Hi! I'm the GitTorrent author. It feels strange to have it show up on the front page whenever GitHub does something bad, more than five years later.
Bitcoin and BitTorrent v1 were plausible substrates in 2015, but no longer. I think Radicle (https://radicle.xyz) is the project most deserving of attention at the moment.
The hardest thing about such a project is economic: how do you handle issue/comment spammers? Or someone creating as many accounts as they can? How do you incentivize someone to mirror your repo? Or to build you a delta to satisfy your `git pull`, without making the network fall over when someone realizes they can ask you to spend infinite CPU building packfiles for them? And what happens when someone forgets their password or loses their private key? This space was a humbling experience in the necessity of incentive alignment for me.
Absolutely, because it is truly innovative - and you're mostly in uncharted waters. We're at peak cloud right now, and what projects such as yours offer is a glimpse into the post-cloud future. We're going to look back and say - what were we thinking when we decided to move compute and personal data storage into datacenters while carrying powerful supercomputers in our pockets.
Add:
> And what happens when someone forgets their password or loses their private key?
Here's an approach I found interesting: https://darkcrystal.pw/
bookmarking dark crystal to read later.
With the cheapness of CPUs networking and storage I’m still amazed that there isn’t a revolution in hardware offerings for single purpose boxes. If you need photo storage you should be able to walk into any store and buy something the size of an external hard drive that you can just plug into your router and it just works. Same thing for email, private messaging, social networking, calendars, whatever. Most people don’t use enough data on these things to make it a problem. The biggest challenge would be security but you should be able to buy an off the shelf firewall and have some form of automatic updates. We’d need to all agree to use existing open protocols and there’s a decent amount of code to write to enable federation but it’s not an impossible task.
Actually, alas, the challenge here is the durability of storage. Changing a disc out and synchronising its contents is out of reach for average joe, and nothing is foolproof enough. The cloud is about giving up responsibility, and sadly most people give it up gladly
These devices could be sold with access to an encrypted back up service so you can have you local data and search it and it's encrypted locally before being sent to an off-site back up. But then you get into those businesses going under, people not maintaining thier accounts, companies who do not actually encrypt because users really want cloud access at the end of the day, etc.
When I think of something that we should be able to do but can't ("I just want a button to do X" type requirements) it is usually apparent why that doesn't exist if I give it some thought.
I don’t think site security is the main concern for the average person when it comes to this use case. They run the same risk with all of their physical possessions and there are existing solutions for this eg firesafes. Making sure that drive failure doesn’t wipe out your photos or files would be more important. Multiple redundant drives are the solution. If each is a small SSD and plug and play it’s something anyone could handle by just buying a new drive and swapping it out. Physical data appliances need to be as simple as a lamp. Plug it in, turn it on and occasionally replace a light bulb.
Or use encrypted mutual backups on others like systems (eg you friend buys the same model and you each clone each other’s, transparently, securely). Storage is cheap so you just over provision the space so that it can be both super durable, and have space to backup friends’.
I think doing some peer to peer striping should solve this. Selling a 3TB that only uses 2TB with an extra $5 to pay for a matchmaking service for 20 years.
This.
Aren't you describing a NAS?
Yes it turns out I am. I did some googling and found some decent options. I do wish that there were more network appliances in this vein and that they were more widely developed for and used rather than the current cloud infrastructure.
I'm lost browsing the radicle website and all its links. Ultimately, I found https://github.com/radicle-dev/radicle-link , following the link "browse the protocol", which mentions: "WORK IN PROGRESS - In fact, there is nothing substantial to see here yet". Is it a yet unreleased software? (that would explain why I can't find a way to try it out).
If it's the case and if anyone from the project is reading this, it would be helpful to mention it on top of landing page.
Also, the landing page is mentioning ssb, is this related to git-ssb?
> how do you handle issue/comment spammers?
I love how ssb is handling that : it's not a problem because you create a "web of trust" and only content from people you trust and people they trust reaches you - and trust can be revoked in case of problem. Obviously, it creates an other problem, though : how a benevolent total stranger can reach you?
By the way, yet an other alternative is hypergit ( https://github.com/noffle/hypergit ). It uses hyperdb/dat. I used it a few times to share code with friends, I loved it because it was the most straightforward for them to install and use.
But web of trust hasn't been very successful in practice. It's the usual reason quoted [citation needed] for the failure of PGP/GPG to become a mainstream success.
Keybase's approach is more scalable, but it's still centralized.
PGP’s web of trust hasn’t been a mainstream success because (and I say this as a dedicated GPG user) the UX is awful. I don’t think it has anything to do with the web of trust though; in fact GPG doesn’t really expose the web of trust ideas much to the user.
I can easily imagine a web of trust system with UX more similar to Facebook’s (and in fact this is basically what SSB’s clients are).
https://radicle.xyz/radicle-link.html
It frustrates me that they use the relation "on top" backwards, but otherwise it's a good read.
Radicle provides a network overlay and gossip protocol, on top of which they run the git smart protocol (they describe it the other way around, which makes no sense).
Usenet solved this with a Bitcoin precursor, Adam Back's hashcash.
In effect you can do the same thing better by using a cryptocurrency with cheap transactions, e.g. Bitcoin Cash's Memo.cash. This way git hosts are compensated while at the same time making it too costly to spam.
Longer packfile creation processes will require a greater transaction fee or otherwise be ignored based on heuristics created by the client. This will prevent infinite CPU building packfiles issues in addition to fair compensation for increased computation cost. All while the miner is incentivized to minimize the time to be able to reap that block reward in the context of market competition.
Wrt crypto, this is the LBRY [1] approach I believe, and seems to work quite well.
[1] https://lbry.tv/
The radicle website seems to do a bad job in advertising itself. I'm missing links at the top for a simple explanation of the project and quick tutorials to get radicle running for existing GitHub/GitLab/Gitea users. If you want people to use your project it has to be easy.
When I saw this Radicle I immediately thought of Radicale[0]. Completely unrelated to the current topic, but I thought someone else might find it interesting that two projects share a very similar name, but are completely different.
[0]: https://radicale.org
I think that such problems requires humans to make a decision. There should be a vote mechanism / leader election / democratic process to give some people the power / admin role to solve these issues by manual intervention.
You use federation. Federation means ppl can get banned, but there's no central authority for who gets banned - different instances have different ppl banned.
Then just pick an instance you like.
How does this compare with having a Github/Sourcehut like "website" hosted via IPFS? It appears that Git's versioning model might be nicely compatible with IPFS.