
Show HN: ORC – Onion Routed Cloud - sp0rkyd0rky
https://orc.network
======
kodablah
Sorry I have not dug too deeply, but I have some questions.

1\. Are there controls (i.e. proof-of-stake) to enforce equitable and lasting
storage of your items on others' machines?

2\. What is the consensus model for marking peers as bad actors?

3\. What are the redundancy guarantees? That is, how many nodes store my data?

4\. What is the "currency" of sorts that I must "pay" in order to store a
certain amount? Amount of hard disk I contribute back?

5\. Why was the AGPL chosen? Surely adoption by any means, commercial or
otherwise, would be welcome in a system that has equitable sharing guarantees.
Now if I want to implement your spec in my choice license, I can't even read
your reference implementation.

Maybe some fodder for the FAQ. If not answered later, I'll peruse the
whitepaper.

~~~
polle626
proof-of-retrievability, I imagine somewhat like what Storj, Sia and Filecoin
do.

zcash is the currency.

------
woodandsteel
This looks like the opposite of IPFS in terms of what gets stored on your
computer if you are part of the network.

On IPFS, something gets on your computer only if you decide to let it, and
there are blacklists to automatically keep off material you don't want.

On ORC, it seems that encrypted pieces of everything get stored, so you can
wind up with all sorts of things you don't want, but on the other hand might
be able to deny legal responsibility.

~~~
polle626
Well, in ORC you get paid for storing things, in IPFS you don't.

~~~
djsumdog
Another comparison would be FreeNet, also where you don't get paid anything,
but you don't know what's on your particular hard drive either.

With FreeNet though, you can anonymously post and distribute content to
others. I didn't see anything on the page or FAQ indicating if you could
create a public key/link (like you can with Mega).

------
simcop2387
Based on what I'm reading here, it looks a lot like freenet. Does orc give any
kind of privacy promises like it?

~~~
mirimir
Yes, functionally it's like Freenet. But it's all done through Tor onion
services, so participants can be at least somewhat anonymous. With Freenet,
there is no anonymity, only "plausible deniability". Which in practice has
ended up being pretty worthless by itself. Consider that guy in Philadelphia,
who's rotting in prison for refusing to provide his FDE password. He claims to
have forgotten it, but that's not working out so well.

------
philippnagel
Interesting, does anyone know how this is related to storj.io?

~~~
wyldfire
IIUC, this was a fork of storj created by a recently-former maintainer [1].
Strikes me as a great time to liquidate your SJCX (I just did).

[1]
[https://www.reddit.com/r/storj/comments/6llxpn/so_long_frien...](https://www.reddit.com/r/storj/comments/6llxpn/so_long_friends/)

~~~
trevor-e
Yikes, there are a lot of grievances being aired in that thread. To clear up
any confusion:

    
    
      Yes, I have forked my work on Storj and have given it to 
      Counterpoint to help raise some money to continue to develop 
      it. Please note that this project is not a competitor to 
      Storj as it is fully distributed, there is no business model 
      (because there are no bridges), and it is managed by a 501c3 
      organization.
      Edit: see https://orc.network

~~~
kyledrake
I don't know the Storj project or this situation well, but the timeline of
events I've gathered from reading those reddit comments is:

\- You acquired some "pre-mine" tokens (apparently with no vesting)

\- You pre-sold those tokens before the fundraiser

\- You quit the company shortly after

\- You then proceeded to slander the company on Reddit (something something
"radical transparency")

\- You then forked the company's project and started calling it your own. But
it's not "competing" because you're using a 501c3 tied to an unrelated
hackerspace in Georgia as an umbrella for its fundraising (possibly risking
its tax-exempt status).

I think this is a fair question to ask given the circumstances: Is your goal
here to create a great open source project, or to damage Storj?

~~~
sp0rkyd0rky
Believe me, I understand how this looks. To answer your questions:

\- Yes, early storj employees were given tokens on a schedule related to
achieving certain milestones

\- Yes, when I felt it was appropriate for my own future, I sold those tokens

\- Yes, not long after I sold, I (and others) left

\- No, my intent was not to slander, but simply to explain why I have
disappeared from the community and why core development has slowed

\- Yes I forked a free software project and our hackerspace is providing
what's called a "comprehensive sponsorship" which in no way risks 501c3 status

My goal has always been to create a great project and never to harm Storj
Labs. Though, admittedly, given the circumstances I understand how it might
appear that way. Because of that, can we not turn this thread into what
happened on Reddit?

------
fiatjaf
What is it? There's no explanation of what it is in the website, although
there is a whitepaper, documentation, a tutorial and a description of the
protocol.

From the whitepaper Abstract:

"A peer-to-peer cloud storage network implementing client-side encryption
would allow users to transfer and share data without reliance on a third party
storage provider. The removal of central controls would mitigate most
traditional data failures and outages, as well as significantly increase
security, privacy, and data control. Peer-to-peer networks are generally
unfeasible for production storage systems, as data availability is a function
of popularity, rather than utility. We propose a solution in the form of a
challenge-response verification system coupled with direct payments. In this
way we can periodically check data integrity, and offer rewards to peers
maintaining data. We further propose that in order to secure such a system,
participants must have complete anonymity in regard to both communication and
payments."

~~~
fiatjaf
Somewhat related: why every project out there that wants to appear as serious
has to publish a "whitepaper", which is basically any gibberish you want in a
PDF format?

(Not saying ORC is gibberish at all, but I do have seem the most simple and
stupid ideas written in tech projects whitepapers over the last years.)

Why can't a project write all it wants in HTML pages, with links, clickable
topics, separated pages, images, code snippets, examples etc., everything that
could make it better to read and understand?

~~~
vertex-four
Because of the Bitcoin whitepaper, its prominence in the Bitcoin community
(it's almost a Constitution), and people wanting to replicate that.

------
woodandsteel
The web page says files are encrypted and then split into chunks that are
stored around the network, and then reassembled when you want to access your
file. That sounds like no one could alter your file.

The webpage also says, "Redundancy is achieved through the use of erasure
codes so that your data can always be recovered even in the event of large
network outages."

Does this means files can't be lost, as long as you keep paying your bill?

~~~
vgb2k11
>The webpage also says, "Redundancy is achieved through the use of erasure
codes so that your data can always be recovered even in the event of large
network outages."

>Does this means files can't be lost, as long as you keep paying your bill?

The white-paper mentions:

>"ORC will soon implement client-side Reed-Solomon erasure coding (Plank
(1996)). Erasure coding algorithms break a file into k shards, and
programmatically create m parity shards, giving a total of k + m = n shards".

So at first glance its seems like the usenet parchive/PAR2 redundancy
methodology, but storing the parity shards locally (client side). Well that's
my interpretation of this section of the white-paper anyways.

So in short: it certainly doesn't mean that the files "can't be lost", but it
means the owner of the files can rebuild the files using parity shards from
client side in that case that network outages affect file availability.

------
herbst
This sounds interesting and got me thinking, i have some high bandwidth
storage just sitting around. However i the machine runs on a skylake pentium
and docker seems overkill. Is there anything like this that works without
docker?

~~~
sp0rkyd0rky
It's not required to run in docker, just there for ease of setup. Check out
[https://orcproject.github.io/orc/tutorial-
install.html](https://orcproject.github.io/orc/tutorial-install.html)

~~~
herbst
Nice. Seems there is a error tho:

    
    
        npm install -g @orcproject/orc
    

only works as:

    
    
        npm install -g orcproject/orc

~~~
sp0rkyd0rky
Aanndd just saw you did that already.

------
trackofalljades
Is this viral marketing for Silicon Valley?

Mostly kidding, but really, this is pretty close to "Pied Piper" isn't it?

------
Best_Teaser
I wonder how much storage would cost? I found Amazon's cloud storage
surprisingly affordable. It doesn't seem like it would add so much cost just
to run it through a TOR network.

