Applications over Freenet: a Decentralized, Anonymous Gaming API?

Freenet isn't just a file-sharing network designed to resist censorship of all kinds. For the slightly crazed among us, it's actually a platform for writing decentralized, anonymous, secure applications. For those that think of Freenet as another Napster, this seems more than a little insane. But for those that think of Freenet as another WWW, this seems insane but neat. Some of the individuals in
The Formidable Signed Subspace Key

Freenet has a type of key that allows for self-verifying signed content. You make a public/private keypair, much as with PGP. You can then insert special keys that include your public key. Unless the accompanying data is properly signed with your private key, it can't be requested. This is useful when you want to ensure that a group of documents are all published by the same author, exactly the case with the gaming API.

So you first need to generate a keypair. You can do this through the Util API (available in Java or via XML-RPC). Invoking

new LocalUtil(http://localhost:6690).makeKeypair()

returns a string containing your public and private keys (respectively), separated by a comma.

Now, you need to insert your next move using an SSK. The key to insert is SSK@<<I>pubkey>,<<I>privkey>/<<I>name>, where name is the key previously used to record moves. Since the move is stored under an SSK, no one can insert this key unless they have your private key. Therefore, your opponent can't spoof your moves.

Unfortunately, your opponents can no longer find out what your moves are because they don't know what keys they're under. Quite a pickle indeed! The format for an SSK that you want to request is SSK@<<I>pubkey>/<<I>name>. You only need the private key for insertion. It is, after all, supposed to be a secret. Your opponent can generate the name portion of the key, as we were doing in the previous section on inserting moves. So all you need to communicate is your public key.

Remember how I said we were going to replace the insecure naming system? Well now is the time. Instead of putting your nickname in the request and response files, use your public key. Now your opponent knows who you are in an unspoofable way. Sure, someone else can put your public key in a request, but they can't insert moves using that public key (unless they also have your private key), so they can't actually play as you. That means identities in the gaming system are unspoofable. Every time you play with someone with the same public key, you know they are the same person as before. Unfortunately, referring to your chess partner as "my good buddy p0EFqjmDioSqKmYYORPrClUepi4QAgE" is somehow unsatisfying. A good gaming client should therefore let you attach more meaningful names to your opponents.

Some Notes on Rankings, Ratings, Cheating and Poor Sportsmanship

Even though you can no longer falsify moves, you can still make illegal moves. If your gaming engine won't let you do that, you can modify it. If my gaming engine won't let you, then so what? You've still made the move. How do we resolve the game? Playing a game is a voluntary activity, so the proper response to invalid moves is to stop playing with that person. This doesn't work out so well when rankings are involved. If I begin every game by declaring I win, as long as there are gullible new players I can be number one. There are other nasty tricks, such as simply refusing to finish a game when you know you're going to lose. All of this should be taken into account if an engine is created to score players. Such a device would look through all of the requests and responses to determine what games were played on a particular day. It would then look through all of the moves for a particular game, check for validity of moves and determine who won, recording invalid moves and unfinished games as black marks on a player. Luckily, once files are put into Freenet, they can't be modified or deleted, even by the person that published them, so after-the-fact modifications of games are not possible (at least they are very hard to do). The scoring engine would then use the gathered data to score, rate, rank and admonish players. It could store its output somewhere in Freenet for players to view. Of course, scoring engines can be biased if their authors are also players. For this reason, choosing which scoring engine to believe is a matter of trust.

Conclusion

If you happen to like using a system that is not real time and does not guarantee the accessibility or permanence of its data to write distributed, anonymous, secure applications, then you'll probably like Freenet. It has built-in features for unspoofable communication. You can write applications for it in 21 different languages. You can play games totally anonymously, without a central server, and it's faster than play-by-mail games.

If, on the other hand, you think that we're a bunch of crazy people with too much time on our hands, then you should wait until IRC over Freenet comes out.

You probably think I'm joking.

Brandon Wiley cofounded the Freenet Project three years ago. Recently, he cofounded the Everything Over Freenet (EOF) project to implement interesting internet protocols over Freenet. He is currently writing plays and developing distributed application infrastructures in Austin, Texas.

______________________

Webinar
One Click, Universal Protection: Implementing Centralized Security Policies on Linux Systems

As Linux continues to play an ever increasing role in corporate data centers and institutions, ensuring the integrity and protection of these systems must be a priority. With 60% of the world's websites and an increasing share of organization's mission-critical workloads running on Linux, failing to stop malware and other advanced threats on Linux can increasingly impact an organization's reputation and bottom line.

Learn More

Sponsored by Bit9

Webinar
Linux Backup and Recovery Webinar

Most companies incorporate backup procedures for critical data, which can be restored quickly if a loss occurs. However, fewer companies are prepared for catastrophic system failures, in which they lose all data, the entire operating system, applications, settings, patches and more, reducing their system(s) to “bare metal.” After all, before data can be restored to a system, there must be a system to restore it to.

In this one hour webinar, learn how to enhance your existing backup strategies for better disaster recovery preparedness using Storix System Backup Administrator (SBAdmin), a highly flexible bare-metal recovery solution for UNIX and Linux systems.

Learn More

Sponsored by Storix