3 We are pleased to announce the release of version 0.4 of
4 Allmydata-Tahoe, a secure, decentralized storage grid under a
5 free-software licence. This is the follow-up to v0.3 which was
6 released June 6, 2007 (see [1]).
8 Since then we've made several improvements, including:
10 * Add encrypted, mutable directories, so that you can organize your
11 files into directories, change the contents of directories, and
12 share your directories with your friends, without thereby sharing
13 your directories with anyone else -- not even with the owners of
14 the servers that host your directories.
16 * make it so that web browsers can connect to the Tahoe node securely
17 with https (ticket #55)
20 For complete details, see this web page which shows all ticket
21 changes, repository checkins, and wiki changes from June 11 to today,
24 Allmydata-Tahoe v0.4 is incompatible with v0.3 due to the new
25 encrypted directory structure, among other things. (Note that this
26 applies only to directories -- individual files uploaded with v0.3 are
27 probably downloadable with v0.4.)
32 The source code that we are releasing is the current working prototype
33 for Allmydata's next-generation product. This release is targeted at
34 hackers and users who are willing to use a minimal, text-oriented web
37 This software is not yet recommended for storage of highly
38 confidential data nor for important data which is not otherwise backed
39 up, but it is useful for experimentation, prototyping, and extension.
41 This release of Allmydata-Tahoe is suitable for Use Case #2: "groups
42 of friends who want to share backup and file-sharing" (see the wiki
43 page "UseCases": [3]). It is easy to set up a private grid which is
44 securely shared among a specific, limited set of friends. Files
45 uploaded to this shared grid will be available to all friends, even
46 when some of the computers are unavailable. It is also easy to use a
47 public grid, but to encrypt individual files and directories so that
48 only intended recipients can read them.
53 Tahoe is offered under the GNU General Public License (v2 or later),
54 with the added permission that, if you become obligated to release a
55 derived work under this licence (as per section 2.b), you may delay
56 the fulfillment of this obligation for up to 12 months.
61 This release of Tahoe works on Linux/x86, Linux/amd64, Mac/Intel,
62 Mac/PPC, Windows-native, and Cygwin.
64 To install, download the tarball [4], untar it, go into the resulting
65 directory, and follow the directions in the README [5].
70 Once installed, create a "client node". Instruct this client node to
71 connect to a specific "introducer node" by means of config files in
72 the client node's working directory. To join a public grid, copy in
73 the .furl files for that grid. To create a private grid, run your own
74 introducer, and copy its .furl files. See the README for step-by-step
77 Each client node runs a local webserver (enabled by writing the
78 desired port number into a file called 'webport'). The front page of
79 this webserver shows the node's status, including which introducer is
80 being used and which other nodes are connected. Links from the status
81 page lead to others that give access to a shared virtual filesystem,
82 in which each directory is represented by a separate page. Each
83 client node also has a separate (non-shared) virtual filesystem. Each
84 directory page shows a list of the files available there, with
85 download links, and forms to upload new files.
87 Other ways to access the filesystem are planned: please see the
88 roadmap.txt [6] for some rough details.
93 Please join the mailing list [7] to discuss the ideas behind Tahoe and
94 extensions of and uses of Tahoe. Patches that extend and improve
95 Tahoe are gratefully accepted -- roadmap.txt shows the next
96 improvements that we plan to make and CREDITS lists the names of
97 people who've contributed to the project. You can browse the revision
98 control history, source code, and issue tracking at the Trac instance
99 [8]. Please see the buildbot [9], which shows how Tahoe builds and
100 passes unit tests on each checkin, and the code coverage results [10]
101 and percentage-covered graph [11], which show how much of the Tahoe
102 source code is currently exercised by the test suite.
107 Each peer maintains a connection to each other peer. A single
108 distinct server called an "introducer" is used to discover other peers
109 with which to connect.
111 To store a file, the file is encrypted and erasure coded, and each
112 resulting share is uploaded to a different peer. The secure hash of
113 the encrypted file and the encryption key are packed into a URI,
114 knowledge of which is necessary and sufficient to recover the file.
116 To fetch a file, starting with the URI, a subset of shares is
117 downloaded from peers, the file is reconstructed from the shares, and
120 A single distinct server called a "vdrive server" maintains a global
121 mapping from pathnames/filenames to URIs.
123 We are acutely aware of the limitations of decentralization and
124 scalability inherent in this version. In particular, the
125 completely-connected property of the grid and the requirement of a
126 single distinct introducer and vdrive server limits the possible size
127 of the grid. We have plans to loosen these limitations (see
128 roadmap.txt). Currently it should be noted that the grid already
129 depends as little as possible on the accessibility and correctness of
130 the introduction server and the vdrive server. Also note that the
131 choice of which servers to use is easily configured -- you should be
132 able to set up a private grid for you and your friends almost as
133 easily as to connect to our public test grid.
136 SOFTWARE ARCHITECTURE
138 Tahoe is a "from the ground-up" rewrite, inspired by Allmydata's
139 existing consumer backup service. It is primarily written in the
140 Python programming language.
142 Tahoe is based on the Foolscap library [12] which provides a remote
143 object protocol inspired by the capability-secure "E" programming
144 language [13]. Foolscap allows us to express the intended behavior of
145 the distributed grid directly in object-oriented terms while relying
146 on a well-engineered, secure transport layer.
148 The network layer is provided by the Twisted library [14].
149 Computationally intensive operations are performed in native compiled
150 code, such as the "zfec" library for fast erasure coding (also
151 available separately: [15]).
153 Tahoe is sponsored by Allmydata, Inc. [16], a provider of consumer
154 backup services. Allmydata, Inc. contributes hardware, software,
155 ideas, bug reports, suggestions, demands, and money (employing several
156 Allmydata-Tahoe hackers and allowing them to spend part of their work
157 time on the next-generation, free-software project). We are eternally
161 Zooko O'Whielacronx and Brian Warner
162 on behalf of the Allmydata-Tahoe team
164 Boulder, Colorado and San Francisco, California
167 [1] http://allmydata.org/trac/tahoe/browser/relnotes.txt?rev=790
168 [2] http://allmydata.org/trac/tahoe/timeline?from=2007-06-29&daysback=17&changeset=on&ticket=on&wiki=on&update=Update
169 [3] http://allmydata.org/trac/tahoe/wiki/UseCases
170 [4] http://allmydata.org/source/tahoe/tahoe-0.4.tar.gz
171 [5] http://allmydata.org/trac/tahoe/browser/README?rev=844
172 [6] http://allmydata.org/trac/tahoe/browser/roadmap.txt
173 [7] http://allmydata.org/cgi-bin/mailman/listinfo/tahoe-dev
174 [8] http://allmydata.org/trac/tahoe
175 [9] http://allmydata.org/buildbot
176 [10] http://allmydata.org/tahoe-figleaf/figleaf/
177 [11] http://allmydata.org/tahoe-figleaf-graph/hanford.allmydata.com-tahoe_figleaf.html
178 [12] http://twistedmatrix.com/trac/wiki/FoolsCap
179 [13] http://erights.org/
180 [14] http://twistedmatrix.com/
181 [15] http://allmydata.org/trac/tahoe/browser/src/zfec
182 [16] http://allmydata.com