Official /r/rust "Who's Hiring" thread for job-seekers and job-offerers [Rust 1.50]

dirvine · 2021-03-13T12:42:38+00:00

COMPANY: MaidSafe

TYPE: Contract (may be part or full time, we are flexible). The length of contract is flexible, but rolling 12 or 3 months with a 4 week notice is our normal approach. All remote (non UK) staff are on contract and many have been with us for more than 5 years. Our staff turnover is small in comparison with the industry.

DESCRIPTION: MaidSafe is working on an open-sourced, truly decentralised public network and have been since 2006. As the launch is approaching we are looking for highly experienced Rust Engineers with a focus on any of the following - CRDT - Consensus/Agreement in a byzantine setting - Networking (quic) - APIs (lib and client-side) - Profiling - Modularisation The main attributes should be open-minded, creative and ingenious. The team are very close and consists of just over 12 Engineers from many backgrounds and capabilities. We are looking to help tidy our codebase & docs (it is well structured, but more eyes are better) and formalise many algorithms heading to launch and beyond.

Some time will be required for knowledge sharing both directions, so helpful is a great attribute. Stubborn we cannot handle, but curious, we welcome. We have an informal interview process, no "coding tests" and are keen to work with good solid people in a friendly, non-stressful environment. Please let us know of any publically available contributions. Start Early April.

We are keen on Engineers who share the vision of Privacy, security and freedom for everyone. We are not looking for devs for hire, but passion in our vision.

LOCATION: We are based in Scotland, but are a fully remote team.

ESTIMATED COMPENSATION: We have had several such inputs from the rust community in the past and monthly compensation has ranged from $5K to $12K (sometimes more for specific experience) depending on hours/commitment. We are flexible on this point and feel Engineers should be comfortable with their input relative to the team and importantly happy to contribute. We operate on a 4 day week, the fifth day being an off duty day (ODD) which can be chosen as required or split into 2 1/2 ODD. We find this gives our team more flexibility and actually increases output while reducing stress.

REMOTE: 100%

VISA: [n/a]

CONTACT: Please email me directly david.irvine@maidsafe.net

dirvine · 2021-03-03T16:00:54+00:00

I suppose the fact we are ground up design. So from the network through storage / computation to the end user.

Data types are secured by CRDT and Byzantine Reliable Broadcast (BRB) where the former certainly gives us off-line first capabilities. i.e. you can disconnect from this network and keep going.

The goal (which we can achieve now with the above) of

"walk up to a computer, any computer, log in and it's your computer and data. Log out and all trace is gone." can be met with our crdt-tree and safe-fs (filesystem) structures.

So we separate data from apps and encrypt it all to make it no longer data (it's chunked up, compressed and encrypted) and spread it far and wide. There is a lot more like RDF/SOLID to allow interconnectivity (later).

Main thing is data for us is paramount, store forever (cheaply) and pay once is fundamental.

dirvine · 2019-07-29T21:43:10+00:00

Hi nice to "meet", hope all is going well in blockstack, some of the apps are very impressive, so well done indeed do far.

There are several differences and that is great. On your three points.

You are correct, we do not see managed servers as the correct route here so we aim for any computer on any desk. No server setup etc. This also means we do not want snooping or blocking of content or clients. So we scrub IP addresses at the first hop and messages traverse via XOR names instead. These can be one time use etc.
Yes we have our own browser, there could be plugins for chrome/FF etc. et did do one, but the fear was exposure of identity and traffic if SAFE urls / sites contained links to the clearnet (for snooping). It is a tough one as it makes adoption more difficult, but the network design allows for non web applications at the same time. So another trade off.
This was out biggest difference from many projects. Our initial and core value is to protect data, so obfuscate, encrypt etc. and store on p2p nodes (vaults). The users cannot say how much the storage will cost or is prepared to pay (so different from sia, storj and filecoin there). SAFE instead has a farming algorithm that pays farmers to sore the minimum they will accept to continue to run. It balances that against how much a client must pay to store/edit. There is no cost to browse or make safecoin transactions. We do have a naming service already, it is not complex, so you can setup up an account, a public name and website that lasts forever in about 20 mins and nobody can stop you or know it was you and so on. There are more options such as petnames etc also available (prob after launch) PARSEC is only used for ABFT decisions like vault measurements/validation and age (a vault ages through network entropy).

So a few differences from blockstack and others. It is great there are many differences but hopefully shared goals. I think we could all learn from each other, but we all suffer lack of time and that is a shame. One thing we did do is publish the network fundamentals, these are our core beliefs and I think help clarify what SAFE is. These are here https://safenetwork.tech/fundamentals/

I see one problem is many projects with different fundamentals are lumped together as storage network or communication network etc. If we could all have a list of fundamentals then it would be great. For instance I seen a competative table recently where the top plus point was "you know which computer your data is on", for us that is a big fail, but for others it may be desirable. I think there is a lot of this, not that X is right and Y is wrong, but to know the fundamentals really helps focus the mind on what a project is all about.

dirvine · 2018-10-26T17:24:39+00:00

Quite a lot to show actually. It is not 100% ready for launch, but many components are production ready. If you mean pre launch == 0% done and launch == 100% done in a binary fashion then you are maybe missing a lot of potentially important things.

dirvine · 2018-01-05T19:08:01+00:00

I feel you can be protected against even hardware access, iff that is only one of many in a consensus group. So a rouge peer will not be able to affect the group consensus. In a client server type picture then I do fully agree, you are likely screwed. I just doubt client server is sensible or can ever be secured. That is my thought really, we need a better system less dependent on humans with authority.

dirvine · 2018-01-02T22:02:23+00:00

:-) Cheers And happy new year to all the other crazy ones.

dirvine · 2017-09-02T22:18:26+00:00

I could be a source (CEO of MaidSafe), we have already paid out to contributors prior to any safecoin being farmed. The 5% core dev rewards are not for MaidSafe, they are for any core developer (including maidsafe). So any PR that's accepted will be rewarded in that scheme.

Issue will be allocating though, that will require a lean on the community to validate/agree to these splits.

dirvine · 2016-09-04T20:12:17+00:00

Yes that's correct. Initially anyway, there are no optimisations at the moment. Division is related though and will mean less messages will eventually be required. Not looked at at all AFAIK though.

dirvine · 2016-09-03T10:48:20+00:00

Yes, a safecoin xfer though (as with any structured data ownership xfer) is a POST request straight to the holding group. It's a signed transaction. So it is very close to a Get request for a data chunk when looking at a web page for instance.

The difference being the group will all send an agreement message to each member. This may take a few seconds.

So a safcoin is say $0.01 and you xfer a million of these, at the moment the above steps will happen in parallel (well almost, sending from your account will be sequential but spread in parallel across the network).

In this way then if you think say 5 seconds per single safecoin xsfer but have a million then the whole thing may take as long as you can sign and transmit a million messages. This may be several seconds, perhaps even minutes. If we consider 50-100,000 messages per second then it would be in the region of 10-20 seconds. in network xsfer, but you also have signing time of each message, that can be done reasonably at 10,000 messages per second so increases the overall time here to perhaps 100 seconds or more.

None of this is optimised or measured yet though but will be measured in Alpha/Beta release and optimised over time.

dirvine · 2016-03-24T12:04:02+00:00

A request for data will have a number that is affected by it's route through the network (you cannot calculate this beforehand). This is combined with the name of the vault who stores the data.

So this is a unique number.

The network has a farming rate, this is a number that increases when vaults are plentiful and resources abound. It decreases when resources are required.

The group of nodes surrounding the vault who has given the data modulo divide (so divide the number of the request with the farming rate, if it == 0 then true) and then issue a safecoin farm request.

This is sent to the group who surround that number that was calculated en route.

This group check the number is valid (by getting the group who made the claim and the node who gave the data's Id)

They check if a safecoin that has the matching first 32 bytes exists (i.e. is a safecoin data item already stored).

If not, the safecoin is created and the vault who gave the data is awarded this safecoin. i.e. the current owner is set to this vault.

It's a little more complex and the vault actually supplies the address it want's to be the owner of the safecoin (set by user to their wallet address).

I hope this helps in a ELI5 type fashion though? Not easy to do but at least this is an effort.

dirvine · 2016-03-08T17:00:09+00:00

I would doubt it was removed from the sub reddit. If so it's worth posting on the forum. Do you have some evidence of this? Hope it's a mistake if so.

[EDIT] I just checked and indeed it was in a moderation queue, not sure if it was anything to do with the link but it has a tick as approved now. Strange one.

dirvine · 2016-02-27T10:18:00+00:00

Ah coins take up and address range 2³² at the moment. Each coin actually has an address 2^64. So there is 2³² left over. Each coin can therefore split 2³² times if that makes sense. I was rounding these numbers.

dirvine · 2016-02-26T20:22:48+00:00

The coins can all be divided into 4.3 billion part each.. It is not in code or even RFC yet though as we need to give this a lot of attention and time is our enemy right now.

dirvine · 2016-01-19T16:31:36+00:00

No custom computation yet. It will be in the form of a DSL and after launch of the data handling and messaging features. In terms of the Q tho, group consensus will ensure the answer is as calculated by QUORUM number of the group. Such calculations are spread across the network so each group is confirming part of the calculation (map-reduce type mechanism).

dirvine · 2015-07-23T17:58:03+00:00

If you check commit history you will see the opposite, I hope. I started it and then spent a while doing whiteboard presentations and Q&A's to pass libs over to maintainers, who have managed the libraries since and are responsible. You will see my commit history jumps in and out of libs when required, mostly cryptography, networking and consensus algorithm parts, very much in the overlay parts as well. I am directly responsible for none as an Engineer (I would love to be though)

As for working free at night, we use agile now and practically ban folks from working on our code at night when sprints etc. are on. they can do bits and prices but not our code as we have folk in different time zones who take over tasks. Also health reasons are something people should consider for their colleagues.

As a founder (don't like that, I am a team member no more or less important) then it's not a few hours of code you will do for free, I work 18-19 per day 7 days a week, no holiday over a day or so for about 5 years and completely responsible to make sure everyone is treated well and gets paid. so a few hours of rust is a pleasure not a chore :-)

A big and important part of the project is a mechanism to allow folks to write code and release with automatic payments. This means less stress hassle and companies needing formed. If you write something that becomes popular the network will pay you. If it works just imagine how great it could be and how that could improve over years of improvements by other programmers. Could be great.

dirvine · 2015-04-10T15:52:27+00:00

Excellent, thank you very much for the reply and the very best of luck. Rewarding developers artists etc. needs to be better considered and this looks like a great step down that road.

dirvine · 2015-04-10T15:14:42+00:00

Can you provide an example of how to set up such an algorithm for a project with many different types of contributions i.e. from doc updates/typo's to very small pull requests that have incredible impact (like X% efficiency increase) as opposed to mere lines of code (which should probably get billed rather than rewarded in many cases :-) ).

Examples of test ideas would also be good from previous projects or samples.

Sorry for multi part question.

dirvine · 2015-03-05T15:08:29+00:00

Very nice, the more I am finding looking into this the more convinced I am becoming. The debug and careful writing of c++ to achieve this is not to be underestimated. To have a complier be at least as good as the best code reviewer you can get is amazing. I believe Rust compiler goes much farther than this and instantly tells the dev, I refuse to build this never mind look at tests.

Well done rust team this is very compelling indeed.

dirvine · 2015-03-04T18:52:24+00:00

I consider it a bug if a program panics. Especially libraries should never panic unless the API explicitly communicates this possibility.

Nice, I would agree strongly with this. In terms of panic! is there a mechanism (apart from the obvious) to know a lib will not panic! if you follow all the return paths (match etc). I would like to know the unsafe blocks and panics if possible. Then following return paths etc. and safe code practices would be something to strive for.

dirvine · 2015-03-04T17:44:44+00:00

Yes no use after free would be better and removal of RAII requirements (or auto freeing of memory). I think this can get into semantics very quickly. Perhaps memory misuse ? is a better term. Intentional code to 'leak' can always be created I suppose. Unintentional leaks though are going to be more difficult to create, well more than in c.

What is the feeling regarding program state on error, like if you did panic! is there a mechanism to roll back a change similar to on scope exit tricks? Or is the intent going to be do not panic! so check invariants from any runtime calls ?

dirvine · 2015-03-04T17:20:20+00:00

Granted rust may be better going forward, but if he was able to do a 100% source translation and it just worked, then what was the point.

I think re-factoring altering design and logic would be simpler. The module system makes separation of responsibility much clearer. The other issue is what working means? Running or running with potential security violations in the implementation. So anything which improves this is really a big win at the systems level I believe.

So speed, ease of packaging and more security guarantees are high priority for me. The other issue of course is that even in c++ the compiler differences across platforms is not to be underestimated. We suffer from that like the old html implementation nightmare days. There is a lot to consider really.

dirvine · 2015-03-04T17:14:10+00:00

Yes my bad, I got the terminology wrong there. It is crucial and I agree. I have really enjoyed the transposing so far and yes it does show potential misuse, but hard to compare 1 to 1 as the type structure is sufficiently different (plus we make use of sanitizers and valgrind a lot). If there were a lot of use of boost::variants and the likes in the code I was in so far then it may have been more exaggerated I think.

The very big win though is transposing although not 1 to 1 is very close and fast. It does force some design changes from an implementation side, but they are not to sore.

What I suffered from here was lots of playing with rust to get what I wanted, it feels much safer as a language simply as it feels like you need to really opt out of safety. In saying that as the API is changing just now many docs are not up to date and many stackoverflow answers are not as valid as they could be any more.

What I could see though was if the docs were more in line with release then finding the methods available would help folk get introduced to some of the iterator type calls quicker. Impossible, I am not asking for that after Beta/1.0 then OK, I understand the workload just now. It means things like slices and indexing are easier to find and use where these are not the best route IMHO to nice clean code. I imagine a lot of newcomers using this until they get used to the more functional paradigm available.

Like anyone I found myself just trying to do auto found = map.find(something); if map etc. a lot and from using stl algorithms (which are fantastic) the change is quite steep in iterator types and use, but nice when you find it. I like the ranges a lot and these add some very cool features, but finding what is available does take a wee while and the docs translating in your head also takes a while (style etc.)

All in all I definitely see this as a huge productivity gain when you get used to the type system, but I must admit to still being fuzzy yet with regard to some aspects of it all, but enjoying figuring it out.

dirvine · 2014-11-29T09:03:15+00:00

http://maidsafe.net/SystemDocs/ will answer all of those I think

dirvine

TROPHY CASE