Questions about hypergrid (eventually)

classic Classic list List threaded Threaded
6 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Questions about hypergrid (eventually)

Mike Higgins

I am writing an article on hypergrid transfers, an attempt to improve my own understanding, help others understand and perhaps improve the hypergrid documentation. The things I want to explain in the article is the timing: When are permission tests done? And when is content data actually copied from grid to grid? I think understanding this will make people more comfortable about moving content around the metaverse.

I have a bunch of questions. The documentation at http://opensimulator.org/wiki/Hypergrid does not answer them all. I am trying to track down Diva to see if she will let me pick her brains. I have tried posting questions on IRC. (This comic does a good job of summarizing my opinion of IRC: https://xkcd.com/1782/ ).

So next I'll try asking my questions here. I'll start by asking: Is my understanding (below) of the roles of the server and the viewer correct? (Even before hypergrid is involved.)

When you log into your home grid, the server sends a copy of your inventory list to your viewer. This consists of (mainly) a list of names and UUIDs. The UUIDs are links to objects in the asset server, which in turn are structures made up of many items linked by UUIDs. At the ends of all these links are texture maps, mesh objects, sounds, animations, etc.

When you rez an object in-world, the inventory entry (just the name and UUID) is copied from your avatar inventory to the scene inventory of the region you are in. If you don't have COPY permission to the object, the inventory entry is removed from your avatar inventory. The actual data describing the object isn't involved in this transfer. It stayed where it was in the asset server, was not moved, was not deleted. The data there wasn't even read until someone looked at the newly rezzed object and viewers started making requests so they could render images of it.

Is this understanding basically correct? If my understanding of this is correct, I can move on to hypergrid questions.


_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Questions about hypergrid (eventually)

Kurt Pudniks
Hi Mike, all,

Love the idea of writing an article about opensim.  I support your enthusiasm!

The source code will show you line by line how things are done.  Question is:  how does each grid modify their base code to adapt to their users?  This tends to be somewhat commercial in confidence ;)  and therein lies the big political problem re evolving opensim 2.0 right now...

I'm aiming to learn some opensim (C#) for my own understanding of what is possible.  Feel free to email me directly and we can chat more ie I might read (perhaps even explain at times! :) some source code for you as a research assistant of sorts...

Thanks,
Kurt.

On Sat, Feb 18, 2017 at 8:27 AM, Mike Higgins <[hidden email]> wrote:

I am writing an article on hypergrid transfers, an attempt to improve my own understanding, help others understand and perhaps improve the hypergrid documentation. The things I want to explain in the article is the timing: When are permission tests done? And when is content data actually copied from grid to grid? I think understanding this will make people more comfortable about moving content around the metaverse.

I have a bunch of questions. The documentation at http://opensimulator.org/wiki/Hypergrid does not answer them all. I am trying to track down Diva to see if she will let me pick her brains. I have tried posting questions on IRC. (This comic does a good job of summarizing my opinion of IRC: https://xkcd.com/1782/ ).

So next I'll try asking my questions here. I'll start by asking: Is my understanding (below) of the roles of the server and the viewer correct? (Even before hypergrid is involved.)

When you log into your home grid, the server sends a copy of your inventory list to your viewer. This consists of (mainly) a list of names and UUIDs. The UUIDs are links to objects in the asset server, which in turn are structures made up of many items linked by UUIDs. At the ends of all these links are texture maps, mesh objects, sounds, animations, etc.

When you rez an object in-world, the inventory entry (just the name and UUID) is copied from your avatar inventory to the scene inventory of the region you are in. If you don't have COPY permission to the object, the inventory entry is removed from your avatar inventory. The actual data describing the object isn't involved in this transfer. It stayed where it was in the asset server, was not moved, was not deleted. The data there wasn't even read until someone looked at the newly rezzed object and viewers started making requests so they could render images of it.

Is this understanding basically correct? If my understanding of this is correct, I can move on to hypergrid questions.


_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev



_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Questions about hypergrid (eventually)

David Saunders-2
In reply to this post by Mike Higgins
Always need people writing about OS.

You description is close to what I understand the process is.  But looke at this process too. I not sure how hypergrid affects it. 
 1> Client get a UUID for an asset.
 2> Client looks in its cache for it. If found uses it and uses it.  
 3> if not found request the region for it. Other wise it sends information to client.
 4> Region pulls from it cache or request the "home asset" server for the information  and sends it to the client. 

 That how it done on a closed asset server where the client cant poll it for the assets.   Oh, and temporary asset textures are not stored on the asset server only in the region cache.  

When people start complaining about things I asked when they last cleared there cache and fixes 90% of the errors, Clearing the region cache would fix most of the rest. 

The grid I am with can not be home for hyperlink travelers because its a closed grid. The asset server is behind a firewall and only accessible by the simulators authorized to access it.  With newer OS code, I seen some tickling at the idea of adding a password security to access to the asset server other wise it would totally open.  

David.

 


 


On Fri, Feb 17, 2017 at 5:27 PM, Mike Higgins <[hidden email]> wrote:

I am writing an article on hypergrid transfers, an attempt to improve my own understanding, help others understand and perhaps improve the hypergrid documentation. The things I want to explain in the article is the timing: When are permission tests done? And when is content data actually copied from grid to grid? I think understanding this will make people more comfortable about moving content around the metaverse.

I have a bunch of questions. The documentation at http://opensimulator.org/wiki/Hypergrid does not answer them all. I am trying to track down Diva to see if she will let me pick her brains. I have tried posting questions on IRC. (This comic does a good job of summarizing my opinion of IRC: https://xkcd.com/1782/ ).

So next I'll try asking my questions here. I'll start by asking: Is my understanding (below) of the roles of the server and the viewer correct? (Even before hypergrid is involved.)

When you log into your home grid, the server sends a copy of your inventory list to your viewer. This consists of (mainly) a list of names and UUIDs. The UUIDs are links to objects in the asset server, which in turn are structures made up of many items linked by UUIDs. At the ends of all these links are texture maps, mesh objects, sounds, animations, etc.

When you rez an object in-world, the inventory entry (just the name and UUID) is copied from your avatar inventory to the scene inventory of the region you are in. If you don't have COPY permission to the object, the inventory entry is removed from your avatar inventory. The actual data describing the object isn't involved in this transfer. It stayed where it was in the asset server, was not moved, was not deleted. The data there wasn't even read until someone looked at the newly rezzed object and viewers started making requests so they could render images of it.

Is this understanding basically correct? If my understanding of this is correct, I can move on to hypergrid questions.


_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev



_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Questions about hypergrid (eventually)

Michel Beauregard
In reply to this post by Kurt Pudniks
I imagine you have look at the following  web page among  the source of information for your article . Its a bit old 2011 but still valide in principles.

Optimizing OpenSimulator, Part I | Tagide might be of interest to you even if not on hypergrid per say  it give insights on how stuff works between viewer and simulator.


an other interesting view point is the mantis using hypergrid as search key.

Hope it helps



GiMiSa



De : Kurt Pudniks <[hidden email]>
À : [hidden email]
Envoyé le : vendredi 17 février 2017 19h57
Objet : Re: [Opensim-dev] Questions about hypergrid (eventually)

Hi Mike, all,

Love the idea of writing an article about opensim.  I support your enthusiasm!

The source code will show you line by line how things are done.  Question is:  how does each grid modify their base code to adapt to their users?  This tends to be somewhat commercial in confidence ;)  and therein lies the big political problem re evolving opensim 2.0 right now...

I'm aiming to learn some opensim (C#) for my own understanding of what is possible.  Feel free to email me directly and we can chat more ie I might read (perhaps even explain at times! :) some source code for you as a research assistant of sorts...

Thanks,
Kurt.

On Sat, Feb 18, 2017 at 8:27 AM, Mike Higgins <[hidden email]> wrote:
I am writing an article on hypergrid transfers, an attempt to improve my own understanding, help others understand and perhaps improve the hypergrid documentation. The things I want to explain in the article is the timing: When are permission tests done? And when is content data actually copied from grid to grid? I think understanding this will make people more comfortable about moving content around the metaverse.
I have a bunch of questions. The documentation at http://opensimulator.org/wiki/ Hypergrid does not answer them all. I am trying to track down Diva to see if she will let me pick her brains. I have tried posting questions on IRC. (This comic does a good job of summarizing my opinion of IRC: https://xkcd.com/1782/ ).
So next I'll try asking my questions here. I'll start by asking: Is my understanding (below) of the roles of the server and the viewer correct? (Even before hypergrid is involved.)
When you log into your home grid, the server sends a copy of your inventory list to your viewer. This consists of (mainly) a list of names and UUIDs. The UUIDs are links to objects in the asset server, which in turn are structures made up of many items linked by UUIDs. At the ends of all these links are texture maps, mesh objects, sounds, animations, etc.
When you rez an object in-world, the inventory entry (just the name and UUID) is copied from your avatar inventory to the scene inventory of the region you are in. If you don't have COPY permission to the object, the inventory entry is removed from your avatar inventory. The actual data describing the object isn't involved in this transfer. It stayed where it was in the asset server, was not moved, was not deleted. The data there wasn't even read until someone looked at the newly rezzed object and viewers started making requests so they could render images of it.
Is this understanding basically correct? If my understanding of this is correct, I can move on to hypergrid questions.

______________________________ _________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi- bin/mailman/listinfo/opensim- dev



_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev



_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Questions about hypergrid

Mike Higgins
In reply to this post by Mike Higgins

To summarize: before HG:

  1. The home server has a copy of your inventory

  2. When you log on, the server downloads the inventory list (names & UUIDs) into yor viewer

  3. When you rez an object, your viewer sends the name  & UUID of the object to the server to put in the scene inventory of a region

  4. When someone looks at the object, the server uses the UUID to fetch the object and all its parts from the asset server

Then you HG to a foreign grid and rez an object on the ground.
  1. Your viewer sends the name and UUID of the object to the server to put in the scene inventory of a region
  2. The foreign server knows that you are a visitor and requests the object and all its parts from your home server
  3. The object and all its parts are stored in a combination of cache and asset server, using their original UUIDs
  4. When someone looks at the object, its parts are now available locally to send to viewers

My questions this time are: Is my understanding correct? Is this the correct order? And the big question:

The viewer has your inventory list (name/UUID pairs) and makes requests one at a time to rez these objects on the foreign grid. As far as I can see, the foreign grid does not have a copy of this list, so it cannot iterate through your inventory (be it full or My Suitcase) to request all your content. The only items the foreign server can see are the ones you drag out of inventory one at a time. Isn't this inherently secure? Without a copy of your inventory list, there is no way to guess what UUIDs to request from your home server and no way to iterate over all possible UUIDs. Or is there some way that the foreign grid can request a copy of your inventory list? If not, then I don't see the My Suitcase folder making this inherently secure process any better. Why does the My Suitcase folder exist?


On 2/17/2017 2:27 PM, Mike Higgins wrote:

I am writing an article on hypergrid transfers, an attempt to improve my own understanding, help others understand and perhaps improve the hypergrid documentation. The things I want to explain in the article is the timing: When are permission tests done? And when is content data actually copied from grid to grid? I think understanding this will make people more comfortable about moving content around the metaverse.

I have a bunch of questions. The documentation at http://opensimulator.org/wiki/Hypergrid does not answer them all. I am trying to track down Diva to see if she will let me pick her brains. I have tried posting questions on IRC. (This comic does a good job of summarizing my opinion of IRC: https://xkcd.com/1782/ ).

So next I'll try asking my questions here. I'll start by asking: Is my understanding (below) of the roles of the server and the viewer correct? (Even before hypergrid is involved.)

When you log into your home grid, the server sends a copy of your inventory list to your viewer. This consists of (mainly) a list of names and UUIDs. The UUIDs are links to objects in the asset server, which in turn are structures made up of many items linked by UUIDs. At the ends of all these links are texture maps, mesh objects, sounds, animations, etc.

When you rez an object in-world, the inventory entry (just the name and UUID) is copied from your avatar inventory to the scene inventory of the region you are in. If you don't have COPY permission to the object, the inventory entry is removed from your avatar inventory. The actual data describing the object isn't involved in this transfer. It stayed where it was in the asset server, was not moved, was not deleted. The data there wasn't even read until someone looked at the newly rezzed object and viewers started making requests so they could render images of it.

Is this understanding basically correct? If my understanding of this is correct, I can move on to hypergrid questions.



_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Questions about hypergrid

Cinder Roxley

To summarize: before HG:

  1. The home server has a copy of your inventory

The home grid is the authoritative source of your inventory, the viewer has a “copy”.

  1. When you log on, the server downloads the inventory list (names & UUIDs) into yor viewer

The viewer requests an inventory skeleton and the login service obliges. The skeleton contains categories (folders) and items (names, item uuid, asset id, flags, perms, sale info, etc)

  1. When you rez an object, your viewer sends the name  & UUID of the object to the server to put in the scene inventory of a region

Note, the asset id is not the same as the inventory id. There is no “scene inventory”. The region contains a list of objects and their coordinates and positions. These have their own unique id’s. Textures, sounds, and animations are requested through the region and remain on the asset server and but are cached and sent by the region to the viewer. 

  1. When someone looks at the object, the server uses the UUID to fetch the object and all its parts from the asset server

The object remains on the region, not stored in the asset server this is what allows you to manipulate and build (objects in the region are mutable, the asset service is not.) When you take an object to inventory from the region, that’s when it is stored to the asset server.


Then you HG to a foreign grid and rez an object on the ground.
  1. Your viewer sends the name and UUID of the object to the server to put in the scene inventory of a region

  1. The foreign server knows that you are a visitor and requests the object and all its parts from your home server
  2. The object and all its parts are stored in a combination of cache and asset server, using their original UUIDs
  3. When someone looks at the object, its parts are now available locally to send to viewers

My questions this time are: Is my understanding correct? Is this the correct order? And the big question:

The viewer has your inventory list (name/UUID pairs) and makes requests one at a time to rez these objects on the foreign grid. As far as I can see, the foreign grid does not have a copy of this list, so it cannot iterate through your inventory (be it full or My Suitcase) to request all your content. The only items the foreign server can see are the ones you drag out of inventory one at a time. Isn't this inherently secure?

No, this is not secure. Any inventory item you access is contained within a category, that category may be contained in another category down to the root inventory folder (My Inventory) which itself has a category key that a rogue grid can use to request the contents of, and recursively request more folders and items thereby building a copy of your inventory. It can then request every asset contained in your inventory. Furthermore, the region can just request the inventory for a particular agent and the home grid sends it without batting an eye which is leaps and bounds easier to do.

 Without a copy of your inventory list, there is no way to guess what UUIDs to request from your home server and no way to iterate over all possible UUIDs. Or is there some way that the foreign grid can request a copy of your inventory list? If not, then I don't see the My Suitcase folder making this inherently secure process any better. Why does the My Suitcase folder exist?

The My Suitcase folder exists just for that purpose. It is the only folder accessible for that particular agent by hypergrid services. The initial skeleton just fills in enough to not hammer the inventory service at login with too many requests, but you are receiving a copy and the viewer is not authoritative, it is requesting and updating the cache itself throughout the session. If the only time it requested your inventory on login, you wouldn’t be able to see new or changed inventory. Given a sufficiently sophisticated attack, a rouge grid would be able to download the inventory of every agent it had the avatar uuid for without them ever setting foot on their grid. Technically, you don’t even need to be running a grid to do this, but it is highly unlikely someone would write a standalone tool to download inventories, especially with HG 2.0 restricting it to My Suitcase.

-- 
Cinder Roxley
Sent with Airmail

_______________________________________________
Opensim-dev mailing list
[hidden email]
http://opensimulator.org/cgi-bin/mailman/listinfo/opensim-dev
Loading...