Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
IPFS / IPFS Camp 2022 / 2 Nov 2022
IPFS / IPFS Camp 2022 / 2 Nov 2022
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: How Pyrsia is Using libp2p To Take Over the World - Elliott Frisch

Description

This talk was given at IPFS Camp 2022 in Lisbon, Portugal.

A

um Title of my talk is how Persia is using lib P2P to take over the world. um My name is Elliot Frisch I work for jfrog. We help developers, Leap Forward, been a developer for over 20 years and writing rust for about a year um and provided a couple of links there, but we will revisit those at the end and also I stole my title from pinky in the brain, so credit to Time Warner.

A

um So what is Persia? It's part of the continuous delivery Foundation it's implemented in Rust, and it's a repository for binary packages. The intention is to be a git for binaries to be secure, to provide reproducible, builds and to be scalable, um we're implementing a transparency Ledger, which is currently a blockchain, but might change and a consensus engine and, of course, we're using lip P2P.

A

um So why persha? The vast majority of developers are trustworthy people but as Ken Thompson famously pointed out as early as 1984 and his paper Reflections on trusting trust. There are people who like to exploit systems for personal gain or just to brag, and uh some of them have been quite successful and we've all read about solar winds attack and the log for shell, and even in Rust, there's been a few malicious crates that have been discovered, such as this rust decimal, not rust, underscore decimal. Of course, the other one.

A

Here's another interesting attack on npm, where people don't keep their email addresses up to date and domain names expire. So somebody literally just said: oh.

B

Okay,.

A

uh The domain name for the for each maintainer has been expired, I'll buy it and now he's the npm maintainer for for each.

A

um This is just the tip of the iceberg. Of course, these are the ones that we know about.

A

So our goal is to secure all of this by providing provenance when Distributing binaries we're starting with Docker images, but we intend to support Maven very soon and then we'll expand from there.

A

um We use lib P2P for messaging. We've got hole punching with Nat we're using kadimlia for building a distributed hash table, and we have various Pub sub event handles that we're using and the P2P is giving us scalability reliability and security, um the prominence log or the transparency Ledger or the blockchain whatever you want to call.

A

It um distributes blocks over the network using the P2P and we use a basic consensus algorithm, but unfortunately, currently it's just we say so, but there's voting actually coming um and we got fast crash recovery for local storage and highly available peers, and then we do validation of correctness with cryptographic, hashes and uh we're actually in the middle of implementing an asynchronous Byzantine fault, tolerant, consensus, algorithm, um I'm, not 100 sure what that means, but uh we're working on it and I believe we're using olive bft, which does that, but I still don't know exactly what that means.

A

So don't ask me too many questions on that, um so uh Network nodes are going to be able to call and hold elections regarding artifact validity and build reproducibility. We won't persist the artifact to the blockchain until a sufficient number of nodes have reproduced it and we've reached consensus that the contents of the artifact are at least matching to the source that we are started with so uh yeah. What are we going to do tonight? We're going to try and take over the world?

A

That's what we do every night, um so I'm going to demo it, because why not uh the first thing we have to set up just for our integration to actually work is we set up a registry mirror in this case I'm pointing to my local machine on Port 788? That's what it's listening on!

A

um It's just key to realize that, and in fact I can show you that it's just over here running in this other tab.

A

So I'm just going to pull a Docker image and it's done um I did cheat. That was pre-loaded, because this is over my phone network, but but yeah if you've already downloaded it before. It's really fast.

C

And.

A

In fact, if I uh just remove it, so I just deleted it off of the local Docker and do it again it's the same response time because it's already cached.

A

Thank you.

A

Questions.

C

So is this more of a way to store, build artifacts, or is this uh also a thing that will build the packages or the build artifacts themselves and then store.

A

It's a build the artifacts itself and then store okay.

C

And.

A

It and it has to do it on multiple nodes successfully.

C

So each node is building the build artifact and then checking that it matches.

A

Not necessarily the entire network, but a subset of the network. Yes, okay, so I.

C

And yeah.

A

Think about it if.

B

You.

A

If you think of another question you can, you can reach out to me after it's fine I'll I'll be happy to answer.

B

Right now, Purge is just uh is that me saying that right, Persia Persia, not like the country either way: Empire, okay, yeah is Persia, just an open source product right now it's not integrated with jfrog's commercial offerings, I'm.

A

Correct it is 100 open source, it's just not in a 1-0 release, yet it's in a milestone 0.2, which is why it has very few features and.

B

Have customers been requesting the feature set that Persia provides um there.

C

Was a.

B

Motivation for corporate allowing your team or you personally, to develop this thing. Basically, so.

A

So the security implications that we're trying to solve are around the software bill of materials and the reproducibility, and the corporate appetite is around these attack vectors that have been happening in the open source world because there's not a good provenance log of where, like. If you go to Maven Central and you download a package. Where did it come from right? How do you know Russia.

B

Maybe so uh I I work with NYX a lot and Nix has a solution to reproducible, builds and content. Addressable builds. Have you guys researched using Nix or integrating that I.

A

I love NYX, first of all, Nick's OS.

B

Is loves you too yeah Nick's package right next language, NYX, OS, yeah, Community, yeah,.

A

um I'm very familiar with the work you guys are doing at nix or the the people at Knicks are in the middle of working on um it's a very, very similar project. However, at least my initial analysis of Nyx was, it was mainly focused on Linux binaries um I mean. Is that not the case.

B

You want to talk about this. Justin uh I'll give the Justin Justin has.

C

More.

B

Experience.

C

uh You I I I've, seen use cases where you can build like binaries for binars from Mac. Os works really great, but you can also do binaries. You can build binaries for Windows and.

A

And we're not actually an operating system, specific builds of any kind yet so um yeah. That's that's kind of the distinction. Nix is for building like like statically, independently installable packages on your local box, but then how do you communicate that to the community at large? So they don't have to rebuild it.

B

Real question: okay, so um with NYX there's a number of projects that cash builds and have Source tied to those build inputs. So if a previous build, you can generate the shaw that should exist in the next output and for a certain build and having a registry that has those shots available. Allows you to trust that the build before was done properly, and you can recycle that so NYX Registries exist for binary outputs and they can be shared libraries. They can be static, executables any number of things, even Source repositories.

A

And I've I've looked at a lot of that and it and it works really well in the isolation of the Nyx OS in my experience, but when you're trying to say okay now I want to uh exactly it depends on the store and it depends on the network and it depends on who you trust, like, like um I, have to just to trust that the cash providers are actually not malicious and that they're that their prominence log is actually valid right.

A

They could just say: oh no, we got the source from even wherever and that's what we're building, but.

C

The The Source there's an effort towards making the source in nixby like content address like it's very similar to ipfs and like that, then you can sort of trust that oh look, this Source actually matches because yeah.

A

Yeah I I started back in the old days with Gen 2, so believe me, I've I've been working on this problem, so name for a long time. I I get what you're saying and yes they're very similar, but they're not identical.

C

I I have one other really quick question. So um one of the things that's like really annoying about NYX. Well, I guess: there's two things: one is that the file system hierarchy or viral hierarchy system with it that everything gets stuck in like a slash, Nick, slash store, and this like breaks everything uh do you do you guys have like a like eighth thought on how to sandbox builds, but also like not break everything.

A

Else we're doing everything in a VM, okay,.

C

Okay, but.

A

But yeah I mean it's it's the same kind of idea like you could always set up a troot jail and just build in there. If you really wanted to and I think I thought Nicks did that for a while yeah. So what I just said a true yeah, so yeah I mean there's, there's obviously there's a lot of different ways. You can approach that problem, but you.

C

Know another uh sorry, another question um so like next itself has a domain-specific language and that domain specific language like one doesn't have types and two is like the syntax is like not uh necessarily intuitive. Do you guys have thoughts on like how to describe packages, and so.

A

So we're working with the software bill of materials and the um so the s-bomb stuff, and then we're also looking into um uh not so much in terms of the the the way we're we're assigning the content to addresses, but more to the way that we're going to package it and then distribute it.

A

um So we're really more focused on the distribution side than on the um exactly yeah, but we do have a a currently. It's a called a build prototype, uh that's out there and it it sorry build prototype engine and right now, like I said it only supports Docker. There is a beta for or Alpha even for Maven I've seen it work, but I I not enough to demo. It.

C

um Thank you. This is very cool.

A

uh Thank you. Anybody else.

A

Thank you I'll be available. If you have any questions.