Network Fundamentals

Creating a new account and logging into the Network will never require a third party. Those processes will always be carried out directly between the User and the Network. It is worth noting that (for technical reasons) account creation may require the presence of Safe Network Tokens in the user’s account in certain circumstances (if this, for example, minimises the possibility of one entity creating millions of new accounts to attack the Network).

The Safe Network will never have any third parties who have the ability to either read or store the information sent by a User (unless that User consents in some way).

Each User will be able to use any of their identities as a wallet address in order to be able to send and receive Safe Network Tokens.

The Network will always ensure that the User has the ability to send transaction messages and posts with a temporary and single-use ID that is not linked to any known identity on the Network.

It is crucial that the new decentralised web is without barriers. One of the most important foundations for a global, collaborative platform is that anyone can access public content for free at any time without the need to create an account.

Each Client Account manages information about the User which will include several identities. These identities are likely to be cryptographic key pairs.

Each individual must be able to use any of their identities as a wallet address in order to be able to send and receive Safe Network Tokens.

All public/published data on the Network will be immutable and available on the Network in perpetuity. In exactly the same way as the Internet Archive stores versions of website that were published with mistakes, it will be impossible to delete any data from the Network after it has been uploaded. That does not mean that you won’t be able to change data - you will be able to make append-only changes, i.e. historic, earlier versions of data will always remain stored on the Network (whether they are accessible or not).

The Network itself will never hold passwords as this is a common cause of data loss. Instead, a User will only ever be required to enter a password locally on the device which they use to access the Network.

The Network must ultimately be accessible to any User on any device. When that User logs out from the Network and leaves that machine, there must be no evidence (other than any software downloaded to access the Network, such as the browser) that shows what activity the User undertook on the Safe Network.

After a User has started to communicate directly with anyone else after the first Safe Network node that it connects to, the User’s IP address is scrubbed and untraceable. For clarity, we are using the phrase ‘Hop 1’ to refer to the transfer directly after that connection to the first Safe Network node (not the hop that may take place from your computer to your home WiFi router, for example).

Like any species or group of organisms, unbounded growth leads to demise. The Safe Network could be attacked by a bad actor simply adding millions of nodes and then closing them down (or worse). To help prevent this, the Network will only allow new nodes to join when it needs them. This also nicely slows any attacker and dilutes them with good actors also trying to join. The Network can then balance supply and demand as it sees fit as opposed to relying on external controls.

If the Network simply accepted any Nodes that wanted to join, it would likely either be targeted by a botnet attack or an attacker might attempt to set up an overwhelming number of malicious nodes initially whilst the Network size is small at launch. The Network must be able to balance this supply of Nodes itself to avoid there being a large number of nodes that have very little data, as this would push the farming rates down.

A crucial part of Node Ageing (one of the ways by which the Safe Network prevents Sybil attacks) comes from the fact that the Network is designed to only permit the most trustworthy nodes within each of the Close Groups to vote on the decisions in the Network.

The Safe Network will never rely on servers (as the term is traditionally understood) as to do so introduces a third party weakness that undermines the entire Network.

By ensuring that all transactions are digitally signed, the Network is able to ensure that the transactions have been authorised in accordance with the rules of the Network.

Clients are software programs that allow users to connect to the Safe Network. There will never be charge levied by the Network if messages are sent directly between two Clients. However, any indirect messages that are sent between Clients that involve travel across the Network will carry a cost.

There is no concept of time in a decentralised network such as Safe unless it reaches out to centralised servers and services. Safe uses a completely event-driven paradigm to circumvent the need to try and synchronise and then use time periods as valid tools on the network. These periods require magic numbers which would need to be set by developers and this is something the Network avoids with rigour.

Services or traffic must be encrypted if they are to be used by the Safe Network.

The Network must be able to roll out improvements which are compatible with at least the previous version of the Network software, in order to ensure that the new iteration is an improvement in practice. As this will require significant effort, each node may run upgrades in parallel to existing working code before upgrading.