Hello Stakely community! We are pleased to join you on this exciting journey and present an AMA about HOPR. If you're interested in learning all the details, we recommend that you read this article to the end.
On February 3rd, we organized an AMA with the goal of providing a detailed view of the technology and overall development of HOPR. We had the participation of the honorable José J. Peréz Aguinaga, Head of Engineering at HOPR, and the usual moderation from Joel at Stakely. At the end of the session, an extra bonus was established: the best question received a HOPR Avado.
Ask Me Anything with HOPR
Introduction
- Joel - Stakely: Hello José, first of all, we welcome you and appreciate you taking the time for this encounter.
- José Aguinaga - HOPR: Hello Joel! I'm very excited to be here. It's a pleasure to be able to talk about the project and answer questions.
- Joel - Stakely: We met in person this morning and I understand perfectly why you lead the architecture team at HOPR.
- José Aguinaga - HOPR: Thank you very much, it was a pleasure to meet you and your team. We're very excited to be able to work together.
- Joel - Stakely: Before we start, I have a personal question for you. What do you think when you see this?
- José Aguinaga - HOPR: You were right, I wasn't expecting it, but that's a good thing!
- Joel - Stakely: I know you're a philosopher about this, so it's your moment.
- José Aguinaga - HOPR: Well, I get excited! On a personal level, it makes me feel like I'm not alone and that the idea of privacy is not just a concept for a company, but an ideology that goes beyond a protocol, a token, a company. For me, privacy is a universal right, something that is as important as the right to shelter or to eat.
- Joel - Stakely: Without a doubt, you are a cypherpunk, it's something you were already working on before HOPR.
Q&A
Joel - Stakely: Alright! Let's start with the questions.
User - Pabilao: Are there equal conditions between nodes run by any user and large nodes in Mainnet?
José Aguinaga - HOPR: The "hardware" capacity, the amount of HOPR tokens stored (stake) in the node, and the node's connectivity (i.e., internet access) are the three factors that define the "size" of a node. The combination of these three factors defines the "size" of a node. If limited hardware has a high amount of HOPR tokens stored, it will have a similar impact to larger hardware with few HOPR tokens.
Joel - Stakely: So there's a balancing algorithm. If you have a reliable node that doesn't disconnect, you'll have more weight than one with many tokens but doesn't have adequate maintenance.
Jose Aguinaga - HOPR: That's right! We're still setting up many things, but you can already see some variables in the code that show how nodes are chosen ("channel strategy").
User - GeorgeST: What is the difference between Holochain and HOPR?
José Aguinaga - HOPR: Holochain! I had the pleasure of meeting them personally in 2017, at a Hackathon in Liechtenstein. To answer the question, Holochain is a blockchain in itself and a development platform for distributed applications. HOPR is a "peer-to-peer" project that provides privacy in message transmission through the use of the Ethereum blockchain (although it can also use other blockchains, which is why we received a grant from Polkadot two years ago to implement HOPR on its blockchain). You can find more information about this in this reference. Since then, we've been working with privacy and identity concepts.
Joel - Stakely: Does this mean we'll have HOPR on Polkadot?
José Aguinaga - HOPR: Not for Mainnet. We may revisit the conversation with the Web3 Foundation in the future. There's still a portion of the code for that version that can be viewed on GitHub. As you can see, we haven't contributed much in recent months, so our focus is primarily on Ethereum.
User - Pabilao: What are the use cases for HOPR?
José Aguinaga - HOPR: The main use case for HOPR is in the medical technology (medTech) sector, where information is sent privately, ensuring that no intermediary has access to that information. One of our main partners is Sedimentum, a company in Switzerland that sends information securely about their sensors and has decided to use HOPR to solve the privacy problem. You can see more information in this video. We're working on the protocol for now, and in the future, we'll explore new applications.
Joel - Stakely: Perfect! But it's clear that a business development phase will be addressed where new applications will be sought, or are you already working on it?
José Aguinaga - HOPR: Unfortunately, due to privacy policies, I cannot provide information on this at this time.
Joel - Stakely: I understand, thank you anyway.
José Aguinaga - HOPR: Currently, we're mainly focused on protocol development. However, we're exploring test implementations with some companies. HOPR is not yet ready for production.
User - Pabilao: What are the differences between HOPR, Marlin, and Nym?
José Aguinaga - HOPR: It's a good question. In our case, we prefer to focus on developing our own privacy technology and model rather than comparing ourselves to other projects. Although I can't speak for the other teams, I can say that Binance invested in HOPR even though Nym was already in their portfolio. We've been making constant releases since last summer, exposing our technology and privacy model. We're unaware if this is the case with Nym. As for Marlin, it focuses more on improving communication efficiency, while HOPR focuses on privacy. It's worth mentioning that there are other projects that have also received investment from companies like Binance, Au21, and Focuslab.
Joel - Stakely: That's right, each project has its own approach and strategy. Any other questions?
User - Ds_3D: Is it possible to hack HOPR?
José Aguinaga - HOPR: We can't claim that HOPR is an attack-free protocol at this time. However, we're auditing the HOPR smart contracts with international security companies and constantly presenting the project at various cryptography and blockchain forums. Additionally, our code is open-source, so we invite anyone interested to inspect it and conduct their own due diligence. We use cryptography similar to that of Bitcoin and Ethereum, and our models use public cryptography, from SSL to SSH.
Joel - Stakely: Very interesting. For those who don't know, the protagonist of Mr. Robot references the TOR network in the series. So when HOPR goes into production, it will be heavily audited.
José Aguinaga - HOPR: That's right! Mr. Robot is an excellent series. By the way, in the first 10 minutes of the first episode, an attack on the TOR network is explained.
Joel - Stakely: Thanks for sharing! Next question!
User - PacoBits: If TOR already exists, what is the advantage of using HOPR? Will it be easy to use for users?
José Aguinaga — HOPR: Let's start with the topic of TOR, which is often quite complicated. TOR has its problems, and one of them is the limited privacy it offers. If the entry and exit nodes are compromised, so is your privacy, as brilliantly shown in an episode of the TV series Mr. Robot.
Furthermore, TOR's security depends on at least one node being secure, whereas HOPR uses a format called Sphinx, which avoids this need. It's nothing new, as Bitcoin Lighting uses it in production.
Another problem with TOR is that it's not sustainable, as after a decade, it has fewer than 7k nodes. This is because running a TOR node is expensive and carries many risks. In contrast, HOPR was able to run about 2k nodes in our last test after just 5 hours, without compromising the network's privacy.
Finally, TOR is not decentralized, as you need to request to be added to the global list to run a relay node. HOPR uses the Ethereum blockchain to organize these agreements through smart contracts, simplifying the process and allowing anyone to access HOPR tokens.
Joel — Stakely: Yes, TOR has its problems, but HOPR seems to offer interesting solutions. Let's move on to another question!
User — PacoBits: Don't you think that since HOPR nodes are part of the infrastructure and also users, it could weaken the system by being physically locatable nodes?
José Aguinaga — HOPR: Great question, Paco! In reality, to ensure the reliability of any decentralized network, it's necessary to have reliable nodes, which can result in a risk of centralization. However, we believe that the network's strength will lie with the users themselves, who through economic incentives will run the node on any available infrastructure. To maintain privacy and security, the HOPR computers we have sold have been done through an external provider, so we ourselves don't know who owns the nodes.
While currently, users are also node administrators, in the future, nodes can be used without having to run one individually. In this sense, we see "genesis" nodes as a highway that other nodes (perhaps browser extensions like IPFS) can use to send information without needing the entire node infrastructure.
Usuario — PacoBits: How is the security of private keys managed in the HOPR node?
José Aguinaga — HOPR: Keys are generated exclusively in the nodes and there is no way to export them, which makes them secure but not very user-friendly. All transactions are signed directly from the protocol daemon, without exposing a key signing interface in any way. Currently, the biggest risk is simply running a command like "withdraw" that sends funds to another address, having exposed the node publicly. To prevent this, we allow the user to define a "strategy" that sets how the node should behave, what transactions it should sign and which ones it should not. Here you can see the key generation code.
Usuario — PacoBits: Will there be trusted nodes or certificates in the network that can be identified as such? Or a reputation system based not only on token participation but also on a node's history?
José Aguinaga — HOPR: Excellent question, Paco. Currently, there is no system of trusted nodes or certificates in the HOPR network. However, we are working on a reputation system that takes into account token participation and a node's history to determine its reliability. This way, nodes with a good reputation can be identified as trustworthy and will be used more on the network.
José Aguinaga — HOPR: As for the quality of the nodes, the HOPR network has no authorized nodes, just like in Ethereum or Bitcoin. Instead, the network cryptographically evaluates and verifies the interactions of the nodes. HOPR nodes "greet" other nodes on the network to evaluate their quality and decide whether to use them. Currently, we are considering other parameters, such as reputation, to define the quality of the node. Currently, we rely solely on their ability to maintain a connection and respond to messages, but there is much to explore in the issue of how to "trust" a node.
Usuario — PacoBits: In case the network is used to commit a crime or hide evidence of a hack, could the DAO propose a vote for the nodes to reveal the message that hides evidence of such an act? Would it be possible to carry out this proposal if approved?
José Aguinaga — HOPR: Good questions! Intermediate nodes cannot reveal any information, even if they are forced to. HOPR uses a cryptographic format called Sphinx, which "encapsulates" each message to the next receiver. To "decrypt" a message, the cooperation of all used nodes would be required, which is unknown to the network itself. We have a diagram that visualizes how the content is "protected" with each "hop" of the package. In summary, the cryptographic nature of the network prevents any message from being decrypted without the cooperation of all used nodes.
Joel — Stakely: Come on, everything is mixed up! It would be impossible to put it back together.
José Aguinaga — HOPR: Exactly! It would be necessary to collude with all the nodes that have sent the packet in the correct order along the route (unlike an entry/exit node).
User — WildLifeblood: Have you considered creating a service that not only allows for the removal of metadata, but also manages it? Are you planning on creating a completely anonymous social network or just offering the possibility of using others with more privacy?
José Aguinaga — HOPR: Well, let's touch on the economic aspect a bit. The truth is that for now, we are not. Our focus is simply on data privacy, not analysis or management. Other projects, like Ocean Protocol, are more focused on the commercialization and management of data than HOPR. We are interested in protecting data, although there are many possible applications, we are not working on them at this time.
Currently, we are focused on the protocol, not any specific application (such as a social network or chat). HOPR's technology is designed to be independent, incorruptible, and indestructible, meaning that any service or project built on top of HOPR would have these benefits. We want to create SDKs and APIs to allow building on top of HOPR and creating applications such as chats, social networks, etc.
Joel — Stakely: Let's start with the basics, I think that's good.
User — WildLifeblood: Have you considered complementing zk-Snarks protocols with smart contracts, truly private chats, and a way to anonymize transactions so that P2P operations have less risk?
José Aguinaga — HOPR: Zk-SNARKs! I am a big fan of the concept of zero knowledge, I gave a presentation in Italy in 2017 about developing zk applications in JavaScript.
Returning to HOPR, zk-SNARKs focuses more on not generating any proof about node interactions. HOPR uses the concept of a Mixnet to make it economically impossible to decrypt those interactions, but does not use zk-SNARKs as such.
In addition, nodes have the ability to create "cover traffic", which is like "junk" traffic that helps "hide" traffic in the rest of the network. This strategy is called "Chaffing and Winnowing".
User — WildLifeblood: How competitive can HOPR be compared to a VPN service or a home-made one? And in terms of anonymity?
José Aguinaga — HOPR: So, VPNs often use many servers managed by a single company that redirect traffic. For example, a VPN may have 10 to 15 servers using different providers and, when you run it, it redirects your traffic to one of them. If many people use the same VPN, then your traffic is invisible to everyone else's, similar to the concept of chaffing and winnowing, i.e., finding something in the straw. In contrast, HOPR is managed by decentralized nodes, which allows for applications such as a VPN using HOPR to be created. However, unlike a VPN, HOPR as a protocol has no single point of failure as long as there are enough nodes in the network running the protocol. Additionally, unlike VPNs, our code is open and runs on the blockchain, so you don't have to trust a third party to tell you if a VPN is good or not. With HOPR, everything is open and nothing is recorded.
User - WildLifeblood: What unique services could be built with HOPR?
José Aguinaga - HOPR: We have not fully explored this topic yet, but more than just communication applications like chat can be built. For example, decentralized online massive multiplayer games could be built on the network. However, the economic focus (and for Mainnet) will be on MedTech for companies in Switzerland. But I would love to build something like this on HOPR (referring to zkga.me).
In the summer, we created a decentralized labyrinth using HOPR. Basically, the HOPR nodes communicated with a robot using an API and it moved, all at the same time. If I had free time, I would like to code something like "HOPR plays Pokemon" on Twitch.tv.
User - Jose: Have you achieved everything you planned when it was just a project? What is HOPR's next step that cannot be done due to technological issues?
José Aguinaga - HOPR: We are still growing and need to perfect many things in the protocol, but we are satisfied with the interest we are generating in the community. We are moved by the response we have received and excited about the future of HOPR. There is still much to do and many things to improve.
User - Hidden Sender (Piz): Why use the HOPR network when there are so many different and free security programs and protocols? Wouldn't it be tempting to attack a network that concentrates all these programs into one? Also, to participate in HOPR, we have to invest in tokens and make micropayments, while other options are available for free.
José Aguinaga - HOPR: That's one of my favorite questions. We believe that all existing privacy models are not sustainable. Currently, someone is paying for services like Signal and TOR, and if the people running them change their minds, these services could disappear. On the other hand, projects like Firefox Send or Protonmail are centralized and could also disappear. The difference with HOPR is that connectivity is within anyone's reach, and if all goes well, although the initial cost of HOPR is equal to zero, maintaining a node on the network will eventually be more expensive than the initial investment. That is our vision, and it will depend on the team and the work that is done to achieve it. In short, we want to make HOPR economically sustainable to support it, and economically unsustainable to attack it.
User - Hidden Sender (Piz): I am somewhat distrustful of the fact that at first the team can decide on the arbitrary amount of data that will be on the network before there is a real saturation. Couldn't this cause fraudulent increases in rewards by increasing false data traffic, which in turn causes an increase in rewards?
José Aguinaga - HOPR: Wow, an important question! This is a critical point that we must address seriously. Currently, all traffic decisions and payment values, costs, and benefits within smart contracts have been established by HOPR and its association. The code and changes are established by people who in the future may decide to "mint" more HOPR and charge more for packets. This would make us an ICO from 2017, which is not our goal.
User - CharlyCnS3: If node holders accumulate more and more HOPR due to compensation and network operation, what would happen to users who want to use HOPR? The token, due to its scarcity, could rise in price, causing users to stop using the service due to its high cost, right? Have you thought of any way to incentivize the average user and not just the nodes? How will high ETH fees affect the HOPR system? What solutions are offered?
José Aguinaga - HOPR: Wow! These questions are very interesting! The token economy has not yet been fully defined. The HOPR Association is a non-profit foundation that will initially establish the parameters. Subsequently, we will look for the appropriate body to design the necessary strategies to prevent the token price from increasing.
Additionally, although nodes use HOPR to maintain channels, users who use the network will also have to pay for its use. Returning to the previous example, if nodes are the highway, users are the cars that use the highway. There will be a "toll booth" to enter the highway. One can make assumptions about the demand for the token in this situation, but if it becomes like ETH, where making a transaction of a value of 0.001 EUR costs 8 EUR, it makes no sense.
Regarding the costs of Ethereum, it is currently difficult to calculate them, but we are exploring layer 2 solutions, such as xDAI and Matic, which we have tested on testnets and which may interest us. However, our main focus is still Ethereum Mainnet, so we continue to work on solutions to reduce costs.
User - Igormartin76: Is the privacy offered by HOPR compatible with the legislation and fiscal control policies that are being implemented? Has the encryption system been designed to deal with the supposed threat of quantum computers?
José Aguinaga - HOPR: Let's keep going! The association that runs HOPR will be regulated by a body that meets all legal and fiscal requirements required by Switzerland. As for the second question, our encryption system uses Sphinx for transfer packets, and the keys are generated using elliptic curves.
The cryptography strategies we use have been designed by our team in collaboration with other researchers and are supported by projects such as the Web3 Foundation, which gives us some peace of mind. In case quantum computing can break our encryption scheme (a Diffie-Hellman), this could also affect blockchains like Ethereum and Bitcoin, so HOPR would be the least of the problems.
There's more!
Don't miss the second part of this AMA with HOPR!
Follow us on our social media!
Stakely | Twitter | Youtube | Telegram News | Telegram Chat | LinkedIn