[Feature Request/Discussion] Add support for hosting GMVI hashes on Skynet

[figurestudios]

By default, gvmkit-build builds and uploads to a central server operated by Golem. This does not favor decentralization at all. But users can choose to self-host, or use public URLs using the image_url= attribute. I experimented using Skynet to host these images, and it went okay even with public portals. Skynet can briefly be explained as a decentralized file hosting network which can be accessed through portals, both public (no sign-up required) and private (sign-up, self-hosted, etc). With this, I came up with my gc__push_image repository. However it's important to keep in mind a few things here. First, since there is no native support, the provider also cannot know for sure if they're getting an image from the requestor or a malicious file from the portal. Secondly, public portals are slow, unreliable, and are generally bad. Sponsored skylinks makes providers able to download specific images from premium portals without having accounts on them, but they must be supported natively on Golem to be used.

I would be happy to hear what you think about it, and if this is something you'd like to integrate or get help to integrate.

Skynet allows:

• Files to remain online longer than a single server with no redundancy. By default, Skynet turns files into 20-30 chunks where only 10 of these chunks are required to rebuild the file.
• Uploading files through any public portal or portal where you have a subscription.
• Downloading files from any portal you have access to using a "Skylink" (34 bytes). API keys can be used for downloading, where you can sponsor specific skylinks to be downloaded by anyone or have a personal account.
• Cryptographically verifying the received files against the hash, to see that you're getting the files that you're actually looking for.

A complete integration would require:

• Verifying files against their unique hash. You already know how to verify GVMI hashes, and it might already be done automatically. This is the one part that is important for everything to work in a trustless way - the rest can be enabled by portals if they just want to.
• Downloading attempts through a series of public portals or a specified portal by the requestor.
• Utilization of API keys/sponsored skylinks for downloading through premium portals.

[nieznanysprawiciel]

We prefer to implement features, that are useful in general and not to any specific use case. In this example I think it would be interesting to have API token authorization in deploy and transfer commands. But wouldn't implement anything specific to skynet, unless there is really strong business need for this.

We created task for authorization, but it won't be priority yet: https://github.com/golemfactory/yagna/issues/2063