Thanks for posting this up. I've always thought Bitcoin agents were pretty cool, and its nice to see them get some attention again. I think I'm going to move this to the top of my pet projects. I think it should be decent to implement this using Python + Flask, and run it on a cheap VPS.
As far as making a StorJ like system everything seems pretty straight forward, except the actually hosting part. I can't really find a nice "cloud service" with nice APIs that takes Bitcoin listed in the Trade wiki. Instances need to be able to launch new nodes, preferable without human help.
It's a lot harder than it looks. Check out the agents page on the wiki for some of the problems you're going to face:
http://en.bitcoin.it/wiki/AgentsThe most obvious one is that if there's any way for a malicious person to influence how the agent chooses hosting (like cost) then they can immediately steal all the agents money and kill it. For example, by offering super cheap or free hosting, waiting for the agents to move there, and then just stealing their wallets.
One way to raise the bar for doing that kind of attack is to use trusted computing. Flicker/Intel TXT is a very complicated and difficult programming model. Intel SGX is looking far more promising - it's the result of years of evolution of TC technologies. But it's not available yet and probably won't be for some time.
I've read the original BitcoinTalk post, blog post, and wiki a few times. This is no way will be a full implementation of StorJ, but it seems like we could at least have a prototype system, and the slowly build to our goal. Baby steps really.
1) Start out with just a basic web-app. You upload files, and pay in Bitcoin. Behind the scenes its keeping track of storage space and hosting fees, and making sure that it can "survive" ie break even or get profit. Doable just a simple web service.
2) Next the goal would be to automate it as much as possible. Keeping software up to date? Just have it run "sudo apt-get update". Bitcoin-Qt gets updated? Download the new version from the official site and run it. The goal here is really to see how long you can run a StorJ node without any human help. A few days, a few weeks, a month or two? Things will probably break, but since 99% of these will be repetitive tasks I see no reason why you can't automate them with UNIX shell scripts.
3) Lets say your "genesis node" is now running out of storage space. Use hosting APIs you can launch a new hosting server, and the parent can set things up via SSH. Now can start having a multi-node system. At this point you would have to setup a rudimentary protocol for them to work together. Only at after this point does difficulty go into extreme hard mode.
tldr; Make a basic Bitcoin file-host. Try to automate as much of it as possible. Using hosting APIs to launch more nodes when you are out of space. Essentially make a very very basic and dumb StorJ that we can slowly improve.Let's address your problem with hosting. I'm going to say for now that that will be a non-issue. In full implementation(many years in the future) a StorJ node should work like a black box. The file system should be encrypted, and the wallet should be encrypted with only a key that the node knows. Furthermore, since no human should be messing a node we just turn off every incoming connection, so you can't get in via SSH or any other means. Also you are taking about a host being compromised which is another problem in itself.
So lets address that issue. Let's say the compromised host directly accesses the virtual machine that the node is running on. Because you could run this on linux you could make the system inconceivable hard to use for a direct attacker by editing the system. First thing you want to do in Linux as an attacker is probably do the 'ls' command to see where you are at in the file system. Well in this system the node changed that to a random 'spfna92asd' Now the system knows that it is being tampered with, and screams bloody digital murder to all other nodes. Before the attacker can even press another keystroke it can have already have backed up its wallet and important info with another trusted node or parent node, and then start transferring files to another node.
tldr; Its hard to break into a brick house with no windows, no doors, and is rigged to collapse if you ring the doorbell.In this early stage nodes would probably be run by some sort of operator, which would probably assure that the host is reputable or run it him/herself.
Anyways these are just my musing. Feel free to shoot me down, or add something. Maybe we can all learn a thing or two about agents.
