Merge branch 'gun' into 'master'
Gun See merge request arnoldjun/bluesky!69
This commit is contained in:
Jay Graber
commit
94050848c3
120
protocols/gun.md
120
protocols/gun.md
|
|
@ -1,112 +1,76 @@
|
|||
# GUN
|
||||
|
||||
## Stats
|
||||
GUN is a decentralized graph database with a conflict resolution algorithm (CRDT) and synchronization protocol. It includes a library of tools for merging conflicting data and handling routing, security, and storage.
|
||||
|
||||
- 11K+ [github](https://github.com/amark/gun) stars
|
||||
- 10M ~ 30M [downloads](https://www.jsdelivr.com/package/npm/gun) monthly
|
||||
In GUN's graph store, entries are [javascript objects under UUID keys](https://gun.eco/docs/Porting-GUN). Objects can be data of any type, including key-value, files, JSON, documents, tables, relational, and graph or hyper-graph data. Data is stored in the browser by default, with backup "superpeers" to ensure persistence. Peers connect to other peers, and choose what data to synchronize and persist.
|
||||
|
||||
## Whitepaper
|
||||
There is a public space and a user space. In the public space are all graphs without a public key as their ID. In the user space, graphs are signed with the user's keys, and their IDs must include the user's public key.
|
||||
|
||||
https://stanford.edu/~nadal/A-Decentralized-Data-Synchronization-Protocol.pdf
|
||||
### Identity
|
||||
|
||||
## Stack
|
||||
Gun's [User System](https://gun.eco/docs/Auth) creates a username and password. Usernames are global but not unique.
|
||||
|
||||
- [ERA](https://www.youtube.com/watch?v=1HJdrBk3BlE) (economic system)
|
||||
- [AXE](http://axe.eco) (routing)
|
||||
- [DAM](https://gun.eco/docs/DAM) (networking)
|
||||
- [RAD](https://gun.eco/docs/RAD) (storage)
|
||||
- [SEA](https://gun.eco/docs/SEA) (security)
|
||||
- [GUN](http://gun.eco) (data)
|
||||
- [HAM](https://gun.eco/distributed/matters.html) (conflict resolution)
|
||||
[Multi-device login](https://gun.eco/docs/Auth) is handled by encrypting a user's crytographic keypair, which is stored in the GUN graph. Keypairs are not derived from the password. PBDKF proof is derived from the password, and AES is derived from that to encrypt the keypair. GUN treats this method as "secure enough" for applications in which private keys do not control financial information. "Auth" is doing a GUN query for that account, subscribing to it, and then attempts to brute force decrypt the keys of all accounts that match that username. Once loaded once, it's cached on that device, loading from localstorage or local harddrive.
|
||||
|
||||
## Bluesky
|
||||
GUN's SEA (Security, Encryption, Authorization) module provides the capability to directly create a [public/private keypair](https://gun.eco/docs/SEA) for a user, without a username and account.
|
||||
|
||||
- Creating customizable interfaces: See [Party](https://party.lol/) which reuses any existing website (gmail, twitter, Facebook, reddit, etc.) for E2EE messages.
|
||||
- Communities setting norms: See my article on [emotionally intelligent social networks](https://hackernoon.com/a-new-kind-of-social-network-emotional-intelligence-e45dcddb1bdb), also check out the wild [Notabug](https://notabug.io/t/notabug/comments/59382d2a08b7d7073415b5b6ae29dfe617690d74/welcome-to-notabug) experiment.
|
||||
- Keeping public conversation from fragmenting: Check out ["How to fix the internet"](https://hackernoon.com/what-is-wrong-with-the-internet-and-how-to-fix-it-c67w32no) by [Martti Malmi](https://twitter.com/marttimalmi) (Satoshi's 1st Bitcoin contributor) which is exactly this.
|
||||
### Network structure
|
||||
|
||||
## Network structure
|
||||
GUN uses a gossip protocol along with a topic-based PubSub protocol to sync data between peers. GUN peers fall back to the [gossip-based protocol](https://gun.eco/docs/DAM) when the more optimized PubSub [routing](https://gun.eco/docs/Routing) protocol fails. Messages are routed across different transport layers (websockets, WebRTC, multicast UDP etc).
|
||||
|
||||
Decentralized/p2p.
|
||||
Peers subscribe to graphs relevant to their application's logic, although the global GUN graph is accessible to all peers.
|
||||
|
||||
Uses data replication via message passing.
|
||||
Planned future network upgrades include the addition of a DHT. A [tokenized incentivized mesh proposal](https://web.stanford.edu/~nadal/A-Decentralized-Data-Synchronization-Protocol.pdf) is also on the roadmap.
|
||||
|
||||
It daisy-chains, [routes](https://gun.eco/docs/Routing), & relays messages.
|
||||
### Data Storage
|
||||
|
||||
Think of it as doing also what the internet, routers, switches, etc. already does.
|
||||
Peers subscribe to the data they need and the network retrieves it from any peer (including browsers, where GUN stores data in localStorage). Running always-online peers, such as a "superpeer", is recommended for most applications to ensure availability of data when most browser-based peers may be offline. A superpeer is an IP addressable machine running node.js that persists data to disk. [RAD](https://gun.eco/docs/RAD), GUN's storage adaptor, saves data to disk using a radix tree.
|
||||
|
||||
But also works over most existing transports: WebRTC, UDP multicast, TCP/HTTP -> Websocket, etc.
|
||||
GUN uses a CRDT (Conflict-free Replicated Data Type) to merge data. Conflicts are handled by a [conflict resolution algorithm](https://gun.eco/docs/Conflict-Resolution-with-Guns) that uses lexical sort. GUN is [strongly eventually consistent](https://pages.lip6.fr/Marc.Shapiro/slides/CRDTs%20Google%20Zurich-2011-09.pdf), meaning that peers will eventually converge upon the last updated value when nodes that are offline eventually receive updates.
|
||||
|
||||
## Identity
|
||||
|
||||
Iris adds a [reputation system](https://medium.com/@mmalmi/learning-to-trust-strangers-167b652a654f) to SEA which provides the underlying cryptographic Security, Encryption, & Authorization.
|
||||
|
||||
The most important differentiating factor is that we support multi-device login that is cryptographically secure yet uses "normal" UX.
|
||||
|
||||
This technique can be extended to secure password resets (no servers)
|
||||
|
||||
And, password recovery using a 3-Friend-Authorization approach that we cutely call 3FA (please don't use this with your Bitcoins).
|
||||
|
||||
- Decentralized identity (ECDSA)
|
||||
- Key management (Iris)
|
||||
- Key verification (Iris)
|
||||
- Key backup (GUN+SEA)
|
||||
- Reputation, Trust (Iris)
|
||||
- Account recovery (3FA)
|
||||
- Privacy (ECDH, AES)
|
||||
|
||||
#### Data
|
||||
|
||||
- Data models (graphs, key/value, document, table, relational, hyper-graphs)
|
||||
- Data availability ([AP](https://gun.eco/docs/CAP-Theorem), strongly eventually consistent)
|
||||
|
||||
#### Money
|
||||
|
||||
- Business models (Open Source, donation, enterprise, + decentralized PaaS, dBaaS, SaaS, Marketplace)
|
||||
- Payment (AXE bandwidth credits)
|
||||
GUN focuses on mutability by not using an append-only log, which implements updates, insertions, and deletion as a layer on top. [Deletion](https://stackoverflow.com/questions/37758618/how-to-delete-data-in-gun-db) in GUN works by overwriting bytes with `null`, or by de-referencing portions of a graph. A content-addressed graph space is used to implement immutable, append-only data.
|
||||
|
||||
#### Filtering
|
||||
|
||||
- Queries (GUN, [GraphQL](https://github.com/brysgo/graphql-gun), historical prototypes of SQL, Mango [Mongo])
|
||||
- Curation (Iris, also see [NAB](https://notabug.io/t/notabug/comments/59382d2a08b7d7073415b5b6ae29dfe617690d74/welcome-to-notabug))
|
||||
|
||||
#### Moderation
|
||||
|
||||
Iris and NAB (see above link).
|
||||
|
||||
- Protocol level (no)
|
||||
- Server level (no)
|
||||
- User level (yes)
|
||||
- Content level (yes)
|
||||
|
||||
### Social/Discovery
|
||||
|
||||
See "identity" section.
|
||||
There is a [GraphQL](https://github.com/brysgo/graphql-gun) API for the gun p2p graph database. SQL and Mango (MongoDB) queries were available in the past, but deprecated.
|
||||
|
||||
### Privacy and Access Control
|
||||
|
||||
1. Cryptographic keys are assigned to roles, groups, or data points.
|
||||
2. This information is either used to derive a shared ECDH secret to decrypt (read)
|
||||
3. Or used to load collaborative multi-writer edits (signed).
|
||||
Access control is built into the [User system](https://gun.eco/docs/Auth) and can be combined with [SEA](https://gun.eco/docs/SEA), GUN's encryption utilities, for more advanced use cases.
|
||||
|
||||
For more information, please watch our [Cartoon Cryptography](https://gun.eco/docs/Cartoon-Cryptography) explainer.
|
||||
Cryptographic keypairs are assigned to roles, groups, or data points. This information is either used to derive a shared ECDH secret to decrypt (read), or to load collaborative multi-writer edits (signed).
|
||||
|
||||
### Interop with other systems
|
||||
[Iris-lib](https://github.com/irislib/iris-lib) provides an API for end-to-end encrypted chat channels and private contact list management.
|
||||
|
||||
Via plugins, such as backup storage on centralized databases or file systems, or transport layers to other protocols.
|
||||
### Interoperablity
|
||||
|
||||
Plugins, such as backup storage on centralized databases or file systems, can be used to extend GUN.
|
||||
|
||||
### Scalability
|
||||
|
||||
- We've seen a [70% cost savings](https://twitter.com/cagataycali/status/1245442681251205120) on projects with 1M+ page loads a month.
|
||||
- We've seen in-production deployments with 5M+ monthly active users without increasing infrastructure costs.
|
||||
Test relays (superpeers) on GUN can handle about 10k simultaneous connections: http://guntest.herokuapp.com/stats.html
|
||||
|
||||
### Metrics
|
||||
|
||||
See "stats" section at top.
|
||||
- 11K+ [github](https://github.com/amark/gun) stars
|
||||
- 10M ~ 30M monthly [downloads](https://www.jsdelivr.com/package/npm/gun)
|
||||
|
||||
### Monetization
|
||||
|
||||
The GUN protocol is developed by a [VC-funded company](https://era.eco/#step1), which funds the development of Iris as well. The business model is based on consulting and integrations. Future business models include a proposed paid service through a blockchain-based [tokenized bandwidth incentive network](https://web.stanford.edu/~nadal/A-Decentralized-Data-Synchronization-Protocol.pdf).
|
||||
|
||||
### Implementations
|
||||
|
||||
- [Internet Archive](https://news.ycombinator.com/item?id=17685682) (library meta-data)
|
||||
- [HackerNoon](https://hackernoon.com/state-of-hacker-noon-2019-2020-8w1ls3axx) (annotations)
|
||||
- [Meething](https://meething.space/) (Mozilla backed secure & decentralized video conferencing powered by GUN)
|
||||
- Iris, Notabug, DTube, others...
|
||||
GUN is used for p2p chat/social apps, encrypted video conferencing, realtime GPS tracking, and AR/VR multiplayer games, among other applications.
|
||||
|
||||
- [Internet Archive](https://news.ycombinator.com/item?id=17685682) uses GUN for their [dWeb library](https://github.com/internetarchive/dweb-transports) metadata
|
||||
- [HackerNoon](https://hackernoon.com/state-of-hacker-noon-2019-2020-8w1ls3axx) integrated GUN for annotations
|
||||
- [Meething](https://meething.space/) is a Mozilla backed secure & decentralized video conferencing that uses GUN
|
||||
- [Party](https://party.lol/) and [Maskbook](https://maskbook.com/), encrypted browser extensions, use GUN
|
||||
- [Notabug](https://notabug.io/t/notabug/comments/59382d2a08b7d7073415b5b6ae29dfe617690d74/welcome-to-notabug), a decentralized Reddit clone, uses GUN
|
||||
- [Unstoppable Domains](https://unstoppabledomains.com/chat) and [DTube](https://d.tube/) use GUN for messaging
|
||||
- [Iris](https://irislib.github.io/), is a web-of-trust based social network built on GUN
|
||||
|
||||
### Links
|
||||
|
||||
- [Site](gun.eco)
|
||||
|
|
|
|||
Loading…
Reference in New Issue