trevelyan
Just put it on Saito and pay for it to stay on-chain for however long you
need.

------
throwaway-1283
The fact that as a miner you have no control over whether someone stores
illicit documents on your machine seems like a dealbreaker

~~~
harshreality
The fact that as a maintainer of a website with user-contributed content, you
have no [up-front] control over whether someone stores illicit content on, and
distributes it from, your server, seems like a dealbreaker.

------
aey
We have been Apache 2.0 open source from day one.

[https://github.com/solana-labs/solana](https://github.com/solana-labs/solana)

Kudos to filecoin! And choosing Apache 2.0 as the license.

~~~
yjftsjthsd-h
Okay? You have... A thing? Probably a similar thing? If you must spam your own
thing, at least tell us why we should care about your thing in contrast to the
actual subject of the thread.

~~~
aey
My fault!

Filecoin is great!

We are also building a blockchain that is based around Verifiable Delay
Functions and has been open source from day one.

VDFs can be used to track time in a permissionless network in a way that works
before consensus. Which opens up a wealth of distributed systems optimizations
that involve a synchronized clock. If that sound interesting, check out
[https://github.com/solana-labs/solana](https://github.com/solana-labs/solana)

