Details on the default Gaia Backend

Hi, I started reading about the blockstack ecosystem, and from what I understand, Blockstack provides a default storage backend and users can change it and migrating old data to a new storage platform isn’t possible right now. What I was confused was what

  1. What is this default storage engine? Is it something like pre defined S3 bucket?
  2. How is the storage costs paid for this default setting?
  3. If by default all the data is with a blockstack defined place, doesn’t it make it centralised. Can blockstack read all the data.
  4. If a user changes his/ her storage system to say a AWS hosted, won’t the data of all the users be stored in a centralised place ( with AWS )
  1. It is provided by Blockstack PBC
  2. It is sponsored by Blockstack PBC
  3. Indeed if Blockstack PBC goes down, many users might not have access to their data. However, it is still decentralized because the applications don’t know where the data of their users is stored. As data is end-to-end encrypted Blockstack PBC can not read the data.
  4. Again, it is from the application developer perspective still decentralized. Each users is free to choose their storage provider. The application developer don’t have control over that. Blockstack aims to build on top of the existing convenient cloud storage systems. It is more about the centralized applications than about the infrastructure.

Just my 2 mSTX.


Hi @friedger thanks a lot, this did clear things up, I may need a few more of your mSTX .
Where exactly in the pipeline is blockstack using the bitcoin blockchain and what data is saved on the blockchain? Is the blockchain being used only as a record of storing a user id and the associated keys?
If so when I login into a blockstack app, are my credentials say password and key read from the bitcoin blockchain?
Let me know if I should better post it as a separate topic.

Currently, the bitcoin blockchain is used as the implementation for the virtual blockstack chain. The only operations on the chain are indeed only ownership of user IDs and namespaces, transfer of tokens.

During authentication the application asking the user for a (app) private encryption key. The key is generated by the blockstack browser from the root keys. This is only cryptography.

The chain is used if the application needs to get information from other users, so-called multi-player apps.

With blockstack chain version 2, the chain becomes a general purpose chain with smart contracts written in clarity. So, there will be various different types of transactions on the blockstack chain. The bitcoin chain will only be used to determine the leader/miner for the next block. Furthermore, there might be (micro) blocks on the stacks chain that are created between two bitcoin blocks.

1 Like

If I may add my 2mSTX (as they are called now? haha);

Blockstack is not the traditional “decentralized” technology like Peer-to-Peer or even something like Ethereum where everything (even application logic) is stored on the blockchain. Instead, Blockstack’s goal (as far as I can tell from reading the whitepaper – at least the pre-2019 version, though not much has changed) is to provide a degree of separation between the application and the data storage, so that data-storage can be controlled by the user, if they so desire.

In diagram form:

# Current Architecture
End-User -> App (Partial logic) -> Server (Partial logic) -> Storage

# Blockstack Architecture
End-User -> App (All logic) -> ("Gaia" Storage Server) -> (End-User's) Storage

Of course, the App is served the same way for both types – in a non-decentralized manner through a website tied to the standard DNS. In addition, the App can very well be obfuscated and closed source, and (especially when not audited) can get away with sending data to their own storage backend as well. Apps are not sandboxed or restricted in any way or form from using non-decentralized technology (such as ads, tracking, data mining, custom api requests, etc), and Gaia (storage) hubs are technically centralized servers themselves, so Blockstack is more of a pseudo-decentralized architecture.

Authentication is generally different – instead of checking in with the backend server in a classic application architecture, instead the Browser generates a storage token for the app to use and which contains the User’s address (so they can lookup the user profile) – and that’s it.

Currently the Blockchain is only used to store your username zonefile hash – with the zonefile itself being stored in the Atlas p2p storage network, which will continue to be used even under the new Stacks blockchain system. Authentication, storage, and logic “transactions” are not tied down in any way , though maybe in the future Apps will use their own blockchains built on top of the root Stacks blockchain, but I think we are a long ways away from that happening.

To quickly answer your question (in addition to @friedger 's already excellent responses):

  1. It’s Blockstack PBC’s S3 bucket
  2. They pay it, with reduced speed after 10gb of storage per address (meaning per-app, not per-user because Gaia doesn’t track users)
  3. Yes, by default Blockstack is very centralized. For instance, the Gaia hub went down for quite a few hours a while ago and they started a thread looking into how to not have such a large outage like that again, though I don’t believe anything happened from that). Blockstack PBC can also technically read all data, except by default Apps store data in an encrypted format so the Gaia host can’t read it. Public-facing data can still be mined by a nefarious host, however.
  4. Yes, which is why it’s more pseudo-decentralized instead of actually decentralized.

For part 2, see the above on my explanation on how auth works. Also, your password is more of a local passkey, used only client side and not stored or used anywhere else.

If you have any further questions, feel free to ask!


Hi @MichaelFedora thanks for the amazing insights, could you share something more on the auth process, like when I try to sign in in a app from a old browser on which I created the account, I can simply click on my ID and log in, when I do the same from a new browser, it asks for my blockstack ID recovery key, by user-id and my email and restores my account.
So does that mean that each account is meant to be used in a single browser itself?
Also how does the mechanism work? Is the browser (here my regular web browser ) storing in the local storage or is it some thing done by the blockstack browser which it seems like we access when we are redirected to ?

Okay, so I checked into my browser’s local storage and did find my account info there. This cleared some things up, still would like to know an explanation on the process.

Hey @mayanksatnalika! Sorry it’s taken me a while to respond, I’ve been quite busy the past couple of days.

Just as a side note, the browser and Gaia are almost completely separate, with the Browser only creating the tokens used to access Gaia in the first place, and Gaia not touching the browser at all.

The browser is a client-side application (hence why it can be run via a client-side website, a node.js install, or through a browser extension) that takes your mnemonic and then creates your master keychain, each identity’s keychain, and each app’s keychain when authenticating (each keychain being a public/private key pair, and the apps keychain being generated by the method I described here).

You can use your account on multiple devices/browsers, it’s just there is no “login” – there is only “recovery” via the phrase, because there is no backend to store your phrase for you! Therefore the password is just a pass-key that encrypts your mnemonic pass-phrase (NOT your identity private key, or app private key, etc due to how often they are used within the app), and nothing more.

Let me know if you have any more questions! (I learned most of this when making the extension… it was a fun process!)

1 Like