Sentinel
Sentinel is an interoperable secure network layer offering the Sentinel Service Chain exclusively for distributed & decentralized native services like - dVPN, Sentrix (dChat and dVoIP) and more.
Install / Use
/learn @sentinel-official/SentinelREADME
Sentinel - Lite Paper
Create Public & Private Networks and participate in a Marketplace of distributed Resources powered by dApps
Sentinel Service Chain
The Networking Layer for Distributed Services
Motivation
The first step in executing the vision was to create a strong bandwidth incentivization and resource monitoring protocol. In order to work towards completing this foundation step Sentinel has launched a prototype of a VPN client with the intention to facilitate the monitoring, and incentivization of data between a host node and an end user.
Based on interoperable blockchain technology, Sentinel Network aims to utilize multiple blockchains to provide the following services.
Features of the Sentinel Network
-
Distributed, no node stores complete data
-
Data retention on the network is minimal as it is incomplete. Whatever each node owns is hashed and viewable only by the owner.
-
User identification data is stored on a separate chain. (AUID) This is discussed further down in the paper.
-
BFT based consensus using the TenderMint Consensus Engine; capability to work even with greater than 2/3<sup>rd</sup> of the nodes failing
-
Any attacks on the network will trigger auto-scaling and network re-location, isolation of affected nodes.
-
-
Developer friendly SDK
-
Quick testing and implementation as physical resources are provided by service nodes unlike very expensive, resource-intensive central servers.
-
Easy to access end-use. Services/Apps can be traded on the market.
-
-
Uses a single desktop/mobile client to connect to all services.
-
Currently uses a single point of access to streamline services.
-
This might be separated in the future.
-
Users can be incentivized if they become Service Provider nodes and maintain a good reputation
-
AUID (Anonymous user identification) which is discussed further on in this paper, employs a reputation based incentivization.
-
dVPN is the first implementation of Native Services an
-
Developers can implement the Sentinel SDK in their own applications.
-
Can sell and trade applications and resources on the Sentinel Services Marketplace.
-
-
Architecture of Sentinel
Sentinel employs what is called a multi-chain architecture and is resourceful to secure data exchange between people and applications - Legacy, Enterprise Apps, Mobile Apps and dApps (meaning, the ability to handle centralized and decentralized applications is native to the protocol). The network solves problems with infrastructure and scaling, thereby achieving production level speed of transaction by implementing:
Multi-Chain Architecture
-
Identity Chain - An Anonymous User ID (AUID) is created and stored in an independent chain which interacts with the other chains to provide access to Services on the Service Chain and for payment processing on the Transaction Chain.
-
Service Chain - Secure Tunneling of Data with a Underlay and an Overlay Relay Network. Governance will be implemented on top of the Service Chain and a peg Token, called Sentinel Service Token ($SENT-SST) will be the Utility token used for Transactions in the Service Chain.
-
Payments and related processing of sending transactions to the Sentinel Transaction Pool and so on is handled by the Sentinel Transactions Chain.
Identity Chain & Anonymous User ID (AUID)
-
AUID will be the single source of access for all Services on the Sentinel Network
-
The network will be governed by Reputation. Higher the reputation,easier the access to Services and Master Nodes.
-
The network has monetary incentivization for good behaviour where, higher reputation will mean higher the potential to earn.
-
AUID doesn't store any information unless needed and provided by the Users themselves.
-
Solves the problem of a single point of failure by distributing the AUID ledger across the Sentinel Node Network
-
Bad actors risk reduction in Reputation if they engage in spamming or malicious activity
-
The distributed consensus mechanism of the network quickly and effectively recognizes compromised ID’s. Auto mitigation solutions will kick in to make the network isn’t affected
-
Efficient Application specific identity management
Sentinel Service Chain
Sentinel Security Suite
The Sentinel Security Suite is a set of products that are developed by the Sentinel community and core team and functions utilizing protocols and Sentinel Network SDK.
Secure Access - dVPN
A decentralized Virtual private network powered by blockchain technology. The dVPN (decentralized Virtual Private Network) is the first use case built on the blockchain with an extremely distributed network topology with nodes spanning across continents. Each node can either be a desktop/laptop computer, mobile phone or even a server on the cloud. A ledger of packet/ data transactions are stored on the blockchain with a ‘Proof of Traffic’ consensus system, which incentivizes users primarily for the bandwidth served and monetizes any unused bandwidth that they may declare on the Sentinel Network.
A working version of the Sentinel Desktop Client (currently in alpha) can be found on the releases page of the GitHub profile.
NOTE : This version is only a proof of concept and is meant only for Testing the functionality of the dVPN and the resource incentivization protocol (with dynamic node pricing). Use it at your own risk and liability of traffic at the exit node is also upon the host.
We are working towards a fully functional dVPN that we can use everyday to send all of our home traffic through it, but the time is not now.
In case of any issues with the current Sentinel Desktop Client, do let us know by filing an issue on the GitHub Repo or by starting a conversation with the bot and submitting an Issue directly to the bot - Sentinel Support Bot
Roadmap for the dVPN
In addition to the dVPN, Sentinel also plans to work on an image & firmware that’s required to set it up in a box which takes in Ethernet as the input and connects to the router at home/office. This way, all traffic that passes through the router goes through the VPN. This box also helps efficient monetization of network bandwidth as this box consumes a fraction of the power consumed by a PC.
Secure Communication - Sentrix
Sentrix is Sentinels answer to the growing privacy concerns around centralized trust based communication services that store sensitive user information. Facebook, WhatsApp, Google etc fall under this category.
Sentrix is a secure Communication Suite running on top of the Sentinel Service Chain, utilizing the power of decentralized, peer-to-peer network, developed using proven communication protocols like Matrix Communication Protocol (References 1,2)
What does Sentrix comprise of?
- dChat
- dVoIP
Sentrix will operate without a DNS and thereby is completely decentralized, operating only in a peer-to-peer fashion with utmost security using Ratchet Algorithms like OLM and MegOLM & more.
The lifetime of a message on Sentrix is finite. Thereafter, all messages exceeding that finite limit, will be removed from the servers throughout the network. A backup option will be provided as part of the Desktop/Mobile Client, where messages will be encrypted and saved locally. This finite time might initially be decided by the network. Later on, users will have an option to define the same themselves
Implementation of Services on the Service Chain
There are two types of services on the Sentinel Network.
- Native Services
- External / Third Party Distributed Services (centralized and decentralized)
Native Services are developed by the Sentinel Community and will be working towards the successful implementation of the same.
End-to-End encryption with BFT based consensus
One common issue that is raised in privacy and specially, VPN projects or distributed anonymous network projects is the possible presence of bad actors or malicious nodes. While traffic is encrypted between the entry node and exit node and is passed on through various methods of closed tunneling, there is always the question of what if the exit node is malicious and can pick up other networking variables from the User session which could help the malicious actor generate a user fingerprint.
Currently, this issue is addressed by networks like TOR and i2p where there’s a relay of packets and utilizes packet routing techniques to ensure identity of the source and destination is not revealed.
Sentinel is developing a relay network, where participants in the network can choose to be a relay or an exit node on which encrypted tunnels traffic between the VPN paid user and an exit node.
A consensus mechanism coupled with hybrid packet routing
Sentinel will be building a relay network involving the use of governance nodes which will dictate path of packet transmission between user and exit node.
It does this by analyzing different input factors to determine best relay path such as:
- Number of hops requested by user
- Reputation and latency of relays
- Packet Standardization requests
- Ability to choose
- Direct tunneling, relay
Anonymous Mixer
When a user wishes to use the Sentinel dVPN or another service, the user would have to conduct a ‘Service Swap’ by sending SENT to the swap wallet. This event will trigger an ETH smart contract that would issue the user tokens on the ‘Service Chain’ to their predefined addresses.
For Example:
- User A establishes relation between their Chain #2 address to the SENT wallet. U
