 Hi, thank you I'm very pleased to talk today. So in such a great room, there is so many people waiting outside It's really an honor. Thank you for the front says for making this possible Today I will talk about a project. I really like and I think that can change the way we use the internet Before that, just a quick word of introduction about myself. So my name is Gilda Chabot. I'm working in Paris for a big French website called Le Bon Coin We are doing go there, but this talk is really not about what I'm doing there So just a quick overview of what we will talk about. The project I will talk to you about is Upspin First of all, why are you talking about Upspin? Why does Upspin exist right now? Then we'll have an overview of how it's working and then we'll see what we can do in practice with it Just as a regular user or as a go developer and then we'll have a quick conclusion So why Upspin? So Upspin is the new project from Rob Pike I guess most of you know who Rob Pike is, but maybe not all of you He's the husband of René French, the creator of the gopher So last year there were two posts about Upspin The first one was published on the Google security blog last February, introducing the concept And then in last October there was the original manifesto that Rob Pike wrote eight years ago And that's where I heard about it and that's where I found in love with that project So the reason behind Upspin really is the information silo architecture that we've fallen into slowly The premise of the modern world, of the modern web was remixability and creativity But actually we have been moved into databases that we cannot access and that we cannot control We have become dependent on the apps of the storage providers that we use And we are really dependent on what these people are willing to offer us I think we have lost quite a lot along the way, just to quote a few ones I think we should be able to use our data with any apps that we want Especially the one that we developed for example And I think it should be very simple to share any kind of data with anybody we want It's funny for me to think that it's not easy to just create a public website just from a note that you have on Evernote or anywhere And from a couple of Google photos or something like that I think it should be trivial Another problem with that is the actual apps Developing something like Google photo is really something complicated And yet every new storage provider is trying to redo the same photo viewer and this kind of thing And I expect them to fail because they don't have the years of development of Google photo for example Storage and application should be two different businesses and we should keep them separated So the model that Upspin is pushing is a model with data at its core And the apps are just coming next The apps are just like regular users playing with data, reading and writing to it It's by no means a new approach, it's exactly what a local file system is But it's something that we've never truly had in remote systems And it's something that is being taken away for example on the mobile devices So the two basics that Upspin is offering is universal naming and access rights So every file has a global identifier that you don't need to worry about sharing with other people So it starts with the mail of the person that owns that file And then it's just a regular Unix-like path And the access control about it is another thing that comes with Upspin that you should consider solved And stop wondering about it So let's have an overview of how it actually works The most important thing about Upspin is actually the protocol And as you would expect coming from Rob Pike it's very simple So it's just three interfaces for a total of eleven methods And that's really all you need to know for building any system that works with the rest of the Upspin world Still there is a need for a proof of concept for reference implementation And that's exactly what the Upspin team has been doing for the past years So there is a reference implementation for all the clients and servers And also there is a collection of tools that add some of the basic functionalities to Upspin So Upspin is really built around Go And the best reference is actually the Go code And for the definition of the protocols it's basically the interfaces from the Upspin protocol So very quickly the key server is just looking up and updating user information And the store server is basically the same thing but with data The dear directory server is a bit more complicated I won't go through all of them but that's where the global name is done And then you have some other functions but I won't get through them So for example, if you need to develop, well basically for the global use You don't really need to know how it's happening behind, what is happening behind But for example, if you are making a server from scratch then you really need to know how it works behind So let's quickly see how we can get a file for example So the first step is with the key server So you do a look up for the user and what you get in exchange is just the user public key And the directory server address So that's for the user part, then the next part will be the look up of the file So then at that point, the previous key server is just one key server for the whole Upspin So that's a known address, key.upspin.io But then here you are contacting the directory server of the user, the information that you had just previously Looking up a file will give you back his name, his metadata and references and store server addresses That's actually where the first access control is checked The directory server, at least in the reference implementation, will check that you have rights to ask for the store references And then you can just get the reference, so most of the time it's just a hash And then the store will just give you back bytes Most of the time these bytes will be encrypted So you need to have the key and you'll have the key only if you can access this file Another example, for example, listing a directory This is an operation that you do only with the directory server And then it will return a list of names and metadata and reference to store just as before What you need to know is how to control the sharing So Upspin defines an access file When you place this file in the directory, then this access rights will apply to all the files of that directory And also of the files in the sub directory if no other access file is uncontrolled This access file is stored in the directory server and is heavily used by the directory server To wizard information if the user that is requesting the file doesn't have the rights And then the access control at the store level is done through keys Basically you create a version of the secret key per user that is supposed to access the file So just a note, it's not a network protocol Some misunderstanding about Upspin sometimes is that it provides a special way to share your data from your computer Or this kind of thing like IPFS would do, for example But this is just a protocol, it doesn't define how your server should be accessible So you need to have a public server and HTTPS is mandatory So let's see how you can use it as a user So there are two steps in the setup First one is signing up the user, so it's basically creating your key pair and verifying your email All of it is just putting a new user into the key server and then you need to deploy your server So it's installing the directory and store servers on your host and makes them accessible to the internet The best way to do is to use Upspin UI So you can download it from the official website or just install it with GoGet if you have a special system So the first time you open it, you will have the sign up wizard It's very nice, you can just type in your email and stuff Well then it creates your keys and it sends you just one email That's the only time they will use the email for just verifying that you own the email at that point The second step is a bit more complicated, but there are some nice wizards to do it So in the future, well Upspin is really early stage, so right now this is quite, it's not very simple Especially for a wide audience, but in the future it's most likely there will be some server providers And there is already one that is building, it's called Django, it should be live soon Today you can just deploy your server into one of your servers Or you can also use the Google Cloud Platform Everything is done from Upspin UI and it's all deployed automatically Also you can just use Upspin as a read-only mode So at the end of the setup, this is what happens to your PC So you have this configuration file that is created So it's just the configuration of what user you're using And what are your Deer and Store servers And also in your .ssh folder you will have the electric keys that are created So all these files will be used by your Upspin clients running locally You have just a word about the key server, the logs are public So here are what you can see on the website So this is the first sign up You can notice the new directories and store servers And this is the second logs with the actual server that I created So now just some of the tools that you can use straight away The most common is Upspin FS So you can just install it as all the other tools And it just mounts a folder on your machine So from this you can access your own files But you can also access anybody's file For example, Rob Pikes says his lightroom and iTunes library with Upspin FS And the goal is to mount your whole home directory Well then these two other tools are useful You can install them the same Upspin UI is the web file explorer And Upspin is just a general command line interface with a lot of commands Some unofficial tools For now there is really not a lot But I expect more coming in the future So for example you have a browser And this is a music player I've done and that I'm using actually daily now So how does it play as a developer? So let's build a client app A client app is an app that accesses data through Upspin It uses the client interface that the official library is using It gives you a lot of helper functions Basically it can do everything about reading, listing and writing data So it reads the conf and key files that we've created before And it's the part of your app that will access Upspin So for example, here are some IDs for clients Maybe something that synchronizes the photos that you have on your phone This one will be right only into your Upspin data Maybe a photo gallery to see your files A sharing organizer and this kind of thing And maybe a photo editor to do some little tweaks on your photos So here are the different steps that you need for creating it It's actually very simple So for example if you want to make an application that just reads into Upspin And just serve it through HTTP Then you just need to initialize your configuration Then create your clients And then in your handle func you will just open the file and copy it straight away So it's very simple So the best way for initializing the configuration is to load it from a file So just the same file as the one I showed you before And then the client just takes the configuration file That was actually the hardest part of the code The rest is very simple So this is just a classic HTTP handler And the only thing is that you can see the client that opens And then the rest is just known Yeah of course there should be probably some better error ending To know if the, because here it's just a not found But maybe the information is withheld Or maybe it's a network error So yeah listen and serve and serve So just with that part of code It compiles everything and everything And then you can just try out some of the files that are accessible And yeah straight away it will work with any of the Upspin files that you can access So it's a very easy way to make application that can play with data And yeah from now on you can already, there is a lot of other things that you can do with it Like list all your files, maybe filter some of the files, transcode on the fly And this kind of thing The other thing that you can build are the server and storage So a server app is something that implements the directory and storage servers Of the Upspin protocol And that's all The rest is you are just free to do whatever back end you want So you can check the access control if you like And then any data source of your choice It can be just a link to another Upspin server Or maybe it can be the Github API for serving Github issues or this kind of thing The storage is also something that is very... The server is hard to implement actually But the storage is something quite easy to do It's just the low level implementation of how to store reference data So there is already a lot of implementation with S3, Google Drive, GCP and this kind of thing If you want some example of this kind of implementation The best is to go to the official repose So for example in the experimental repose you have an issue server Or you can see the Dropbox storage for example So as a conclusion Never before we had so much of our life on digital support And I think there are more and more projects that want to use sensitive data For example medical data I think we really need to get back the control on who access our data And we should stop trading privacy for usage Another thing I wanted to say is that the computer world Assumes that the wide audience is just getting dumber And file systems have been hidden from the mobile devices and this kind of thing And the data and services are just hidden behind limited apps That are really focused on consumption I think we should give back complexity to the wide audience Because accessing files and sharing data and this kind of thing are not complex operation And I believe everybody should be able to deploy their own website for example And I want to give great UX to everybody And I think the key point here is collaboration Doing the service together And I think Upspin can be a centralized way to have all our applications using the same storage And we'll just be compatible between each other So I think for example a photo viewer application can be really general And we don't care about how the data is stored behind It just needs to use Upspin and then we can work together, I believe So yeah, that's all for me if you have some questions No, I didn't hear about unhosted The project I really liked before that was Cosy Cloud Which also had data as a center Oh sorry, so the question was there are some other projects that want to do the same thing Such as unhosted, right? Well that's a big discussion in the Upspin community There are some issues on GitHub about this The Upspin team is always answering that the combination of universal security And the shareable aspects of Upspin are kind of unix What I like is the ambition of Upspin and also the simplicity of the interface Yeah, I think the most important thing is to have some storage provider Well some Upspin provider that can create you servers for people that know about IT Or even non-IT people too And yeah, I don't know, to have some nice apps I think an easy, maybe a transition would be to create some Upspin servers That can just plug onto already existing systems Such as Facebook or Google Photos or this kind of thing And yeah, if it can be transparent and if you can just access your Google Photos Or your Facebook feeds through Upspin Without having to deploy your own servers and this kind of thing Then maybe it can be the killer feature that would spark the widespread adoption But already, I'm just using it for myself right now And it's already quite nice But yeah, I think everybody here will be even better for sure Now giving permission is only for the owner of the directory And then you can choose what kind of permission you want to give Just like read, list or write But you cannot only the owner of the directory can modify the access Yeah, exactly We're out of time Thank you Round of applause