Note from the Sia Team: this is a guest post from Goobox, an app built on Sia. Thank you Goobox team for your contribution!

Goobox Alpha is here!! A zero-knowledge, end-to-end encrypted file sharing service that utilizes decentralized cloud network Sia for its storage layer. This spring we plan to release Goobox Pro, a full-featured cloud storage and file management solution. This summer we plan to unveil Goobox API, making it fast, easy and inexpensive for developers and businesses to deploy on Sia.

The main goal of this post is to outline and explain the design architecture that allowed Goobox to utilize Sia and scale our deployment dynamically. But first, we’ll give a little background: the strategy behind Alpha, what our privacy features mean, and why we chose Sia in the first place. In determining Goobox’s launch MVP (minimum viable product), we chose file sharing, a dirt-simple-yet-incredibly-handy utility that is used by millions of consumers daily. Google Drive, WeTransfer, Dropbox and many others collectively handle tens of billions of files annually.

Goobox Alpha will compete directly with these services, but with the additional selling point of being zero-knowledge, end-to-end encrypted and not being dependent on a fault-tolerant centralized storage system.

What is ‘zero-knowledge’ and ‘end-to-end encryption’? Zero-knowledge means that neither Goobox nor any 3rd party has any way of knowing anything about what is contained in a user’s files. End-to-end encryption means files are encrypted before being uploaded from the user’s device, and decrypted locally again after download. Encryption keys (passwords) never leave their browser unless they choose to share it.

To us these are foundational features. Goobox encrypts/decrypts locally on principle.

Why We Chose to Build on Sia

Sia is the only fully decentralized cloud storage platform today. This resonates with Goobox’s privacy-first ethos Price

Let’s review what Sia is, and how it works. Those unfamiliar with Sia might be surprised to learn that Sia doesn’t store any user data itself. None. Instead, Sia maintains and manages (on its own decentralized proof-of-work blockchain) a massive set of “file contracts” between individual data “hosts” and “renters”. By plugging their machines into this storage marketplace, any host with spare storage space/bandwidth can offer it up, at a price they set, and be compensated if they attract renters (and perform up to standard). Likewise, renters such as Goobox can access this storage and bandwidth at prevailing market rates.

Right now on Sia, that rate is very cheap. By creating a global market for essentially unused/underutilized storage and bandwidth, Sia grants renters access to these digital commodities for a tiny fraction of the cost when compared to leading cloud providers. Savings are currently >85% for storage, >95% for bandwidth.

Building on Sia: Technical Challenges and Solutions

One technical challenge that comes along with building on Sia derives from the fact that every host and renter must be running one or more Sia full nodes, which interact with the Sia blockchain that in turn keeps track of who is renting what from whom, and at what price (among many other tasks beyond the scope of this article).

Critically, each Sia node has a storage capacity hard limit. Currently this limit is ~10 TB per node, which for many enterprise purposes, including ours, is not enough. Thus we needed to architect a solution that would enable Goobox to function/scale across any number of Sia nodes, and allow for the automatic addition of nodes as Goobox’s user base grew.

Think of this as organizing multiple Sia nodes into one unified “pool of capacity”, which Goobox’s file system could interact with as if it were a single repository or “folder”. That was our goal. The following is how we achieved it.

Goobox’s array of Sia nodes consists of the following moving parts (see figure below):

Dockerized Sia nodes, attached monitor and log service A stash that backs up the Sia node(s) to an external storage service A k8s service that manages multiple servers running the dockerized Sia nodes A metadata database & authentication service Storage API that communicates between the Sia API and the Goobox file mgmt API

A number of servers run (1) and (2). These servers are essentially servers dedicated to running Sia nodes and providing API access & control to a layer up the stack. These nodes are managed by a kubernetes master node which monitors a number of performance metrics to prevent overloading of each individual Sia node. The master node has the scalability logic built-in to scale to the appropriate number of Sia nodes as demand increases. Each server is tied to a web-service that runs a database and authentication control system which manages communication between the Sia nodes and the user. The web-service furthermore has the ability to upload data chunks to different Sia nodes concurrently, which increases throughput and efficiency.

When a sender wants to share a file through Goobox the following process occurs:

Files get split into chunks and encrypted locally by the browser based on a password supplied by sender Each chunk is routed to a server (selected based on load) and then uploaded to Sia Metadata including to which server each chunk was sent to are stored in a DB A link representing the uploaded files is shown in the browser

When a receiver opens a received link, the app runs the following steps in their browser:

Request metadata via given link; retrieve chunks from whichever server(s)/node(s) holds each Downloads chunks, decrypts them based on the entered password Concatenates chunks and restores the original file Note: Goobox also implements multi-threading upload/download to reduce transfer time

In closing, we would like to say that, although not as decentralized as running your very own Sia node, we think Goobox achieves a solid balance between security, privacy, and usability.

We would like to thank our friends at Sia and their amazing community for their generous support and encouragement this past year. You are awesome!

About us: Goobox is a team of seven adventurers based in Rotterdam, Montreal, Bangkok, San Francisco, Kuala Lumpur and Porto. Please join our Discord channel to give feedback, and let us know if you would like to contribute to making Goobox even better. We are just getting started :)