Security of stored files - data removal and availability questions

@saswata @sculptex

  1. How secure is your storage app?
    Can you confirm publicly, that users can securely safe important files like copies of their ID or College Degrees in it, and only the user have access to it?

  2. Who else could theoretically be able to access stored files, other than the user who uploaded? Blobbers, nodes, validators?

  3. How could files be lost; please describe to us every technical scenario where the user’s uploaded files could be lost or, in other terms, become non-downloadable or non-recoverable for the user?

Please take your time consulting with your technical developer teams, I would like you to desribe every possible scenario of non-availability of files
.

This will be important for people to understand in order to decide if they can without any doubt use your application for storing important documents.

Or if they better stick to Dropbox or Google Drive and use your application only for NON-IMPORTANT documents (because you are still unsure about the safety level of your system)

As long as a user chooses the option to encrypt their data, then the data is as secure as their wallet.

This is far more secure than Google drive or Dropbox.

And:

How could files be lost; please describe to us every technical scenario where the user’s uploaded files could be lost or, in other terms, become non-downloadable or non-recoverable for the user?

I would like you to desribe every possible scenario of non-availability of files @sculptex

To quote what I have said previously
“So the reliability depends on enough blobbers (the Data figure in the EC ratio) being able to serve the file. So any more than the Parity figure of failed blobbers will result in being unable to read data.”

Also failure to renew allocations before expiry or loss of wallet etc.

@sculptex @saswata

Thanks, Let me then repeat and please confirm or extend my list:
Situations where a user could not be able to access uploaded files,

  1. when enough blobbers fail in the EC ratio
  2. when user forgets the private key of the wallet
  3. when user forgets to renew the subscription fees before expiry date

Do you have any more to add?

I have still questions to the points above:

  1. the EC ratio failure: here I refer you back to our chat in 0Box-Data Availability questions about losing and recovering data

This EC ratio failure should be totally prevented by your protocol in a way that your network constantly monitors and automatically replaces failed blobbers whenever EC-ratio-failures occur.

It should not even come to this situation,

the network should automatically replace failed EC ratios to prevent data losses, because it is not your customer’s fault when blobbers in the EC fail !.

I don’t understand what is difficult with this, every other storage network does that, centralized or not. Please prioritize this soon in your features roadmap @saswata

  1. Can you always recover your data and your wallet when you still know your private key from any other computer of mobile phone?

  2. failure to renew allocations, can you explain in more detail: What happens to my uploaded files in your network when I forget to renew in time?

Isn’t there any kind of extension period?
Are the files lost forever on the second the expiry date kicks in?
What happens to the uploaded files in the network?
Any way to recover them even when you missed the timely allocation?

Please here again introduce some automatic mechnism to take off work from the user. To prevent such cases where users forget timely allocation.

For example let users stake/pay in advance for their desired period of time,

or, make your protocol take away a sufficient amount of ZCN tokens automatically from user’s wallet (when there is sufficient amount available) , from those users who forget to manually renew

Please think of something

@sculptex

How can the user encrypt, is this a feature in your wallet?

And can you tell what detail what the used encryption method is?

Please read the whitepapers this is all detailed.