| 1 | What Is It? |
|---|
| 2 | ----------- |
|---|
| 3 | |
|---|
| 4 | A file's capability is derived from two pieces of information on |
|---|
| 5 | upload: The content of the file and the upload node's "convergence |
|---|
| 6 | secret". By default, the convergence secret is randomly generated by the |
|---|
| 7 | node when it first starts up, then stored in the node's base directory |
|---|
| 8 | (<Tahoe's node dir>/private/convergence) and re-used after that. So the |
|---|
| 9 | same file content uploaded from the same node will always have the same |
|---|
| 10 | cap string. Uploading the file from a different node with a different |
|---|
| 11 | convergence secret would result in a different cap string—and in a |
|---|
| 12 | second copy of the file's contents stored on the grid. If you want files |
|---|
| 13 | you upload to converge (also known as "deduplicate") with files uploaded |
|---|
| 14 | by someone else, just make sure you're using the same convergence secret |
|---|
| 15 | as they are. |
|---|
| 16 | |
|---|
| 17 | The advantages of deduplication should be clear, but keep in mind that |
|---|
| 18 | the convergence secret was created to combat snooping. For example, with |
|---|
| 19 | a convergence secret and a file, I can generate a file capability that |
|---|
| 20 | would allow me to determine that you have uploaded a file to the grid. |
|---|
| 21 | This isn't a big deal for things that are personally produced, but is a |
|---|
| 22 | big deal for commonly known things that you want to keep secret that you |
|---|
| 23 | know about. Examples would be a Bible in China or The Anarchist's |
|---|
| 24 | Cookbook at the High School that I went to. Here's the details of the |
|---|
| 25 | origin of the convergence secret: `Convergence Secret Justification`_ |
|---|
| 26 | |
|---|
| 27 | .. _`Convergence Secret Justification`: |
|---|
| 28 | https://tahoe-lafs.org/hacktahoelafs/drew_perttula.html |
|---|
| 29 | |
|---|
| 30 | What If I Change My Convergence Secret? |
|---|
| 31 | --------------------------------------- |
|---|
| 32 | |
|---|
| 33 | All your old file capabilities will still work, but the new data that |
|---|
| 34 | you upload will not be deduplicated with the old data. If you upload all |
|---|
| 35 | of the same things to the grid, you will end up using twice the space |
|---|
| 36 | until garbage collection kicks in, if it's enabled. As one user put it, |
|---|
| 37 | it would move the node where you change the convergence secret into a |
|---|
| 38 | new deduplication domain. |
|---|
| 39 | |
|---|
| 40 | How To Use It |
|---|
| 41 | ------------- |
|---|
| 42 | |
|---|
| 43 | To enable deduplication between different clients, **securely** copy |
|---|
| 44 | the convergence secret file from one client to all the others. |
|---|
| 45 | |
|---|
| 46 | For example, if you are on host A and have an account on host B and you |
|---|
| 47 | have scp installed, run: |
|---|
| 48 | |
|---|
| 49 | *scp ~/.tahoe/private/convergence |
|---|
| 50 | my_other_account@B:.tahoe/private/convergence* |
|---|
| 51 | |
|---|
| 52 | If you have two different nodes on a single computer, say one for each |
|---|
| 53 | disk, you would do: |
|---|
| 54 | |
|---|
| 55 | *cp /tahoe1/private/convergence /tahoe2/private/convergence* |
|---|
