As the Internet continues its exponential growth, it is starting to show the creak of middle age. Its design, using a traditional open client-server relationship, is now unnoticed by us – it's how you accessed this article, for example. However, it becomes apparent when the design is infiltrated by Ddos attacks, Government surveillance, or the privatisation of once-public space. As these challenges become answered by decentralised networks, David Irvine of Scotland's Maidsafe is leading the development of what might become a true alternative to the Internet.
Irvine started out as a network designer and engineer. His company, Eboxit, provided “server-in-a-box” products and grew rapidly until it became the subject of a bitter shareholder dispute. The timing was commercially painful, given that a similar company, Cobalt, was acquired by Sun for $2bn. Eboxit fizzled out and left Irvine with some time to reflect on the business, and whether selling client-server products in general was the best and most fair way to offer access to networks. The result was a consideration that the inherent problem in many network infrastructures is not one type of server over another; it's the fact that servers exist at all. Natural paradigms such as ant colonies and cell division prove that life can work without such a methodology. A controlling authority doesn't inherently create weakness. Ergo, client-server is quite an “unnatural” way to design a network – it's inefficient. The methodology exists because of its commercial legacy; thin client-based LANs, where the server was the only computer with a hard drive, still exist but the majority of network installations are based on lots of PCs and phones, all packed to the rafters with memory, processing power and hard disk space... much of which remains unused and irrelevant to the network.
The consideration which Irvine had made was that in a more effective network, complete decentralisation had to be done. The computer almost has to be “alive”, and the code has to connect to the network itself, and to become part of it. The computer, in other words, will have to benefit from becoming part of the network. Between 2004 and 2006, Irvine worked on the methodology which became a working demonstration, using a few million lines of Python and with a level of detail sufficient enough to apply for patents. The final product has since been reworked into a few hundred thousand lines of C++ by a 15-strong team (with the cryptocurrency modules replaced by Bitcoin), and they have created the Subreddit Decentralised Internet to facilitate further discussion.
Maidsafe is a business which owns the patents. One per cent of the revenue from the commercial use of Maidsafe, however derived, goes back into the business. Given the increased commercialisation of the “online commons” then, how can this position tally with the public Internet, which doesn't have a single owner? Irvine is surprisingly relaxed about this.
“If you base a tech company around a revenue model, you'll bend the technology. We have looked at everything from two aspects: the first is for the system to be logically and mathematically correct, consistent, and complete. The second is fairness. If the system is fair, then it distributes resources to people providing resources. We have looked at it from the point that if we are focussed on that, then we will design something that's mathematically correct.
“We will never stop anyone from using the system. If you're using the system and you profit from it, then one per cent of the revenue is paid back to Maidsafe. So, if you use it and don't want to contribute back code and just want to build a commercial app, then you can freely use our code. But once you get revenue, there's a small donation. It's like the mobile app market but it isn't 30 per cent, it's one per cent to ensure continued development.”
Maidsafe provides a decentralised network which carries third-party applications. It uses TCP/IP underneath, as does the Internet; from there, the two networks diverge. Data is spread and churned across the Maidsafe network, rather than available from one specific point to another as the client-server architecture demands. It means, in theory, that you could go to any computer (or, indeed, any phone) connected to Maidsafe, log in, and fully retrieve your environment and data. The data is not held in one single place, with the data exchange occurring at the level of the disk API rather than, say, through HTTP.
Developers on the Internet would normally require an API key which cannot become part their source code. Maidsafe has no such key; you just use the API in a seamless, frictionless way.
Data is encrypted through a key exchange at the point of entry to the network. It means that routers don't know what is passing through them. This design makes MITM attacks impossible, and surveillance becomes impossible to conduct. It also provides edge caching out-of-the-box. If your data is accessed from a different part of the world, the data caches through FIFO registers in each intermediate node. The next person that tries to read it will get a cached copy; the next after that gets a closer cached copy, and so on. As Irvine says, “It's like the network breathing”.
“If you go to a locksmith, he won't ask you for your name and the door's address, and require you to phone him up before you enter or exit your house. The transaction is both secure and private. It's important that the company does not know you. That is why we don't believe in the web of trust, and that trust should be mathematic. You're not connecting to another computer, you're joining a mathematically-complete system.
“You have to have security and privacy at the core of the design. You can't just take the Bitcoin network, for example, and put a data provisioning platform on top of it. That network was created for trade. If it [privacy and security] isn't at the core, then it's broken. If you step back again to the server market, there is a complete lack of privacy in the design of networks. You're sharing on a platform owned by someone else, and your identity is there too. How do we try to secure servers? With bomb shelters, high-tolerance routers, strong firewalls, lots of admins... these are lots of sticking plasters. Security and privacy are not at the core of the design.”
The business model developed as the product evolved, as Irvine wanted to focus on the correctness of his approach. The key to any future success of Maidsafe is to ensure that data and users are treated fairly, and everything is available to all. The patents, Irvine explains, are defensive, in that he sees Maidsafe as the first development of its kind, rather than an attempt to block out any further attempts to work with, or in competition to, the network.
Such is the youth of attempts to create decentralised networks in this way that there is a long journey for both Maidsafe and its patents to travel.
Because of the focus on privacy and security, Irvine has tried to ensure that the company is as open as it can be. Both the full source code and the development of it are open (in that day-to-day development can be viewed). As development continues, investors may be nervous about their return, but Irvine is relaxed about it, placing Maidsafe's work in a wider context.
“People can donate some of their disk space to the Maidsafe Foundation for Innovation and to the One Laptop Per Child project. The return on investment is a significant, humanitarian one. The financial return must come through, providing incredible value. We're trying to make the business as logical as the network. We will never use profit or patents to crush or to stop innovation.”
The initial investments into Maidsafe, combining seed funding with the one per cent revenue share, also gives a different funding model to the “traditional” series-based funding rounds which tech companies in Western cities are so used to. As Maidsafe is based in Troon, they don't necessarily have immediate access to a Level39 or Index Ventures, but Irvine sees that as an advantage.
“If you try to start up Google or Facebook, then the initial capital costs for acquisition are huge. If you don't have an investor cycle as Silicon Valley has, and you take the requirement away, you amortise the innovation throughout the world, which is what we have with Maidsafe. Silicon Valley is not innovative per se, but we're not surprised when innovation comes out of it - because it's the only place where such high levels of innovation can attract investment.”
After several years, Irvine is now confident that Maidsafe is robust enough to be offered out to the public, and for it to be offered in a wider context where there is sufficient concern about the future of the incumbent Internet network that Maidsafe can provide a genuine alternative.
“After eight years, we need to put it in the hands of others, and to push it out. People will have a decentralised Internet, and it's up to us to provide it in a completely frictionless way.”
Further information on Maidsafe is available at its official website.