IPFS Backed by Decentralized Storage
filebase.comFILEBASE seems to have been working on uniting (or switching?) filestorage in (or between) several other solutions:
* Skynet: https://filebase.com/blog/drag-and-drop-files-onto-the-decen...
* S3 compatibility: https://filebase.com/
More mass adoption, and browser extensions to support IPFS, and to resolve ENS names, and we're completely in the "web3" world.
We just need a standardized way of mapping ENS names to IPFS CIDs to serve entry point for dApps that are running completely decentrelized.
This is the unresolved myth I keep seeing in web3:
> "dApps that are running completely decentrelized"
ENS is basically a GoDaddy-like registrar but with blockchain and with all the .eth names still controlled by 7 keyholders in a 'DAO' with four of them only needed to override control (but not totally remove) the .eth TLD. Putting in 'trust' defeats the whole purpose of 'complete decentralization'.
At least with Handshake [0], one totally removes 'trust' from the equation which I can already see ENS anchoring (or already has anchored) their TLD on Handshake.
I’m not a fan of Handshake. The auction system is pretty much the worst system you could build for normal (ie: not rich) businesses that want to register their own names. Seriously, who wants to compete against people who have a gazillion HNS that they got for free?
Then add in the fact that it’s a judgement proof blockchain and you’ve got a system that’s awesome for squatters, flippers, and rent seekers while being terrible for real businesses that want to build real value. How do I stop someone from typo squatting or violating my trademarks?
I’m always surprised by the number of people that want lawlessness.
Zooko's triangle implies that human-meaningful names will always be contended (to a varying extent) in a decentralized system. But you don't need human-meaningful names to host your services under, only to optionally direct users to them. So an auction system seems like it should be the most appropriate for such user-facing links. Individual users can always opt for some alternative means of indexing, e.g. "petnames" chosen locally or provided by some source that they trust.
> Zooko’s Triangle
I’ve lost auctions I’ve started by forgetting about it. I usually just hop on name base and send them an offer for the amount they bought it for. Usually they will sell it or be a dick and counter-offer a ridiculous sum.
I haven’t had any issue with it.
Yes.
Saw that on Solana and it sucks hard.
I know a bunch of people who lost their auctions to some grifters.
Interesting. However:
> Seriously, who wants to compete against people who have a gazillion HNS that they got for free?
Or you can buy it off of them, just like you do anywhere else if you were too late to buy say, pets.com, nba.eth or .ftx/ which were all 'squatted and flipped' today. No different here and neither system aimed to totally prevent squatters, flippers and rent seekers. Because you cannot and you know that.
> Then add in the fact that it’s a judgement proof blockchain and you’ve got a system that’s awesome for squatters, flippers, and rent seekers while being terrible for real businesses that want to build real value.
Are you going to say all of that to the Russian users on Namecheap who are getting their domains de-platformed? [0] Perhaps we loved .org getting into the hands of a private-equity firm didn't we? [1] or even the .io [2] and other TLDs price increases. [3]. All thanks to ICANN, right?
At least to some extent with either ENS or Handshake a registrar can't 'de-platform' the whole TLD nor can it be seized by anyone; nor can a government request to de-root an entire TLD. [4]
> How do I stop someone from typo squatting or violating my trademarks?
As I said before, nobody can stop that and anyone who has a popular online business knows that.
Even when you take them down, more typo squatters take its place. It happens everywhere. There will always be typo squatters even after trademark violations, unless you buy the domains off of them.
> I’m always surprised by the number of people that want lawlessness.
Lawlessness? I wonder how those 'criminals' can really cover their tracks by owning several domains on a public blockchain. /s
If you want true lawlessness, use Tor and scrambled .onion links followed by messaging apps like Signal with E2EE and sending private untraceable cryptocurrencies on encrypted blockchains like MobileCoin. It's what all the extremists and criminals use to fund their activities and lawlessness without a trace and no transparency.
[0] https://news.ycombinator.com/item?id=30504812
[1] https://news.ycombinator.com/item?id=21611677
[2] https://news.ycombinator.com/item?id=29403773
[3] https://www.eff.org/deeplinks/2021/04/ethos-capital-grabbing...
> As I said before, nobody can stop that and anyone who has a popular online business knows that.
> Even when you take them down, more typo squatters take its place. It happens everywhere. There will always be typo squatters even after trademark violations, unless you buy the domains off of them.
I disagree with almost everything you wrote, but especially this part. There's absolutely recourse in the current system. It roughly goes webhost > registrar > registry > ICANN. If someone is violating your trademark you can use ICANN's UDRP to file a complaint and ICANN has a process for resolving the dispute.
You can even see the market impact of the UDRP if you pay attention. $5k is often quoted as the rough cost to expect when making a UDRP complaint, so it's not a coincidence that most domainers (aka squatters) sell non-premium domains for $2k-4k.
At the very least the bad actor is going to have to reveal their identity to accept your money or to participate in the UDRP. That alone is enough to deter some of the most egregious behavior.
> Or you can buy it off of them, just like you do anywhere else
Domain squatting is a thing, is a problem, and it surprises me not at all that web3/crypto shills pretend it isn't.
There's a difference between pretending it doesn't exist, and acknowledging that it's inevitable (especially in a system where there's nobody who can unilaterally reassign other parties' domain names). What would your solution here be?
> There's a difference between pretending it doesn't exist
No one is pretending it doesn't exist
> and acknowledging that it's inevitable
What you and the sibling comment are proposing is bot acknowledging it, but making it the normal, and possibly only way to do it, and to incentivize people to do it.
It is already the norm with the current domain registration system, so I'm not sure what your point is. I recently tried to purchase a domain with some version of my name. There is nothing hosted there (domain name lookup fails). I offered them a few grand for it which I thought was reasonable, no response.
Would be interested in your solution to this problem if you have one (seriously, I don't know how to solve it).
I don't know what the solution is. But a "pay-to-win" scheme on an irreversible ledger isn't it.
Both current and blockchain solutions are pay to win in the exact same ways. The blockchain solution solves other problems.
If we agree that there's no known solution for the "pay to win" part, I'm not sure what your criticism of this even is?
> Both current and blockchain solutions are pay to win in the exact same ways
They don't.
> The blockchain solution solves other problems.
It doesn't. As in there are no problems blockchain solves, period, and it makes most existing problems worse.
> I'm not sure what your criticism of this even is
You want to normalise and incentivise the behaviour. And pretending that by simply appending "blockchain" to it it is okay.
Yup trustless naming would be even better, gave the example of ENS because it's popular.
My point is that we need adoption for decentralized naming, routing/locating, hosting/"pinning". Be it a combination of ENS/Handshake/IPFS/Sia/Filecoin/BitTorrent/Ethereum or any combination of stacks.
There’s already a standard ENS field for mapping to IPFS CIDs! Look at the “Content” field on ENS records.
It is coming bro, buckle up!!
OK I'm web3 now
This was said in earnest. This blog post is the first thing that made me excited about this stuff. shrug.
Sounds interesting.
I like the notion of having an IPFS capable store with support for pinning at a reasonable price. When I looked into this a few years ago, this was a bit of a mess. There was a half-assed s3 plugin with some severe limitations that was a bit sketchy to setup and not a whole lot else in terms of what to do, best practices, or anyone offering commercial support for this. I liked the idea but our conclusion at the time was that we'd have to build out our own storage solution to be able to use this. I walked away from this company ultimately and haven't really looked at the whole space again since. Filecoin, which people were pitching at the time seems to have largely gone silent. Is that still a thing?
So, if this is legit, I could be a potential customer for this. One of the issues I have with using s3 for personal storage is just that it is so expensive to use at scale. Basically the cost of storing what I want backed up would be the equivalent of buying a new hard disk every few months. Plus I need to baby sit and micro manage the whole setup. Both are bad things. I need something turnkey that "just works" that has a reasonable cost.
So, liking the idea.
But I have some concerns:
- I never heard of Filebase before. How long have they been around and what is their track record? Maybe a blunt question but I'd need to know before trusting something like this with my backups.
- Not to excited about the NFT and web3 stuff they seem to be pitching. Is that needed? Is this some kind of blockchain thingy or is there a serious business that works with normal money and invoices. In that case, maybe start acting more like a trust worthy SAAS company. Seriously, this stuff scares away corporate customers like nothing else.
- They mention they use the Sia storage network. It lists a price even lower than the Filebase price of 2$/TB/month but it looks like it doesn't have any commercial operations around it. What's the relationship with Filebase.
- How many people actually use this and how robust is this sia network?
- I looked at the sia github and that doesn't instill a lot of confidence. I maintain several tiny projects that managed to get more stars than siad or sia-core.
So, a few red flags here. I don't mind being an early adopter of stuff but I'd like to know what I'm getting into at least. This all looks a bit sketchy and too good to be true.
I'd recommend the founders to
- park the web3/nft stuff; this will re-assure corporate customers and be good for business.
- add a page to the website detailing a bit what this company is, where it comes from, and who is behind it. I was able to figure out from the terms of use that the company address is in Boston at least.
- if you have notable customers, maybe add some kind of logo wall. I actually suspect the answer might be no at this point.
- publish some details on the size of your network. Numbers of TB stored, usage statistics, etc.
Hi there, Filebase CEO here - thank you for the questions and very valuable feedback!
1. We've been building Filebase since 2018 and have been live in production since 2019. We are relatively well known in the Sia and decentralized storage ecosystem. IDC, 451, and GigaOm have all done reports on us.
2. We are targeting web2 and web3 developers. You can safely ignore all of the NFT and Web3 mentions. Most customers today use us as a S3 compatible storage service.
3. Storing data directly on Sia absolutely costs more than $2 per TB. Their website is unfortunately outdated and that same number has been listed for years. Sia is a decentralized storage marketplace - hosts set their own pricing and compete against each other. Filebase goes to this marketplace and acquires storage capacity.
4. The Sia network is one of the leading decentralized storage networks today and has been live since 2015. I can't speak for the entire network since it's decentralized, but for Filebase specifically, we have over 10,000 users and are about to approach 1 billion files processed.
5. A Filebase website re-design is coming soon and will include your suggested ideas of metrics and logos.
Sia Network Stats: https://siastats.info
Sia/Skynet Discord: https://discord.gg/sFCT3Ar
Sia/Skynet Blog: https://blog.sia.tech
Their Discord is very active.
Error 1005 Ray ID: 6e577ed77a5902bc • 2022-03-02 04:47:38 UTC
Access denied
Our sincere apologies. I admit, our Cloudflare firewall rules have been tuned very aggressively in an effort to prevent spam accounts. I've made some significant changes to the rules and it should now work for you.
> However, if AWS S3 goes down, your IPFS server goes down too. Unless the data has been cached somewhere, your IPFS CID links are no longer accessible. This can result in an NFT "rug pull".
Can't you just re-pin whatever files that were lost? Surely you'd keep a copy of anything that was actually important, even if just offline on a hard drive.
Sure - but you (or a pinning provider) need the actual file first before you can re-pin it. The data has to live somewhere.
I just find it strange that someone might decide to buy an NFT and then not keep an offline copy of the file themselves, and that people do this often enough that it's a selling point. It's not like the files are large. If the Sia network breaks down, you'd want to have done that, same as if S3 somehow exploded.
What's even strange is the NFTs don't keep a checksum in the blockchain, so anyone hosting the content could change it whenever they want and the NFT is none the wiser. Moxie even wrote an example that would show different images depending who asked. See https://moxie.org/2022/01/07/web3-first-impressions.html
If the NFT does actually reference an IPFS CID, that amounts to a hash of the image, so that particular issue isn't there.
It's just kind of nuts to talk about "everyone stopped pinning my NFT" as being a "rugpull"- anyone can pin a piece of content in IPFS, including anyone with an interest in the NFT existing, such as the owner. So the only thing you have to do if an NFT falls off the IPFS network is just to take your copy and pay someone else to pin it. It's only a "rugpull" if you, you know, forgot to keep a copy of it anywhere.
Right, but is it true that most NFTs just post the URL and not a IPFS CID (or any other form of checksum)?
IPFS is decentralized storage. I really don't get this concept of paying someone to "decentralize" your storage when if you just want someone to pin it then there are plenty of VPS providers that provide significantly more bandwidth for less. Just setup rclone and mount a cloud drive.
"Just setup rclone and mount a cloud drive."
This reads like the infamous Dropbox comment. :)
> Just setup rclone and mount a cloud drive.
Filebase isn't really for people that can - and want - to do that. Its for people with non-engineer management that want a dramatically cheaper S3.
If you want cheaper S3 then you go with a cheaper object storage provider, and there are plenty that are cheaper than this and will provide a much better experience and guarantee:
https://blog.cloudflare.com/introducing-r2-object-storage/
This is taking into consideration bandwidth, which Filebase does charge for.
> R2 will zero-rate infrequent storage operations under a threshold — currently planned to be in the single digit requests per second range. Above this range, R2 will charge significantly less per-operation than the major providers. Our object storage will be extremely inexpensive for infrequent access and yet capable of and cheaper than major incumbent providers at scale.
Sure, if you don't access those objects frequently.
I looked into Sia since it's something I'd love to see working and I'd heard of them before. Last time I'd found that the biggest tutorial about how to practically get started had a big red warning and a huge manifesto about how Sia and its collaborators are the worst and should be dropped [0].
So now I went around just looking for old links to files on the network, on places like Reddit and old guides, to check if they'd survived a couple years. Sadly all of them timed out, even the first link on the 'video' category on the Sky App Store. I looked up the error ('failed to create Skylink') and nothing of help turned up to even realize what the problem is.
Hopefully things work out in the long term but I haven't been convinced yet of Sia's usefulness in practice.
I'm always a bit sceptic of un-incentivized solutions.
Arweave seems to be a better long-term solution.
Agreed - there is no incentive layer present with vanilla IPFS. This is where Sia comes in. Hosts on the Sia network are paid using Siacoin to keep data readily available and online - they are incentivized. At Filebase, we have connected the two technologies to give us the best of both.
I am unable to reach the site.
Please try again. :)
This is the same price as Dropbox, roughly. $12/month for 2TB. I don't see the advantage.
Time is a flat circle: https://news.ycombinator.com/item?id=8863
The advantage is that the data would be stored redundantly with >>1 points of failure
Corrent me if I'm wrong, but aren't most cloud providers already providing redundancy in their EBS/equivalent setups? S3 had quite a lot of nines too
But arguably those have a single point of failure, the company owning the data. In theory Filebase is storing your data on a distributed system (that you can verify) that has no single point of failure. You can make this even more reliable by using two filebase-like providers to store the data. Thanks to IPFS you can access the data the same way and transparently use both providers so that if any single one is up you can access your data.
Of course it isn't perfect, if filebase goes bankrupt you need to scramble to get another set of pins for your data. But I think it does provide a much better system overall.
You can also imagine shifting the data around providers over time much like S3 storage tiers, maybe on provider provides cheaper storage but more expensive access, you can pin cold data there and remove it from your hot data provider. This would be completely transparent to any users.
It also provides interesting opportunities for bring-your-own storage. Users can just give my the CID and use it on my app/service. It will be around as long as they keep it alive. Or they can pay me and I can pin it for them.
> Thanks to IPFS you can access the data the same way
I think this is a big feature that I hadn't recognized until you phrased it this way. It allows a strategy of guaranteeing *at least 1* pin of your data if it's important, but from the application side, you can forget about the details of the data storage.
I doubt IPFS is fast enough to justify it over other strategies today, but it makes me think of a type of cache where if a CID can't be found, you might rehydrate some slow, cold-storage data and push it back out to the network.
> It allows a strategy of guaranteeing at least 1 pin of your data if it's important
Who decides your data is important?
What happens to the so-called guarantees when your data suddenly becomes unimportant?
You do, when you pin it to a service you're paying for. When/if it becomes unimportant, you unpin.
But what's cool, is even if it's unpinned, it may still be in the network so long as the data is getting active use. It opens up a whole field of seed and harvest style information flows.
> when you pin it to a service you're paying for.
So. A centralized service responsible for keeping your data. How is this different from literally anything else?
> it may still be in the network so long as the data is getting active use.
"Maybe" makes this essentially useless.
> It opens up a whole field of seed and harvest style information flows.
It really doesn't. It's literally the same problem that torrents have had for ages: anything "unpopular" doesn't exist for a very very very broad definition of unpopular.
> "Maybe" makes this essentially useless.
Ok, then don't use it!
This is unbelievably dismissive, and also one of the many reasons why IPFS (or any similar tech) will never take off.
>> when you pin it to a service you're paying for. >So. A centralized service responsible for keeping your data. How is this different from literally anything else?
Because in addition to being like anything else, your data has a lifecycle in the network. Even if you as an initial provider of data lose interest in it, the network can hold onto it for their own purposes. The question of what data is important becomes decentralized and democratized. So long as at least 1 person says something is important and is willing to pay the resources to pin it, the data exists and can be utilized by any consumers.
>> it may still be in the network so long as the data is getting active use. >"Maybe" makes this essentially useless.
No, it doesn't. Computer systems are built on a long stack of maybes.
> It really doesn't.
You can't imagine it; it must not exist.
Yes, many cloud providers do. However those redundant copies are typically located within the same datacenter.
Simple example: You have 1TB of data stored in a us-east-1 AWS S3 bucket. Virginia gets hit with a natural disaster, and all of us-east-1 goes offline. You no longer have access to your data. The only "easy button" way you could have prevented this scenario is if you had setup backup or bucket replication policies prior to the event. You decide to follow AWS docs. Disaster recovery 101 typically calls for 3 copies of your data at a minimum. You are now paying $70.66 for storage ($23.55 per TB x 3 regions) and $40.96 for inter-region bandwidth ($20.48 per TB x 2 replicated buckets) for a grand total of $111.62 just to store 1 TB of data. These costs don't even cover you or your customers downloading any of that data either.
At Filebase, we store your data on the Sia network. A 10 of 30 erasure coding profile is used, effectively creating a 3x redundancy overhead. Datacenters and clouds have been using EC for a while too. The critical difference here is that each shard is stored on a different server, spread geographically across the world. An entire portion of the internet can go down, and Filebase can simply fetch the shards it needs from other parts of the world. With a 10 of 30 profile, we only need 10 of those shards to fully reconstruct the file - we can suffer 20 servers or hosts going offline all at the same time.
If Filebase's infrastructure goes down, our health checks fail, and our DNS-level load balancer seamlessly redirects your HTTP requests to another Filebase edge location. And since all Filebase edge locations talk to the same decentralized Sia network, your data is magically available, and you may not even realize you were redirected. That same 1TB of data storage on Filebase will cost you $5.99, a ~95% cost savings.
I mean, that's what you should expect, right? That (Sia) market forces will push the price of storage towards equilibrium, which is the price other similar products are charging.
Depending on your ethics, you might prefer not to fund a company that hires a war criminal.
Neither https://dropbox.com/about nor https://www.wsj.com/market-data/quotes/DBX/company-people list her as being on the board anymore.
Edit: https://investors.dropbox.com/node/9146/html says she stepped down last year.
And how would one scrupulously confirm that supporting a blockchain project is not supporting war criminals?
> that hires a war criminal
I must have missed the trial, how many years did she get?
The US putting their own war criminals on trial, that's funny. They don't even put foreign war criminals - sorry, "unlawful combatants" - on trial most of the time.
Other countries don’t put their “war criminals” on trial either. I witnessed another country violate the Geneva Conventions. Politically it was pandemonium, when the city found out, there were riots. No one went to jail or put on trial. Statements were taken, the guy got off with a slap on the wrist by his own country and some cash moved between hands to smooth things out. My point is, the US isn’t something special here, they’re just more transparent about it and/or journalists get more clicks for talking about it.