Michael Astashkevich, CTO @ Smart IT (left) and Alex Solovyev, software engineer @ Smart IT (center)
When you walk into the Smart IT office, you notice a huge check for 2 ETH. Obviously, it is only representative and cannot be cashed in. It was awarded for the best MVP developed over the course of two days at the International Blockchain Hackathon.
This prompted me to dig deeper and find out what the abbreviation DVPN (originally erroneously spelled DVPM) stood for. What followed was an interview with our CTO, Michael, the smiling gent on the left, in the photo.
So, what’s the simplest definition of what a VPN is and why would anyone use it?
- Well, as the name might suggest (laughs) it's a Virtual Private Network. Basically, it's a network of virtually connected computers where one computer can connect remotely to another computer, in order to send and receive data between a public network on its behalf.
This tunneling of data normally means data is encrypted and therefore cannot be captured by third parties. It also means private data cannot be intercepted and traded or sold off for profit by said parties. Apart from security, it also allows users to bypass geolocation restrictions imposed by an Internet Service Provider (ISP), which assigns your IP address and retrieves the information from the site you are trying to access.
What’s the difference between an ISP and a VPN in this case?
- Much like an ISP, a VPN company will have several servers that will route a user’s information to the public network with added encryption. On its own, an ISP can identify the data back to its sender. The ISP will also know what VPN service you use, while the VPN service itself knows everything about your traffic. This raises the question of how much you trust your VPN provider versus how much you trust your ISP.
At the end of the day, that trust is defined by the authority behind the service. The ability of either to monitor and access your data is a question of regulation. At the state level, some ISPs are obligated by law to collect and store your data for several years. Not all countries enforce this though.
Is this how the idea of a Decentralized VPN or a DVPN came about?
- The idea of decentralized communication is not an unexplored one. Tor has allowed users to exchange data on a peer to peer basis for a long time now. As blockchain was gaining hype, its application to online communication was slowly being tested.
I was originally working on improving the Tor distributed system. Only after the hackathon did I come across Orchid Labs, who were working on a decentralized virtual network.
Orchid recently announced a full launch in early December of this year, did you know that?
- Oh, wow, have they? It’s been some time since I last followed their work, but even a year ago, their math and their incentive model made a lot of sense.
Working on Tor, I wanted to tackle some of the security issues, as well as the incentivization models, inherent to the network. At the time, I thought that Orchid proposed an elegant, yet difficult solution.
They put forward the idea of Probabilistic Micropayments using a blockchain solution. Users would pay the virtual network provider and the chain would distribute that payment as tokens to devices running a node (author’s note: a node is synonymous with a computer or server that offers up its processing power).
What kind of drawbacks does a DVPN run into?
- Less a drawback and more a natural result of decentralisation the product would not be controlled by anyone in particular. The provider would only control the software repository.
As for privacy, even blockchain-based transactions are not untraceable. This leaves the data surveillance question open, even with what may sound like a more secure solution. The more devices in the routing chain though, the harder it is to pinpoint the information back to the sender.
Service providers also need to address the threats of Sybil attacks - colluding nodes or virtual manipulation the network’s reputation system, which increases chances to decrypt user traffic by raising chances of owning both the first and last node in the chain.
In addition to that, because tokens are exchanged in an open market, their price is determined by supply and demand. Like it or not, open markets can be manipulated, making economic security relative.
The million dollar question is how does a DVPN provider earn money?
- By creating a digital virtual private network product and running an ICO for the tokens to be used by the network, the service provider builds liquidity. The tokens can be sold directly to investors or the public, and the resulting funds can go towards company expenses.
The provider would profit from increasing demand and therefore price for its token, while owning a lot of it initially. After all, it's up to them how many of all the tokens to offer up for sale. As the value of the token increases, so will the hypothetical amount they can receive by, for instance, converting the tokens to ETH.
Can you build a business by offering a DVPN product?
- After the product goes to market and the team is left with controlling the repository, you still have the actual team. These are people with vast know-how and experience, who’ve managed to secure a certain share of the market. All this can be leveraged elsewhere and the business can transform and adopt new models of operation through penetrating into or taking over new markets.
Of course, any provider will need to address security, scalability and incentives first.
(The culprit of this post)
The concept of a DVPN was relatively new in 2018. So much so, that some would even misspell the abbreviation. Luckily there’s nothing a few smart engineers could not fix.
