One possible attack against the Holo hosting network that I keep thinking about could be called a “Flood and Corrupt” attack.
In this scenario a large organization, such as Google or Amazon, would spin up a vast number of nodes and connect them to the Holo network, accumulating a large portion of the overall data stored through Holo.
Then they’d shut down all their nodes simultaneously. If their portion of data was large enough they might be able to break the resilience of some data-points, thus corrupting the integrity of the DHT. While this attack would probably be unlawful, it would nevertheless severely harm the reputation of Holochain.
Also, large corporations can probably run huge numbers of nodes way more efficiently than my little HoloPort at home, drastically undercutting the hosting price I am able to afford. So they could starve small hosts until they dominate the network.
An obvious solution:
Allow hApp providers to limit the number of nodes per real person, when setting the hosting requirements for their hApp. So they would:
- Only allow hosts who have verified their personhood via KYC
- Limit the number of nodes per person
In doing so they woul guarantee that their hApp data is stored on a large variety of devices and cannot easily be centralized under the control of a nefarious large entity. In the case of a Flood and Corrupt attack on the Holo network, their hApp’s data wouldn’t be affected too much.
What I like about this approach is that it would not impose any restrictions on hosting. It would simply allow hApp providers to do so themselves.
Not only would this feature increase security, it would also ensure the spirit of Holochain is being maintained…
1 Like
Hm, this is an interesting attack vector. I’m definitely concerned about the ‘flood and undercut’ possibility you bring up, but never thought of a big entity using it to kill an hApp. FWIU Holo Host expects hosts to give some identifying details because they are, after all, entering into a service contract with Holo. I wonder if this information will be made available in an anonymous fashion to app providers — at least as an entry that says “I am a HoloPort that belongs to the unknown human whose identity hash is Y”.
@artbrock you’ve talked about Holo Host and identity in the past; do you know if there are any plans to offer this sort of thing to app providers?
Exactly! The information should already be there. And as you stated, no identity needs to be divulged - only the fact that there is a unique human identity behind a holoport.
I am just thinking of another question however:
Will it be possible to filter the list of potential hosts for my hApp beyond what the Holo hApp interface allows?
Imagine I create a Green Energy hApp, cooperating with local electricity providers. When customers sign their electricity contract, they may enter their HoloPort address-hash.
The electricity provider will then publish their different service plans to the hApp’s DHT and link from the correct plan to each customer’s HoloPort address.
So their 100% Renewable Electricity Plan would link to my HoloPort.
Using this hApp, one could filter the initial host-list provided by the Holo hApp, to only include viable hosts that also use 100% renewable energy.
But for that, the Holo hApp would have to allow further filtering of the host-tranches they defined…
@jakob.winter I know this is definitely in the plan, but I don’t know that it’s on a roadmap yet. And one nice thing about Holochain is that you can create a new UI that glues new new DNAs onto existing DNAs to provide additional data. Maybe some app providers want to check out the green credentials of their hosts; others need hosts that can support HIPAA compliance, etc.
There will be some UX challenges — if you fork the Holo Host UI and create your own, you’re on your own re: maintenance. But I’m hoping that the UI designers will allow for an extensible UI. In fact, I’m going to mention that to the HoloCentral lead, who’s asked me for community feedback.
That would be pretty fabulous. Like, you could install extensions from within the settings panel of the Holo hApp UI. Those extensions would then interface separate hApps into the Holo UI, adding more functionality.
And by choosing which extensions to include in the list, Holo would still have a lot of control.
1 Like