TimeKoin's challenges

Development & Technical discussion about Timekoin.
Forum rules
Bug Collecting Database is Click Here
GitHub Account is Click Here
Post Reply
User avatar
smooj
Posts: 38
Joined: Sun Dec 08, 2013 4:45 am

TimeKoin's challenges

Post by smooj »

In my opinion TimeKoin faces a couple major challenges:

1) It requires reasonable SysAdmin admin knowledge to setup the extremely stable server environment a generating TK node requires.

Non-commercial hosting environments will eventually fail, whether from internet dropouts, power blackouts or a dozen other day to day risks. Anyone who’s been with this project for a while has felt this pain. Coming home and finding that your server that was generating 6 TK per cycle has just been dropped from the generating peers is a real kick in the guts.

I hate to think how many people have given up on the project due to this.

2) The lack of a presence on Mobile. I’d be overjoyed to be proven wrong but from my research running a TK server on vanilla (i.e., not rooted) IOS / Android device is practically impossible. I can’t see the project becoming mainstream without a strong presence on mobile.

A potential solution to these issues would be to split the server components out from the administration interface.

The administration interface would be moved to a free IOS / Android App available officially in the App Store and Google Play.

The TK server core software would become a simple collection of services that communicate with other nodes and the server administrator App via web services or an API.

The internet server environments would be administered by the Mobile App securely calling the virtual machine Hosting Provider’s APIs.

Potential workflow for setting up a new TK node:

1) Install IOS / Android TK app from app store
2) App takes user through the process of setting up a new VM (e.g., DigitalOcean) account
3) App requests API key for the new VM account
4) App uses hosting provider’s API to stand up new VM
5) App uses hosting provider’s API to run a bunch of scripts to configure TimeKoin server, e.g.:
* Update distro
* Install SQL server
* Lock down distro
* Firewall
* Key based SSL for SSH
* The other usual stuff
* Setup TK
* Start TK
6) New TK node can be then administrated entirely via the App
7) Any number of nodes could be stood up limited only by $ budget and what the VM providers are willing to offer
8) App provides monitoring of Nodes (notifications when generation fails, server is unreachable, errors encountered etc.)
9) App and App config is automatically backed to cloud so owned nodes can be recovered if access to mobile device is lost, generating servers would continue to run in the background
10) If a server node was to go bad it would be a simple case of pushing a button that shoots it then automatically builds it again from scratch using the same keys
11) Enforce automatic server updates to keep all nodes in sync
12) App would also be the wallet

Obviously some significant investment would be required to get this polished to the point any old Joe could setup their own generating TK node in a few minutes.

This first step would be to run a proof of concept on automating the setup of nodes via an App.

I’m certain there’s enough raw knowledge here in the forums to achieve this.

If this POC was successful we (being you Knight!) could then consider what is involved in separating the administration interface from the core internet services.

I must admit that I’m an amateur when it comes to SSL and Apps, and I’m sure there’s plenty of holes in what I’ve described above. For example, we’d need to be able to cryptographically prove that the scripts being run on the Hosting Providers API were not tampered with.

But I’d love to know what other issues there are and how they could be resolved.

I would also be open to putting real buckazoids towards getting a polished app developed if TK went down this road.
User avatar
funnow
Posts: 157
Joined: Mon Jun 25, 2012 1:39 pm

Re: TimeKoin's challenges

Post by funnow »

Great Idea. We could do a crowdfunding project for this. And if any has any or better solution, just come out with this.
User avatar
PoisonWolf
Posts: 186
Joined: Fri Apr 12, 2013 10:39 am

Re: TimeKoin's challenges

Post by PoisonWolf »

Some of the points raised here are good ones. I can definitely see how an app interface that could do this would indeed be grand in terms of setting up a TK node completely without even directly setting up a TK node. However, I see several fundamental problems with some of the points raised.

First, I'm not sure if the idea is to have the server nodes be running on anyone and everyone's computer. In theory, the more people that use it, the better. However, if we look at bitcoin (I hate to use bitcoin, but it is the largest cryptocurrency network), the average person does not simply set up a node. The average person only interfaces with buying and selling the currency. People that "mine" bitcoin and act as a node are not done by the average person; in fact, it is no longer possible to be done by the average person. Even when bitcoin started initially, my understanding of was that not even the average person could run it due to how much learning it required to set up the software, etc. Even currently, despite how far bitcoin has come, you'd imagine that more people are running their own nodes, given that we expect that the GUI and ease-of-setup have progressed over the years, but this is not the case. The majority of people still struggle to setup the simple task of port-forwarding or even know how to access their router.

One potential concern of mine with the suggestion you're making is that you likely are sacrificing so much security by automating the setup process, and that you're doing so by dispensing the trust to a third party. I too have wondered if it would be possible to enforce automatic server updates, but this feature is also suggesting that we give root read/write access to a remote VM and that this process happens automatically. In my mind, this opens up another potential vector of weakness from a sysadmin point of view. In an ideal world, it would be nice to have auto-updates like an OS, but I personally do not think it is worth what you need to give up to be able to achieve this.

I agree that one app that could, and should, be made is a mobile wallet app.

Regarding the frustration of losing your generation status....yeah it's tough. I've been there. I was dropped from a 8 or 9 at one point. You can imagine my rage when I found out. Lol. But then you need to look at it from the perspective that this is simply the nature of the currency. What is nice, however, is that you can get back on the wagon of being able to generate currency again, simply pending getting elected.

But overall, I do think you're right in raising the point that setting up TK as it stands right now is likely extremely cumbersome for the average person who might be interested in running a node.

My suggestion, however, would be to bundle the server software into an all-in-one package that no longer relies on any other external software, be it Mysql or PHP. It would only require an internet connection and a know-how to port-forward for home users. The entire DB is stored within the application itself. I know this is extremely intensive in terms of manpower as we need to make sure that the apps does not have any memory leaks, exploits, etc, but if we want to make TK more user accessible, this would be my suggestion at least.
User avatar
funnow
Posts: 157
Joined: Mon Jun 25, 2012 1:39 pm

Re: TimeKoin's challenges

Post by funnow »

Poison also your idea is great. This could help us using only a Thin Client.
User avatar
KnightMB
Site Admin
Posts: 1019
Joined: Thu Feb 23, 2012 5:03 pm

Re: TimeKoin's challenges

Post by KnightMB »

smooj wrote:In my opinion TimeKoin faces a couple major challenges:

1) It requires reasonable SysAdmin admin knowledge to setup the extremely stable server environment a generating TK node requires.

Non-commercial hosting environments will eventually fail, whether from internet dropouts, power blackouts or a dozen other day to day risks. Anyone who’s been with this project for a while has felt this pain. Coming home and finding that your server that was generating 6 TK per cycle has just been dropped from the generating peers is a real kick in the guts.

I hate to think how many people have given up on the project due to this.
From the beginning, I knew that being an admin was always going to be mainly technical people that set it up. There is really no way to get around it because even with the windows server version, it still requires a bit of keeping an eye on the running program from time to time. Having events beyond your control mess up your server at home (power outage, Internet outage, etc.) and getting penalized for the time offline wasn't really the target of the 2 hour window. It was to create a line where the time between a server being offline and the rest of the network moving forward had to be set to help avoid possible abuse or issues. The 2 hour window creates concern for someone running a single server at home, but can really create concern for someone running a large server farm. If someone was going to bring in a 100 CPU server farm, then having that large of a presence in the network meant that the 2 hour window would keep the attention of the person/company/etc. running such a large cluster of servers. If you have a Raspberry Pi running at home and it loses generation status, it will eventually get it back. Your personal investment for the electricity, your time to maintain it would be smaller compared to someone running a large, expensive server farm and hundreds of servers all lose generation status. The 2 hour window is basically a way to level the financial difference between the lone person at home and some other person/company/etc. with large amounts of resources to maintain large amounts of servers. You put more pressure on the larger entity to maintain everything (because of the larger investment for the servers, resources,etc. to keep them going). So it can be seen as being unfair to large entities or being unfair to those trying to help with whatever they have at home.

The 2 hour window was also chosen to prevent large entities from being able to "hit and run" the network with large clusters. So imagine that the gen window was 24 hours long instead of 2. You could setup a large cluster of clone-able VPS (ala Amazon spot instance style) and only start up hundreds or thousands of them to get elected, then to save money, shut down all of them, then pick a "cheap" time of the day to fire them all up again just to create some currency in mass, then shutdown again to save money. You could say part of the decision to use 2 hour windows was due in part to how Amazon and other VPS handle those types of mass cluster prices. Those mass clusters prices are actually useful for websites (fire up a cluster to handle a huge web load and then shutdown when the demand dies down) but we also saw some potential for abuse if used against TK for example.
2) The lack of a presence on Mobile. I’d be overjoyed to be proven wrong but from my research running a TK server on vanilla (i.e., not rooted) IOS / Android device is practically impossible. I can’t see the project becoming mainstream without a strong presence on mobile.
I agree 100% it really needs a better mobile presence. There is no reason that people want to use TK need to know how the server admins are keeping the network going, same as was mentioned with bitcoin. Not a lot of people really understand how bitcoin works on the technical side, but they can understand sending from one person to another instead of using cash/paypal/credit/etc.

Since 2014 I've been looking at what it would take to make a mobile app. The issue always seems to be the entry. If you put an app into Android or iOS, there is so much red tape it is crazy. That is why mobile apps for bitcoin and other like are being striped out of those places all the time, some even make the news rounds about it being unfair. So, 2016 now, I think that mobile apps are starting to give way to mobile web. My opinion is that instead of a mobile app, we should create a mobile web that basically does everything we want it to and does not rely on complicated app structure. With HTML5 becoming better supported, a mobile web site for TK could function on any mobile device without having to maintain code trees for all the different types of hardware, phones, tablets, etc. Then to create a nice "app" for mobile would only be as complicated as creating the container for the app that is really just mobile web in disguise. So for example, you go to the Android store, you download for free whatever app Timekoin is using. You get an app that creates a nice shortcut on your phone desktop and when you load up the app, it is just a web window into the site. It can still have notifications and passwords and everything else that people like about apps, but without all the added complexity to just send TK from you to another person.
A potential solution to these issues would be to split the server components out from the administration interface.

The administration interface would be moved to a free IOS / Android App available officially in the App Store and Google Play.

The TK server core software would become a simple collection of services that communicate with other nodes and the server administrator App via web services or an API.

The internet server environments would be administered by the Mobile App securely calling the virtual machine Hosting Provider’s APIs.

Potential workflow for setting up a new TK node:

1) Install IOS / Android TK app from app store
2) App takes user through the process of setting up a new VM (e.g., DigitalOcean) account
3) App requests API key for the new VM account
4) App uses hosting provider’s API to stand up new VM
5) App uses hosting provider’s API to run a bunch of scripts to configure TimeKoin server, e.g.:
* Update distro
* Install SQL server
* Lock down distro
* Firewall
* Key based SSL for SSH
* The other usual stuff
* Setup TK
* Start TK
6) New TK node can be then administrated entirely via the App
7) Any number of nodes could be stood up limited only by $ budget and what the VM providers are willing to offer
8) App provides monitoring of Nodes (notifications when generation fails, server is unreachable, errors encountered etc.)
9) App and App config is automatically backed to cloud so owned nodes can be recovered if access to mobile device is lost, generating servers would continue to run in the background
10) If a server node was to go bad it would be a simple case of pushing a button that shoots it then automatically builds it again from scratch using the same keys
11) Enforce automatic server updates to keep all nodes in sync
12) App would also be the wallet

Obviously some significant investment would be required to get this polished to the point any old Joe could setup their own generating TK node in a few minutes.

This first step would be to run a proof of concept on automating the setup of nodes via an App.

I’m certain there’s enough raw knowledge here in the forums to achieve this.

If this POC was successful we (being you Knight!) could then consider what is involved in separating the administration interface from the core internet services.

I must admit that I’m an amateur when it comes to SSL and Apps, and I’m sure there’s plenty of holes in what I’ve described above. For example, we’d need to be able to cryptographically prove that the scripts being run on the Hosting Providers API were not tampered with.

But I’d love to know what other issues there are and how they could be resolved.

I would also be open to putting real buckazoids towards getting a polished app developed if TK went down this road.
That's a lot to do for the server admins. It would take a bit more discussion to work out the fine details because it looks like a really big project to take on. It also might seem like a conflict of interest if it looks like myself is trying to sell VPS systems on Digital Ocean. Kind of like if bitcoin had an official app to setup mining at a specific site, ignoring the others out there. I like the idea, but implementing it would certainly be a challenge.
User avatar
natugle
Posts: 22
Joined: Wed Jan 13, 2016 3:06 pm
Location: Denmark

Re: TimeKoin's challenges

Post by natugle »

For Android phones I think access to mobile web sites is better than apps.

Actually, I also think that access to web sites is better than the client for many PC users who can't or don't know how to run a http server.
Post Reply