The NuActor System

Greetings NuNetopians,

At NuNet, we’re constantly pushing the boundaries of what’s possible in decentralized computing. Today, we’re excited to introduce a new capability in our Device Management Service (DMS) Version 0.5.x — NuActor, a secure actor-oriented programming framework for decentralized systems.

NuActor is a revolutionary approach that brings a new level of security, flexibility, and control to decentralized environments, where trust is inherently distributed among diverse participants. With the introduction of this new system, we’re making decentralized interactions safer, more efficient, and truly user-controlled.

What is The NuActor?

NuActor is a programming framework designed specifically for secure interactions in decentralized systems. In decentralized environments, different stakeholders may not fully trust each other, making secure communication a top priority. NuActor addresses this challenge by leveraging a zero trust model, where every message is authenticated individually at the point of interaction.

This innovative framework supports fine-grained capabilities, anchored in decentralized identifiers (DIDs) and enabled through user-controlled authorization networks (UCANs). This ensures that only authorized entities can perform specific actions, while giving users full control over their authorizations within the network.

Why The NuActor?

Decentralized systems are unique environments where there is no single point of control or trust. Participants may have different goals, policies, and levels of trust, which can make secure interactions challenging. Here’s why NuActor is a game-changer:

1. Secure Interactions: NuActor is built to operate under a zero trust paradigm. In decentralized systems, the only entity an actor can fully trust is itself and its controller. All messages invoking actions carry capability tokens that authorize them to perform those actions.
2. User-Controlled Authorization (UCAN): Traditional centralized systems often rely on a single authority to grant permissions. In contrast, NuActor empowers users to control authorizations themselves. Each entity can issue its own capability tokens and decide whom to trust for specific actions.
3. Hierarchical Capabilities: Capabilities in NuActor are defined in a hierarchical namespace, much like a UNIX file system structure. This allows for precise control over actions, where capabilities can be narrowed down to subpaths, ensuring only the necessary permissions are granted.

How Does NuActor Work?

NuActor leverages a unique approach to secure programming in decentralized environments by focusing on the following principles:

1. Zero Trust Interactions In decentralized systems, there is no perimeter — messages can come from anywhere on the Internet and could potentially originate from malicious actors. NuActor ensures that:

• Every message is authenticated at the point of interaction.
• The only entity an actor fully trusts is itself and its controller.
• All messages must carry capability tokens, which are validated before any action is executed.

2. Capability Tokens and Authorization Networks NuActor uses capability tokens to manage permissions within the network. These tokens are cryptographic objects signed by the issuer’s private key and verified using public keys associated with DIDs. Tokens grant specific actions, such as:

• Delegate: Allows the issuer to delegate authority to another entity.
• Invoke: Grants permission to perform a specific action.
• Broadcast: Allows a message to be sent to multiple entities.

The authorization of actions is decentralized, with no central authority; every entity can issue and manage its own tokens. This decentralized approach to authorization is what we call UCAN (User Controlled Authorization Network), putting control directly in the hands of the users.

3. Secure and Flexible Capabilities Capabilities in NuActor are defined within a hierarchical namespace. For example, the root capability is /, and all other capabilities extend this path, similar to directories in a file system. This allows for fine-grained access control where:

• A capability is narrower than another if it is a subpath in the UNIX sense. For instance, /A implies /A/B but not /B.
• Behaviors (actions) are directly mapped to capabilities, enabling automated matching of actions to permissions.

4. Robust Token Verification To maintain security, NuActor employs a stringent token chain verification process:

• The entire chain of tokens must not have expired.
• Each token must match its issuer with the subject of the preceding token.
• The token chain can only narrow (attenuate) capabilities, ensuring that permissions are not expanded unexpectedly.
• Trust anchors are established to verify tokens, allowing entities to trust certain other entities or public networks to vet users (e.g., KYC processes).

The Benefits of NuActor

NuActor offers several advantages that make it ideal for decentralized environments:

• Enhanced Security: Every interaction is authenticated and verified, significantly reducing the risk of malicious activity.
• Flexibility and Control: Users have full control over who is authorized to perform actions on their behalf, fostering a more open and adaptable ecosystem.
• Decentralized Trust: No central authority controls permissions, making the network more resilient and democratic.

How You Can Participate: Community Testing is Now Open!

We’re thrilled to invite our community to help test and refine the NuActor system as part of Release Candidate v0.5.0-boot Your feedback and insights are vital to making this feature as robust and effective as possible!

• Onboard DMS to v0.5.0-boot
• Submit your DID (Decentralized Identifier) to receive tokens for testing
• Join our Discord to chat with other testers

NuNet Is Hiring!

NuNet currently has a number of open positions for various roles within the team. If you have the skills and desire to join us in our journey, you can find more information and contact us through our career page.

About NuNet

NuNet is an open-source, decentralized platform that allows anyone to share and monetize computing resources. By using blockchain for secure transactions and decentralized orchestration to match tasks with resources, NuNet creates a flexible, resilient alternative to traditional cloud computing. Find out more via:

• Telegram
• Developer Documentation
• Website
• LinkedIn
• Discord
• Whitepaper
• Twitter
• Gitlab
• Youtube