> I understand that passwords cannot be reset or recovered - if I forget my password, then I will lose access to my account and all my data
Shame, cause P2P password resets are totally possible these days, see my tweets on this with Brendan Eich: https://twitter.com/marknadal/status/1131258225095991296
Also, I just got:
> Error: User already exists!
How is this decentralized then? Unless it is using a blockchain to register usernames, then there has to be a master server that "decides" whose username is taken.
Or worse: It is decentralized, but not offline-first (what happens if I register without internet access)? What is the point of being P2P/decentralized if I need to be connected to a peer?
> Creating filesystem
Is really slow! Is this IPFS?
Small actions, like "send friend request" takes ~5seconds. Have you guys tried using something faster? There is a P2P version of Reddit ( https://notabug.io/ ) and he's done a ton of optimizations to make things instant, probably require switching p2p protocols though.
Overall, it worked! That is saying a lot in the blockchain/decentralized world. So this should actually be viewed as a huge success. Congrats!
Thanks for your feedback.
We do hope to use shamir secret sharing among your friends to allow password recovery in the future, but that's strictly less secure (your friend's can collude against you) and would be optional.
There is a centralised pki to ensure unique usernames (eventually it could be made into a blockchain - it's already an append only merkle-tree in ipfs, but this is an alpha). This is a UX tradeoff. Peergos is designed to be used by people who can use facebook - they should never need to see a hash or manage their keys. Once you have signed up and claimed your username you only need to interact with your storage node (and those of your friends for social stuff) unless you need to lookup a new friend who's recently signed up.
Some things are slow yes, we have a lot of optimisation to do, but wanted to start getting feedback.
This is, of course, how it’s always been done. But need it be?
If you’re bootstrapping off of your existing Twitter/Facebook/Whatever I would assume Oauth could get you the ability to discover friends on the network without ever having a “username” to enter.
If you’re making a new friend on the spot it’s a QR code or Bluetooth or Ultrasonic handshake between the devices?
If you’re making a new friend online I’d rather send them a peergos://<base56>/invite via SMS or Email or whatever other chat program we’re using. Tap and it should app switch right over to a screen showing their contact info with the “Friend” or “Add” button right there.
iOS will convert a webpage link into a preview of the page. I wonder if you could use that functionality to make sharing an invite link via SMS on iOS preview the actual contact page. I don’t know if iOS will let installed third party apps provide a preview bubble for link/protocols they’ve registered to handle.
OT: Shouldn’t the name just be PeerGo? Or really, Peer.
"Alternatively you can pay another provider to store your data (they won't be able to read your files). Currently, we have a small central server which stores usernames and public key"
So IPFS is useful to eventually have your data copied to other nodes, but you need centralized servers for basically all reliable operations?
IPFS isn't a service to store unpopular files for you for free. If you're not going to do it, someone else has to be paid or otherwise motivated to host your files for you.
IPFS reduces bandwidth costs, and might reduce latency, in the event your files/data become popular. In a sense, it's a free content-addressable autoscaling cdn. It's not a free S3/B2 replacement.
You can self host, and then your own node is responsible for storing your data (which could be a machine in your house, or eventually maybe even your phone).
The other effect it has is it allows us to have a global filesystem with all the semantics people are used to from filesystems with human readable paths of the form /$username/$path_in_users_space
I think if you could plug in an old iPhone/Android and have it become your host I don’t see why that couldn’t be mainstream. Everyone (who would consider using this) has an old phone they can plug in and forget.
That's the thing I really can't wrap my mind around with these kind of solutions: how can they be advocated while not offering a good way to be reliable? That's doing a disservice to the other good parts like the better privacy.
If you "plug and forget" from a paid centralized service not using IPFS you have even less recourse.
With IPFS it doesn't matter whether the blocks are locally on your system or in a paid cloud, the blocks are readily available because they are transparently available from BOTH.
If you stop paying the cloud the blocks are still available but slower if they are on a slower pipe.
And IPFS does not work (or at least, has no guarantee) in the event of a file has no hosts. So the only way you could host it yourself safely would be to use something like P2P and distribute the files. Either at large scale (like FileCoin proposes), or by having something like RaspPi's in 2 family members closets so you have redundancy in your hosting - should your house burn down.
Since I was using IPFS that wasn't a problem, since I also had a few other machines hosting the same blocks from different places (including one in a different country).
I love IPFS, but it still needs a live server to pin a resource. Luckily you can host IPFS stuff (theoretically) on a tiny box because any amount of traffic becomes "instantly" distributed. But, still having it hosted is the only way to guarantee your content is actually available.
Did you miss the last part where I said multiple machines are hosting it?
When you mentioned other machines, I assumed you meant that other machines had accessed the content and effectively temporarily seed it, as is the way IPFS works.
If your point was truly that other machines have your content pinned, then what is your point about "hosting it on your laptop"? Seems a bizarre description if your laptop can be closed, but the other machines have the content actually pinned. It's hosted by the other machines, not your laptop.
As long as you follow that rule you don’t lose data.
Also, not all content I keep is the same, I think it could be be tiered. There is a lot of content I have which is third party and easily replaced, these are files that hash to values that other people will also happen to have.
Then there is content I personally created like photos and video which is voluminous and important but not an epic disaster if some of it is lost. Finally there are crucial documents which are truly mission critical, but these make up the smallest share (less than perhaps .1%) by volume.
Every friend I connect with I wouldn’t think twice about giving them some amount of space on my server. I mean, you’re allocating space for chat and metadata and such, why not also a baseline amount of per-peer storage like 100MB. Then you could slide it up from there.
Making this automatic, and on by default at a baseline, adds a level of resiliency to the whole network.
I assume my friends can act as relays (store-and-forward) for anything I’m sending or sharing through the network as well.
Just because you can...
Is this thing pronounced purge os? Even if its not supposed to be..
Maybe the first server most people buy is a home NAS or wireless gateway. Those types of devices should also be able to act as the host as long as they have pluggable storage.
I've been writing a knowledge repository and was debating using IPFS to distribute encrypted files. However Peergos is interesting for the same reason. To toy around with the alpha I'd like to experiment with integrating the sharing model with my project.
The rest api is quite simple, and mostly a subset of the IPFS rest api. The complexity is mostly client side. We have a Java client, which we cross compile to JS for the browser.
If you're mainly interested in the access control mechanism it is a simplification of cryptree:
Blockers shouldn't matter because we don't have any third party hosted content, not even fonts.
Can you describe in more detail the issue? Would love to hear critical thoughts on this project, as I'm interested, but wary.
I'm a bit cranky about it because I have watched a bunch of projects like this bud and then fail to develop even though they were/all very worthy in their way.
The higher level sharing and storage that we have now through services such as Facebook, Instagram, Dropbox, etc, could have been built in a peer-to-peer way, on top of things like Peergos.
I do not think that Peergos will necessarily be the exact technology that a new, decentralized version of internet technologies will be built on, but we are building the infrastructure and knowledge needed to be ready for power and economics shifts online.
TLDR: It's a cryptographic capability based global filesystem with a focus on privacy.
Disclaimer: I also work on IPFS