Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...
Autonomi takes the idle capacity of everyday devices to form the Internet's crowd storage layer. Private, secure, decentralized infrastructure that's powered by us all.
Amazon, Microsoft, Apple, Google… they reign supreme. Walled gardens encircling a vast proportion of the world's data. Yet we've lost sight of the power on our desks and in our pockets.
The empty storage of internet-connected devices dwarfs what the tech giants can serve. We've all got underutilised assets laying dormant while corporations continue to pour concrete, lay cables, and rack servers.
It's time to harness that spare capacity and make a global resource that's owned by everyone.
Anything stored on the Network is encrypted in a way that not even a quantum computer can break it. And it is end-to-end encrypted in transit too. This means you get all the benefits of the cloud, but without your data hitting the Internet. That also means no one can watch or track your use of the Network either.
Autonomi uses a novel approach called Self-Encryption. Not only does this mean that your data is secure and private, it means your personal information never needs to touch the Internet. It's securely reassembled for you only within your own device when you are ready to use it, and then leaves no trace when you are done.
Autonomi is assembled from a multitude of connected devices, of all shapes and sizes. It's deliberately designed to allow even the smallest computers to be able to contribute, rather than just relying on enterprise data centres. It runs on commodity hardware.
Not only does this make the most of humanity's spare resources—which is better for the planet—but it means it’s inherently more decentralized and secure, thanks to the millions of devices able to participate.
And it's a breeze to get involved.
Thanks to the nature of its design, with all data broken into chunks, encrypted, and randomly distributed, it means there's no red tape, no complicated setup, no paperwork, and no prohibitive capital requirements.
Just allocate your spare storage space and be rewarded directly by the Network.
A one-time payment provides long-term security and no ongoing charges. You pay once when you upload a file and it's stored for the lifetime of the Network. No contract re-negotiations, no losing access if you miss a payment.
Simple, secure, perpetual storage.
Not only does this allow you to escape the cloud and its spiralling costs, it's vital for giving you true sovereignty over your own data, your digital life, and legacy.
Autonomi combines the spare capacity of everyday devices to form a new, autonomous, data and communications layer of the Internet.
It allows you to securely store data, communicate, access knowledge, build businesses, run services, and create new futures without the intervention of any middlemen or gatekeepers. It's designed to give people complete sovereignty over their personal data, yet still allow rich and scalable software platforms and user experiences to be built on top.
Decentralized, distributed and quantum encrypted; it means security, privacy, and lifetime storage of the world's most precious data—including yours.
The Network will give people autonomy over their digital lives, allowing them to participate in the connected economy, regardless of their location, status, or access to capital. It's designed for mass collaboration between humans, between machines, and between humans and machines—critically, without the distorting effects of endemic data insecurity, siloing of knowledge, inefficient markets, and limited accessibility.
In order to do this, and accomplish it in a way suitable for human-scale use, Autonomi has been built from the first principle of secure and private data, and in such a way that the performance of the network scales with size. Not only is data de-duplicated and redundantly replicated, but it's quantum-proof encrypted, before it even leaves an end user's computer. That means that no personal information ever touches the internet—and neither does any information relating to how, where, or when you choose to access it.
Zero-knowledge: The Network's protocol employs multilayered encryption, protecting the privacy of users data both during storage and during transit. Nodes cannot determine the content, nor origin of data they hold or transmit, even if it is their own,
No tracking: Thanks to its various encryption schemes, tracking and surveillance of browsing and data usage patterns—commonplace business practice on the incumbent web—is no longer possible. Privacy is by default.
Self-Sovereign: Users of the Network have sovereignty over their personal data, and can maintain and control access to it, while still making use of rich and accessible services and software.
No Password Hacks: Passwords and credentials never leave your computer when accessing and decrypting data. You only need a single set of credentials while interacting with an unlimited number of services, businesses, identities, or contexts of use.
The Network is a form of Decentralized Ledger Technology (DLT) that doesn't utilise nor require a blockchain to function. It's able to sidestep many of the obstacles to scale inherent in blockchain solutions.
It's designed from the ground up for data, and serving people's needs at a global scale, without the bottlenecks.
The bigger it gets, the more it can do.
The oil that makes the Network's economy run is a novel payment system and native currency. More than just a medium of exchange for data storage, it is a currency that can be transferred directly between users or devices in real-time.
Payments are highly parallelizable: the bigger the Network gets, the more payments it can handle.
This, combined with the Network's in-built storage, opens up a broad range of new capabilities impossible on blockchain, and without the limitations, costs and compromises required to use centralized services.
Autonomi is designed to make use of under-utilized and otherwise squandered resources of everyday connected devices; creating a common data storage resource that can be put to work serving individuals and communities regardless of location.
Thanks to the protocol’s design, all files uploaded to the Network are automatically de-duplicated, yet still benefit from the security and performance benefits of redundant replication since a number of copies of each data chunk are always maintained.
Security for everyone's vital data, and the best use of precious resources.
Decentralized or peer-to-peer (P2P) networks are not new. Since the release of Napster in 1999 they have been very widely used, particularly for file sharing. These networks allow users from all over the world to connect directly to each other and share data such as movies, books and music. In 2010 more than half of all Internet traffic was attributed to P2P.
But the use of these technologies is not limited to simple file sharing. Freenet was launched in 2000 allowing people to publish decentralized websites (Freesites) distributed across the machines of the network's users.
A little after that, the BitTorrent protocol was created by Bram Cohen. BitTorrent was and still is particularly well suited to transferring large files in a P2P fashion, allowing simultaneous downloads from multiple peers.
The next notable development arrived after the financial crash, which very nearly brought the global economy to its knees. In 2009 Satoshi Nakamoto released Bitcoin and gave the world a 'trustless' decentralized digital currency that is not controlled by bank, government or institution. The blockchain—the immutable ledger that records all Bitcoin transactions—was something very new, solving at a stroke the difficult and long-standing problem of creating a trustless source of the truth for transactions. The ownership of 'addresses' in the network can be proven by the usage of private cryptographic keys in a Public Key Infrastructure (PKI) — hence the term cryptocurrency. It should be noted, however, that connections between Bitcoin nodes are not fully encrypted.
Autonomi is the next big step in the evolution of P2P networks, combining the vision of decentralized file sharing and decentralized services together with an internal currency and several additional innovations to enhance security, privacy, performance and stability.
MaidSafe, a Scottish company with developers around the world, has been researching and developing this project since 2006. Since that time, many more people have come to recognize the vital importance of a global, secure and private decentralized platform for storage and communication.
Simplicity is strength. From basic elements and a simple set of rules, sophisticated structures with integral security, adaptability and resilience can emerge, thanks entirely to the simplicity of their building blocks.
Examples are all around us, if we care to look. Ants are not, as far as we know, mathematicians, engineers, doctors, epidemiologists or military tacticians, but by following a few biochemical rules and role specialisations, these simple creatures organise themselves into sophisticated colonies of thousands or even millions of individuals. They build elaborate nests, solve complex problems such as fording rivers, guard against disease and enemies, and colonise new territories. Present in almost every country on Earth, the humble ant is one of the world's most successful creatures.
We can learn a great deal from ants, bees, fungi and other self-organizing systems in nature. The key lesson is that, given the right conditions, robust, resilient and highly complex systems can evolve naturally from individuals grouped into small units that know nothing of the big picture.
Unfortunately, this lesson has not always been learned by technologists and engineers, who are too often attracted to grand ‘theories of everything’ and total control, and who have to resort to kludges when, inevitably, reality doesn't conform to their equations. They build complex systems based on complex elements and the layers of fixes make them more complex still. The result: insecurity, incompatibility, instability, inefficiency and incomprehensibility, not to mention expense.
Inspired by the self-organisational prowess of ants, Autonomi creates a secure, resilient network of devices, connected and governed by simple rules yet capable of storing, protecting and delivering humanity's data in perpetuity without any human involvement at all.
Autonomi is the vision of MaidSafe, a Scottish software company with two decades of experience in the field of decentralized computer networking. It is an autonomous peer-to-peer network created by linking together users' computers and smartphones. It's designed to address many of the current technical, managerial and societal problems exacerbated by the centralization of control of the web by a few powerful actors, namely intrusions into privacy, poor data security and censorship.
Anyone with a connected device can use the Network anonymously to store data, and anyone can supply their spare storage and computer resources to the Network. It's a globally accessible infrastructure assembled from everyday things.
Autonomi is a surface on which new digital worlds can be constructed.
This guide outlines how it's is constructed to achieve these aims. While it is somewhat technical in places, it's intended very much as an overview, and even those with very little technical knowledge should be able to gain a good working understanding of Autonomi. For those requiring more depth, there are plenty of pointers as to where they can find the relevant information.
Autonomi goes a step beyond typical decentralized systems. It is a network that can act both as a global market for computer capacity, but also turn that capacity into usable capability that's native to the Internet itself, not just a pointer to existing cloud services. It's a self-healing, course-correcting system; a huge resource layer that anyone can utilize with no permission required.
The Network is a form of Decentralized Ledger Technology (DLT) that doesn't utilize nor require a blockchain to function. It's able to sidestep many of the obstacles to scale inherent in blockchain solutions. The bigger it gets, the more it can do.
Anything stored on the Network is encrypted in a way that not even a quantum computer can break it. And it is end-to-end encrypted in transit too. This means you get all the benefits of the cloud, but without your data hitting the Internet. That also means no one can watch or track your use of the Network either.
The Network is assembled from a multitude of connected devices, of all shapes and sizes. It's deliberately designed to allow even the smallest computers to be able to contribute, rather than just relying on enterprise data centres. Not only does this make the most of humanity's spare resources—which is better for the planet—but it means it’s inherently more decentralized and secure, thanks to the millions of devices able to participate.
The oil that makes the Network's economy run is a novel payment system and native currency. This currency (known as the network token) is not just a medium of exchange for storage/hosting, it is a currency that can be transferred directly between users or devices in real-time. Payments are highly parallelizable: the bigger the Network gets, the more payments it can handle. This, combined with the Network's in-built storage, opens up a broad range of new capabilities impossible on blockchain, and without the limitations, costs and compromises required to use centralized services.
Zero-knowledge: The Network's protocol employs multilayered encryption, protecting the privacy of users data both during storage and during transit. Nodes cannot determine the content, nor origin of data they hold or transmit, even if it is their own.
No tracking: thanks to its various encryption schemes, tracking and surveillance of browsing and data usage patterns—commonplace business practice on the incumbent web—is no longer possible. Privacy is by default.
Users of the Network have sovereignty over their personal data, and can maintain and control access to it, while still making use of rich and accessible services and software.
Passwords and credentials never leave the client computer when accessing and decrypting data. And users need only a single set of credentials while interacting with an unlimited number of services, businesses, identities, or contexts of use.
When you use the Network to store some data it is split into ‘chunks’. Each chunk is securely encrypted with a set of credentials that are only known by the creator—who has the keys to unlock the data and reassemble it into information again.
These credentials never touch the Internet.
Data ‘chunks’ are then sent to the Network, duplicated several times for extra security, and dispersed evenly and randomly across the globe, along with a map of where they are and how to reassemble them. Once again this is securely encrypted and only accessible to the holder of the keys.
The encrypted data chunks are held by a multitude of everyday devices, called nodes, these all offer a small portion of their spare, under-utilized capacity, to securely hold a small collection of encrypted data chunks, serving them back to their owner when asked.
Nodes in the Network are independent but work together in cooperation. Each has a randomly determined location in the Network, and from this location, monitors the health and behaviour of neighbouring nodes it connects to. Nodes check and double-check each other's ability to keep on holding and serving data.
They cooperate based on a set of rules and incentives that reward good behaviour but shun the bad; quickly dropping uncooperative nodes from the Network
Each piece of data stored is looked after by a small number of nodes called a close group, a group which only exists for that specific data. This allows nodes to act independently, but together to form a strong autonomous global network, capable of storing and retaining data in perpetuity.
As nodes come and go, as devices are turned on or off, this redundant data is replicated again and shuffled to new nodes that must perform the same task.
Nodes are rewarded for holding data, and offering their spare capacity for the collective good, by payment in a currency native to the network that acts as a medium of exchange for these resources, and allows the autonomous market to function. This currency is referred to as ‘network token(s)’.
When someone (a person or a collective) uploads data they pay a one-time fee at point of upload and then the data is stored for the lifetime of the Network. It will always be free for the owner to access and download, it is perpetual data.
While perpetual data is an attractive proposition in an age of spiralling ongoing costs, it is also essential if the data owner is to have true sovereignty, autonomy, and control over the data they own: you cannot be blocked from it and you cannot lose access to it.
That frees owners of data—whether they’re individuals, collectives or organisations—from ongoing charges by cloud providers as well as on-going contract renegotiations, truth of source, and terms of access (and use).
The existing Web is formed of servers and clients. Clients request data and servers provide it.
The Autonomi Protocol does not use this client-server model. Instead stored data is spread across a network that’s made up of the spare computing resources of contributing users. When a request for some content is made, a message goes out across the Network and machines that hold the constituent parts of that content—the nodes—return them to the requester, the client
Autonomi is comprised of its users' machines (nodes) linked together by node software which routes data and messages securely between them. These machines provide the Network's storage by allocating a portion of their hard drives for this purpose—and earning the Network's token currency in return.
So, the Protocol considers two basic components: nodes and clients. You don't have to run a node to use the Network any more than you have to run a web server to use the Web. Client software allows users to create a secure, private data store, and browse the Network securely and anonymously without being part of the Network.
A single computer can run both node and client software at the same time.
Autonomi can be seen as a secure, encrypted, intelligent layer that sits on top of the current Internet, complementing the top three layers in the OSI model and adding resources in the application layer.
Going a little deeper, Autonomi introduces some changes to the networking and application layers as shown below.
Many features of Autonomi are genuine innovations, but there is no intention to reinvent the wheel. It builds on existing decentralized technologies such as Kademlia and libp2p and is based on the physical and data infrastructure of the Internet. Early development of Autonomi (formerly the SAFE Network) happened in parallel with blockchain, but it has taken an alternative route to solve the decentralization puzzle.
Autonomi can be seen as a secure, encrypted, intelligent layer that sits on top of the current Internet, complementing the top three layers in the OSI model and adding resources in the application layer. This enables secure, anonymous, decentralized data storage and networking.
Its core libraries are written in the Rust programming language. The diagram below shows the basic hierarchy.
In order to guarantee strong consistency, the Network uses conflict-free replicated data types (CRDTs) for storing data.
Client connections managed by libp2p are mediated via the client API. There is a command line interface (CLI) for this purpose, and apps written in Rust can access network functions directly via the API. Apps written in other languages do the same via the language bindings layer.
Nodes and clients provide the main means for users to interact with the Network, either by providing resources in return for payment by running a node or by storing data and interacting with data as a client.
The Autonomi Network is formed of interconnected machines running node software. This software connects the devices to each other using existing protocols like TCP and UDP, manages data and routes it around the Network. It allows users to offer computer resources, like hard drive space, to the Network, and earn Network Tokens in return. This process of providing a service in return for a reward is analogous to Bitcoin mining, but is designed to be work on everyday consumer hardware.
The node software is a small executable file that connects the user’s machine to the Network, turns it into a routing node and also allocates some disk space for storage. It manages the storage of data chunks on the user’s computer and in that way provides storage capacity to the Network. It also routes and caches data chunks (these are encrypted) over the Network via fully encrypted connections to other nodes.
Each node maintains a list of its ‘close group’, other nodes with IDs (XOR addresses) close to its own. Data stored at a node will also be replicated to members of its close group for redundancy.
Nodes fulfil several functions. They route and store chunks of data; they cryptographically check messages; they cluster into temporary close groups, and thus manage a certain portion of the Network; and they store replicas of data chunks for redundancy.
Just as you don’t need to run a web server to use the Web, so you don’t have to run a node to access the Autonomi Network. Ordinary users interact with the Network via the client.
Clients includes things like browsers, apps, wallets, and file systems—any software that interacts with the Network to perform operations such as data retrieval, storage, or management. Browsing, and accessing data on Autonomi is end-to-end encrypted. Data is only reconstructed into readable information on the client device, greatly enhancing security and building in privacy by design. It's worth noting that you don't need an 'account' to access data on Autonomi, nor do you need to pay to access data downloading is always free. You only pay when you store or edit data—and there are no recurring fees either, data uploaded is stored for the lifetime of the Network: Perpetual Data.
Storing data and eventually using applications on the Autonomi Network will be as simple as on the current Web but with greatly enhanced privacy, security and control.
Autonomi is designed with ease of use in mind for app developers, too. Developing simple apps is just a short step from what developers are familiar with in terms of APIs and methodologies.
However, those wishing to perform more complex system-level tasks will need to go deeper into its architecture—there are some big differences between traditional client-server systems and decentralized architectures.
This section provides a brief introduction to the underlying technical architecture of the Network…
The first step in understanding the architecture of Autonomi is to take a look at distributed hash tables. These are structures that map a unique ID to something on the distributed network, be that data, a device or a service.
Kademlia is a distributed hash table (DHT) protocol which provides a way for millions of computers to self-organize into a network, communicate with other computers on the network, and share resources between devices, all without a central controlling entity.
Petar Maymounkov and David Mazières released the Kademlia distributed hash table in 2002. The idea is that nodes form a network overlay, and are identified with a different node identification system. So a node with an IP address of 96.251.182.97 might have a 256-bit XOR address that looks like this: 17846cb8a4b53c9e44c616d2415a15984283eee975a1dac8f488dd91d0aed1cd
.
Bitwise Exclusive OR (XOR) has the feature that each address is a unique distance from any other address in the address range. XOR distance bears no relation to physical distance. Indeed, two pieces of data on the network may be very close XOR-wise but be sitting on machines located on opposite sides of the world.
With potentially millions of devices on a network, there's no way a single node could keep track of them all without running out of resources. Instead it keeps a record (a routing table) containing information about a small number of other nodes and lets the magical uniqueness of XOR distances do the rest.
Each node is a unique distance from every XOR address in the space, which means its routing table is also unique. The address space is enormous: 2^256 is more than the number of atoms in the universe. To make this space manageable it is broken into k-buckets. The furthest away bucket (in terms of XOR distance) contains half the network, the next furthest away represents a quarter of the network, the next furthest an eighth, and so on.
Autonomi is based on Kademlia. Each node's routing table contains information on up to 20 nodes in each k-bucket. This means it knows everything about the nodes in the address space close to it, but very little about space furthest away—but crucially it does know some nodes in that space, and those nodes, of course, know everything about other nodes close to them and can pass messages on. The bigger the Network becomes, the more secure it will get because an individual node will have influence over a decreasing range of addresses.
Every piece of data has a unique address; in the jargon it is ‘content-addressable’—its content defines where it is stored. When a node wants to retrieve a piece of data, it checks its address, then asks the node closest to that address whether it's holding the data. That node in turn checks the address and sees whether it knows a node that's closer. If it does, it passes the message on to that node, and so on, until it reaches the node that's actually holding the data. The same messaging process happens when saving data too. It is very fast and efficient, with the enormous address space being traversable in just a few hops.
In the Autonomi Network, a node's closest neighbours (again, in XOR terms) are called its ‘close group’. Data stored at a node is automatically replicated to the nodes in its close group for redundancy. As nodes leave and others join (a process known as churn) the node's close group will change. The size of the close group is defined by a tuneable parameter, currently it is set at 5.
So, nodes must constantly update their routing tables. They do this by observing which nodes are alive, dead and newly arrived during the course of their day-to-day operations.
libp2p is a Kademlia-based open-source peer-to-peer networking framework developed by IPFS. It consists of a collection of protocols, specifications and libraries that facilitate P2P communication between network peers (nodes).
It is used in the Autonomi Network to allow nodes to discover and connect to other nodes, to manage those connections thereafter, and to facilitate data routing.
libp2p is modular, meaning Autonomi developers can use the parts they want without having to worry about the parts they don't need. The Rust implementation of libp2p is the one adopted.
Among libp2p features useful to Autonomi are:
libp2p supports TCP, UDP, μUDP and QUIC and can be configured to allow connections with nodes behind home routers or business firewalls (NATS), which has long been a problematic area for decentralized networks.
libp2p includes several security features, such as peer identity verification using public key cryptography and encrypted communication between nodes.
libp2p is designed to recover quickly from disruptions or failures. It also offers protection against network attacks through the use of mitigation techniques.
This allows for the transmission and receipt of messages via the gossip protocol, meaning that nodes can listen out for and react to messages that affect them while ignoring the rest.
libp2p is interoperable, opening the door to future collaborations with other projects that use it.
Peers using libp2p are assigned a ’multiaddress’, a type of URL that encodes multiple layers of addressing information into a single “future-proof” path structure. It defines human-readable and machine-optimised encodings of common transport and overlay protocols and allows many layers of addressing to be combined and used together. A multi-addresss looks like this:
/ip4/139.59.181.245/tcp/37569/p2p/12D3KooWPHE8qcKL4CB2n8QvPpE25TRsP9nmkfeM6Qa61aAsokib
Importantly, on joining or rejoining the Network a node cannot simply pick its own XOR address
Content stored on Autonomi is first broken into chunks, hashed and then encrypted, in a unique process known as Self-Encryption. Those chunks are run through a hashing algorithm to create a unique 256-bit hash for each chunk. Only chunks that are exactly identical will have the same hash value. This hash serves as the XOR address on the Network where that chunk will be stored, which in turn determines the nodes that will manage it.
Chunks with hashes that lie within a certain address range (say 000010... to 000011...) will be secured, stored and managed by the nodes whose IDs are closest (in XOR terms) to that address. These will change over time as new nodes join and others leave.
The hash of a chunk of data serves as the XOR address on the Network where it will be stored, which in turn determines which nodes will manage it
Nodes are paid for data chunks they hold, but not for replicated data. They are expected to hold replicated data as a condition of participating in the network and having the chance to earn.
As nodes fill up, the price of storing a chunk of data rises. All nodes on the Network fill up at more or less the same rate although there will be some local variations and hence a range of prices.
Nodes cache data when a new close node appears and they share some of their primary data store with that node. This cache isn't included in the fullness calculations. It is just something they are required to do to ensure smooth data transfer. For security, nodes cannot delete or edit data, only store and move it.
libp2p allows for the existence of specialised nodes for providing services such as caching. These will be introduced in later iterations of the Autonomi Protocol.
It's important to note that all the features above emerge from simple local interactions between nodes. Likewise, the codebase is simple, making it easier to maintain, update, audit and secure.
Content on Autonomi is stored as encrypted chunks. The original content can be recreated from these chunks, provided we have a map of where the chunks are plus the keys to decrypt them. A 'file' on the Network is really a collection of chunks, with a datamap that allows us to discover all the chunks and decrypt the file.
Files are kept in folders which are created as part of the Self-Encryption process and are encrypted, meaning their contents are only accessible to their owner by default.
The API for upload by default self-encrypts all files.
All content on Autonomi is encrypted by default. When content is stored on the Network it is first broken into chunks, hashed and then encrypted and these chunks are themselves encrypted using the hash of another chunk from the same file. This is ‘self-encryption’—a method patented by MaidSafe but now open-sourced. When content is made public, its containing folder is decrypted, meaning anyone can reassemble the chunks.
At the network level, the Autonomi uses the TCP, UTP and µTP protocols and all the data moved by these protocols is encrypted from 'bit 1'.
So communications between the Network and the user are always encrypted, never in plain text. Note that any node on the Network can be used as a bootstrap server so long as its IP address is added to the configuration file of the joining node. It does not have to be one provided by MaidSafe.
All content (documents, images, videos, etc.) on Autonomi are encrypted.
When a client uploads a piece of content to the Network (for example a video) it is first broken into chunks. Those chunks are then ‘self-encrypted’, a process patented by MaidSafe by which each chunk is encrypted using its own hash and the hashes of the two previous chunks in the same file. These encrypted chunks are then hashed again to arrive at the XOR Network address where the chunk will be stored.
At the same time, a ‘data map’ is created on the client device, which maps the chunk number to the XOR network address of the chunk and the hash to decrypt it and its two successors, allowing the content to be recreated. A number of copies of each chunk are stored by nodes in the Section to ensure redundancy.
Data maps and other metadata are not encrypted, but on the network they are kept inside encrypted folders if the data is private.
The client retains the data map for the content it has uploaded and keys to decrypt it locally. That way no keys or passwords need ever leave a person's device. Users can choose to share content with others by sharing their keys / data map with them. They can also choose to make the content fully public, in which case the folders containing the relevant files are unencrypted.
Autonomi uses several layers of encryption to protect a user's anonymity and privacy. The Network is designed to be as 'zero-knowledge' as possible, to the extent that node operators cannot possibly figure out what chunks from which private file they are storing — even if it's their own.
By utilizing multiple levels of encryption, Autonomi provides a platform for applications that is both highly secure and anonymized by design.
With data self-encrypted, and its many parts stored by their content address throughout the Network, any one single point of file access is removed, as by default the map to this data is not publicly accessible on the Network. Self-Authentication means access to this data, and the means to reassemble it into information, always resides with the user, never leaving their device (i.e. not accessible to a ‘cloud’).
Another key innovation of the Network—at no point does the Network ever store a user’s credentials, there is no chance of passwords being attacked, nor can any user’s data (individual, collective or organisation) be targeted on or via the Network.
The authentication system utilises Boneh-Lynn-Shacham Distributed Key Generation (BLS), so that users can securely and anonymously access data, with no central server required to mediate the login process, nor are trusted third parties to store and manage the users’ credentials. It means users can reliably and securely access data from any machine, without ever sending or sharing their details.
Furthermore, it also allows for multi-signature credentials for permission-less recovery, without a single point of failure.
Boneh-Lynn-Shacham Distributed Key Generation (BLS-DKG) is used to help users handle their authentication credentials so they don't automatically lose their data if they lose their key.
Credentials are thus extremely important, but credential loss can be a serious problem on decentralized networks where there is no central authority to help recover or reset forgotten passwords. The temptation may be to choose simple credentials that are easy to remember, but these will likely be insecure (easily guessed or cracked) and prone to collisions—other people may choose the same ones and inadvertently stumble upon the user's private information.
Autonomi requires at least two separate credentials, generally referred to as 'access keys', with the option to add more. In combination, these access keys have sufficient entropy (randomness) to make collisions vanishingly unlikely.
Onboarding for the first time requires the user to choose a password (the first access key) from which a second access key is generated in the form of a passphrase (12 random words with a checksum), which the user writes down, perhaps keeping copies in a few safe places. With these two access keys, we have something you know (the password), and something you have (the passphrase), and in combination, we can generate a suitable amount of entropy to avoid collisions. This is the minimum requirement for creating your data store on the Network.
The user may also choose to create a third access key, a device key, on a trusted smartphone or computer, which is where BLS-DKG comes in, enabling a 2-of-3 key scheme, or even further to any k-of-n!
Now instead of requiring the passphrase, on this trusted device the user can just use the password and the device key—something you have—maybe utilising some inbuilt biometrics too, for an element of something you are.
Additional access keys can be created to provide more flexibility and resilience. A backup passphrase is one example, and additional devices can be set up too. Then if the user forgets the password or loses a device, a combination of another device and or passphrase will allow the password to be reset.
In this way, Autonomi caters for people with security needs ranging from the everyday to the extreme.
The Network has a utility token which allows for the exchange of storage, bandwidth and compute resource between node operators and users wishing to store data on the Network.
It's the financial incentive for node operators to join the Network and cooperate toward the goal of providing secure data storage. Conceptually this is similar to that of Bitcoin: to ensure that cooperative participation is a more rational course of action than uncooperative or malicious activity.
Tokens can also be transferred directly between users and used as a means to pay third parties for goods and services.
When a user of the Network requests a file, it uses the data map (which may be held locally or stored somewhere on the network) to identify the component chunks. It then asks the Network for those chunks and the requests are routed automatically to the nodes that hold them. Those nodes then return the chunks and the client uses the data map to decrypt them and piece them back together to recreate the file.
Let us first understand how basic transfers work. Everyone on the Autonomi Network, both clients (wallet apps, the CLI, etc) and nodes (data storage) has a public/private keypair.
The public key is used to receive tokens. It is equivalent to bitcoin or ethereum addresses. The private key (secret key) is used to sign transactions and prove ownership of money.
This is what a public key looks like:
93d01b3c6c0d41c4e50c855c753f906ba478f97a838415e6d74615a4b037a7101e724f935727bbf23d17293ab74a3027
Money in a wallet is stored as CashNotes
. These are like a cheque, or a digital bearer certificate, for a given value. They contain all the necessary information for the owner to spend the value in them.
Unlike cash, CashNotes
have owners; they have no value for anyone else as they are useless without the private key. Also they need to be ‘reissued’ to a payee before they can be spent. This is to prevent double-spend.
In summary, CashNotes provide a quick, safe, flexible way to make payments that is compatible with multisig/threshold signature cryptography and can be used online and eventually offline. They simplify many aspects of the Network economy and remove the need for section wallets or similar mechanisms to manage token transfers.
Here’s how they work in practice. When someone wants to send money, they create a ‘transaction’ whereby they spend their own CashNotes
in exchange for new CashNotes
that are owned by the recipient.
Since those CashNotes
contain secrets that might affect the privacy of the sender and the recipient (e.g. their public key), they are never sent or stored on the Network. Instead, the sender creates ‘CashNoteRedemptions’, small files that contain the minimum information that the recipient needs to verify the transaction and re-create their own CashNote on their side.
CashNoteRedemptions are encrypted and packed into a transfer which is sent directly to the recipient. The recipient of the transfer can then decrypt it using their secret key, verify and rebuild the CashNotes, before adding them to their wallet. At that point, the transfer is complete!
You can send a transfer with:
safe wallet send <amount> <to [public_key]>
Example:
This will print the encrypted transfer which can be published or sent directly to the recipient.
They can receive it with: safe wallet receive <transfer>
Data storage on Autonomi is paid for using the transfers described above.
As a recap, before data is stored on the Network, it is broken into chunks and encrypted. Each chunk has a unique hash value from which its XOR Network address is derived.
Nodes also have a unique Network address. Data is stored on the nodes which have the closest Network address to the data itself. This is why we say data is content-addressable.
A client can get the nodes that are closest to a chunk’s address by querying the network. Once it knows the closest nodes, it performs a ‘store cost’ query to ask the price for holding data at that location. The price depends on the storage capacity of the nodes, which ultimately depends on demand.
Once the client knows the store costs offered by the closest nodes, it picks one and sends the data along with the transfer paying for it. Upon receiving the data, the chosen node verifies the transfer, take the payment, verifies the data itself and stores it. It is then replicated to the other close nodes.
There is no charge for downloading data, but uploaders must pay a one-time fee to pay for storage. Once data is paid for it remains stored and accessible to it's owner for the lifetime of the Network.
Data payments are split in two parts:
85% is paid to node operators as a Resource Supply Reward
15% is remitted as Network Royalties
When receiving data payments, nodes make sure that both their payment and Network royalties are valid before storing the data.
All of this is done automatically when the user uploads data using the CLI, or an app.
Sometimes the store cost accepted by the client changes between receiving a quote and uploading the chunk, in which case the client pays the difference.
Nodes cannot manipulate the store cost themselves. The price is purely a function of their fullness. To receive payment a node needs to store new data and already have all the existing data in its range.
When data is paid for, transaction information is stored on the Network in ‘spends’. These contain the transaction plus all its inputs and outputs.
To audit and check against possible double-spend, clients can trace a spend's history and locate all subsequent spends recursively to build a directed acyclic graph (DAG).
Spends could be for Data Payments, or direct transfers between users, or 3rd parties. For the purposes of everyday payments, users need only check the parents of each spend. However, transactions can be traced all the way back to the Genesis or emission event using the DAG, if required. You can audit the entire token supply in this way, should you choose to.
In a peer-to-peer, decentralized system, the economic model is one of the most critical components—delivering the incentives of supply and demand to effectively attract, engage and reward participants. Autonomi's economic system is designed to:
Encourage node operators to contribute storage space, bandwidth, and computing resources, thereby fostering growth and scalability.
Construct a resilient economic framework capable of adapting to changes in the external environment.
Support the resilience and growth of the Network by rewarding developers, strategic partners and other key contributors.
Meaningful rewards for software development, services, and data that provide value to those using the Network, and that benefit wider society.
There is a fixed Maximum Supply of 4,294,967,296 tokens. While capped, the rate at which the token supply approaches follows a tuneable emission and supply schedule.
Token rewards will be distributed evenly across eligible nodes without having nodes compete against each other in computational power or staked token quantity, addressing the consolidation of power issues with tokenomics built on top of PoW, PoS and PoS consensus mechanism.
Every data upload incurs payments from up-loaders to node operators. Unlike conventional cloud or decentralized storage, there is no extra cost other than the initial data payment, preventing cost escalation. This transparent payment system ensures predictability and affordability for users, and allows applications and services to scale rapidly without large data or infrastructure cost burdens.
Physical infrastructure-based decentralized platforms require upfront infrastructure availability before usage can scale. To drive node network growth, new token emission incentivises node operators independent of current network usage levels.
Node operators are incentivized to remain online as the expected rewards increase linearly with the node's uptime (proof-of-uptime).
Node operators are incentivized to provide correct service to the network, as incorrect service results in prompt exclusion from the rewards program (proof-of-correctness).
Tokens can be instantly transferred without fee.
At the inception of the Network, a Genesis Supply of 1,288,490,189 tokens will be issued, and subsequently distributed. This represents 30% of the Maximum Supply.
The remaining 70% of the supply will be emitted by the Network over approximately 30 years.
Tokens will be emitted during an upload event and become available to the node operator. The number of tokens emitted as the result of each event will be in proportion to the amount of data stored. Emissions will continue until the Maximum Supply is reached, according to the emissions schedule.
There will be a total Maximum Supply of whole tokens created over the Network’s lifetime. That's 4,294,967,296.
Each whole token can be subdivided times, creating a total of 4,294,967,296,000,000,000 available sub-units, or nanos.
Tokens are automatically distributed by the Network to the operators of Nodes as payment for the supply of data storage, bandwidth, and compute resources: these are Resource Supply Rewards. They make up 85% of each Data Payment made to the Network.
Before a file is stored on the Network, it is broken into chunks and encrypted. Each chunk has a unique hash value from which its Network address is derived.
Nodes also have a unique Network address. Data is stored on the nodes which have the closest Network address to the data itself.
A client can find the nodes that are closest to a chunk’s address by querying the Network. Once it knows the closest nodes, it performs a ‘store cost’ query to ask the price to store data at that location. The price depends on the storage capacity of the nodes, which ultimately depends on demand.
Once the client knows the store costs offered by the closest nodes, it picks one and sends the data along with the transfer paying for it. Upon receiving the data, the chosen node verifies the transfer, takes the payment, verifies the data itself and stores it. It is then replicated to the other close nodes. To receive payment a node needs to store new data and already have all the existing data in its range. When receiving data payments, nodes make sure that both their Resource Supply Reward and Network Royalty are valid before storing the data.
Autonomi tokens are recycled when users exchange them for Network services, which means that there will always be a supply for node operators to earn.
Tokens will be emitted during an upload event and become available to either the client or node operator. The number of tokens emitted as the result of each event will be in proportion to the amount of data stored. Emission will continue until the Maximum Supply is reached.
At the time of writing the Autonomi Network is still pre-release. However, a token called MaidSafeCoin (eMAID and MAID) can be purchased on cryptocurrency exchanges. When the Network goes live MAID will be exchanged for the live Network token on a 1:1 basis.
Nodes all have the same capacity and on average over time will all be as full as each other, but there will be some local variations which leads to fuller nodes quoting higher prices. The client should choose the lowest store cost offered for each chunk stored.
The rate of payment will also depend on the ‘storage reward rate’, which is a variable based on the quantity of free resources in the Network as well as the number of tokens in circulation.
This happens automatically, and the effect is to create an incentive for those supplying resources to provide storage when the overall spare capacity is low, and a disincentive when the amount of free space is high.
By adjusting the storage reward rate according to the amount of free available space on the Network, users storing data are charged at the optimum rate. This supply and demand relationship results in dynamic pricing, translating into competitive prices for data storage
By adjusting the storage reward rate according to the amount of free available space on the Network, users storing data are charged at the optimum rate.
The data payment amount is regulated by the dynamic pricing formula, which is designed to facilitate the network's scalability in tandem with its usage. Additionally, dynamic pricing serves to bolster network stability by deterring spam uploads.
where
represents the Network fullness.
As illustrated in the figure above, Dynamic Pricing reflects a correlation between network capacity and price. When network capacity is ample, prices remain low, incentivizing increased data uploads. Conversely, when network capacity is limited, prices rise to encourage more node operators to join. This dynamic relationship between storage capacity and price ensures that node operators are appropriately incentivized as the network necessitates additional capacity.
As the network approaches full capacity, prices increase exponentially to deter the acceptance of data exceeding its limits. This mechanism safeguards the network from becoming overloaded with data beyond its capacity.
At the heart of the Autonomi's philosophy is the conviction that computers, and the networks that connect them, exist to serve human needs. The value of software should be based on its usefulness to people, not on its ability to harvest personal data.
The Internet revolutionised software distribution and gifted us global hyper-connectivity, but the data mining ad-based business models that underpin today's web have warped our interactions with technology and distorted our relationships with one another. Tracking, surveillance, and behaviour manipulation, all in the name of ROI. A compromised and very different vision from the one that birthed the web.
It's time for a fresh blueprint for funding apps, building networks, and sustainably financing open software development. A blueprint that emphasises real-world utility, respects privacy and advocates for interoperability, autonomy, and open standards. One where apps, services, and protocols are collectively funded and rewarded by the network itself. An approach which asserts that invaluable software ought to be backed and consistently funded by the Network's inherent resources, rather than relying on fleeting benevolence, predatory capital or a privacy bait-and-switch.
Network Royalties are a mechanism through which software development, services, and data which provide value to people who use the Network, benefit wider society, and meet the objectives of the project, can be meaningfully rewarded and sustainably funded.
Autonomi's native tokens are the oil of the Network's economy. They recirculate through the Network and allow its internal market for resources to function.
Each time a Data Payment is made as files are uploaded or edited, 85% of that fee goes to nodes supplying the storage, but the remaining 15% is remitted as Network Royalties.
These royalties are redistributed to people building apps and services in the Autonomi ecosystem, and those maintaining the core protocol and the libraries supporting it.
Where Resource Supply Rewards are paid to those supplying computer resources to the economy, Network Royalties reward those providing utility and benefit to users through knowledge, innovation, and creative endeavours, and for them to be economically empowered by the Network itself.
Network Royalties are paid in support of the following areas such as:
Supporting the research, design, development, and maintenance of the Network and protocols, enabling its ongoing operation, enhancement and security.
Development of software applications, platforms, sites, and services that run on, and/or provide utility to users of the Network.
Creators, publishers, and curators of data that is made publicly and freely available for the common good can become eligible for Network Royalties.
Royalties will also support the sustainable and transparent governance of the Network and provide the required administration. They will also help foster the growth, health and understanding of the Network and its ecosystem, through education, and promotion.
As an autonomous and decentralized system, the Network is being designed to facilitate the distribution of Royalties directly to participants without the need for third-party intervention, nor a centralized authority.
These royalty payments will be made by the Network itself, rewarding participants such as application developers, service providers, and data owners, based on usefulness and utility of contributions to individuals and the health of the Network overall.
While the mechanisms for these automated distributions are still in development, they are a key milestone in the Network’s roadmap.
Until such time as the Network Distribution of Royalties is implemented, the Autonomi Foundation will collect and oversee the distribution of Network Royalties in accordance with the needs of the Network, and its ability to meet its objectives, through the following methods:
Grant Making: Royalties may be paid in the form of grants to fund new areas of research, prospective development of software, services, or other activities.
Rewards: Participants can be rewarded retrospectively in line with the utility and value of their contributions, endeavours, or services to the users of the Network and the project’s objectives in a given period.
Ad Hoc Payments: The Foundation may also make ad hoc payments to fulfil its objectives and remit, its governance and regulatory obligations, and in order to cover the costs of administering and distributing Network Royalties. Grants, rewards, and ad hoc payments will be made from the Network Royalties Pool, with any unspent or unclaimed funds in a given period returned to the pool for further distribution.
A portion of the Genesis Supply will also allocated to a Network Royalties Pool to help sustain the Network and the ecosystem in its early days, and reward and incentivise its contributors. This will be administered by the Foundation.
The foundational premise of Autonomi asserts that larger network sizes correlate with enhanced performance and heightened security. However, the dynamic pricing mechanism, while effective in providing a supply-and-demand-based incentive structure that augments rewards as demand rises, operates retrospectively. In essence, rewards only increase once new demand has emerged. This retrospective nature can potentially delay network growth due to market inefficiencies. The time lag between increased prices and the subsequent generation of additional resource supply could impede network expansion and adversely affect user experience.
The emission of the remaining token supply, comprising 70% of the maximum supply, will serve as a forward-looking incentive mechanism, ensuring consistent and dependable rewards for participants. Specifically, 70% of the remaining supply (49% of the total supply) will be distributed to the nodes participating in data storage as storage emissions. The remaining 30% (21% of the total supply) will be reserved for the potential future utility of the network nodes.
The storage reward emission rate the day after the genesis is defined by the following formula:
Where:
is the maximum token supply, and
50% of the storage emissions will be distributed over a period of 9 years, while 90% will be distributed in approximately 30 years. The yearly inflation rate will start at approximately 10% in the first year and decrease gradually each subsequent year. It is anticipated that the significance of the emission-based reward will diminish over time, with node incentives eventually relying fully on data payment as the network matures.
As the network scales, the likelihood of a node receiving data payment increases linearly with its uptime. Nodes that don’t contribute to the protocol will be ignored by neighbouring nodes, thereby excluding them from the reward mechanism. These mechanisms resemble Proof-of-Uptime and Proof-of-Correctness models employed by other decentralised protocols to encourage desirable participant behaviour.
Initially, 85% of the payment is allocated to node operators, while the remainder replenishes the Network Royalties Pool, intended to foster ecosystem growth. As the network matures, it will transition towards automatic distribution of Network Royalties to the builders based on the KPIs of the projects, effectively replacing the funds managed by the Foundation.
Furthermore, the data payments are designed to include a burn mechanism, through which a portion of the data payment can be permanently eliminated if necessary to manage the token supply as the Network matures.
serve as a fundamental incentive mechanism through which data uploaders directly compensate node operators for network utility. When a file is uploaded to the Network, it will be broken down into multiple small chunks, with each chunk assigned its own network address based on its content. These chunks will then be stored in a group of nodes whose network addresses are close to the respective chunk. Since the chunk hash is randomly distributed over the address space, data payment will be random and evenly distributed at scale.
Truly decentralized networks can have no master node or oracle to judge what is true or valid and what is not. Instead, the nodes that make up the Network must come to an agreement among themselves about which of many possible versions of “the truth” they will accept and the order in which events occur. This is challenging because each node has a different view of events. They must find a way to converge.
The bitcoin blockchain uses Proof of Work (PoW) to solve these problems of achieving decentralized consensus over the ordering of events to prevent the problem of double-spend – being able to spend the same coin twice – and Byzantine behaviour. Miners battle to verify a block of transactions. If there are two simultaneous winners the chain will split and for a time there are two versions of the truth, i.e. two chains emanating from the disputed block. Ultimately, though, after a few blocks have been added one chain will be longer than the other, and it is this chain that will be accepted as the true state.
PoW has proved largely effective against the Sybil attack, also known as the 51-percent attack, where one entity owns more than half of the mining power, but it is slow, massively energy-intensive and it doesn’t scale. Also, the consensus is probabilistic rather than deterministic: after some time, you might be 99.9 percent sure that all nodes agree on network state, but never 100 percent.
Other blockchains such as ethereum use Proof of Stake (PoS). While much more environmentally friendly, there is a tradeoff in terms of equability in that larger holders of the currency have more power.
Autonomi is naturally secure, meaning that it doesn't need any artificial slowing down or behavioural assumptions to keep data safe. It does not use PoW or PoS for consensus.
Instead it uses a system similar to that utilized by ants, Stigmergy, plus a combination of lightweight mechanisms including Conflict-free Data Types (CRDTs) and constant tests that nodes are reliable.
When the Network is launched, a Genesis Supply of 1,288,490,189 tokens will be created. This is 30% of the Maximum Supply. These tokens will be distributed as follows:
After the launch of the Network, holders of MaidSafeCoin will be entitled to swap their coins for the new Autonomi token on a 1:1 basis.
This applies to both the original coins issued on the Omni layer (MAID) and the ERC-20 version (eMAID).
Holders of MaidSafeCoin will collectively be allocated 452,552,412 tokens. That's 10.536806937% of the Maximum Supply.
MaidSafeCoin is a proxy token issued as part of a crowd-sale (or ICO) in April of 2014 that supported the development of the Network. In fact this was only the second ever ICO, and sold out in a matter of hours.
It was accompanied by the publication of the original project white paper.
This is an increase from the allocation of 10% described in the original project white paper, accounting for an additional 23,055,683 MaidSafeCoins issued during the crowd sale. Tokens will be distributed to MaidSafeCoin holders in the form of an airdrop, with each MaidSafeCoin entitling the bearer to one Network token.
Each company share of Maidsafe.net Limited will entitle the bearer to 105.8221941 tokens, resulting in shareholders being allocated 214,748,365 tokens. This is 5% of the Maximum Supply.
Any unclaimed shareholder funds will be held by the Foundation for a period of seven years following the inception of the Network, after which these tokens will be transferred to the Network Royalties Pool.
Out of the Genesis Supply, 621,189,412 tokens will be allocated to a Network Royalty Pool and distributed as Network Royalties. This is 14.463193063% of the Maximum Supply.
This initial Royalties Pool will be split into the following funds:
There's another way to drive consistency asynchronously across a decentralized network without consensus: Conflict-free Replicated Data Types, or CRDTs.
With CRDTs consistency is inherent in the data structure itself. If different versions of the same data exist across a set of connected nodes (or replicas as they are known in CRDT-speak), they will all eventually converge on the same state. If some data is changed on an offline replica, as soon as connection is re-established this change will propagate to all other replicas, even if the same data was changed on another replica in its absence. At the end of the process, everyone will have the exact same version.
In asynchronous decentralised networks, each node can perceive a different order of events. With CRDTs it is not necessary to try to enforce an order or agree on it before changes can be applied.
CRDTs can range from simple counters to more complex structures, such as documents on which many people collaborate. Because CRDTs follow a strict set of rules based on metadata contained within their structure, conflicts (i.e. the persistence of multiple states of the same data) are automatically avoided without any special code or user intervention required.
Not every data structure can be a CRDT, but where it's possible it makes the job of ensuring consistency significantly easier. Changes can be made locally to CRDTs in complete confidence that they will be valid whatever may be happening elsewhere.
On Autonomi all mutable data types are CRDTs
If a node is seen to be acting unreliably, it is simply ignored by other nodes by being removed from their routing tables and it will not earn any more tokens.
The closest parallels for this come from nature. Stigmergy is a scientific term to describe the mechanisms that ants, termites and bees use to create complex, resilient societies, without requiring central planning, control, or direct communication between the elements. These insects follow simple chemical signals to validate that individuals are who they purport to be, rather than invaders from another colony, and that they are behaving as they should. In the Autonomi Network, deviance is punished by being ignored and unable to earn.
Autonomi is a probabilistic, self-organizing system that reinforces good behaviours by providing a logical pathway for them, self-correcting for unwanted behaviours over time.
With this approach, so long as the rules are carefully written and properly implemented, it is possible to exceed the limit of one-third of nodes being Byzantine inherent in the "Proof of" approaches and still be protected against things like double spends.
A data type is a classification which describes how data can be created, transformed and used. All programming languages use them, and common examples include integer, string and boolean.
Autonomi provides two native data types for storing and retrieving data: chunk and register. Registers are mutable data types, whereas Chunks are immutable.
Data itself comes in different forms too. Content or binary data is always encrypted and is spread out over the Network as immutable chunks. It can be read by anyone with a data map, which shows how to decrypt and reconstruct the content from its constituent chunks. The data also holds other metadata such as filename and type (video, image, etc). So a 'file' on the Network is really a set of instructions for finding the content's immutable constituent parts and assembling them to recreate the original content, together with information about what will be returned when you do.
A chunk is an immutable data type. Its Network address is derived from the hash of its content. This means the file cannot be edited in any way after it has been uploaded—any change would alter the hash and therefore its address meaning it could not be found. The data chunks are created by self-encryption.
Data deduplication is a unique feature of Autonomi and a side benefit of the process of self-encryption. Two identical chunks will have the same hash value, and therefore only one (plus a few copies for redundancy) need be stored on the Network.
Chunks can be cached by clients, and fetching the same chunk next time can be quicker. Autonomi also has a planned feature called ‘opportunistic caching’ in which more copies of popular data are created closer to where it is being requested.
A register is a general CRDT mutable data type that holds a value. Registers are used to store appendable data—data can be added to a register with previous values still being accessible.
Autonomi deploys a special type of register called a Merkle register which supports concurrent writes. If two actors write to a register at the same time a fork will be created with both versions kept available. It's then up to client software to decide which fork to choose, according to the app's own rules.
Sybil attacks involve malicious actors generating multiple fake identities, known as Sybil nodes, in an attempt to control operations. With sufficient Sybil nodes controlling part of the address space, a malicious actor could block access to certain content, for example. Autonomi detects Sybil attacks by estimating the network size using a statistical method KL Divergence. This compares the real distribution of node IDs (i.e. their network addresses) with the theoretical one. A significant difference between the two could indicate a Sybil attack. At this point nodes looking for data at a certain address will broaden their search to include a wider range of peers than normal. Even if all nodes closest to a chunk of data are compromised, it may still be accessed via nodes that are further away.
MitM attacks rely on data being unencrypted or the victim’s browser accepting the attacker's certificate instead of the website’s certificate. They will not work on Autonomi.
Exceptionally difficult as there is no single point to attack. The Network will simply re-route around any nodes that are taken down.
Self-Encrypted data is considered 'quantum secure’, meaning that it cannot currently be defeated by a brute force attack, even with a quantum computer. On top of that, the volume of encrypted packets means that there could only be targeted attempts at decryption, and decentralization makes such targeting difficult.
While there is some feasibility to these attacks, as the Network cannot protect endpoints such as a device itself, such an attack would only compromise the user’s own data. Using such a compromise as a springboard for a wider attack on a database, or swaths of Network data, is just not possible, and would be of dubious value to an attacker outside of a highly targeted hack.
Files are stored in immutable data and cannot be changed, so ransomware cannot encrypt it, but it could potentially delete Data Maps or hide them, making data inaccessible.
Autonomi has an interlocking set of features, each covering the others’ vulnerabilities. This means that data security on the Network is maximized. While 100 percent security is impossible, this strength-in-depth means that the sort of attacks common on the current web will be much harder to carry out on Autonomi.
Random address allocation: A new node joining the Network cannot set its own address and thus cannot decide which data it will be required to manage.
Nodes are added only as needed: Nodes that do not pull their weight or act as they should will be ignored, and will cease to earn.
Churn: Nodes are constantly joining or leaving. Membership is fluid.
Encryption: All data on the Network is protected by several layers of encryption.
Self-encryption: Content stored on the Network is broken into chunks with each chunk encrypted using its own hash and the hashes of the two previous chunks. These chunks are stored at geographically random locations (the XOR location being the hash of the encrypted chunk) with a number of copies retained for redundancy. Without a Data Map, the chunks cannot be retrieved and decrypted.
XOR Networking: Randomizes the geographical distribution of the chunks. Only someone in possession of the data map (i.e. the data owner) can find the chunks and piece them together again to recreate the content. An attacker trying to fake a chunk could not do so as its hash—and therefore its address on the Network—would be different. It could not be used to create a corrupted version of the file.
Self-Authentication: A user can create a store of data securely and anonymously without requiring any central server to mediate the login process or any trusted third party to store and manage users’ credentials.
The Autonomi Network, formerly known as the SAFE Network will be ‘released into the wild’, to become publicly accessible on: Tuesday, 29 October, 2024.
This date marks the beginning of the Network’s full roll out, with the launch completed by the end of January 2025 through Autonomi’s Token Generation Event (TGE).
From October 29, Autonomi, in it’s new public environment, will be ready to:
Store data that’s quantum encrypted
Handle data uploads (using token)
Pay nodes hosting data (with token)
Access to the Network will be available through:
Command line interface (CLI)
APIs (with toolkits for support)
Node Launchpad (Beta rewards disabled)
The WebApp (for individual/private user upload/download)
Nodes will be able to receive payments for hosting data via the Network’s test token, this test token will be an ERC standard token. Data uploads will be paid using the same test token.
During the roll-out all tokens earned by nodes will be tracked (visible ‘on-chain’), any test token used for data being uploaded to the network will also be visible. The earning and spending of these test tokens (‘earning’ will be for hosting data and ‘spending’ will be for uploading data) will be rewarded through an exchange of the test tokens (earned and spent), into a ‘Network Token’ allocation, following the TGE of the same in late January 2025.
Yes, we are ready to put the Network out and into the wild, we need to do this to observe how it behaves without the MaidSafe team being at the center of the test-net environment, as it has been with the ‘Beta Node Reward Program’ (e.g. during this testing program the ‘Nanos’ earned by hosting data on nodes, were sent to a MaidSafe wallet so that they could be registered for rewards).
From October 29 2024 and ahead of TGE the Network, with your help, we will test the integration between Autonomi and the ERC-20 implementation. We will also use the opportunity of having the Network out in a fully scalable/public environment to identify further bugs that need to be addressed, along with any improvements to the Network’s performance that can be identified thanks to real-world conditions.
In summary, post launch in October, and throughout the months of November and December the MaidSafe team will be focused on:
Network stability, troubleshooting of issues and code reviews
Preparation for the Network’s TGE (including token exchanges/redemptions)
Encouraging activity on the Network with:
Incentive schemes (to include data interface i.e. WebApp)
The builder program
Marketing and partner announcements
In January 2025, the Network will transition from using Test Tokens to implementing the official Network Token. While data uploaded before this transition and the TGE will remain encrypted and secure, it will not be permanently stored on the Network.
Data not being perpetual on the Network until after TGE is due to the fact Autonomi will need to switch from using Test Token to using the ‘real’ Network Token post TGE (i.e. the network will be switching over but data will not/cannot). This process does not affect any of the security aspects connected to the data itself, pre or post, the Network Token being live.
Prior to the TGE, uploading data will be incentivized through a user being rewarded for doing so - it is important that the Network has data to host and that the experience of both uploading and downloading is thoroughly tested and optimized. In line with this Maidsafe will be running incentive programs ahead of full launch, focusing on - token testing, platform engagement and the Builder Program. More details on each of these will be shared in the coming weeks - but there will be incentives to run nodes.
There are four rules and four data types:
Chunks
Register
Transaction
ScratchPad
Chunks check hash of content == name (note: all 32 byte arrays and all the same. Meaning xor address == sha3hash == any 32byte array).
Registers check updates are signed by the owner and merge them (they are built for this).
Transactions, if duplicated, duplicates are stored and never overwritten — this is a form of double-spend attempt and prevention that is truly decentralized and allows for mass parallel payments across the Network.
ScratchPad address = XorName(owner publickey), check updates are signed by the owner and increment the version.
Autonomi’s native token and payment system was intended to utilize a DAG-based UTXO (Unspent Transaction Output) model, offering the following advantages:
Lightening Fast / Nano Payments: The system would allow for concurrent processing of non-conflicting UTXOs at incredibly high throughput.
Highly Anonymous Transactions: It would enforce the use of one-time addresses, enhancing privacy through improved anonymity.
No Gas Fees: There would be no need to charge gas fees to incentivise validators, unlike blockchain systems.
Integration with the Storage Network: The system would also offer a native integration with the Autonomi storage solution by treating each CashNote as a native data type within the storage network.
Taking a holistic view of the market, audience and space that the network needs to secure to thrive, there are several avoidable issues that, by electing to sequence the solution and its intended payment solution, we can avoid:
Integration & Accessibility: As a novel approach there is no out-of-the-box integration with other tools and platforms across the broader cryptography ecosystem (wallets, DeFi platforms and centralised exchanges).
User Confidence: With new payment technology integrated into the storage solution the Network will be introducing new/potential attack vectors, elements of untested variance.
Questions around Security: Auxiliary services such as an EVM bridge (required for users to exchange their network token via exchanges), will require extensive security validation to avoid exploitation.
While these aspects can of course be overcome with time, investment and resource, all of which MaidSafe has, they may severely limit the network’s initial accessibility and appeal, limiting its ability to achieve adoption and scale, and for the Native token to exist and thrive.
Ultimately we need to prove the storage solution viable and desirable, we can then move to a native (as opposed to network) token, tackling the public challenges that that will entail.
A Native Token for Autonomi is still on the roadmap, and while Maidsafe has advocated a DAG-based UTXO model for the network, which enforces a one-time address for all transactions, the need for integration with blockchain-based marketplaces (CEXs, DEXs) needed to be considered in order to support the reward (payment) incentives required for launch, initial adoption and the beginnings of scale.
The issue of initial scale, mainly speaks to the potential ‘isolation’ of a network launching with a small audience and a novel token. Concerns around stability and security, as well as traceability of payments (with less familiarization with tech) may also be coupled at the outset with people finding it difficult to exchange the tokens they hold and have earned for traditional currencies. These aspects would not be good for adoption or engagement/desirability (based on earnings). This of course would apply much less when/if there’s high demand for the network and its token, with the weighting between ‘effort’, ‘reward’ and perceived ‘risk’ starting to balance.
It is also important to note that the rate of exchange (and the ability to exchange) earned/gifted Network Token is ultimately what will create/represent ‘real world’ value to the token earner/holder—especially in the early stages of the network’s life where the network token’s utility is still growing.
Speaking of growth—for those looking to try the network for storage, accessing the token (i.e. exchanging currency for/buying the network token), so that they can pay for uploaded data to be hosted, needs to be an as easy, open and demonstrable process as possible. The readily available (and somewhat battle tested) tools, resources and knowledge base associated with an ERC-20 token will be to great advantage here.
Before continuing on about accessibility, it is also worth noting that this strategy for launch comes in part, as a result of consideration around potential volatility of ‘privacy coins’ (based predominantly on legislative influences). A volatile network token would impact the network’s operation as a whole—i.e. the incentives to run nodes and assurances around data permanence. This instability/uncertainty could deter hosts, builders and users/partners considering storing their data or building with Autonomi.
The integration of an ERC-20 Network Token with Autonomi will require users to migrate their funds to a blockchain wallet. Users will be able to create an EVM-compatible wallet specifically for interacting with the network and cover gas fees using either ERC-4337 paymasters and/or zk-SNARK-based privacy protocols.
The connection between the uploader's address and the chunk address will not be revealed on the blockchain. Chunks are ‘Information Theoretically Secure’, meaning that a chunk has no link to another chunk and there’s not enough material in a chunk to allow for decryption. i.e. its encryption is beyond any algorithmic security. It is actually not possible to decrypt a chunk on its own. Similarly, the link between the node operator's receiver address and the node's PID remains undisclosed on the blockchain.
Nodes will be paid in ERC-20 tokens and notified accordingly. Each node will have an Ethereum wallet address as its identifier. Node operators will be able to specify their own RPC (Remote Procedure Call) endpoints for their nodes, although a default RPC endpoint maintained by the foundation will be provided.
Uploaders will receive quotes from nodes, along with their wallet addresses and will be responsible for paying nodes in ERC-20 tokens. For large files with many chunks, a smart contract that batches payments for all chunks will be used to make the process more gas-efficient. Once a payment is made, the uploader will notify the nodes to check the blockchain - including a chunk or upload identifier in the notification message.
The Foundation will operate its own Ethereum nodes and provide a default RPC endpoint that nodes can use to read blockchain data.
There will be an upload payment smart contract to batch payments for chunks belonging to a single file. In addition there will also be a token smart contract to include additional tokenomic features in order to assist the stability and health of the network by adding features, sinks and utility to its token, critical for launch (i.e. desirability to run a node, supporting network growth).
We are very aware of, and understand the sentiment, however there are two main contributors for our decision:
The network by design requires the incentives for running nodes to be meaningful. This, in turn, requires a connection between the network and a market. Ethereum has the most active and liquid market. It also provides significantly better scalability and lower fees, thanks to its L2 scaling solutions.
As we progress with our native payment development, we envision allowing data uploaders to choose the payment method between ERC-20 payment and native token payment. This will provide flexible payment options for both crypto native users as well as those who don't want to interact with crypto in general.
As mentioned above the Native Network Token is very much on the roadmap, this will be particularly important if we’re able to reach the scale that we have set out to. Ahead of then, and for that to happen, we will need to have early/initial adoption of the network.
The MaidSafe team are continuing to explore the ways in which we can reduce gas fees further, as even with a Native Token on the roadmap, we need the ability to scale from launch. There are of course other ecosystems (such as Solana) out there—we have chosen to use Ethereum as it’s the most established with (as result) the lowest barriers to entry.
With an L2 implementation gas fees will also be low. By way of example only: Base chain currently incurs about $0.0014 per transaction with a single token transfer. In our experiment, a transaction involving 256 chunk payments will incur about $0.05 to $0.1 in gas fee payment.
Currently 256 chunks can contain up to 256MBs of data.
Another element we will be looking at over the coming months is chunk size, exploring the optimum size for Network performance and gas fee efficiency. Currently each chunk has the maximum size of 1MB. So 1000 chunks will be 1GB.
Once the Network’s native payment system is ready, users will have options to pay with either Network Token (ERC-20 token) or with the network’s Native Token.
eMAID holders will be informed of a snapshot, which will allow the equivalent amount of Network Tokens to be airdropped directly into their wallets, effectively replacing the eMAID they hold.
For those who have earned a Network Token Balance through the incentivised testing programs—this includes the Beta Node Reward Program, as well as the upcoming programs for token testing, Network engagement and ‘Builders’, there will be a window to submit a wallet address for the tokens to be deposited into.
For MAID (Omni) holders, the MaidSafe team will be building an exchange interface that will enable you to take ownership of Network Tokens equal to the amount of MAID token that will be burned. These Network Tokens will be issued as an ERC-20 token, although the team will also provide the option for MAID holders to exchange their tokens with the Native Network token when it is ready.
Yes. Upon releasing the last update to the White Paper earlier this year, the MaidSafe team were made aware of concerns around the level of discretion and control the Foundation would (potentially) have over the Network/Native Token. As a result steps have now been taken to address this concern (including automation).
There will be a reduction of maximum token supply (by 50%) and there will be updates to support token health (essential for the token-based network to scale and function). Further details confirming these aspects will be released in early December, with a final White Paper update released ahead of TGE in late January 2025.
The content of this update is hot off the press on Tuesday 10 September 2024, and accurately reflects the Network launch and rollout plans. The documentation on this site will continue to be updated over the coming days to reflect these plans, and give more details on the technical and economic implementation of them.
are the team behind Autonomi, and the core developers of its protocol.
Founder, Chief R&D Officer
Chief Executive Officer |
Chief Technology Officer
Head of Finance & Operations
Chief Strategy Officer |
Non-exec director
Non-exec director
Based in Geneva, the Autonomi Foundation is a non-profit organisation dedicated to the promotion and stewardship of the Autonomi ecosystem, protocol, and related distributed ledger and computing technology.
To allow anyone to have unrestricted access to public data: all of humanity's information, available to all of humanity.
Enable people to securely, and privately access their own data, and use it to get things done, with no one else involved.
Allow individuals to freely communicate with each other privately, and securely.
Giving people and businesses the opportunity for financial stability by trading their resources, products, content, and creativity without the need for middlemen, or gatekeepers.
Fund and support R&D of decentralized network communication protocols, security, and usability.
Maintain and deliver decentralized networks and necessary tools and applications.
Educate developers, users, and policymakers on decentralized networks and their uses.
Increase adoption and accessibility of decentralized networks and related technologies through funding and outreach.
Collaborate with regulators and standards bodies to shape public policy and develop best practices for distributed computing, privacy, security, and data interoperability.
Started in 2006 by Scottish engineer David Irvine, are the core developers of Autonomi. It’s a small team comprised of thinkers, inventors, tinkerers, PhDs, engineers and designers.
Often referred to just as the Foundation. A Swiss non-profit that facilitates, supports, funds and promotes the research and development of the Protocol, as well as enables the ongoing delivery, maintenance and adoption of the Network and its technologies. Formerly known as the Safe Network Foundation.
Often referred to just as the Protocol. A collection of open source algorithms, libraries and components that allows computers to form an autonomous data network
Not time-dependent. A system that supports asynchronicity should come to consensus no matter what order the various messages arrive in.
A cryptographic system that authenticates the sender of a message, allows for multiple parties to quickly come to a consensus, and can enable multi-signature transactions and n-of-k credentials
The ability of a decentralized network to function properly even if up to a third of the nodes (plus 1) is corrupt or faulty
Encrypted digital ‘cheque’ for a given value containing all the necessary information for the owner of the associated secret key to spend that value.
Nodes joining and leaving the Network
An immutable data type
Software that allows users to connect to the Network and make use of its services
A Close Group is a small number of nodes that look after a specific piece of data, and that only exist as a group for that specific data. This system of close groups allows nodes to act independently, but together to form a strong autonomous global network, capable of storing and retaining data in perpetuity.
Data structures that obey certain mathematical rules which ensure that when multiple versions of data exist across a distributed network, eventually these will always converge onto one ‘true’ version
A record of content chunks and their corresponding locations on the Network. Only users in possession of the data map can recreate the file
A one-time payment made upfront for data storage
A map of where data is stored on a distributed network
Detecting nodes that are acting suspiciously and removing them from the routing table.
At the inception of the Network 1,288,490,189 tokens will be created. This represents 30% of the Maximum Supply
A libp2p publish/subscribe system whereby peers congregate around topics they are interested in by subscribing to them.
A distributed hash table (DHT) protocol which provides a way for millions of computers to self-organize into a network.
A Kademlia-based open source peer-to-peer networking framework.
A cryptocurrency token, created during a crowd-sale (or ICO) in April 2014, that will be exchangeable, on a 1:1 basis for Autonomi's native token once the Network is live. There are both Omni (MAID) and ERC-20 (EMAID) variants of MaidSafeCoin.
Total number of whole Autonomi's tokens created over the Network’s lifetime: 4,294,967,296
A unique locator for a peer that encodes multiple networking protocols into a single address
A mutable CRDT data type for mapping keys to multiple values.
A mechanism through which software development, services, and data which provide value to people that use Network, benefit wider society, and meet the objectives of the project, can be meaningfully rewarded and sustainably funded
A portion of the Genesis supply that will be allocated to a Pool and distributed as Network Royalties, in support of the Network and its aims.
A machine that connects with others using Autonomi's Protocol to form the Network.
A system that rewards nodes based on the quality of the service they provide, making it economically disadvantageous for them to misbehave
The consensus algorithm used by the Bitcoin blockchain and others to confirm that transactions are valid and to deter attacks.
The consensus algorithm used by the Etherum blockchain and others in which voting power is proportional to wealth.
A mutable CRDT data type.
Allows a program to execute code or perform operations on a remote system as if it were a local function call. RPC is designed to hide the details of the network communication from the programmer. You call a function as if it's local, but it's executed remotely.
Payment to the operators of resource-providing nodes in return for storing data.
The former name for Autonomi
Content uploaded to the Autonomi is broken up into chunks. These chunks are then hashed, encrypted locally using the AES-256 encryption algorithm and the hashes of neighbouring chunks. Because content is encrypted and decrypted locally, there is no need for keys to leave the user’s machine.
Transaction information stored on the Network.
An indirect mechanism of coordination between actors, in which the trace of an action stimulates the performance of a subsequent action.
An adjustable factor that determines the rate of pay of participating nodes; it is increased when more storage is needed, decreased when there is an excess of storage space
3,167,866,884 tokens, representing 70% of the Maximum Supply, emitted by the Network over an extended time; 30 years or more.
The Token Generation Event represents both the Genesis of the Autonomi Network Token and the point at which its distribution begins.
A monetary transaction on the Network.
A unique 256-bit number; every entity on the Network has an XOR address
Autonomous Network (MaidSafe White Paper, 2010)
Data Hierarchy Refinement (MaidSafe RFC and forum discussion)
Distributed Hash Table (MaidSafe Whitepaper, 2010)
FileTree CRDT for Safe Network (MaidSafe forum discussion)
The Impossible Network — David Irvine
Safe (Autonomi) CLI User Guide (Github)
Security of the MaidSafe Vault Network
Self-Authentication — MaidSafe White Paper (2010)
Self-Encrypting files — convergent encryption plus obfuscation (GitHub)
Self-Encrypting Data — MaidSafe White Paper (2010)
Self-Encryption on the Safe Network (YouTube)
An introduction to state-based CRDTs
A Survey of DHT Security Techniques (Globule)
Boneh-Lynn-Shacham (Wikipedia)
BLS Threshold Crypto — Interface for Rust library threshold_crypto (Ian Coleman)
Byzantine Agreement, Made Trivial (Micali) (MIT)
Ethereum Classic “HACKED” by 51% attack! (Andrew Butler — Medium)
CRDTs and the Quest for Distributed Consistency (YouTube)
CRDTs for Non Academics (YouTube)
Git Branching — Basic Branching and Merging
Human-oriented base-32 encoding (O'Whielacronx)
Kademlia: A Peer-to-peer information system based on the XOR Metric (Whitepaper, 2010)
Kademlia XOR metric properties purposes (Stack Overflow)