How long does storj pay SNOs for stored data?

jammerdan · May 25, 2024, 7:29am

You have consent! It is just a different idea to delete pieces without relying only on Bloomfilter.

Again:

The idea is:

Customer deletes file.
File gets transformed into a file with TTL of current date (Basically a TTL gets added to the current file or current TTL gets set to current date)
Nodes receive information that this files pieces have now a TTL and update their expired_pieces.db with the pieces of that file.
Node deletes pieces based on expired_pieces.db on the next run instead of waiting for bloomfilter.

Consent is: Customer deletes file in his client.

Alexey · May 25, 2024, 7:35am

It will remove the ability to restore data on case of a disaster, like a bug with a server-side copy. If there would be no possibility to fix a bug, we likely would be doomed.

In case of a TTL in the piece header specified by the customer there is no risk, because it’s cryptographically signed and thus there must be no way to restore it.

jammerdan · May 25, 2024, 7:50am

Does that also mean that a customer cannot change a TTL of a file he uploaded?

Alexey · May 25, 2024, 7:54am

Of course not. They can only re-upload it with a different TTL. All objects storages works like this, there is no modification, your client always will download the object, allow it to modify, then upload back.

jammerdan · May 25, 2024, 8:05am

I see. That’s too bad. I knew you cannot modify the file itself, like appending content or so. But that you have to download and re-upload it only to change the TTL, that’s bad. So it is technically a new file then with different hash and everything?

Alexey · May 25, 2024, 8:10am

This is not bad, this is by design

exactly.

Toyoo · May 25, 2024, 12:40pm

No, for one of the reasons I linked in my post above—direct deleters conflict with a performant implementation of server-side copying, which is a feature desired by customers.

AWS S3 allows changes to TTL for existing objects, though this is because TTLs aren’t tied to objects, but instead defined by rules called lifecycle configuration stored separately.

jammerdan · May 25, 2024, 12:45pm

Wow. So I wasn’t entirely wrong.
So yes, if it would be possible to change the TTL of a file (or add a TTL to a file that does not have one yet), the deletion of that file maybe could be done by the node without waiting for the bloomfilter.

Alexey · May 25, 2024, 12:55pm

Perhaps. But they cannot handle the modification of the object directly, right?

Alexey · May 25, 2024, 12:57pm

No, we do not have a metadata attached to the bucket (except geofencing), all other metadata is attached to the object.

jammerdan · May 25, 2024, 12:58pm

Would it be possible to change that generally?

Alexey · May 25, 2024, 1:06pm

Perhaps. But for the not involved to the development process it looks like a significant change.

Toyoo · May 25, 2024, 1:17pm

Ok, I’m wrong. They do support per-object retention rules as well separately from lifecycles.

You can modify retention, lifecycle rules, storage class, ACLs, tags. You cannot modify object’s data (except for the versioning support).

jammerdan · May 25, 2024, 1:18pm

Being able to change the TTL without having to reupload the file would be very user friendly.

And if it could be used to make deletion more independent from the bloomfilter then it would be even better.

Toyoo · May 25, 2024, 1:20pm

And there is a workaround to avoid full reuploads when you want to have a new version of an object: if the original object was uploaded with multipart uploads, you can tell S3 to use some of the existing parts and only upload the parts you want changed. This would probably nicely map to our segments/pieces—these are immutable, but could be part of different files.

Alexey · May 25, 2024, 1:25pm

Perhaps it’s supported, see

Toyoo · May 25, 2024, 1:35pm

This is the table you want to refer to: S3 Compatibility - Storj Docs. The relevant missing calls are PutObjectAcl, PutObjectRetention, UploadPartCopy, PutBucketLifecycleConfiguration.

Alexey · May 26, 2024, 4:04am

I got a response from the team regarding your idea from a technical side (not excluding my response about needed possibility to restore from the trash):

we will always have to have garbage collection because nodes may be offline for delete calls. we used to do active deletes but they were too expensive for two reasons:

actually doing the delete node side, which this idea would help mitigate

issuing all of the rpcs to all of the nodes is difficult to do scalably and performantly

the idea doesn’t really help with 2. one thing to keep in mind is that overwrites are also deletes, so deletes happen in frequently during uploads. for those reasons i’ve been of the opinion that we should just make the thing that must happen regardless and captures all of the delete edge cases better and faster, and only do that because you can’t go faster than doing nothing, so go all in on gc

iirc for making 2 better we have tried

uplinks sending the requests

satellite sending the requests

satellite async sending the requests

batching up the requests and satellite async sending

probably more things

and all of them had some challenges

jammerdan · May 26, 2024, 7:44am

Thanks.
Yes it was clear to me that it would not completely eliminate the need of GC because of pieces that could be left behind when nodes cannot fulfill the request for example if they are offline. But maybe to get more nodes to delete data themselves instead of relying on the bloomfilter alone. Basically we are doing this already were files have a fixed TTL.

But maybe if a feature to change existing TTL would already exist or being worked on, which I believe be a benefit for the customer, then deletion performed by reducing the TTL of a file might be an option to think about.

Alexey · May 26, 2024, 7:52am

We did not have a such request so far.