‐‐‐‐‐‐‐ Original Message ‐‐‐‐‐‐‐ On Saturday, December 14, 2019 7:52 PM, Punk-Stasi 2.0 <punks@tfwno.gf> wrote:
On Fri, 13 Dec 2019 23:30:51 +0000 "other.arkitech" other.arkitech@protonmail.com wrote:
http://otheravu4v6pitvw.onion/misc/downloads/answers_to_questions.txt
"The operating system image contains a pre-configured raspbian system where user gov has sudo powers, hence you have root privileges. For maintenance purposes I have (temporarily) root access too, via ssh port 16671"
haha, you can't be serious...?
I understand your concern, but I am running an alpha version of the system and having an ssh access to the node allows me to maintain and update the software. I've been running 50 nodes for 1 year using this mechanism as a mean to tune the systems. (development setup) Obviously this requires trust on me. Removing this trust is as easy as removing the file /root/.ssh/authorized_keys But this is like disconnecting your OS from automatic updates. It is temporary maintenance priviledge, it will be gone when I release 1.0. It should not be a concern since it is a dedicated raspeberry pi and little I can do inside that represents a threat.
also, what about the economics of the system? Apparently there's no limited supply, no PoW, and the defense against sybil attacks is based on ip addr - does that even work?
supply limit is calculated algorithmically for GAS (the system cryptocurrency ). user Coins define their own cryptoeconomics. Regarding Sybil, it does work. Sybil happens when one tries to join the active network multiple times with an evil program, with enough number of processes to bias the voting result. Every node in the network know how many nodes is behind every IPv4 address (see http://otheravu4v6pitvw.onion/misc/screenshots_gov.txt search for "description: unique ip addresses" ). 6 is the number that is configured. If you try to add a 7th node it will be ignored. If you plan to perform a sybil attack you must dispose of enough IPv4 addresses, which is the limiting factor that prevents a successful attack provided the network is big enough. If you would bother dedicating a raspberry pi to join the net (and mine as an early bird) you can be totally sure about security without the need to trust me by running it in a vlan ot an isolated guest network) This can be seen as an offer. low risk, potentially big reward. My interest? I need users and grow the network. I also need feedback of advanced users who bother using the wallet functions. If the network succeed you do with it. That's the deal, that's how I designed it, every node is a paid worker of the system. Thank you. oarch It is safe to download the raspberry OS and run it. If you dont trust it you can always