tfgrid/docs_tfgrid4_tech
11
0
Fork 0
Code Issues 1 Pull Requests 1 Actions Packages Projects Releases Wiki Activity

update tech book for docusaurus

Browse Source
This commit is contained in:
mik-tf
2025-01-16 17:04:24 -05:00
parent 4810d7996b
commit 3d1894e02b
135 changed files with 1756 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/key_innovations_overview/_category_.json Normal file
View File

@@ -0,0 +1,7 @@
{
"label": "Key Innovations",
"position": 5,
"link": {
"type": "generated-index",
}
}

7
docs/key_innovations_overview/compute_inno/_category_.json Normal file
View File

@@ -0,0 +1,7 @@
{
"label": "Compute",
"position": 1,
"link": {
"type": "generated-index",
}
}

64
docs/key_innovations_overview/compute_inno/compute_inno.md Normal file
View File

@@ -0,0 +1,64 @@
---
sidebar_position: 1
description: The computer layer of the grid
---
# Compute Layer
| | Compute Layer | Default |
|----------------|--------------------------------------------------------------------------------|------------------------------------------------------------------|
| Management | Full P2P, done by 3bot Agents, blockchain IT contract | Centralized e.g. Kubernetes, ... |
| OS Deploy | Stateless, there are no files copied on local HDD/SSD. | Deploy image or execute installer on a physical server |
| OS Upgrade | Seamless, rolling upgrades, 100% modular and pre-deterministic, decentralized | Difficult and error prone + vulnerable from security perspective |
| Tamperproof | If file gets modified Zero-OS will not boot the file. | No, man in middle is possible. |
| Scalability | To the world | Expensive and depending on lots of capital |
| Security | A lot of effort went into the capability to deploy for high security usecases. | Very hard to deploy securely, and expensive |
| Green | For certain workloads we can safe upto 10x on power usage | Super power hungry. |
| Liquid Cooling | Easy to do because of autonomous behavior no need to replace HW. | Hard to do, how to do maintenance. |
| Sovereign | Yes | No |
| Complexity | Anyone can do it, we made it to allow everyone to be a provider. | Real experts needed. |
> We do not compare our system with those that claim to be full cloud solutions but merely deploy containers using other management systems and optionally connect to a blockchain for billing purposes. Nor do we compare with marketplace systems that simply act as frontends for other systems. We believe these systems, while visually impressive, lack substantial technological foundations and cannot serve as a fundamental base layer for others.
## Zero-OS
![](../../img/zos00.png)
ThreeFold has developed its own operating system, Zero-OS, which is based on the Linux Kernel. The purpose of Zero-OS is to strip away the unnecessary complexities commonly found in contemporary operating systems.
**Key Features of Zero-OS:**
Zero-OS is designed with minimalism in mind, supporting only a few fundamental primitives that handle essential low-level functions:
1. **Storage Capacity**
2. **Compute Capacity**
3. **Network Capacity**
**Security and Simplicity:**
Zero-OS provides a Autonomous Decentralized Cloud.
This not only blocks hacker access but also eliminates human error, enhancing both security and reliability.
### Deployment by IT contract
Secure Reproducable Verified Authenticated
![](../../img/itcontract.png)
The purpose of the smart contract for IT is to create and enable autonomous IT. Autonomous self-driving IT is possible.
Once a smart contract for IT is created, it will be registered in the TFChain Blockchain.
![](../../img/itcontract2.png)
## Compatible with the world
![](../../img/compatible.png)
## 3Bots: The Autonomous Layer
![](../../img/autonous3bots.png)

42
docs/key_innovations_overview/compute_inno/zero_deploy_inno.md Normal file
View File

@@ -0,0 +1,42 @@
---
title: Deterministic Deploy
sidebar_position: 3
---
![Smart Contract Deployment](../../img/smartcontract_deploy.png)
## Deterministic Deployment
The concept of Zero-Deploy is a key component of the **Smart Contract for IT** framework, which can be applied to any type of workload—whether it's containers, virtual machines (VMs), network gateways, volumes, Kubernetes resources, or other network elements. This framework serves as a formal agreement between a farmer (provider) and a user regarding the deployment of an IT workload.
### Process
1. **Build Your Code**
Develop and prepare your application code.
2. **Convert to Zero-Image**
Use a CI/CD solution (e.g., Hero CI/CD) to convert your Docker build (or other format) into a Zero-Image format.
3. **Define the Workload**
Specify all the details of your workload, including network bridges, web gateways, required machines, and more.
4. **Register and Sign**
Register the workload and sign it with your private key.
5. **Automatic Detection**
All necessary Zero-OS nodes (our infrastructure) will detect that a new workload needs to be deployed.
6. **Deployment Process**
The nodes will pull down the formal workload descriptions and initiate the deployment process.
7. **Validation**
Every step of the deployment is verified by Zero-OS (ZOS) to ensure that the intended result is accurately replicated. If any discrepancies are detected, ZOS will halt the deployment and provide an error message.
### Benefits
- **Deterministic Deployment**: There is no dynamic behavior during deployment at runtime, ensuring a consistent and predictable outcome.
- **Strict Compliance**: No process can start unless all files and configurations are fully described at the flist level.

40
docs/key_innovations_overview/compute_inno/zero_image_inno.md Normal file
View File

@@ -0,0 +1,40 @@
---
title: Zero-Images
sidebar_position: 3
---
![](../../img/zos_images.jpg)
### The Problem
The current method of deploying workloads in the cloud using Docker containers and virtual machine images has inherent issues. These images consume significant storage space, result in slow and bandwidth-intensive transfers to the internet's edge, drive up costs, introduce complexity, and pose security risks due to difficulties in tracking their contents over time.
For instance, a complete Ubuntu image can easily be 2 GB in size, comprising millions of files. In contrast, the Flist (metadata for Zero-Image) for a full Ubuntu image is less than 2 MB (1000 times smaller). Based on this flist only the required files will be dowbloaded which can easily be 10x less compared to the original image size. These downloaded files (or subparts of files) are identified by a fingerprint (hash) and will only boot once authenticity can be verified.
### Process
- Zero-OS or the Zero-Image Command Line (works on linux) gets informed to provision a virtual filesystem based on a Zero-Image URL.
- The Zero-Image Metadata is stored on e.g. an S3 Server or our Zero-Hub.
### Introducing Flist
A new image format that separates the image data (comprising files and subfile parts) from the metadata describing the image structure.
An Flist's format uniquely encompasses comprehensive file descriptions along with all relevant metadata such as size, modification and creation timestamps, and POSIX attributes. Additionally, it incorporates a fingerprint for each component, ensuring deterministic behavior—a crucial feature for security focused use cases.
Flists provide the flexibility to manage metadata and data as separate entities, offering a versatile approach to handling various build and delivery scenarios.
### The Benefits
- **Rapid deployment:** Zero-OS enables containers and virtual machines to launch up to 100 times faster, especially in decentralized scenarios.
- **Enhanced security:** Zero-OS prevents tampering with images, ensuring higher security levels.
- **Reduced storage and bandwidth:** Zero-OS significantly reduces storage and bandwidth requirements, potentially achieving up to a 100-fold improvement.
- **Deterministic deployments:** engineers can precisely define deployments beforehand, ensuring predictable outcomes without changes during deployment.
- **100% compatible:** with existing standards, docker and virtual machines. The same format is useful for VM's as well as any container technology.
### Status
Usable for years, see Zero-OS.

32
docs/key_innovations_overview/compute_inno/zero_install_inno.md Normal file
View File

@@ -0,0 +1,32 @@
---
title: Zero-Install
sidebar_position: 4
---
![](../../img/boot.png)
The Zero-OS is delivered to the 3Nodes over the internet network (network boot) and does not need to be installed.
### 3Node Install
1. Deploy a computer
2. Configure a farm on the TFGrid explorer
3. Download the bootloader and put on a USB stick or configure a network boot device
4. Power on the computer and connect to the internet
5. Boot! The computer will automatically download the components of the operating system (Zero-OS)
The actual bootloader is very small, it brings up the network interface of your computer and queries TFGrid for the remainder of the boot files needed.
The operating system is not installed on any local storage medium (hard disk, ssd), Zero-OS is stateless.
The mechanism to allow this to work in a safe and efficient manner is an innovation called our container virtual filesystem.
### Process
- optionally: configure booting from secure BIOS
- optionally: install signing certificate in the BIOS, to make sure that only the right bootloader can be started
- the bootloader (ISO, PXE, USB, ...) get's downloaded from Internet (TFGrid CDN or private deployment)
- core-0 (the first boot process) starts, self verification happens
- the metadata for the the required software modules is downloaded and checked against signature and hashes
- the core-0 zero_image service

14
docs/key_innovations_overview/energy_efficient.md Normal file
View File

@@ -0,0 +1,14 @@
---
sidebar_position: 4
---
# Energy Efficient
Below are some of the ways in which we achieve energy efficiency as compared to traditional models.
![alt text](../img/energy_efficient.png)
In addition, a decentralized peer-to-peer infrastructure which finds the shortest path between end points is by nature energy-efficient. Data needs to travel a much shorter distance.
> Depending on the use case the our approach can lead to 10x energy savings.

7
docs/key_innovations_overview/network_inno/_category_.json Normal file
View File

@@ -0,0 +1,7 @@
{
"label": "Network",
"position": 2,
"link": {
"type": "generated-index",
}
}

36
docs/key_innovations_overview/network_inno/mycelium_inno.md Normal file
View File

@@ -0,0 +1,36 @@
---
title: Mycelium
sidebar_position: 2
---
![](../../img/peer2peer_network.jpg)
## Mycelium: A New Network Layer for the Internet
![](../../img/mycelium00.png)
### The Problem
The current centralized state of the internet poses significant security risks, with compromised routers and growing cyber threats (trillions of USD per year now), making everyone vulnerable to hacking. Industry responses involve disabling original features, hindering true peer-to-peer connectivity and personal server capabilities. Workarounds and system hacks have become the norm.
**Our Internet is seriously broken. We need new ways to communicate**
### Introducing Mycelium
Mycelium is an overlay network layer designed to enhance the existing internet infrastructure while remaining compatible with all current applications. It empowers true peer-to-peer communication. By installing a Network Agent on your device, you gain the ability to securely connect with any other participant on this network. Mycelium intelligently reroutes traffic to maintain connectivity taking location of you and your peer into consideration.
### The Benefits
- **Continuous connectivity:** Mycelium ensures uninterrupted connectivity by dynamically rerouting traffic through available connections (friends, satellites, 4/5G, fiber).
- **End-to-end encryption:** robust encryption stops man-in-the-middle attacks, guaranteeing secure communication.
- **Proof of authenticity (POA): ensures that we know who we are communicating with
- **Optimized routing:** Mycelium finds the shortest path between network participants, reducing latency and keeping traffic localized.
- **Universal server capability:** empowers individuals to act as servers, a foundational element for any peer-to-peer system.
- **Full Compatibility:** Mycelium seamlessly integrates with the current internet, supporting any application.
- **Impressive speed:** achieves 1 Gbps per Network Agent, ensuring rapid data transfer.
### Status
In beta and usable from TFGrid 3.13, its our 3e generation approach to networking and took us years to do. We are looking forward to your feedback.

64
docs/key_innovations_overview/network_inno/mycelium_shortest_path_routing_inno.md Normal file
View File

@@ -0,0 +1,64 @@
---
title: Shortest Path Routing
sidebar_position: 3
---
![](../../img/shortest_path_routing.jpg)
# Shortest Path Routing
## Empowering Connectivity with an End-to-End Encrypted Overlay Network
### The Concept of End-to-End Encryption
End-to-end encryption (E2EE) ensures that data is encrypted on the sender's device and only decrypted on the recipient's device. This means that no intermediaries, including service providers, can access or alter the data while it is in transit.
### Shortest Path Routing in Overlay Networks
An overlay network is a virtual network built on top of an existing physical network.
Each enduser mycelium agent will execute custom routing logic and protocols to improve connectivity.
- In the context of a Mycelium peer-to-peer (P2P) overlay network, nodes (participants) can dynamically discover and connect to each other, forming a mesh-like structure.
- Shortest Path Routing: The network can use algorithms to find the shortest or most efficient path between nodes. This ensures that data packets travel the minimum distance required to reach their destination, reducing latency and improving performance.
### Multi-Hop Communication
In a P2P overlay network, data can hop through multiple nodes to reach its destination. This means that if a direct connection is not available, the data can be relayed through intermediary nodes. For example:
1. **Node A** wants to send data to **Node D**.
2. There is no direct connection, but **Node A** can reach **Node B**, which can reach **Node C**, which finally reaches **Node D**.
3. The data is encrypted end-to-end, so it remains secure throughout its journey.
Network usage tracking and billing can be used to make sure all participants are rewarded.
### Leveraging Existing Networks
This overlay network operates on top of existing internet infrastructure.
This leads to:
1. **Cost Efficiency**: By leveraging existing infrastructure, there is no need for extensive new investments in physical hardware.
2. **Flexibility**: The network can dynamically adapt to changing conditions, such as network congestion or outages.
### Improving Connectivity for Underserved Populations
Currently, around 4 billion people lack decent internet access.
Mycelium can significantly improve their connectivity:
1. **Decentralized Access**: People in remote or underserved areas can connect to the network through nearby nodes, which may belong to friends, community members, or even commercial providers offering bandwidth.
2. **Community-Driven Networks**: Local communities can set up nodes that connect to the broader overlay network, creating a resilient and scalable web of connectivity.
3. **Increased Bandwidth**: By aggregating available bandwidth from multiple sources, the overlay network can provide higher data rates and more reliable connections.
### Example Scenario
Imagine a remote village with limited internet access. The villagers set up several nodes that connect to each other and to nearby towns with better connectivity, also some of the nodes can be connected to Internet over satelite, mobile 4g or other mechanisms.
Heres how it works:
1. **Local Node Setup**: Villagers install nodes on their devices, which form a local mesh network.
2. **Connecting to Broader Network**: Some nodes have access to satellite internet or long-range Wi-Fi that connects to nearby towns.
3. **Dynamic Routing**: When a villager wants to access online resources, their data is encrypted end-to-end and routed through the shortest path available, which may include local nodes, satellite links, and commercial internet providers.
4. **Enhanced Access**: This setup leverages all available bandwidth sources, providing more reliable and faster internet access to the village.

59
docs/key_innovations_overview/network_inno/mycelium_whiltelist.md Normal file
View File

@@ -0,0 +1,59 @@
---
title: Whitelists
sidebar_position: 4
---
![](../../img/whitelists.jpg)
# Mycelium Whitelists
> Rethinking Network Security: Beyond Traditional Firewalls
### The Limitations of Traditional Firewalls
Firewalls have long been the cornerstone of network security, operating as gatekeepers to keep malicious actors out.
They work by monitoring incoming and outgoing network traffic and applying security rules to block or allow data packets based on predefined criteria. However, while firewalls are effective at creating a barrier, they have inherent limitations:
1. **Perimeter Focus**: Firewalls are designed to protect the perimeter of the network. This approach assumes that threats come from outside the network, but it does not adequately address threats from within.
2. **Static Rules**: Firewalls rely on static rules that can be bypassed by sophisticated attacks. They do not adapt dynamically to changing threat landscapes.
3. **Single Point of Failure**: As a centralized barrier, firewalls represent a single point of failure. If a firewall is compromised, the entire network can be exposed.
### The Need for Strong Authentication and Peer-to-Peer Communication
To address these limitations, a more modern approach to network security involves strong authentication and decentralized communication. By ensuring that all participants on the network are strongly authenticated, we can establish trust at the individual level rather than relying solely on perimeter defenses.
#### Strong Authentication
Strong authentication involves verifying the identity of network participants using robust methods such as:
- **Multi-Factor Authentication (MFA)**: Requires multiple forms of verification, such as passwords, biometrics, and hardware tokens.
- **Public Key Infrastructure (PKI)**: Uses cryptographic keys to authenticate users and devices.
By implementing strong authentication, we can ensure that only legitimate users and devices can access the network, significantly reducing the risk of unauthorized access.
#### Peer-to-Peer Communication Over an Overlay Network
Instead of routing all traffic through a central firewall, participants can communicate directly with each other and applications using a peer-to-peer (P2P) overlay network. An overlay network, called Mycelium, can facilitate this decentralized communication.
- **Mycelium Overlay Network**: This overlay network functions like a mesh, allowing nodes (participants) to connect directly with each other and applications. It provides a resilient and scalable architecture where each node can dynamically find the best path for communication.
### Whitelists and Group-Based Access Control
To further enhance security, applications can use whitelists and group-based access control. This approach involves:
1. **Whitelisting Users**: Only allowing access to users who are explicitly permitted. This can be based on strong authentication credentials.
2. **Group-Based Access Control**: Organizing users into groups with specific permissions. Each application can define which groups have access based on their source IP addresses and other criteria.
#### Example Scenario
Consider an application hosted on the network. Instead of relying on a firewall to block unauthorized access, the application uses Mycelium to communicate with authenticated peers. It employs a whitelist to specify which users or groups can access the application. For instance:
- **Group A**: Developers with access to development resources.
- **Group B**: Administrators with access to administrative tools.
- **Group C**: End-users with access to specific application features.
Each groups access is controlled by specifying the allowed source IP addresses and other authentication factors. This ensures that only authorized users can access the application, regardless of their location.
> only available in the enterprise edition.

21
docs/key_innovations_overview/network_inno/network_inno.md Normal file
View File

@@ -0,0 +1,21 @@
---
title: Network Layer
sidebar_position: 1
---
# Network Layer
| | ThreeFold Network Layer | Other Overlay Network Technologies (like VPN) |
|-----------------------------|-----------------------------------------------------------------------------------|-----------------------------------------------------------------------------------------------------------------------------|
| Management | Full P2P, done by 3bot Agents, blockchain IT contract | Centralized leading to security issues |
| Locality | Find shortest path on latency and quality, this allows traffic to stay sovereign. | NO, based on centralized control mechanisms or inefficient algorithms that route traffic indiscriminately across the globe. |
| Encryption | End2End ecryption, unique for every relation, linked to private key | Normally based on key exchange, or pre-shared keys. |
| Post Quantum | Possible (ask us) | No |
| Scalability | Our aim is to be planetary scalable, but we need more exposure. | Bad |
| Compatibility | We aim to support mobile, desktop, IOT, ... | Depends, often not |
| Backdoors | NO, all is based on opensource | Often, yes, unfortunately. |
| Performance | Quite good, 1 gbit / sec can be achieved on std node (which is high for overlay) | Often slow. |
| Security Model | Whitelist model | Blacklist model, list who is bad e.g. firewalls |
| Fully integrated in compute | Yes | Lots of different solutions |

76
docs/key_innovations_overview/network_inno/virtual_browser.md Normal file
View File

@@ -0,0 +1,76 @@
---
title: Virtual Browser
sidebar_position: 5
---
![](../../img/virtual_browser.jpg)
## Secure Remote Browser Concept
### Overview
In this concept, users interact with a secure web application through their web browsers without running JavaScript locally.
Instead, the actual browser logic and JavaScript execution occur in a secure, remote virtual browser hosted in a secure part of a private cloud. This setup provides enhanced security and control, ensuring that users are protected from malicious scripts and other threats.
### Key Components
1. **Client-Side Browser (Local Browser)**
- **Rendering Only**: The user's local browser is responsible only for rendering content. It draws the user interface using technologies like HTML5 Canvas.
- **No Local JavaScript Execution**: No JavaScript code runs on the local browser, eliminating the risk of client-side script attacks.
2. **Remote Browser (Virtual Browser)**
- **Secure Execution Environment**: The remote browser runs within a secure container in the cloud. For example, this could be within the secure network of a bank.
- **JavaScript Execution**: All JavaScript execution happens in the remote browser. This environment is tightly controlled and monitored.
- **Context Validation**: Each JavaScript file executed is checked to ensure it originates from the original, built application. This prevents unauthorized or malicious scripts from running.
3. **Session Management**
- **Ephemeral Sessions**: Each user session is temporary. After a session ends, the context is destroyed and rebuilt for the next session, ensuring a clean state each time.
- **Session Recording**: Sessions can be recorded, similar to screen CCTV, for auditing and security purposes. This allows for detailed monitoring and review if needed.
4. **Network Service Lists and Mycelium Integration**
- **Secure Communication**: The connection between the local browser and the remote browser uses end-to-end encryption. The Mycelium overlay network ensures the shortest path and secure, peer-to-peer communication.
- **Access Control**: Network service lists and group-based access control manage which users can access specific applications, enhancing security and control.
### Example Workflow
1. **User Initiates Connection**
- The user opens their local browser and navigates to the bank's application URL.
- The local browser connects to the remote browser hosted in the bank's secure cloud environment.
2. **Remote Browser Setup**
- A new, secure container is instantiated for the user's session.
- The remote browser loads the bank's application and validates all JavaScript files.
3. **Rendering in Local Browser**
- The remote browser executes the JavaScript and sends the rendered output to the local browser.
- The local browser draws this output on the canvas, providing a seamless user experience.
4. **Session Management**
- Throughout the session, all interactions are processed by the remote browser.
- User interactions (e.g., clicks, form submissions) are sent to the remote browser, which processes them and updates the rendered output accordingly.
5. **Session Termination**
- When the user finishes their session, the remote browser context is destroyed.
- Any recorded session data is stored securely for auditing purposes.
### Benefits
1. **Enhanced Security**
- By not running JavaScript locally, the risk of client-side attacks such as cross-site scripting (XSS) is eliminated.
- The remote browser's secure environment ensures that only validated scripts execute.
2. **Controlled Environment**
- The bank has full control over the execution environment, allowing for stringent security policies and monitoring.
- Ephemeral sessions ensure that each user starts with a clean slate, reducing the risk of persistent threats.
3. **Auditing and Compliance**
- Session recording provides a detailed audit trail, which is valuable for security reviews and compliance with regulatory requirements.
4. **Improved User Experience**
- Users benefit from a secure browsing experience without performance degradation, as rendering is offloaded to the client's local browser.
### Integration with Mycelium and Network Service Lists
By combining this remote browser concept with Mycelium and network service lists, we can ensure secure and efficient communication:
- **Mycelium Overlay Network**: Ensures that the connection between the local and remote browser is routed through the most efficient path, leveraging peer-to-peer connections where possible.
- **Network Service Lists**: Manage which users and groups can access the remote browser and specific applications, providing fine-grained access control.

7
docs/key_innovations_overview/storage_inno/_category_.json Normal file
View File

@@ -0,0 +1,7 @@
{
"label": "Storage",
"position": 3,
"link": {
"type": "generated-index",
}
}

32
docs/key_innovations_overview/storage_inno/fungistor_innovation.md Normal file
View File

@@ -0,0 +1,32 @@
---
title: FungiStor
sidebar_position: 4
---
## FungiStor (End 2024)
### The Problem
Existing blockchain, internet, and P2P content delivery and storage systems suffer from sluggish performance and are too expensive. Content retrieval is often slow, and the overhead for ensuring redundancy is excessive. We require innovative approaches to facilitate efficient information sharing among users.
Content delivery frequently represents the most significant expense for social networks. Running a basic social video network for 10 million users currently costs approximately $2 million per month using traditional cloud providers. We have the potential to reduce this cost by several orders of magnitude.
### Introducing FungiStor
FungiStor is a peer-to-peer (P2P) content delivery layer designed to store and distribute an extensive range of objects, including images, videos, files, and more. It has the capability to handle trillions of objects and files efficiently. FungiStor serves as an excellent solution for content delivery networks (CDNs), significantly reducing costs for organizations seeking to stream or deliver substantial data volumes to their user base.
### The Benefits
- **Global scalability, sub-50ms lookups:** FungiStor scales worldwide with ultra-fast data retrieval under 50 milliseconds.
- **Localized content delivery:** prioritizes local data access for optimized speed and efficiency.
- **Quantum-Safe security:** incorporates robust quantum security measures.
- **Interoperability:** works seamlessly with IPFS, Torrent, and more.
- **Cost efficiency:** offers significant cost savings, potentially 10 to 100 times less than conventional solutions.
### Status
Planned for the end of 2024
Remark, FungiStor will act as the backend infrastructure for the Flists within our own system. It is versatile and can be utilized by anyone in need of a global-level content delivery system for files, objects, and images.

32
docs/key_innovations_overview/storage_inno/qsfs_innovation.md Normal file
View File

@@ -0,0 +1,32 @@
---
title: Quantum Safe Storage
sidebar_position: 2
---
## Quantum Safe File System
### The Problem
There is a growing need for more accessible and user-friendly solutions to store and manage large volumes of data efficiently.
While Zero-Stor addresses numerous storage challenges effectively, it may not be accessible or user-friendly for typical developers or system administrators. QSFS has been developed to bridge this gap and provide a more approachable storage solution.
### Introducing QSFS
A filesystem utilizing Zero-Stor as its backend. Metadata is safeguarded to prevent loss, inheriting Zero-Stor's benefits and simplifying usage for developers and system administrators.
The filesystem is always deployed in one location, data is distributed (using zero-stor) across multiple sites for unparalleled reliability.
Metadata redundancy is included. While not consistently synchronized in real-time, the system allows configuration of consistency levels. Typically, the decentralized state may lag by up to 15 minutes.
This filesystem can be mounted under various storage-aware applications, such as backup servers, file servers, or S3 servers, enhancing versatility.
### Benefits
- Inherits the advantages of Zero-Stor, including enhanced data security, efficiency, and scalability.
- Provides a user-friendly interface for seamless integration with a wide range of applications.
- Offers considerable scalability capabilities, although not unlimited in scale.
- Achieves reasonable performance data transfer rates of up to 50 MB/sec, particularly for larger files.
- Can scale to about 2 million files per filesystem.

22
docs/key_innovations_overview/storage_inno/storage_inno.md Normal file
View File

@@ -0,0 +1,22 @@
---
title: Storage Layer
sidebar_position: 1
---
![](../../img/storage_inno.png)
# Storage
| | ThreeFold Storage Layer | Overlay Storage Systems |
|-----------------------------|------------------------------------------------------------------------------------------|-------------------------------------------------------------------------------------------------------------------------|
| Quantum Safe | Yes, novel encoding system (not encryption based) makes impossible to hack data. | No |
| Post Quantum | Possible (ask us) | No |
| Scalability | Yes, this system exists +10 years, is being used by large orgs for zetabytes. | Some systems, most not, but centralized. |
| Compatibility | Yes thanks to filesystem approach | Depends, often not |
| Backdoors | NO, all is based on opensource | ? |
| Performance | Is not a super fast system but good for most cases, +- 100 MB / sec per content creator. | Variable, hard to say, some are |
| Efficiency for redundancy | Ultra efficient, only 20% overhead to allow 4 locations to go down | NO, sometimes +5 copies = 500% |
| Fully integrated in compute | Yes | Lots of different solutions |
| Management | Full P2P, done by 3bot Agents, blockchain IT contract | Centralized leading to security issues |
| Locality | Data can be local and sovereign, full control by the the user (data creator) | Based on centralized control mechanisms or inefficient algorithms that route traffic indiscriminately across the globe. |

13
docs/key_innovations_overview/storage_inno/zstor_innovation.md Normal file
View File

@@ -0,0 +1,13 @@
---
title: Quantum Safe Filesystem
sidebar_position: 3
---
## Zero-Stor : A Quantum Safe Backend Storage System
Zeros-Stor is a quantum safe backend storage system that use efficient algorithms to ensure maximal use of storage.
![](../../img/qsss.png)
!!wiki.include page:zstor_innovation_short