Hi @stefan.schneider, thanks again for the information that you’ve shared regarding the LSMT feature. The NNS incident yesterday made me revisit this post. I gather that the NNS subnet (tdb26) was the only subnet running GuestOS version b9a0f18 when the incident occurred, and that the hotfix rollout (election and deployment) is essentially the same GuestOS version but with the LSMT feature switched off (which the NNS is now running).
Getting the hotfix in obviously required two proposals due to a suitable GuestOS binary not already existing in the registry. Every time a GuestOS election gets pushed as a hotfix without community scrutiny and voting, it adds fuel to the fire that the FUDers like to feed (i.e. that IC isn’t really decentralised and it’s all just theatre). But of course, this needed fixing right away. Theoretically, if the LSMT feature had been a runtime flag, I gather there would have been no need for an election proposal, nor a GuestOS deployment proposal. There would only have needed to be a subnet config update proposal as a hotfix (the scope of which seems smaller).
My understanding from your previous response is that a runtime flag was considered, but avoided due to the dangers of it flipping during the course of a replica’s execution. Doesn’t this depend entirely on how the GuestOS reads the config? Couldn’t it be implemented such that the GuestOS reads certain runtime config only at startup? An NNS function that supports updating the subnet config and restarting the replica could then have been used to deliver this hotfix (without any danger of the LSMT feature flipping during the course of execution).
I’m asking only to learn a little more about IC infrastructure, and hopefully to stimulate conversation about how to make certain hotfixes smoother and more palatable for a wider audience.
On a related note, I gather that if the storage limit had been increased already then switching off LSMT could have been riskier (resulting in performance issues). Are you able to share when you’re planning to increase the storage limit (hopefully not for a while, so there’s time for any other lurking issues to surface)? Will it be increased in one fell swoop, or in small increments?
Thanks in advance, your insights are always appreciated 