Silk Road forums

Discussion => Silk Road discussion => Topic started by: stateless on November 15, 2012, 11:24 am

Title: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 11:24 am
This is my thoughts on it, if I were in DPR's shoes:

 I think maybe DPR needs to spend $100k and build himself a mountain-bunker datacenter....   :/    Personally that is nothing less than I would do if I had the means!   I would use prepaid smart phones and tether internet for the servers.  I would have a couple of shipping containers.  I would make it all temperature controlled and all the rest.  It would be well ventilated.  Then I would have an offsite and onsite encrypted backup.  And a DESTROY button on my cell phone so that I could either remotely destroy the remote backup, or the data in the datacenter.   It'll be all james bond. 
It'd have to be all offgrid and on some remote island.  Solar panels, wind turbines, battery bank, backup generator, etc..  Super redundant. 

I intend to start pitching in on this project, and I encourage any coders out there to do the same.  Its a GIT project, just started learning about it;
https://github.com/Bit-Wasp/BitWasp


Any thoughts on the config?  Hardware specs?  Load balancing system?  Firewall? 
Just for ideas.  Im sure most of us have thought how we would do this one hundred thousands times.
You know how many relays you would use and approximately which ones to get a tunnel going, how much hardware you would need, where on earth your datacenter would be that you wouldn't mind retiring for the rest of your life.  I know there are a bunch of you out there that dream about this shit.  In vague terms what is your proposal for DPR to correct this constant downtime?

Or if you were going to do this for your own e-blackmarket onion site, how would you build it proper?

Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 11:55 am
I know for a fact there are some very wealthy dope dealers out there that could offer a hefty bounty for someone fantastic fucking developer to complete that Bit-Wasp project in a post-Alpha state.  It need to get to Beta/RC3.   With two good developers that get paid 600 BTC each.   One person who is good with commerce systems, and another who is good with security.  Then the whole community would have access to setup amazing black market websites.   Or whatever kind.

I would personally toss in 50BTC total, so 25BTC for each developer involved to get this going.  Maybe we could start up a pledge drive or IOU post, or something of that sort, and whomever steps up to finish it (including and not limited to the original developer) can get donations sent their way during their progress as each new release comes up marking significant miles stones. 

We would have to sit down and draw up some blue prints and agree on a particular direction for the process so we could measure the milestones before we get started.
But I am as serious as a heart attack.  This market (whoever is running it).  Needs to survive.  I am in complete confidence that DPR will get SR back online, and that SR will continue to be top dawg in this market for years to come.  But this market is too important to let die.  I think some of these fat kats slanging on SR really ought to consider their future existence in this market, and will it carry on?    Do we need a community of people to help improve SR against potential attacks? 

If we had a WHOLE community pitching in on DPR's code, and noticing bugs and security leaks that maybe his team have overlooked.  Think of how much more secure our accounts would be.

We could offer DPR to be a part of it by contributing his knowledge, that way DPR and SR can continue to benefit from the work of other top dawk coders out there.

Im sure the Gubberment has a bunch of black ops hackers that are highly paid working around the clock to fuck with SR.  So we need our team to band together and fight off attackers and potential vulnerabilities.   

DPR does not need to share the SR code to pitch in on Bit-Wasp.  But he cna share what he wishes, and retain what he doesn't, in the mean time be getting feedback from other community contributors.

Just my thoughts.  And I'll put my coinz where my mouth is on this too!
Title: Re: Starting a SilkRoad data center?
Post by: bincofone on November 15, 2012, 12:08 pm
This is a programming project I would be interested in, downloading bit wasp source right now  8)
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 12:17 pm
Thanks!  I am ready to get started the first week of December.  I can afford 25 BTC to get it started.   So I would really only be able to hire one developer to begin with.  Then I could pay someone else 25 BTC to get started on the unfinished parts of it the first week of January. 

So that is my 50 BTC contribution.  I think other people really will be interested in see this progress.    I truly see the huge benefit that this could be for DPR and SR.   

When DPR has a question about something, he could anonamously contribute to the other project a similar issue that he is seeing on Silkroad, and he could potentially get the answer without anyone knowing it was him asking.  Or he could consult privately with the developers of Bit-Wasp, or whatever.   

Or just in our progress, he may see useful solutions to his own problems with things that work in Bit-Wasp.
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 12:26 pm
Just FYI  I am not a seller on Bitcoin, and I don't have a huge bankroll from my occupation.
I am just a guy who like to mess with code.  Im not well trained, or else I would do this myself.
I just want to ignite a fire under that project.  Or a new one all together that remains open source.
I think with a parallel project going, we will see a much better product from SR. 
With a little healthy competition out there, and other people contributing to improving the code.  I think DPR will have what he needs to stay motivated and educated on keeping up with this shit well in advance.

With the kind of money he has allegedly made with SR, he can afford a mini, off-grid datacenter, or a cluster of datacenters around the world.   He really should have no problem spending a thousand BTC to ignite a fire under a project like this, for the sake of his own survival in this market.

Plus, if SR is insecure that means ALL of our data is exceptionally vulnerable to military black-opts intelligence.  SERIOUS MO FOS!
Title: Re: Starting a SilkRoad data center?
Post by: Errl_Kushman on November 15, 2012, 12:52 pm
This is my thoughts on it, if I were in DPR's shoes:

 I think maybe DPR needs to spend $100k and build himself a mountain-bunker datacenter....   :/    Personally that is nothing less than I would do if I had the means!   I would use prepaid smart phones and tether internet for the servers.  I would have a couple of shipping containers.  I would make it all temperature controlled and all the rest.  It would be well ventilated.  Then I would have an offsite and onsite encrypted backup.  And a DESTROY button on my cell phone so that I could either remotely destroy the remote backup, or the data in the datacenter.   It'll be all james bond. 
It'd have to be all offgrid and on some remote island.  Solar panels, wind turbines, battery bank, backup generator, etc..  Super redundant. 

I intend to start pitching in on this project, and I encourage any coders out there to do the same.  Its a GIT project, just started learning about it;
https://github.com/Bit-Wasp/BitWasp


Any thoughts on the config?  Hardware specs?  Load balancing system?  Firewall? 
Just for ideas.  Im sure most of us have thought how we would do this one hundred thousands times.
You know how many relays you would use and approximately which ones to get a tunnel going, how much hardware you would need, where on earth your datacenter would be that you wouldn't mind retiring for the rest of your life.  I know there are a bunch of you out there that dream about this shit.  In vague terms what is your proposal for DPR to correct this constant downtime?

Or if you were going to do this for your own e-blackmarket onion site, how would you build it proper?



That's a project I might actually donate my time to.

I've often wondered if there is a plan-b, releasing the source to SR if DPR ever gets pinched. If he gets pinched, there is zero chance he will ever be running an SR type server again. What to lose by releasing the src in that scenario? Unless its buggy ;-)
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 01:18 pm
Exactly.  Or if he was to just do a big fuckin rig of cheeba and keel over dead.   
God only knows what DPR does in his free time. 

If I were him, I'd probably spend a few minutes every day thinking "Damn I am blessed".  Or some shit like that.

But he should really consider the safety of the members of his site.  Releasing his code, or a version of his code as open source, would insure that this free market hub would not be just another tale in history.

If we all apply a little foresight, and we build a competing market project similar or if not better than silkroad.  It would for DPR to get up to date or get left behind.  I think he owes that to himself, and to the members of his site.  Releasing the code to open source would keep it edgy and innovative.   There could be other private and public branches of the software too, so if people want to protect their security secrets, they could have their own private branch of the software.  But the main public project that is going forward right now will remain important and progressive and valuable to the branches as well.   This will keep security and performance top notch. 

We need 20 Sellers to donate 50 BTC each to two elected programmers.

We could do it in such a way too.  We could hire a team of developers based on some sort of community election. 

We don't necessarily have to limit it to two.  But if two people can do it.  Then they both can sharpen each other's swords along the battle to get the finished piece done.   When one developer is stumped the other could take their place. 
Could use the Zend Development tools.  Its available for purchase at BMR right now.  So we could purchase that, or the full version.  And have team checkins.  So when one person updates the file the others will get a notification of the update.  Something like that. 

If 4 people developed this, and split the plunder, even though they are not getting paid much.  They are pushing the project forward, which helps EVERYONE.

Im glad people are interested in pitching in time.   When I first saw someone else bring this project up in the forums a few days ago, I said "HAZZAH!!!"   That's the ticket right there.   Get a parallel project going.  Free Market stuff.  Ya know, how competition in the market inspire innovation and drive.     

I hope we can put this together..    The one thing that we have to agree on no matter what happens, is we have to keep contributing to the original open source project, so that the project continues to advance. 

I have a feeling dozens of developers have already beat me to this idea.    Thats why Im pleaing with everyone to also please contribute to the main source project too.
Title: Re: Starting a SilkRoad data center?
Post by: hogman on November 15, 2012, 01:32 pm
A waste of money, and time, stateside legalazation of weed is just around the corner. I've been patient for almost 50 years and I think it could happen in the next couple of years.
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 01:38 pm
In my mind this has less to do with politics, and more to do with the free market.   While the market influences politics.  Having a software powered via bitcoin is revolutionary. 
Bitcoin is really amazing and should be celebrated with a network of businesses to supply the infrastructure.  But you do have a point, SR is a great way to stick a few nails in the grave of prohibition.
Title: Re: Starting a SilkRoad data center?
Post by: Errl_Kushman on November 15, 2012, 01:40 pm
Exactly.  Or if he was to just do a big fuckin rig of cheeba and keel over dead.   
God only knows what DPR does in his free time. 

If I were him, I'd probably spend a few minutes every day thinking "Damn I am blessed".  Or some shit like that.

But he should really consider the safety of the members of his site.  Releasing his code, or a version of his code as open source, would insure that this free market hub would not be just another tale in history.

We need 20 Sellers to donate 50 BTC each to two elected programmers.

We could do it in such a way too.  We could hire a team of developers based on some sort of community election. 



Now you're speaking my language. Unfortunatly, with real life commitments, finding "Free'" time would be difficult. However, I'm a money slut so, if the price is right, i could find  time.

I think, in all honesty, its more than just developers requierd. You'd want at least 1 security ninja, 1 or 2 true test engineers, possibly a well rounded IT guy to research, all working alongside the dev's, ensuring a good product, isolated test servers,etc. The right 4 or 5 person Agile team could rock a site like SR. Especially with the sensitivty of SR's data,

I get the impression that those bitching about the current downtime dont truly understand what is going on behind the scenes. It sound like DPR and a select few are holding this whole site together. Clearnet sites similar to SR (minus the drugs we come for), have teams of engineers. For DPR to hold this site down with just him and a select few others is an accomplishment in itself.

I've had a wet dream of coming up with my own form of SR since I learned of SR.

A waste of money, and time, stateside legalazation of weed is just around the corner. I've been patient for almost 50 years and I think it could happen in the next couple of years.

Good point but, LSD, Cain, crank, meth, roids, shrooms, etc are still very illegal. Cannabis might be the bulk of the road but, its definitly not the whole story.
Title: Re: Starting a SilkRoad data center?
Post by: shitwassocash on November 15, 2012, 01:44 pm
A waste of money, and time, stateside legalazation of weed is just around the corner. I've been patient for almost 50 years and I think it could happen in the next couple of years.

The market is about more than just weed. :(


The more I read about this bitwasp idea, the more my heart goes pitter patter. Where can we donate to this project? This project needs more promotion, everyone would be on board.
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 02:00 pm
We should probably get bitcoin savvy developers to step up and we can choose our team.  I think we need some sort of consensus of who gets to split the plunder when the BETA/R3 or Finished product is released.     
I want to donate 50 BTC to this project over 2 months time.  First Payment On December 6th and Second Payment on January 6th.  25 BTC each payment.

But we need to create a pot some how.  Or like I said in the original thread.   Just commit some IOU's.  Only the IOU's that are identifiable buyers or sellers on SR will be counted towards the pot.  Anonymous contributions will not be counted until they are received by the developers. 

Or we could set up a few escrow accounts that are between the people offering and the developers. 

http://btcrow.com/

If anyone has any ideas, lets put this shit together soon.
Title: Re: Starting a SilkRoad data center?
Post by: Errl_Kushman on November 15, 2012, 02:06 pm
We should probably get bitcoin savvy developers to step up and we can choose our team.  I think we need some sort of consensus of who gets to split the plunder when the BETA/R3 or Finished product is released.     
I want to donate 50 BTC to this project over 2 months time.  First Payment On December 6th and Second Payment on January 6th.  25 BTC each payment.

But we need to create a pot some how.  Or like I said in the original thread.   Just commit some IOU's.  Only the IOU's that are identifiable buyers or sellers on SR will be counted towards the pot.  Anonymous contributions will not be counted until they are received by the developers. 

Or we could set up a few escrow accounts that are between the people offering and the developers. 

http://btcrow.com/

If anyone has any ideas, lets put this shit together soon.

Ideally, I think DPR should be funding this. I get the imperssion he/she is sitting behind a keyboard hacking away at code. At this point, I think he might be better off taking more of a managment roll and sourcing out the work. DPR's time seems to be spreading thinner and thinner.  I do understand theres probably a significant difficulty in sourcing out anonymous work of such a senstive nature though.
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 02:24 pm
Ya I think thats the only flaw in my idea, is that DPR has to keep his security measures as secret as possibly to reduce successful attacks.

But I think the suggestion that DPR needs to get the advice of a network person, a few different code developers and a few testers is ideal.

But that is also why open source works so well.  Many people can pitch in, and develop similar solutions. Deploy their solutions in both test and production environments, and contribute their own improvements to the community so that the project continues to move forward, and yet no one has to interact directly with DPR.

This makes a huge barrier between DPR and any possible security leaks. 

But I agree DPR should be chipping in a little bit if not funding this 100%.   I honestly believe this community can come up with a solution without needing to get paid.   The value is in the security of our information and in the security of some of our livelihoods.   

If it takes BTC to get developers onboard, so be it.  Buyers and sellers a like have an interest in seeing SR succeed, not just DPR.

I am game with doing my part and I truly believe SR will benefit as a result of this.  I think that SR will be able to learn from or directly copy from source that we come up with, and apply it to silk road to close security gaps, and to increase performance.

If I were in DPR shoes, I would donate no less than $5000 to this.
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 02:30 pm
I guess I prefer to say  485BTC rather than $5000. 
The donations to this project will be made via BTC.

I do think we should use an escrow service.

But first thing is first.  We do need to analyze what is already created, and then create a roadmap going forward so we can setup milestones to achieve along the way.
We don't want to be wondering around without a plan with so much at stake.

We need to probably create two different proposals.

1.  Contribute to the BitWasp Project
2.  Create a completely new project

Then we have to draw up and approve a map.

Then elect our development team.

Then collection donations.

Then get the project started.

After the project reaches certain milestones.

The project will then pay out a percentage of the pot to the developers.  Then the developers can decide to go forward, or pass the torch to a newly elected team member. 
Milestones act as payouts and decision points on the map.

Something like that.
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 02:45 pm
Ya know the owner(s) of BMR have interest in this too.
This community sponsored team of developers will potentially benefit both of the other projects (SR + BMR + BITMIT, etc).

I love Bitmit for it's own reasons.  I shop on Bitmit more than I do SR actually.

So I would like to see some universal brain storming, and I don't see why people can't get paid for their expertise.
Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 02:55 pm
I will put something together tonight, and propose it on this thread.  If anyone else has any better ideas please propose them here.

We will be very democratic about this so that it gets a lot of interaction from many different perspectives. 
Title: Re: Starting a SilkRoad data center?
Post by: Bungee54 on November 15, 2012, 03:08 pm
We will 100% donate a nice sum to this project...

We would like to see    BITWasp continued.


Great stuff here !


Cheers!

Title: Re: Starting a SilkRoad data center?
Post by: stateless on November 15, 2012, 03:33 pm
bungee54
Yes!  We have 3 people so far serious about donating to this.

We need 20 people interested in donating around 50 coinz each, and I know we can have this development done by February or March.


I will start an escrow service.  But incase this site goes down for any reason, this is my wallet ID for donations.

1F7V5WHvzgcLgBsZ9hrC4qyqzRh4QAtX1j

Or we can wait and get something set up at; https://btcrow.com/startescrow.php

Or, Im open to ideas.   I just want to get the attention of the developers that can make this magic happen, so I have to show them that we aren't all talk.

However we can achieve that in a way that satisfies everyone.  Im entirely game!

Title: Re: Starting a SilkRoad data center?
Post by: bincofone on November 15, 2012, 03:46 pm
Had a good idea for this:

It would be good if vendors could have an API key and then display their feedback (could be little detail, could be a bit) from other bitwasp based (if it's still around) sites, sort of like a feedback network. Or you could just crawl other marketplaces' sites without an API and grab the same info from the HTML, either way works, one's just a little more robust. Maybe even a way to transfer listings would be good for vendors. Would have to be manually moderated to ensure identities on the different sites are the same person (easy through PGP), but that way vendor trust can still be established easily if any particular marketplace were to run into trouble. Obviously you still need to have good faith in the particular bitwasp site that the owner isnt gonna run off with the coin but at least you can have reputable vendors trade a bit more easily on newer sites.

Anything that helps these bitwasp installations grow quicker and vendors start selling quicker would be a good idea, I think this could accelerate that substantially (and it's pretty easy to implement too).
Title: Re: Starting a SilkRoad data center?
Post by: Bungee54 on November 15, 2012, 03:52 pm
Had a good idea for this:

It would be good if vendors could have an API key and then display their feedback (could be little detail, could be a bit) from other bitwasp based (if it's still around) sites, sort of like a feedback network. Or you could just crawl other marketplaces' sites without an API and grab the same info from the HTML, either way works, one's just a little more robust. Maybe even a way to transfer listings would be good for vendors. Would have to be manually moderated to ensure identities on the different sites are the same person (easy through PGP), but that way vendor trust can still be established easily if any particular marketplace were to run into trouble. Obviously you still need to have good faith in the particular bitwasp site that the owner isnt gonna run off with the coin but at least you can have reputable vendors trade a bit more easily on newer sites.

Anything that helps these bitwasp installations grow quicker and vendors start selling quicker would be a good idea, I think this could accelerate that substantially (and it's pretty easy to implement too).

Cool ..very good idea...

We will donate a bit more dont worry lol
Title: Re: Starting a SilkRoad data center?
Post by: zaphodbeeblebrox on November 15, 2012, 04:59 pm
OK, I'll throw my 2c worth in.

Background for what its worth - Details not available on request :)

Currently running a large (circa $500M) IT project. Got 30-40 developers building large scale secure code on a significant number of servers (approx 500). 30-40 hardware people, 10-15 testers, project office of around 10 people. Mixture of very large UNIX boxes and some smaller X86 servers for Windows. Masses and masses of networking kit, lot of Cisco kit. Big pipes, two data centres, separate dedicated environments for various testing phases. Personal background of UNIX and C, C++ development down to networking and kernel level and other interesting stuff.

Building a system like this is hard. My first thoughts on seeing a system like SR is how difficult it is to build, test and manage as security has to be absolute at every level. Anybody gets in here could have access to a vast quantity of information and, depending on how the system is configured, to the bit coins. I will say now I have zero idea of how SR is built to all my thoughts are guesses and could be completely wrong.

So you want to build a replacement SR with proper backups, and proper redundancy. People throw the phrase "clustering" around like it's confetti, clustering can help but it's all part of the large scale redundancy design. Clustering can actually make things a lot more complex and will (not can) introduce it's own problems.

So the parts you're going to need to make this work:

1) Big pipes with low latency. You're going to need a couple of these. Now, most providers of big pipes are large scale commercial organisations. They tend to ask for credit references and some sort of contract before they put your 100Mb pipe in. So how do you provide those? You could use a co-location facility but thats also troublesome as you no longer control what people have access to your server. So lets put some encryption on the disk to stop people looking at the data, thats fine on the data side of the disk but you don't normally encrypt the OS side as you need to provide encryption keys at some part of the boot process. If it's collocated are you going to be there to enter the keys? Unlikely! Personally speaking I'd want physical control of my servers and so I'd try and buy big pipes and run them myself. Assuming you want redundancy in the pipes you're going to need two contracts with two companies doubling your issues. You also need to make sure they are really, really redundant and while one may leave the from of your data centre and the second from the rear, they then all join up in a data box 3KM down the road and are spliced into the same fibre cable. Had that one happen to me :)

2) Location. People talk about putting servers into geographically dispersed locations and clustering. Thats real hard, the latency on the link between the two systems is high which normal clustering isn't too keen on. You can sync between the servers which is easier though. However now you have two sets of servers in different parts of the world. That means two sets of people to look after the kit. Two sets of costs, two times the hassle, two times the chances of something being found, two sites to manage, two commercial situations.

Ok, we'll separate them in the same country, but to be honest, you still have the same issues of two servers, two sites, two sets of people, two chances of somebody finding out.

Personally speaking, I'd run a single site with multiple servers and a single fat pipe and a smaller DSL pipe as a backup for vendor use.

3) Development. Most people think they can develop, however most people never have to develop a highly secure system which can't leak any data or have any back doors into the system, so ibso facto you only have a small pool of people who can actually help you develop. Secure development is hard, very hard and the biggest problem is that the underlying development framework, PHP, Linux, Windows could be insecure as well. Using an older hardened OS is good and there are Linux/BSD ones out there to use, but you still have to be so, so careful of what you do. My experience if that you need very experienced developers to really, really, really minimise the security problem. You will never take it away, all you can do is make it harder.

You can't just use any developers, you have to be a little bit careful about who you use. You also need to be paranoid and assume that anybody you do use has ulterior motives, so you need to check the code that has been written very carefully just-in-case something has been slipped in.

Whilst the open source model of many eyes checking, is very good at finding defects, its not clear to me that you want to put your code out into the world for everybody to see just in case some nefarious people find a backdoor and don't decide to tell people. There may be other frameworks that assist in development but as the Wordpress people have found, security in many of them is rubbish :)

4) Bitcoins. You're going to have to use bit coins to maintain anonymity. If all goes well, you're going to take a slice off the top of each transaction and payment aka eBay and PayPal, this could mean quite a lot of Bitcoins to translate to money. There are various regulatory bodies in the world taking an awful lot of interest in Bitcoins which means this is getting harder and harder. I have little experience in this sort of stuff so it may be easy or a complete nightmare.

5) Power and cooling. Most people forget about these, in my experience cooling is far harder than power. Servers these days are pretty compact, I would have thought that a server capable of handling 200K enrolled users with probably a couple of hundred simultaneous users would be quite small. Memory is probably the biggest constraint as the database for this site is quite small by web standards. Cooling a couple of big X86 servers should be OK, so long as you don't stack them. They should run on normal mains power as you're not running big racks of them.

6) Administration. I suspect this is done personally by a select few of the team who know SR. I'd do it myself to make sure things work just right. Also saves costs of paying somebody else :) However you do need to put in place support for when you do want to slope off. Not sure your local support centre can pick up calls for these, so would have to done in house.

7) Forums. Pretty essential as the preferred mechanism of choice. Keep them on separate servers and use off the shelf software. Anybody puts anything sensitive on there is their own fault. Security should be assumed to be nil.

8) Database. You need a database to keep this information all together. Personally speaking, I'd use Postgres and it's syncing capability. Other people like MySql, no big deal though you're going to need a database developer to keep the speed up.

9) Testing. You're going to need a few spare servers to run things through testing cycles. Just because you're running secret stuff, you can't forget the testing. Running a testing cycle requires discipline and being a picky bastard. You also shouldn't let your developers test (Thats being really picky), so more people you need to trust.

In Summary

I'd put a couple of X86 based boxes running a hardened version of Linux. I'd have a fat pipe with an DSL backup for vendors to use and for me to get in if the big pipe is down. I'd separate out the website from the database (motherhood and apple pie here) and have a couple of Cisco switches running redundant pairs just on the off chance one of the PSU's fails in the switch. I'd forget about tape and have another server that replicates the database in near realtime to keep the data up to date. I'd have a red painted spare set of servers that I keep hot that I check actually work every week. Anybody who touches these hot spares has parts of their anatomy removed. I'd develop using PHP and Postgres as they should be fast enough. I'd stuff my servers with as much physical memory as I could. I'd site all of this in a hi tech neighbourhood where nobody thinks twice about high speed pipes and internet startups are ten a penny, just tell people it's a new Facebook replacement and they'll leave you alone. Be careful not to make it too exciting or you may find investors coming to bother you :)

Anyway, back to the real world....
Title: Re: Starting a SilkRoad data center?
Post by: Errl_Kushman on November 15, 2012, 05:01 pm
I guess I prefer to say  485BTC rather than $5000. 
The donations to this project will be made via BTC.

I do think we should use an escrow service.

But first thing is first.  We do need to analyze what is already created, and then create a roadmap going forward so we can setup milestones to achieve along the way.
We don't want to be wondering around without a plan with so much at stake.

We need to probably create two different proposals.

1.  Contribute to the BitWasp Project
2.  Create a completely new project

Then we have to draw up and approve a map.

Then elect our development team.

Then collection donations.

Then get the project started.

After the project reaches certain milestones.

The project will then pay out a percentage of the pot to the developers.  Then the developers can decide to go forward, or pass the torch to a newly elected team member. 
Milestones act as payouts and decision points on the map.

Something like that.

I think leveraging the current bitwasp project is the better path. So long as all the fundamentals for what is required are there, it could be built upon to customize for our collective needs. That would require a bit of research and of course, a requirements spec to reference.

As with any investment plea, i think, as you mention, a project roadmap and scope would need.

Moreso than just developers, a developer panel could be used to ensure the best decisions are being made.

I see it as  somewhat of a pie in the sky idea but, I love the thought of it.
Title: Re: Starting a SilkRoad data center?
Post by: bincofone on November 16, 2012, 05:20 am
OK, I'll throw my 2c worth in.

Background for what its worth - Details not available on request :)

Currently running a large (circa $500M) IT project. Got 30-40 developers building large scale secure code on a significant number of servers (approx 500). 30-40 hardware people, 10-15 testers, project office of around 10 people. Mixture of very large UNIX boxes and some smaller X86 servers for Windows. Masses and masses of networking kit, lot of Cisco kit. Big pipes, two data centres, separate dedicated environments for various testing phases. Personal background of UNIX and C, C++ development down to networking and kernel level and other interesting stuff.

Building a system like this is hard. My first thoughts on seeing a system like SR is how difficult it is to build, test and manage as security has to be absolute at every level. Anybody gets in here could have access to a vast quantity of information and, depending on how the system is configured, to the bit coins. I will say now I have zero idea of how SR is built to all my thoughts are guesses and could be completely wrong.

So you want to build a replacement SR with proper backups, and proper redundancy. People throw the phrase "clustering" around like it's confetti, clustering can help but it's all part of the large scale redundancy design. Clustering can actually make things a lot more complex and will (not can) introduce it's own problems.

So the parts you're going to need to make this work:

1) Big pipes with low latency. You're going to need a couple of these. Now, most providers of big pipes are large scale commercial organisations. They tend to ask for credit references and some sort of contract before they put your 100Mb pipe in. So how do you provide those? You could use a co-location facility but thats also troublesome as you no longer control what people have access to your server. So lets put some encryption on the disk to stop people looking at the data, thats fine on the data side of the disk but you don't normally encrypt the OS side as you need to provide encryption keys at some part of the boot process. If it's collocated are you going to be there to enter the keys? Unlikely! Personally speaking I'd want physical control of my servers and so I'd try and buy big pipes and run them myself. Assuming you want redundancy in the pipes you're going to need two contracts with two companies doubling your issues. You also need to make sure they are really, really redundant and while one may leave the from of your data centre and the second from the rear, they then all join up in a data box 3KM down the road and are spliced into the same fibre cable. Had that one happen to me :)

2) Location. People talk about putting servers into geographically dispersed locations and clustering. Thats real hard, the latency on the link between the two systems is high which normal clustering isn't too keen on. You can sync between the servers which is easier though. However now you have two sets of servers in different parts of the world. That means two sets of people to look after the kit. Two sets of costs, two times the hassle, two times the chances of something being found, two sites to manage, two commercial situations.

Ok, we'll separate them in the same country, but to be honest, you still have the same issues of two servers, two sites, two sets of people, two chances of somebody finding out.

Personally speaking, I'd run a single site with multiple servers and a single fat pipe and a smaller DSL pipe as a backup for vendor use.

3) Development. Most people think they can develop, however most people never have to develop a highly secure system which can't leak any data or have any back doors into the system, so ibso facto you only have a small pool of people who can actually help you develop. Secure development is hard, very hard and the biggest problem is that the underlying development framework, PHP, Linux, Windows could be insecure as well. Using an older hardened OS is good and there are Linux/BSD ones out there to use, but you still have to be so, so careful of what you do. My experience if that you need very experienced developers to really, really, really minimise the security problem. You will never take it away, all you can do is make it harder.

You can't just use any developers, you have to be a little bit careful about who you use. You also need to be paranoid and assume that anybody you do use has ulterior motives, so you need to check the code that has been written very carefully just-in-case something has been slipped in.

Whilst the open source model of many eyes checking, is very good at finding defects, its not clear to me that you want to put your code out into the world for everybody to see just in case some nefarious people find a backdoor and don't decide to tell people. There may be other frameworks that assist in development but as the Wordpress people have found, security in many of them is rubbish :)

4) Bitcoins. You're going to have to use bit coins to maintain anonymity. If all goes well, you're going to take a slice off the top of each transaction and payment aka eBay and PayPal, this could mean quite a lot of Bitcoins to translate to money. There are various regulatory bodies in the world taking an awful lot of interest in Bitcoins which means this is getting harder and harder. I have little experience in this sort of stuff so it may be easy or a complete nightmare.

5) Power and cooling. Most people forget about these, in my experience cooling is far harder than power. Servers these days are pretty compact, I would have thought that a server capable of handling 200K enrolled users with probably a couple of hundred simultaneous users would be quite small. Memory is probably the biggest constraint as the database for this site is quite small by web standards. Cooling a couple of big X86 servers should be OK, so long as you don't stack them. They should run on normal mains power as you're not running big racks of them.

6) Administration. I suspect this is done personally by a select few of the team who know SR. I'd do it myself to make sure things work just right. Also saves costs of paying somebody else :) However you do need to put in place support for when you do want to slope off. Not sure your local support centre can pick up calls for these, so would have to done in house.

7) Forums. Pretty essential as the preferred mechanism of choice. Keep them on separate servers and use off the shelf software. Anybody puts anything sensitive on there is their own fault. Security should be assumed to be nil.

8) Database. You need a database to keep this information all together. Personally speaking, I'd use Postgres and it's syncing capability. Other people like MySql, no big deal though you're going to need a database developer to keep the speed up.

9) Testing. You're going to need a few spare servers to run things through testing cycles. Just because you're running secret stuff, you can't forget the testing. Running a testing cycle requires discipline and being a picky bastard. You also shouldn't let your developers test (Thats being really picky), so more people you need to trust.

In Summary

I'd put a couple of X86 based boxes running a hardened version of Linux. I'd have a fat pipe with an DSL backup for vendors to use and for me to get in if the big pipe is down. I'd separate out the website from the database (motherhood and apple pie here) and have a couple of Cisco switches running redundant pairs just on the off chance one of the PSU's fails in the switch. I'd forget about tape and have another server that replicates the database in near realtime to keep the data up to date. I'd have a red painted spare set of servers that I keep hot that I check actually work every week. Anybody who touches these hot spares has parts of their anatomy removed. I'd develop using PHP and Postgres as they should be fast enough. I'd stuff my servers with as much physical memory as I could. I'd site all of this in a hi tech neighbourhood where nobody thinks twice about high speed pipes and internet startups are ten a penny, just tell people it's a new Facebook replacement and they'll leave you alone. Be careful not to make it too exciting or you may find investors coming to bother you :)

Anyway, back to the real world....

Co-locating it on site with another legit high bandwidth service of your own would provide good cover.

If I was going to do it I would just order VPS or dedicated boxes anonymously using credit cards obtained anonymously. Located in quite a few countries. Servers can talk to each other over encrypted channels (not necessarily Tor, probably HTTPS to blend in with regular traffic) when synchronizing data. Wouldn't exactly be low latency or ultra high performance, but it's being accessed over Tor anyway.

I think people greatly overestimate the server power required to run Silk Road, it's not THAT busy a site. It only does $22 mil a year in sales selling products with very high prices compared to most online stores.
Title: Re: Starting a SilkRoad data center?
Post by: zaphodbeeblebrox on November 16, 2012, 06:42 am
I agree that SR doesn;t need high powered servers, hence my couple of X86 boxes.

I wouldn't colocate though as you lose control. Like the idea idea of a separate high volume fully legit coproject. Perhaps DPR is actually facebooks Zuckenberg :)