[tahoe-lafs-trac-stream] [Tahoe-LAFS] #724: helper: client should check up on the helper's work
Tahoe-LAFS
trac at tahoe-lafs.org
Sun Aug 16 15:26:18 UTC 2015
#724: helper: client should check up on the helper's work
-------------------------------+---------------------------
Reporter: warner | Owner:
Type: enhancement | Status: new
Priority: major | Milestone: undecided
Component: code-encoding | Version: 1.4.1
Resolution: | Keywords: upload-helper
Launchpad Bug: |
-------------------------------+---------------------------
Changes (by zooko):
* keywords: helper => upload-helper
Old description:
> Really, a client which uploads a file through the Helper should turn
> around immediately afterwards and verify that the helper really did it's
> job. The most intensive approach would be to perform a full verifier run
> (download all shares and check all bits). A more appropriate choice might
> be to perform a file check plus download the UEB from all shares to make
> sure it matches the value returned by the helper.
>
> Once #722 and #723 are fixed, a change like this would merely be a
> reliability improvement: if the helper is buggy or malicious (or not
> connected to the complete/correct serverlist), this would allow the
> client to detect it right away, while the original file is still
> available.
>
> The client would respond to a helper failure by performing a direct
> (helperless) upload, which is obviously slower but then removes reliance
> upon the helper for reliability/availability.
New description:
Really, a client which uploads a file through the Helper should turn
around immediately afterwards and verify that the helper really did it's
job. The most intensive approach would be to perform a full verifier run
(download all shares and check all bits). A more appropriate choice might
be to perform a file check plus download the UEB from all shares to make
sure it matches the value returned by the helper.
Once #722 and #723 are fixed, a change like this would merely be a
reliability improvement: if the helper is buggy or malicious (or not
connected to the complete/correct serverlist), this would allow the client
to detect it right away, while the original file is still available.
The client would respond to a helper failure by performing a direct
(helperless) upload, which is obviously slower but then removes reliance
upon the helper for reliability/availability.
--
--
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/724#comment:1>
Tahoe-LAFS <https://Tahoe-LAFS.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list