This is really a very deep examination about the nature of trust, online identity and its precepts cleverly disguised as a proof-of-concept. Or maybe it's just a way to get servers and pay with bitcoin. Either way, it's a potent precursor to a distributed compute exchange.
Happy to answer any questions about the project in here. It's all Open Source and parked on Github: https://github.com/stackmonkey. Thanks for taking a look!
The pre-pay model works well for reservations of a VM, but what are your thoughts about consumables that vary, eg Bandwidth? Would you imagine service providers just say, hey X VM includes Y gig of transfer per hour?
Thanks! Providers could create payment endpoints to increase or decrease transfers, storage or compute resources. If you need more of X, you simply squirt BTC at the address.
The appliance currently allows you to set an ask price for the instance size, but later versions could easily let you configure how much you charge for what resource, even doing so based on current demand on your systems.
The bounties for the ISPs should come by way of revenue share on StackMonkey. Anyone can be a provider with the appliance, and groups of companies can band together to form appliance groups to share excess compute. I love the idea of bounties for software development as well - especially given OpenStack development can be somewhat opinionated at times.
I work for Rackspace, we have a cloud. Sometimes people do illegitimate things with it -- but attackers using resources fall generally into two groups:
you don't eliminate #1, it just has less consequences for the hosting provider.
Bitcoins can still be stolen (albeit perhaps not as easily as credit cards). But since there's no chargeback system, the victims don't have much recourse.
The expectations that we'll eliminate 100% of fraud are fundamentally flawed. Fraud will always exist. The Bitcoin blockchain provides a good amount of fraud resistant technologies that can be used by external systems to help lower the incidences of fraud in their own systems. Unfortunately, some systems that have connected to the blockchain have been vulnerable to being broken into, which is where the coins usually get stolen. It's companies like Coinbase and Blockchain that carry that responsibility for the rest of us, and for that, I'm grateful.
I would hazard the amount of fraud will go down considerably (compared to credit card fraud) once we've sorted around the best practices for securing your coin.
Isn't the problem of someone breaking in and stealing coins avoidable in the 'selling sth. for coins' scenario by just looking for incoming payments to a particular address, but without ever keeping any secret keys on a live system?
Nearly 10% of current public cloud transactions are fraudulent and utilized by bad actors.
To address that, I've added a feature that allows private appliance groups to be formed between trusted entities. The Twitter bot thing doesn't use that feature - it's just a way to show off the other stuff I've built to try to get beta testers helping out. You can see the private appliance group feature if you grab an account on StackMonkey. Keep in mind the pool isn't ready for primetime yet...
I fully expect people to abuse and break this stuff. That's what innovation is about, after all.
It's a MVP of the larger concept of a highly distributed cloud. This feature runs in a much larger project. It took me a few days to write it, and got your attention! :)
The cryptocurrency enthusiasts call this a Distributed Autonomous Corporation and they envision a future where they're capable of being entirely self-sustaining by using APIs to a) create value for customers (human or, more interestingly, not), b) transact with customers, and c) purchase the resources they need to continue living.
(A rather smart gentleman who may not appreciate me attributing the conversation explained his theory that Bitcoin is, itself, one of these. He and I agree more on that than we disagree, though he meant it as a compliment and I'd phrase it as a "self-organizing Internet boiler room with very impressively engineered viral spread among people susceptible to certain flavors of memes.")
I was never totally clear on the difference, but as people often refer to Bitcoin itself as a DAC, I feel the term is too vague to be useful.
The next step to make these REALLY useful for agents is to set up Intel TXT on them. This would likely involve some voodoo as TXT is appallingly badly documented. But, if you make sure the hardware is compatible and that hardware virtualisation integrates properly using tboot it should be possible.
This step is a game changer because then an agent can get a hardware-rooted proof that the remote system is secure including against Kordless or whoever else owns the hardware. The agent then knows it's safe to install a copy of itself on the new machine, have the copy create a wallet, and send money to the new box such that the operator can't steal the money but the new agent can still pay for its own hosting costs.
Once done the agent would effectively be autonomous if it had a way to earn income e.g. reselling disk space. Scary stuff!
I didn't see anything in the TXT whitepaper about securing programs run by a hypervisor against attacks by the hypervisor. Seems more focused on making sure that managed VMs can't compromise their neighbors or do side-channely things.
If I provide your VM with a simulated "TPM" that actually emails me the private keys, how is that supposed to be secure?
The TPM is un-simulatable, that's the purpose of it.
The hypervisor is included in the remote attestation. The theory is, if you trust the signing keys used in the TPM (i.e. Intel/the hardware), then you can get a message from the remote computer that attests what code is running including the hypervisor. Thus you can conclude that the remote environment is safe against all but quite sophisticated hardware attackers (assuming a modern setup where you can lock cache lines and the TPM is integrated with the northbridge).
I had a rather engrossing conversation about a runaway version of one of these eating all our compute. One of the individuals in the conversation came up with a way to incentivize efficiency in the network, so we all calmed down a bit afterwards. I still wonder about it though.
Good news: Bitcoin can't go Clippy because you can't get > X compute for X compute's cost in BTC, at virtually any margin, to say nothing of the scales required to e.g. meaningfully impact availability at any major cloud provider. Ask if you care about the economic or engineering details, but typically, people running Bitcoin mining on public clouds are doing so to exfiltrate value from accounts or payment methods which they have stolen, in a way which is fairly difficult for law enforcement to combat. (That or they're enthusiasts who either don't particularly care about monetary incentives or should have spent a wee bit more time reading about currently successful mining strategies.)
If the "DAC"'s wallet ever got stolen a DOS of epic proportions could take place! You could literally bankrupt the company by buying up their services with their own money.
Using a file hosting DAC as an example - if you kept uploading junk data the DAC would continue to procure server space using the stolen money from its own account. Seems an ideal way to rid yourself of competitors.
I have trouble comprehending the ideas behind DACs and find myself perplexed whenever I read about them. How exactly are they different than a regular corporation (except the whole it's completely automated thing)? I don't know why, but for some reason, DACs make me of 19th century banks issuing their own own notes.
More than being automated, DACs operate autonomously across an infrastructure built to run them for a fee they pay to be run.
Example: A Bitcoin address is created with a simple script [1] in it that causes it to pay for it's 'existence' by periodically sending BTC to a local printer it has entered into an arrangement to print flyers with it's own Bitcoin address on it. It also pays a Task Rabbit employee periodically to go to the printer and take the flyers and put them in people's mailboxes. The flyer then 'sells' itself by asking people to donate a small amount of money to a cause that was found to be somewhat important to the people who live in the area that was canvassed. It then gives X% to the cause, and pockets the rest so it can pay for more flyers to be printed and more Task Rabbiters to deliver.
Once more feature rich blockchains like Ethereum come online, you'll be able to code up a bot that is able to do all this by itself without human intervention. It'll know where the API to the printer is, will know how to pay for research APIs for BTC and find the best couriers to deliver. It'll also provide bounties for humans to improve its software so it can make more money.
I'm thinking this is maybe 10-15 years out, with hints of it happening in the next 2-3. Going to be interesting, that's for certain.
OpenStack is a set of software components that run on one or more Linux boxes. Together, they form a cloud thing that looks very similar to DO, but runs in your own datacenter (or in my case under the house).
