►
Description
This talk was given at IPFS Camp 2022 in Lisbon, Portugal.
A
Title
of
my
talk
is
how
Persia
is
using
lib
P2P
to
take
over
the
world.
My
name
is
Elliot
Frisch
I
work
for
jfrog.
We
help
developers,
Leap
Forward,
been
a
developer
for
over
20
years
and
writing
rust
for
about
a
year
and
provided
a
couple
of
links
there,
but
we
will
revisit
those
at
the
end
and
also
I
stole
my
title
from
pinky
in
the
brain,
so
credit
to
Time
Warner.
A
So
what
is
Persia?
It's
part
of
the
continuous
delivery
Foundation
it's
implemented
in
Rust,
and
it's
a
repository
for
binary
packages.
The
intention
is
to
be
a
git
for
binaries
to
be
secure,
to
provide
reproducible,
builds
and
to
be
scalable,
we're
implementing
a
transparency
Ledger,
which
is
currently
a
blockchain,
but
might
change
and
a
consensus
engine
and,
of
course,
we're
using
lip
P2P.
A
So
why
persha?
The
vast
majority
of
developers
are
trustworthy
people
but
as
Ken
Thompson
famously
pointed
out
as
early
as
1984
and
his
paper
Reflections
on
trusting
trust.
There
are
people
who
like
to
exploit
systems
for
personal
gain
or
just
to
brag,
and
some
of
them
have
been
quite
successful
and
we've
all
read
about
solar
winds
attack
and
the
log
for
shell,
and
even
in
Rust,
there's
been
a
few
malicious
crates
that
have
been
discovered,
such
as
this
rust
decimal,
not
rust,
underscore
decimal.
Of
course,
the
other
one.
A
B
A
A
This
is
just
the
tip
of
the
iceberg.
Of
course,
these
are
the
ones
that
we
know
about.
A
We
use
lib
P2P
for
messaging.
We've
got
hole
punching
with
Nat
we're
using
kadimlia
for
building
a
distributed
hash
table,
and
we
have
various
Pub
sub
event
handles
that
we're
using
and
the
P2P
is
giving
us
scalability
reliability
and
security,
the
prominence
log
or
the
transparency
Ledger
or
the
blockchain
whatever
you
want
to
call.
A
It
distributes
blocks
over
the
network
using
the
P2P
and
we
use
a
basic
consensus
algorithm,
but
unfortunately,
currently
it's
just
we
say
so,
but
there's
voting
actually
coming
and
we
got
fast
crash
recovery
for
local
storage
and
highly
available
peers,
and
then
we
do
validation
of
correctness
with
cryptographic,
hashes
and
we're
actually
in
the
middle
of
implementing
an
asynchronous
Byzantine
fault,
tolerant,
consensus,
algorithm,
I'm,
not
100
sure
what
that
means,
but
we're
working
on
it
and
I
believe
we're
using
olive
bft,
which
does
that,
but
I
still
don't
know
exactly
what
that
means.
A
So
don't
ask
me
too
many
questions
on
that,
so
Network
nodes
are
going
to
be
able
to
call
and
hold
elections
regarding
artifact
validity
and
build
reproducibility.
We
won't
persist
the
artifact
to
the
blockchain
until
a
sufficient
number
of
nodes
have
reproduced
it
and
we've
reached
consensus
that
the
contents
of
the
artifact
are
at
least
matching
to
the
source
that
we
are
started
with
so
yeah.
What
are
we
going
to
do
tonight?
We're
going
to
try
and
take
over
the
world?
A
That's
what
we
do
every
night,
so
I'm
going
to
demo
it,
because
why
not
the
first
thing
we
have
to
set
up
just
for
our
integration
to
actually
work
is
we
set
up
a
registry
mirror
in
this
case
I'm
pointing
to
my
local
machine
on
Port
788?
That's
what
it's
listening
on!
A
A
C
A
In
fact,
if
I
just
remove
it,
so
I
just
deleted
it
off
of
the
local
Docker
and
do
it
again
it's
the
same
response
time
because
it's
already
cached.
C
So
is
this
more
of
a
way
to
store,
build
artifacts,
or
is
this
also
a
thing
that
will
build
the
packages
or
the
build
artifacts
themselves
and
then
store.
C
B
B
Right
now,
Purge
is
just
is
that
me
saying
that
right,
Persia
Persia,
not
like
the
country
either
way:
Empire,
okay,
yeah
is
Persia,
just
an
open
source
product
right
now
it's
not
integrated
with
jfrog's
commercial
offerings,
I'm.
C
B
A
So
the
security
implications
that
we're
trying
to
solve
are
around
the
software
bill
of
materials
and
the
reproducibility,
and
the
corporate
appetite
is
around
these
attack
vectors
that
have
been
happening
in
the
open
source
world
because
there's
not
a
good
provenance
log
of
where,
like.
If
you
go
to
Maven
Central
and
you
download
a
package.
Where
did
it
come
from
right?
How
do
you
know
Russia.
B
Maybe
so
I
I
work
with
NYX
a
lot
and
Nix
has
a
solution
to
reproducible,
builds
and
content.
Addressable
builds.
Have
you
guys
researched
using
Nix
or
integrating
that
I.
A
I'm
very
familiar
with
the
work
you
guys
are
doing
at
nix
or
the
the
people
at
Knicks
are
in
the
middle
of
working
on
it's
a
very,
very
similar
project.
However,
at
least
my
initial
analysis
of
Nyx
was,
it
was
mainly
focused
on
Linux
binaries
I
mean.
Is
that
not
the
case.
B
You
want
to
talk
about
this.
Justin
I'll
give
the
Justin
Justin
has.
C
C
You
I
I
I've,
seen
use
cases
where
you
can
build
like
binaries
for
binars
from
Mac.
Os
works
really
great,
but
you
can
also
do
binaries.
You
can
build
binaries
for
Windows
and.
A
And
we're
not
actually
an
operating
system,
specific
builds
of
any
kind
yet
so
yeah.
That's
that's
kind
of
the
distinction.
Nix
is
for
building
like
like
statically,
independently
installable
packages
on
your
local
box,
but
then
how
do
you
communicate
that
to
the
community
at
large?
So
they
don't
have
to
rebuild
it.
B
Real
question:
okay,
so
with
NYX
there's
a
number
of
projects
that
cash
builds
and
have
Source
tied
to
those
build
inputs.
So
if
a
previous
build,
you
can
generate
the
shaw
that
should
exist
in
the
next
output
and
for
a
certain
build
and
having
a
registry
that
has
those
shots
available.
Allows
you
to
trust
that
the
build
before
was
done
properly,
and
you
can
recycle
that
so
NYX
Registries
exist
for
binary
outputs
and
they
can
be
shared
libraries.
They
can
be
static,
executables
any
number
of
things,
even
Source
repositories.
A
And
I've
I've
looked
at
a
lot
of
that
and
it
and
it
works
really
well
in
the
isolation
of
the
Nyx
OS
in
my
experience,
but
when
you're
trying
to
say
okay
now
I
want
to
exactly
it
depends
on
the
store
and
it
depends
on
the
network
and
it
depends
on
who
you
trust,
like,
like
I,
have
to
just
to
trust
that
the
cash
providers
are
actually
not
malicious
and
that
they're
that
their
prominence
log
is
actually
valid
right.
A
C
I
I
have
one
other
really
quick
question.
So
one
of
the
things
that's
like
really
annoying
about
NYX.
Well,
I
guess:
there's
two
things:
one
is
that
the
file
system
hierarchy
or
viral
hierarchy
system
with
it
that
everything
gets
stuck
in
like
a
slash,
Nick,
slash
store,
and
this
like
breaks
everything
do
you
do
you
guys
have
like
a
like
eighth
thought
on
how
to
sandbox
builds,
but
also
like
not
break
everything.
A
But
yeah
I
mean
it's
it's
the
same
kind
of
idea
like
you
could
always
set
up
a
troot
jail
and
just
build
in
there.
If
you
really
wanted
to
and
I
think
I
thought
Nicks
did
that
for
a
while
yeah.
So
what
I
just
said
a
true
yeah,
so
yeah
I
mean
there's,
there's
obviously
there's
a
lot
of
different
ways.
You
can
approach
that
problem,
but
you.
C
Know
another
sorry,
another
question
so
like
next
itself
has
a
domain-specific
language
and
that
domain
specific
language
like
one
doesn't
have
types
and
two
is
like
the
syntax
is
like
not
necessarily
intuitive.
Do
you
guys
have
thoughts
on
like
how
to
describe
packages,
and
so.
A
So
we're
working
with
the
software
bill
of
materials
and
the
so
the
s-bomb
stuff,
and
then
we're
also
looking
into
not
so
much
in
terms
of
the
the
the
way
we're
we're
assigning
the
content
to
addresses,
but
more
to
the
way
that
we're
going
to
package
it
and
then
distribute
it.
A
So
we're
really
more
focused
on
the
distribution
side
than
on
the
exactly
yeah,
but
we
do
have
a
a
currently.
It's
a
called
a
build
prototype,
that's
out
there
and
it
it
sorry
build
prototype
engine
and
right
now,
like
I
said
it
only
supports
Docker.
There
is
a
beta
for
or
Alpha
even
for
Maven
I've
seen
it
work,
but
I
I
not
enough
to
demo.
It.
C
Thank
you.
This
is
very
cool.
A
Thank
you.
Anybody
else.