Network Fundamentals

The project to build the Safe Network has, at its heart, a set of objectives that are still as vital to meet today as they were when we began back in 2006:

  • Allow anyone to have unrestricted access to public data: all of humanity's information, available to all of humanity.
  • Enable people to securely and privately access their own data, and use it to get things done, with no one else involved.
  • Allow individuals to freely communicate with each other privately, and securely.
  • Giving people and businesses the opportunity for financial stability by trading their resources, products, content, and creativity without the need for middlemen, or gatekeepers.

These objectives lead to the foundational principles that have driven each stage of the Safe Network's design. The Network Fundamentals:

The Network will...


Allow a person to create an account and login anonymously and without intervention

Creating a new account and logging into the Network will never require a third party. Those processes will always be carried out directly between the User and the Network. It is worth noting that (for technical reasons) account creation may require the presence of Safe Network Tokens in the user’s account in certain circumstances (if this, for example, minimises the possibility of one entity creating millions of new accounts to attack the Network).


Enable Users to securely and with no controlling intermediaries share information and messages

The Safe Network will never have any third parties who have the ability to either read or store the information sent by a User (unless that User consents in some way).


Allow the transfer of Safe Network Tokens to any User free of transaction costs

Each User will be able to use any of their identities as a wallet address in order to be able to send and receive Safe Network Tokens.


Enable Users to anonymously create and share data worldwide

The Network will always ensure that the User has the ability to send transaction messages and posts with a temporary and single-use ID that is not linked to any known identity on the Network.


Let anyone browse content anonymously and free of charge

It is crucial that the new decentralised web is without barriers. One of the most important foundations for a global, collaborative platform is that anyone can access public content for free at any time without the need to create an account.


Allow Users to associate multiple identities to their account

Each Client Account manages information about the User which will include several identities. These identities are likely to be cryptographic key pairs.


Let Users use any of their identities to send/receive Safe Network Tokens

Each individual must be able to use any of their identities as a wallet address in order to be able to send and receive Safe Network Tokens.


Store data in perpetuity

All public/published data on the Network will be immutable and available on the Network in perpetuity. In exactly the same way as the Internet Archive stores versions of website that were published with mistakes, it will be impossible to delete any data from the Network after it has been uploaded. That does not mean that you won’t be able to change data - you will be able to make append-only changes, i.e. historic, earlier versions of data will always remain stored on the Network (whether they are accessible or not).


Never require passwords to be stored on the Network or on the machines used by the Clients to access the Network

The Network itself will never hold passwords as this is a common cause of data loss. Instead, a User will only ever be required to enter a password locally on the device which they use to access the Network.


Allow any User, on any machine, to access the network and leave no trace of that User on the machine

The Network must ultimately be accessible to any User on any device. When that User logs out from the Network and leaves that machine, there must be no evidence (other than any software downloaded to access the Network, such as the browser) that shows what activity the User undertook on the Safe Network.


Scrub all Client IP addresses from Hop 1 of the overlay network (i.e on Safe)

After a User has started to communicate directly with anyone else after the first Safe Network node that it connects to, the User’s IP address is scrubbed and untraceable. For clarity, we are using the phrase ‘Hop 1’ to refer to the transfer directly after that connection to the first Safe Network node (not the hop that may take place from your computer to your home WiFi router, for example).


Only accept more Nodes when it needs them

Like any species or group of organisms, unbounded growth leads to demise. The Safe Network could be attacked by a bad actor simply adding millions of nodes and then closing them down (or worse). To help prevent this, the Network will only allow new nodes to join when it needs them. This also nicely slows any attacker and dilutes them with good actors also trying to join. The Network can then balance supply and demand as it sees fit as opposed to relying on external controls.


Increase farming rewards when it needs more resources (Nodes) and decrease rewards when resources are plentiful

If the Network simply accepted any Nodes that wanted to join, it would likely either be targeted by a botnet attack or an attacker might attempt to set up an overwhelming number of malicious nodes initially whilst the Network size is small at launch. The Network must be able to balance this supply of Nodes itself to avoid there being a large number of nodes that have very little data, as this would push the farming rates down.


Rank nodes over time and increase trust in higher ranked nodes

A crucial part of Node Ageing (one of the ways by which the Safe Network prevents Sybil attacks) comes from the fact that the Network is designed to only permit the most trustworthy nodes within each of the Close Groups to vote on the decisions in the Network.


Not have servers

The Safe Network will never rely on servers (as the term is traditionally understood) as to do so introduces a third party weakness that undermines the entire Network.


Digitally sign all transactions

By ensuring that all transactions are digitally signed, the Network is able to ensure that the transactions have been authorised in accordance with the rules of the Network.


Ensure that Client-to-Client direct messages are free. It will charge, however, for Client-to-Client messages involving traversal through the Safe Network

Clients are software programs that allow users to connect to the Safe Network. There will never be charge levied by the Network if messages are sent directly between two Clients. However, any indirect messages that are sent between Clients that involve travel across the Network will carry a cost.


Never use time as a network tool (although nodes may use local durations)

There is no concept of time in a decentralised network such as Safe unless it reaches out to centralised servers and services. Safe uses a completely event-driven paradigm to circumvent the need to try and synchronise and then use time periods as valid tools on the network. These periods require magic numbers which would need to be set by developers and this is something the Network avoids with rigour.


Only ever use encrypted services and encrypted traffic

Services or traffic must be encrypted if they are to be used by the Safe Network.


Allow real-time upgrades in a secure manner (i.e the Network will refuse upgrades that could break it)

The Network must be able to roll out improvements which are compatible with at least the previous version of the Network software, in order to ensure that the new iteration is an improvement in practice. As this will require significant effort, each node may run upgrades in parallel to existing working code before upgrading.

Safe Network Tokens


Safe Network Tokens are the unique incentivisation mechanism built into the Safe Network. All Safe Network Tokens are recycled when they are paid to the Network in exchange for resources. On launch, Safe Network Tokens will be distributed as follows: (1) Pay the creators of the Network (MaidSafe shareholders) 5% of the total Safe Network Tokens; (2) Pay the 2014 crowdsale investors of the Network 10% of the total Safe Network Tokens.


Safe Network Tokens will be distributed on an ongoing basis: (1) Pay Nodes for providing service (85% of rewards); (2) Pay developers who produce apps that people use (10% of rewards); (3) Pay the maintainers of the Network code (5% of rewards)


Whilst the above explanation is a handy approximation of the split, the rewards will in fact be dynamically adjusted according to the Farming Rate determined by the Network:

Farmers who run the Nodes are paid at 100% of the Farming Rate for all GETs on the Network. I.e. 86.95% (100/115) of all rewards.

Application Developers are paid at 10% of the Farming Rate for all GETs on the Network (that relate to their applications). I.e. 8.695% (10/115) of all rewards.

Maintainer Developers are paid at 5% of the Farming Rate for all GETs on the Network. I.e. 4.348% (5/115) of all rewards.