-
Notifications
You must be signed in to change notification settings - Fork 58
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Discussion: Defining "reasonable" operating principles for multi-party entities (Notaries/Miners/Clients) #30
Comments
I think a good place to start here might be focusing on the Notary/Client relationship. Notary/Client
For this case, I'd propose this should be acceptable - though the amount of their DataCap they intend to allocate to themselves should be disclosed in their initial application. I think for small amounts (e.g. under 10TiB) - perhaps this is unnecessary, unless it also happens to be a substantial portion of their overall DataCap (>10%). Especially if in the early stages we have caps per geography, having Notaries who are simply onboarding their own data may hamper other areas of growth (other clients may have difficulty getting DataCap) - which in turn could hamper diversity on the Network. I think it's reasonable for Notaries who act as Client's to also then be held to a high standard of ensuring the Data is stored following the recommendations here. Evidence that a Notary acting as a Client is failing to use DataCap responsibly should be filed as a dispute and discussed if worthy of some sort of further action.
For the case where the infrastructure provider is enabling a use case (providing a service to web3 clients) - and those clients control the private keys - I propose this should be considered like any other Notary allocation decision (i.e. same guidelines for vetting, etc). For the case where the infrastructure provider also controls the private keys of the Client, I think the same strategy as (1) should be applied - and Notaries who intend to operate in this way would have a higher burden of proof in the initial application in showing they'd wield their power appropriately. |
Regarding the Notary / Miner (and Miner/Client) relationship - I propose the following:
While restrictive, I think this more restrictive mode of operation can help build trust in this process. A limited cap can help ensure decentralization and diversity. As trust builds in this mechanism, we can file a new issue / PR to reduce the constraints if these are too rigid and hamper growth. Additionally, setting base expectations should reasonably allow community members to provide scrutiny to Notaries and provide a framework for evaluating disputes / audit requests. |
Note on reasonable margin above in (2) - perhaps its worth having this be the greater of some absolute number and/or some % of DataCap allocated? |
Really great points regarding Notary/Miner relationship, I have some suggestions below:
I think generally it's very hard to design a 100% abuse-proof system, but defining operating principles and letting the community know what is right/wrong/reasonable is a great start. |
Thanks @NeoGe-IPFSMain - I like the phrasing of (1). For (2) - what if we were to say the lesser of 20% and 100TiB? I think reasonably so long as the Miner/Notary has the ability to request a third-party Notary to allocate the DataCap this shouldn't hamper their ability to operate on the network. For (3) - do we think this still applies, if (2) would limit the amount of self dealing? Maybe the fix is to say Notary/Miners must apply from DataCap from a Notary outside of their geography AND unaffiliated with any of their addresses. For (4) - I agree. I think to start, we can make complaints be issues - and ideally have a standard form and process that addresses this. I've opened a new issue for us to discuss. |
Yes, the lesser of 20% and 100TiB would be ideal. And we are talking about cumulative total numbers here, not respectively to each allocation or to each relevant address.
Ah, you are referring to the Notary/Client/Miner 3-in-1 instances. But how do we know if Notary/Miners are Clients as well? It wouldn't be fair for them if they don't act as Clients but have to find DataCap outside of their regions. I guess it's hard to find a universal solution for everything, and it's hard to distinguish one from another as well. |
I think from my perspective would be great if notaries are bound to (1) flag any client data cap requests they receive and have an affiliation with (economic interest but also strong social ties e.g. have worked together in the past) and (2) defer these requests to other notaries - regardless of any spending threshold. I think given the anticipated number of notaries I would not worry about too little supply / capacity elsewhere. Fully with folks here on the notary / miner relationship and that transparency is critical. |
I think what Philipp is proposing might be the most straightforward, at least to start. I think in the future, we might be able to simplify the process with appropriate disclosures happening in the application itself. So for Notary / Client:
For Notary / Miners:
All notaries should disclose:
|
Addressing: #30 In the future we may reduce the restrictions here, but for now the bias is towards avoiding any conflicts of interest. Notaries should expect other Notaries to require support to help onboard use cases to accommodate this early restrictive approach.
I've drafted an approach to this issue - please leave comments! One note - I simply said that this should be referred to a third party Notary (not requiring a separate geography). Thoughts? cc @NeoGe-IPFSMain @philippbanhardt @zixuanzh @dkkapur |
I think it’s going in the right direction |
We need a big data tool to do analysis about arm length deals. |
As mentioned on the last governance call, there are a few areas where it seems useful to have some agreed upon guidelines for operation. Specifically, when it comes to an entity who plays multiple roles in this mechanism (a Notary/Miner, a Notary/Client, or Notary/Miner/Client) it's important that we agree on what sort of base actions are reasonable, such that folks can operate safely without worrying if they're crossing a line.
As always, the motivating guide are the principles - so proposals / constructions should be mapped to how we can best promote those ideals.
The text was updated successfully, but these errors were encountered: