Phantasma Code Review by Andre Cronje
Share this article
Phantasma wants to do something several people have considered before now: they want to create a decentralized system for emails, and content distribution so that artists can get paid properly, and do it all securely and with encryption and so on and so on.
It’s not the newest idea in the world, and some of it doesn’t make a whole lot of sense, really.
A quick primer on data storage and the blockchain. What is a blockchain good at? Decentralized and distributed trust. What is a blockchain bad at? Any kind of data storage.
The thing that is important to remember is that data stored in the blockchain has to be stored on every node in the blockchain, this is how decentralized trust is achieved. The current transactional layout of a transaction can be seen as From, To, Amount, Data. Let’s assume I send a transaction From 0x1 To 0x2, with 0 Amount, and Data field populated with email HTML. This needs to be saved on every single node, so if there are 100 nodes this is x100 saved, making storage incredibly expensive.
This is where we need to separate decentralized, and distributed. We have distributed file systems, IPFS, Swarm, NeoFS and we have distributed data stores, Bluzelle, Fluence.ai, PepperDB. Data should be stored in these, and proofs of the data should be stored on the blockchain.
So to give an example, I save a file that has my email contents encrypted into IPFS. I then generate a deterministic hash off of this data (SHA256 for example) which gives me a fixed output, instead of storing the entire email on the blockchain, I store the proof (the deterministic hash) on the blockchain, this is the concept of storing proofs on the blockchain instead of storing data on the blockchain (something I firmly believe is the practical use case for data, off-chain storage, on-chain proof).
This is what Phantasma is doing. Interestingly enough, this is a more niche use case of what NuCypher are doing, so there is some strong competition starting up in this market.
Enough of that, let’s dive in.
We have a few projects, we have PhatasmaSharp, Official Phantasma SDK for C#, we have PhantasmaNeo, Deployment on NEO, we have PhtasmaMail, and PhatasmaMail-webapp.
Let’s start with PhantasmaSharp.
1 contributor, 2 commits, last updated 3 months ago.
Store saves the mails. Saves them with a .mail extension. Not seeing encryption.
The deterministic hash used is MD5. So, I’m a bit unhappy to see MD5 here, but since this is just a hash for the content and not related to security, we can accept it.
Nothing happening in Protocol.
Message saved as XML on IPFS. Not much going on here.
Mailbox creation and mail sending via NEO contracts. Not a lot happening here.
And that’s all we have for PhantasmaProtocol. Let’s move on to PhantasmaNeo.
This is just the token and smart contract. Moving on to PhantasmaMail.
Builds for Android, iOS, and an email client, looks cool, let’s have a look. Xamarin being used, makes sense (it’s a cross application mobile and windows development kit, allows you to build Android, iOS, and Windows apps with a single code base).
Some forms, basic skeleton stuff, nothing of significant substance, let’s move on to PhantasmaMail-webapp. Mostly boiler plate with a few Coming Soons.
And that’s everything.
So to break it down, I store an unencrypted email on IPFS, this gives me a storage tag for IPFS, I send that storage tag to the recipient via a Neo contract, and they can then access the contents (since they have access to the IPFS hash).
Phantasma Code Review Conclusion:
Not a lot to look at unfortunately, looks like they only recently started dev, probably about a 1–2 weeks worth of work for a team of 3 here.
Does email need decentralization? Does it need a token? Does it need to raise $10m? I don’t know, but this is the skeleton for a decentralized emailing app that talks to a Neo contract and stores data in IPFS, so it is doing what they are saying it does.
Disclaimer: Crypto Briefing code reviews are performed by auditing what is on display in the master branch of the repo’s made available. This was performed as an educational review and any comments in the article are the opinion of the writer. It is normal for code to change rapidly, hence we timestamp our code reviews so that they present a snapshot at a moment in time. Information contained herein should not be used as any comment or advice on the project as a whole.
Phantasma Code Review Timestamp: May 2nd, 2018 at 06:16 GMT