Meta: Prefer Incentive compatibility to explicit governance

I want to raise a higher level concern about the design and roadmap of the IC. Namely that we seem to be substituting explicit governance for incentive compatible protocol design. I believe that a long term objective should be replace explicit governance where possible with automated mechanisms. For example:

  • Node selection, rewards and removal are on the basis of explicit NNS votes. There is no system for decentralised monitoring and punishing of malicious nodes.
  • While computation is priced in terms of cycles so there is some protection against computation and storage attacks there is AFAIK:
    • Very little protection against cycle exhaustion attacks on canisters by malicious users.
    • No fee market so no mechanism for prioritising transactions when there is congestion.
    • No incentive (other than not being voted out) for nodes to include transactions.
  • Network spam and DoS protection is achieved by boundary nodes rate limiting calls (at their discretion and presumably with the threat of the NNS voting them out if they themselves spam the network) . Rather than pricing bandwidth. Similarly there is no incentive for boundary nodes to actually forward messages at all.
  • The price oracle is a simple proposal with a ratifying vote rather than a system of oracles where correct reporting is incentivised.
  • No incentive other than concern for long term value of the ICP you have locked for NNS voters to actually study proposals before voting or just lazily free ride on the neurons they follow. And in turn no incentive for neurons that are followed to make good judgements.

In a general sense I’m not sure that the IC design is actually secure and robust under the assumption that all parties are lazy and selfish rational rather than the (false) assumption that the NNS is all knowing, rationally self interested in the health of the network and individual proposers and influential neurons altruistic.

So I would propose that directionally we should try (where possible) to replace reliance on voting with actual crypto-economic systems which incentivise and ideally provide economic guarantees of correct behaviour.

In order of preference

  1. Best: Crypto economic protocols such as: fee markets, charges and markets in a more general sense, slashing & reward protocols. It seems likely we can design protocols for managing resources, discouraging attacks, and incentivising correct behaviour by nodes.
  2. Decentralised automated governance: People run automated client software, are incentivised to run it correctly and votes are aggregated: It seems likely we can design systems like this for subnet management, oracles, and monitoring of node performance and behaviour beyond what can be managed in “1”.
  3. A number of different entities make proposals and these are approved by token holder voting via manual voting and liquid democracy.
  4. Worst: Reliance on ICA/Dfinity to make proposals which are essentially rubber stamped by the NNS.

I agree with the proposal, I suggest you to change the thread’s tag to “Governance” as it seems more fitting. That being said some parts of it have already been discussed:

  • Eventually node rewards will be based on actual service provided to the network, they are currently fixed to promote adoption and the network’s growth.
    -As far as I remember automated ways to detected malicious actors have also been talked about and are planned.

Your first four points are all being addressed to some extent by DFINITY. Look through the roadmap posts in this forum and you should find plans to address each of your first four concerns.

They are all legitimate concerns IMO, but fortunately these problems are obvious to DFINITY as well.

1 Like