New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Rebase ZeroNet infrastructure to IPFS or Dat #1669
Comments
I want ZeroNet focus on distributed web apps framework, and unite other distributed storage infrastructures together. So finally network architecture will be like this:
And mature infrastructures have more code review & security audits. ZeroNet security is considered bad. |
CJDNS requires IPv4/6 connectivity and regardless of the prefix composition MP-/BGP is going nowhere. |
CJDNS doesn't requires IPv6 to work, but ZeroNet needs IPv6 (already being implemented in a pull request) to run thought CJDNS |
https://geti2p.net/en/blog/post/2018/10/23/application-development-basics I think the i2p team do that for zeronet. it is python. |
IPFS uses too much system resources |
IPFS seems too bloated and hard to use. Dat looks good. |
DHT is really need, and already used on IPFS and Dat.
I don't think ZeroNet is a framework for distributed web apps, but another network for that.
Now I understand Tamas. He is alone building a huge project, and isn't handling well the donations he received. The administration of he is really bad, but we shouldn't forget he is a human and probably with a good will. The only things we should blame he is about creating an organization to store ZeroNet-related repos, opening this organization and ZeroNet core repo for new maintainers, and distributing the ZeroNet donations to those maintainers and making a collaborative roadmap. Regarding security, openned that issue: #1849
Strad tried to help implementing i2P to ZeroNet, but was ignored. Tamas keep saying that it is difficulty, but doesn't haves dedication to that. Vuze is the proof that BitTorrent networks (as ZeroNet) can support full i2P: https://wiki.vuze.com/w/I2PHelper_HowTo
Yes, but IPFS is pretty modular, which futerely will support to storing bytes on merkle tree instead of full files. On IPFS thats really bad to re-upload a whole file for just changing an comma. Dat seems to not work at this manner, being more lightweight. |
Asking what those ZeroNet and other network's members thinks about that: I've also suggested a translator plugin (#1835), to permit zites sending commands that are repassed to the main frame (like Cordova, Electron and Ethereum commands). |
I am afraid ZeroNet API need blow up and rewrite, too.
|
I agree. <iframe> as sandbox are too hacky Dat-Fox (an Firefox extension for Dat) used that solution for not using iframe:
See: https://github.com/sammacbeth/dat-fox/#dat-firefox
Getting rid of
JSON is the most modern web standard; for easy editing, there could be an SQL viewer that supports that dbschema. Although CSV could also be used. |
Here is Dat docs: https://docs.datproject.org/faq#dat-vs
|
My plan: When user visit ZeroNet client should check the
|
How could be used on ZeroNet? |
|
How personally you think ZeroNet could be a middle network for Dat? |
Fwiw I just worked with implementing ZeroFrame in a separate language by communicating with ZeroNet via WebSockets and besides needing a quick PR for an IP address matching issue, it was quick easy to work with. You just need to open one connection and you can talk and stream data. And it's fast. Dat's proposal for an |
I'm sure most of ZeroNet users are in favor of replacing it;
|
So how can we make a sandbox then |
Common deep-web onion sites that runs thought Tor doesn't haves an |
Security is important. |
Then move to i2P. Regarding Tor-wise use, .onion sites are considered secure and doesn't uses |
OK.We can suggest shortcutme add an option to disable iframe for the sites you trust |
How ZeroNet would be more secure than Dat-Fox by using an |
It would solve some cross-site security problems, but notifications, sidebar, loading screen would not be possible in secure way without the iframe Other problems:
Btw there is a similar chrome plugin for zeronet: https://github.com/goldenratio/zeronet-protocol-crx
You can request NOSANDBOX permission which disables it for the site |
Decentralized sites should be trustless; the contrary of when using an NOSANDBOX permission.
Good
Notifications can be shown from the ZeroNet app itself, also the suggested desktop notifications from feed. All these suggestions seems to be hard, but if you thought on they since the begin of ZeroNet, would realize that all these are better and less hard than implementing a whole nonce/sandbox/iframe system.
The second problem is related to the first one. |
@pfrazee |
Prerequisite knowledge for you:
|
Put these in WebExtension
Yes, this is a problem for ZeroNet. |
middle network? |
Good, and also this could be on the app itself.
Using Bitcoin address haves the only advantage of accepting donations for the same site address.
Good. @pfrazee As IPFS haves its own stack, I agree with @0polar that ZeroNet should be focused as application layer (as, I repeat, it haves amazing, creative and exclusive page/user-wise features), while Dat is its storage layer. Dat will be very helpful for ZeroNet, the same way ZeroNet will be helpful for Dat.
If there are already Dat libs for Python, that will not be very hard to implement. |
OK.I agree. |
yes we can, but it's not ideal and dose not give fine grained control, nosandbox works but it also gives control over other sites |
Fix your English: |
local host is not user interface.It's web server |
They are not conflict. |
Fix your english: |
Dat works differently and has different style database. So if you want to develop for dat efficiently, then you should use their API and no real reason to interact with zeronet-style api. |
@shortcutme Is it possible to remove iframe by building a browser for zeronet |
Sure, it's possible. |
So why not build a browser as the user interface of zeronet. |
Understanding browser's source code is a hard task and no necessary. |
Using extension may be not enough yet |
Yes, but if do this, there is no compatibility. |
Why fork Firefox if we can create an plugin for it and support the ZeroNet Browser by @rllola ?
blurHY
Please don't start an english discussion, but focus on what matters here.
In which thing Dat works differently: because it isn't using Bitcoin addresses? because it is fundamentally better than IPFS and better than ZeroNet's network/storage layer (but Beaker is not better than ZeroNet on application layer)? because (like I've reported about Zero Games, which proves ZeroNet is not really censorship-resistant, which was a shame) Dat is really against censorship and for an open Internet (unlike ZeroNet that relies on an censurable Bitcoin address)? because Dat haves built-in archiving and versioning? because Dat is being supported by Mozilla and added support to their protocol on Firefox? Can we point more about how ZeroNet is dying as a network and storage layer, and wait for more zites being censored through Tor and the unversioned/confuse updates of ZeroNet? And if an attacker does worse than what occurred on ZeroGames and, instead of replacing index.html, putting chldporn files to give legal issues to their seeders? That's the health of ZeroNet what is in question. Or I support Dat (and we've recently had serious disagreements, but they were instructed to do that about me) or I support ZeroNet; the two networks needs to be united or only one be used. And I'm not wrong about that, because I'm sure users doesn't likes duplication. That is not a corporatism competition, where Dat/ZeroNet could think "I want money, you make money, I'm competitor and competition is good for consumers they haves options". Users prefers an product that supplies their needs, instead of opening Dat and ZeroNet at same time and being confuse. And competing to Dat, death for ZeroNet as a network. But ZeroNet is better at application layer, but its network will kill it. Dat already haves an microblogging with user features (Fritter), and when it gets more application-layer updates, there will be no reason for using ZeroNet, as Tor can be used through Dat. ZeroNet should do an huge and unnecessary work for rebuilding a network from scratch, while Dat (through Beaker) haves possibility to implement application-layer features: so ZeroNet is on disadvantage. blurHY
shortcutme
An browser for ZeroNet is already being made, with Python. Maybe he wants to contribute: https://github.com/rllola/ZeronetBrowser 0polar
@rllola is already building an browser for ZeroNet. blurHY
I agree. shortcutme
0polar
Tamas simply doesn't wants to do that. He can't think how that can be done, even if we explain how and why it matters. |
So, we should focus on app layer and let dat's team to do other things. |
I would like to keep ZeroNet as independent as possible, so the custom zeronet network won't be dropped. |
@shortcutme Is plugin system planned ? |
@blurHY A plugin system is already implemented and even used extensively for core functionality. |
This can already be done on sites with NOSANDBOX, but it would be cool to see in ZeroHello, yeah. Topic for a separate issue though. I recommend closing this one at this point as @HelloZeroNet has stated he will not rebase ZeroNet on top of another incompatible network. |
Off-topic. |
Yes, it's planned in some careful way as it allows direct code execution. It would be nice to find a way to sandbox zeronet inside a directory, so the worst thing could happen is leak the private keys. |
Doesn't everything pass through the WebSocket API anyways? Can we not do path-based rules there? |
Totally agreed.
"Rewriting from scratch is possible, but it won't be backward compatible because of the differences so probably it's better to find a new name for that network instead of zeronet. If you planning to do that I suggest to open a new repository" Ok, we should support Dat instead. |
Update: No, WebExtension is not necessary. |
Hi |
No standards. It depends on implementations. |
I think the browser only convert cases of the domain part, if the browser doesn't honor the whole url cases, ipfs address would have been broken already, but it's not broken. |
ZeroTalk: http://127.0.0.1:43110/Talk.ZeroNetwork.bit/?Topic:1538407463_14ytAKDfNjArMTqGecTi7ginG3aZTsRAum/Rebase+ZeroNet+infrastructure+to+IPFS+or+Dat
Advantage: DHT, archiving system, bigger developer team & community, no repeated code…
Also a chance to migrate to Python 3.
Before I start to write code, is there any suggestion for me?
The text was updated successfully, but these errors were encountered: