Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
IPFS / Berlin Developers Meetings - July 2018 / 9 Jul 2018
IPFS / Berlin Developers Meetings - July 2018 / 9 Jul 2018
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: Protocol Design Sessions - DHT Scaling - Jacob Heun, jonnycrunch

Description

Originally recorded during the Berlin Developers Meetings from July 9-13, 2018.

A

So we were lazy and sort of did a poster and we also have something a crypt had if we actually open up that. Well, you actually put everything into the.

B

Oh sweet.

A

So there's the visual among us and then we also have they everything in text so so I think it'd be I'm.

C

Sorry new to scaling visible.

A

In the middle in front of the time he.

C

Is.

A

A separate stream of screens, oh.

C

Yeah yeah yeah.

A

All right, so uh so really I think we talked about the current state of DHT. The example that I certainly well-known know like last couple days, has been IP NS issues for publishing and resolving and the issue about oh who's DHT. And how do you scale that so we talked about messaging protocols as well as this idea of scaling it right now with like peer pad you're, stuck to maybe scaling to about thirty or forty, maybe a few hundred users, and so the issue also.

A

Is there multiple I think connections, so yeah, actually you're limited by the connection connections- and this is what we were talking to peer about. I think is that you know basically in right now with the his issue. Is that they limited to about thirty peers, but so the idea, basically taking states and being able to report state as an IP LD object and integrating it signing it or integrating it and creating a proposed state for conflict resolution and and then that and then reported back as far as any conflicts.

A

They also the idea of actually doing a calendar hash that basically, if this is a detached, node and IPL D, that's an old state is using that how this is actually injected this time point and then a voting mechanism to do that. So some of the problems certainly is that DHT nodes can be flooded now.

A

There's an issue about membership of DHT s, basically how the IP NS was able to scale from Kyle was spinning up a much a bunch of extra protocol labs nodes in the cloud, but the issue is like how does that scale, two million, and so, if he's protocol labs actually spins it up, but why would I trust open, bazaars, dhts over protocol labs, so the idea of being a trusted super node actually came up, and how do you actually manage a trusted? Super node? Well, that's verifiable claims! That's something! I know about so that L.

A

So the issue flash crowd, crowds come in and try populate into the DHT and the idea of actually basically how to self heal your continuum, contributing resources to the DHT until it actually propagates and be able to have some way of visualizing that network, so that you can actually get some feedback or the state of the network as its self healing and automagically scale back. So some of the solutions we proposed was the idea of proof of work that, as you push things to the DHT you're asked to solve.

A

Some cryptographic function, coordinate with signals, so that's messaging gossip. So basically, I was talking about gossip, about gossip, basically again gossiping about the network's, the state as an IP, LD object concept, see Rd, T and and signing it and gossiping, and actually like reporting back the gossip about that that sub node and then that's using IP LD for the state reputation systems. So basically, if this proxy is not known and it's trying to sign things for a whole bunch of new peers and it's basically spinning up trying to flood the system.

A

Well, this is a new node that hasn't had enough time on the system. So it's it's a. It should be less trusted network visualization. We talked about network recipes having it, though, what that was about yeah.

B

So the basic concept is when you, when we end up having a couple like these mesh networks, right of hey, here's an established network, they have. What we want to be able to do is provide recipes for based on the situation that this network is going to be in, so that you can have different configurations of how these these kind of sub networks want to operate so that it can kind of control how it scales.

B

So, if you have kind of your your mesh rings- and you have this network, topology kind of being shared across as more and more nerds are joining and demands are differentiating, and we can say: oh you know what we need. We need to get another DHT scaled up, we're gonna go to one of our trusted nodes, tell it to turn into a DHT, and then we can watch the kind of the mesh networks shift in transition, and then over time has skills back down. We can we can change that back.

B

So some of the stuff we were talking about with network visualization and simulation is actually being able to set those recipes run. The simulations and watch the the meshes change yeah.

A

And that basically got to my question for Brian was Brendan is the model of the data of the topology of the network, and so actually, how do you represent that and to make sure they actually here's the network that we're trying to represent and here's the proposed date for actually the conflict resolution? And at what time point and then lastly, yeah I, guess see our DTS for rebalancing that so I think defeat. We also had a couple different things. You have anything else to interject.

A

We have a fascinating conversation, though I think we could cover everything.

D

We don't know a lot about what candidate solutions and like what we could implement first, so one of the shortcomings or one of the problems, it all comes down to give better primitives for applications to like give hints to a peer to peer of what they need. So when this, hopefully, when we talk about membership, management's, it's really. Okay, like I'm a peer path and I'm, just really interested all talking. We nodes that are on the same path as I am so. Why am I connecting to the rest of the network?

D

And so if there is something that connects exposed by a p2p API? That can give people a way to then give that information to the people peer that only peer to peer can make better judgments. The other thing is really the coordination protocol, which is kind of like very cheap protocol, like it's just like notes telling each other hey. Here's like what I see from a network. It seems that there's a lot of a load or like not a lot of loads. Of course like these can be attacked like someone can be lying, but it's.

D

This is just like to help notes, make better decisions. If some note is telling they're, like oh I, see three million notes joining like we should like calm down and like increase the size of our crypto puzzle and then, like ten other notes, tell you oh I just see they're not joining, then you can like lower the reputation of that note right, and so you can use all of these to make better decisions and, in the end, like a lot of these networks, like you, don't really need more.

D

Like than hundred to two hundred connections, and this is already a lot like you can do. You can access pretty much the entire network with just like 100 to 200 and in some runtimes like the browser, we really don't even want to have more than 10 or 20 connections. Otherwise we might just kill it so yeah, like I, guess, I'm, just like repeating some.

D

Questions.

A

My questions.

E

This reminded me a lot of coral and it's a great that you are looking at it. I think I think there's a whole area of protocol designed to be explored there on what these self-organizing clusters should do. One part is routing and coral. That's what coral does, but there's a whole bunch of other stuff that that could happen. I think you're, you're, starting to uncover I, would worry about with a lot of these systems. It has to be used to get a really simple construction for how these systems grow.

E

Merge split, come back, and in the house we can I'm pretty stable when once you ship the same protocol to like millions of nodes, and so we save like reducing the complexity of that, it is important and so I think coming up with very simple ways in which these clusters form, or these subnets form and how they do something different would be important, but just more of a design. Thinking. Okay,.

D

Okay, one of the things that multiple groups disgusts and we talk about a lot about having fun. So one thing that we really want to have and multiple people got excited about. It just have a contest like let's create a and multiple people build different, topologies and I know it's coming with all these use. Cases like we're streaming and like forums and blogs and social networks and like just what people go wild like, let's create a huge contest it can be in person can be online.

D

What you know, what the research community, the hacker community, the peer-to-peer commune just like to try different things and try to find the best strategy so that we can then have recipes right like the thing that we started, saying like.

D

Oh, maybe like we'll, never find a one-size-fits-all solution unless we a mile like all this, but we can definitely come up with multiple solutions that are really good for some use cases, and then people can just like pick that from the recipe book and apply the thing is, we will only know which is the best recipe once we give it to move for many people to taste it, and so yeah like we should what's just like to have a contest like very very soon like this year, like should be like in one of the goals.

D

I.

A

Think that it's a goal for a hackathon that did at the next meeting yeah.

D

Three months from now right, yeah, so.

C

We have time for one more question and I saw a coal raising his hand. Oh yeah, just echoing one sentiment about, like simplicity, I think something that I've like already gotten a bit of feedback about is like the kind of back to the like who's DHT question like oh, should I be running my own separate network or is there one global network? I know that we tend to focus on like the single global network and I.

C

Think to that end, we we really do need a way to decline initially like participate in everything and then kind of slowly. Let the things that you don't care about time out and like leave your purview. It feels like something like that, like, rather than being like super analytical about what you're involved in and like subscription management, which can get super complicated yeah. That just seems like that's, like an insight worth worth, came forward.

E

The thing I was thinking about immediately we're not immediately, but throughout the conversation is there's a very interesting parallel one strategy for buildings. Some of these things would be much more secure might be to do something like probabilistic checking of a DHD, so you spin up a thousand nose. We distribute them in a ring and then start for these kind of reputation, systems, system, design, type of ideas.

E

You can test some things and start trying to figure out whether or not some noes are misbehaving, and then that, coupled with you know, preventing notes from joining in particular ways can couple well like this idea of using a crypto puzzle to delay in and coming into the PhD can be very easily subverted.

E

You know if you have some kind of auto scaling and, like you notice, a ton of people trying to do an ongoing attack, then that just puns, a problem to participants just delaying their their joining and then join you very slowly, acting honestly for a long time and then attacking the network in one moment. But a way that that might be averted is reputation, systems, the reputation systems and peer-to-peer pair really well, but nobody has really build one that works extensively.

E

Well, there's a bunch of like problems, I think the torrent and tracker trust like tracker peer-to-peer systems and one of the tracker reputation, systems and Victorian like ratios, we're a very good example of this working very well. But there are that's a few and far between success or success is very rare. Compared to the number of times people have tried this kind of stuff, but this might work well with.

E

In general, security is one of those things were like you just have to spot an attacker once to be able to like get them out of the network, and so it is expensive to join the network. Then then reputation systems can work really well just yeah. Anybody.

C

Else.

A

Have.

E

Random ideas so.

A

I think just building upon the reputation systems, I, think the identity issues and capability systems that I think that the D ID spec is actually supporting, and these still early days for creating a specification. But the idea of basically uh yeah I have an identity and I have some nodes that are controlled under my identity. That are share peers that so, even though that node is not trusted I'm trusted and so that you can tie back in ephemeral nodes.

A

Actually that can scale up back to me, these being the source and so I think yeah rotation, identity, membership, other things, there's I'm still new to like dhts and and how to load balance that but I think also just I, think the the structured protocols actually the context, I think what Stephen was mentioning I think is to me this just makes sense.

A

So I suppose the other thing actually I was thinking about was how did the token economics of that as far as reputation systems and like you know, it doesn't have to be it's a separate one, but I think it actually how to make it distance disincentivize.

C

Yeah I, like as extreme micro thought, but just as far as like the streams are concerned, I feel like super cheap ephemeral streams are like really great as far as protocol design and keeping complexity down is concerned. So I go Stephen, go, go, everybody go, let's figure it out, because uh yeah I can't imagine doing more intense work in the line of like pipelining, without introducing like massive complexity,.

D

All right so I feel a lot of my ideas. I've been represented here by others, so if I'm being redundant, tell me to stop, but one that I would definitely would like to bring is like on this reputation systems, it's very important to make sure that we don't leak important information about the users that are using a network. We typically think reputation. Systems are like the hammer that solves all the problems.

D

They do solve a lot, but they also mean like they're, stateful right I, get something over time like something that you can start analyzing and like just observing the patterns and observing where that identity is valid. Where, and so you need to find another mechanisms to like have reputation but I'll click. That's easy same user. There's some interesting research on that. There's a paper on a non rep that basically is a peer to peer anonymous reputation, system.

D

I, haven't really had the chance to explore the construction and in depth, but like a lotta, great people talk about it and other things like constructions. Just for a key rotation and like this, the ideas around like double ratchet algorithms and just like group coordination like in a way not only peer so join but actually wearing devices to join into you or other peers like so.

D

If I have a group of people and I am talking on a chat room with my desktop I want to have my phone join, that room, and so I can do something like I I notify everyone that I'm joining with my device. I prove that the device is mine, but just to make sure that there is no malicious entity. Trying to force me to convince everyone at another device is joining. Imagine like NSA kind of like adding one device to me through the network.

D

You can have other peers like just check and it can be through a side channel just check that, like yes, the videos I in facts like adding a device and that's fine. So a lot of interesting work on this on things like matrix and the mega ohm per hole. It's also super interesting.

D

What else? Yes, I'm really excited about network visualization and, like the contests like, we should totally do a peer appear like scale to millions contest and I, see you who gets that first or every year, just like get a little bit closer.

D

It's.

A

Just so the issue of our correlation, we talked about this in the D ID spec and the what we came up with is a is ephemeral, identifiers and so which are pairwise. So this is why 255 1 9 is actually critically important is actually you do the de feel something like the Tiffany Hellman key exchange and you get to a prime number, which represents the pairwise Association, and that itself is actually the token to move forward. So actually there's a pairwise, so they actually they'll never be reused in less than the same relationship.