A secure and sustainable operation of the IC requires (1) maximal decentralization and (2) that Node Providers (NPs), who own and operate the network’s nodes, behave in the interest of the network.
What does maximal decentralization mean? It means maximizing the number of the independent NPs and diversifying the geographies, jurisdictions, and datacenters (DCs) where the nodes are operated.
In a fully decentralized network, onboarding of a Node Provider (NP) is managed entirely by the Network Nervous Systems (NNS). This means that anybody who wants to become a NP needs to submit a proposal that will be voted upon by the community. The main question then is: how to decide whether to accept or reject a new NP into the network? That’s where we would like to have your feedback on as community.
The goal - assessment of a new NP by the community
We propose to take a three level approach that will help the community to assess whether a new NP should be onboarded:
- Automatically validate part of the technical configuration of the NP during onboarding.
- Financial stake by the NP through investment in node hardware.
- Self-declaration of identity and good intent.
First, there are a lot of items that can be validated automatically during the onboarding of a NP, in particular the configuration setup and location of the NP. These can be included as part of the autonomous onboarding process that we are currently working on (see blog post Node Decentralization Status).
Second, new NP will have a substantial stake in the IC through the investment in HW Infrastructure for running their nodes. As described by Dom in his recent article (Blogpost Dom), NPs are not required to stake ICP, but the HW investment ensures that the NP has sufficient incentive to ensure to run nodes efficiently and reliably. This level of NP assessment has already been implemented through the current NP reward system, and will be refined in the future. To learn about this, please refer to the Forum post update on Node Decentralization (see here).
A financial stake as described above might not be enough to dissuade malicious node providers from colluding to break a subnet. Therefore, as a third level of assessment, we propose to the community that NPs are asked to present a self-declaration when requesting the NNS to be added to the network. In this, NPs:
- state their identity and business entity;
- accept that they are liable for the financial damage and harm caused in case they maliciously collude with other node providers to subvert the functioning of the network;
- accept that they understand that deliberately subverting the protocol, by modifying code, colluding with other malicious node providers, or otherwise, constitutes the misuse of a computer system.
We believe that a self-declaration will greatly increase security to the benefits of all stakeholders in the IC network, ranging from NPs to developers and entrepreneurs building on the network.
The way forward
With this forum post, we present a proposal of a self-declaration template (see draft on the IC wiki: Node Provider Self-declaration) and invite the community to give feedback. What does the community want to see and know from a NP before an informed decision can be made as to whether to accept or reject the NP into the network?
Once we have collected sufficient feedback and adapted our proposal accordingly, we plan to submit a motion proposal with the intention to turn the self-declaration into a community-approved procedure. Should this motion proposal be accepted, the community is encouraged to reject any NP application not complying with the template or not providing credible data as requested by the template.
We are very much looking forward to your feedback!