Proposal: Transforming ICP Node Providers into Validator-Like Entities

Objective

Enhance the Internet Computer’s decentralization and security by introducing staking and delegation for node providers, aligning them with Proof-of-Stake (PoS) validator models.

Current Model

Node providers are pre-approved entities receiving fixed monthly ICP payments from the Network Nervous System (NNS).

Proposed Changes

1. Staking and Delegation

• Node providers stake a minimum amount of ICP (e.g., 50,000 ICP).
• ICP holders can delegate stake to providers.
• Active providers are selected based on total staked ICP (self-stake + delegated), with a limited active set (e.g., 500–1,000).

2. Decentralized Selection

• Open application process replaces centralized onboarding.
• Community approval via staking-weighted NNS votes.

3. Rewards and Slashing

• Rewards are based on block production, fees, and inflation rather than fixed payments.
• Providers set commission rates and share rewards with delegators.
• Slashing penalizes misbehavior (e.g., downtime).

Benefits

Greater decentralization – Open participation and reduced reliance on pre-approved providers.
Enhanced governance – Staking-weighted voting strengthens community control.
Improved security & reliability – Performance-based incentives promote high-quality infrastructure.

Implementation Timeline

0–6 Months – Design staking system, pilot with current providers.
6–12 Months – Open applications, onboard new providers.
12–18 Months – Fully transition to a staked validator model.

This refined proposal focuses on staking, governance, and rewards, making it clear, concise, and actionable for the ICP community.

Example of other chains:

Staking Requirements Comparison Across Networks

1. Polkadot

• Consensus: Nominated Proof-of-Stake (NPoS)
• Minimum Stake:
  • No fixed minimum, but validators must stake enough DOT (self + nominations) to enter the active set (capped at 1,000 validators).
  • The threshold is dynamic, typically 1.8M+ DOT.
  • Nominators need only 1 DOT, but must meet the “minimum active nomination” to earn rewards.
• Hardware: 1 TB NVMe SSD, 16 GB RAM (32 GB recommended), high-performance CPU (4-8 cores), 500 Mbit/s internet.
• Slashing: Yes (for downtime, equivocation, etc.).
• Lockup: 28 days unbonding period.
• Rewards: Block rewards + transaction fees, split with nominators after validator commission (0-20%).

2. Avalanche

• Consensus: Avalanche Consensus (PoS variant).
• Minimum Stake:
  • Validators must stake 2,000 AVAX (~$50K-$60K at recent prices).
  • Delegators need 25 AVAX.
• Hardware: 8 GB RAM, 2 GHz CPU (4 cores), 1 TB storage, 10 Mbit/s internet.
• Slashing: No slashing; missing rewards is the only penalty.
• Lockup: 14 days minimum, 1 year max (configurable).
• Rewards: 7-11% APY, with fees burned to offset inflation (~26% annually).

3. NEAR

• Consensus: Thresholded PoS (TPoS) with Nightshade sharding.
• Minimum Stake:
  • No fixed minimum; validators bid for “seats” (100-200 active validators).
  • The required stake fluctuates (~25K-50K NEAR per seat).
  • Delegators can stake 1 NEAR.
• Hardware: 16 GB RAM, 4-core CPU (2 GHz+), 500 GB SSD, 100 Mbit/s internet.
• Slashing: Yes (1-10% for misbehavior).
• Lockup: 36-48 hours unbonding period.
• Rewards: 4-10% APY, funded by 5% inflation, split with delegators after commission (~10%).

4. Solana

• Consensus: Proof-of-Stake (PoS) + Proof-of-History (PoH).
• Minimum Stake:
  • No strict minimum, but validators must pay 1.1 SOL/day in voting fees, requiring enough SOL to remain operational.
  • Validators need 5K-50K SOL to break even.
  • Delegators can stake any amount (0.01 SOL+).
• Hardware: 128 GB RAM (256 GB recommended), 12-core CPU (2.8 GHz+), 1 TB NVMe SSD, 1 Gbit/s internet.
• Slashing: Not currently implemented, though planned.
• Lockup: ~2-day epoch, no mandatory lockup.
• Rewards: 6-8% APY, from inflation (starting at 8%, decreasing to 1.5%), split with delegators after commission (~5-10%).

Key Differences

How Validators Acquire the Required Stake

Validators secure their required stake through:

1. Self-Stake (Personal Investment)

• Polkadot: Validators bond 5K-10K DOT to enter programs like the Thousand Validators Programme, then attract nominations.
• Avalanche: Validators must stake 2,000 AVAX themselves, a high upfront cost.
• NEAR: Validators bid for seats, often starting with tens of thousands of NEAR.
• Solana: Validators fund voting fees and 5K-50K SOL initially.

2. Delegation from Token Holders

• Polkadot: Up to 16 nominators back each validator; Phragmén’s election algorithm distributes stake fairly.
• Avalanche: Delegators stake 25+ AVAX, with validators setting delegation fees (e.g., 2-10%).
• NEAR: Delegators choose validators based on performance and fees (~10%).
• Solana: Delegators stake freely; low commissions (0-5%) and high uptime attract more stake.

3. Community Programs & Incentives

• Polkadot: Thousand Validators Programme boosts small validators.
• Solana: Solana Foundation delegates SOL to validators under 3M SOL stake.
• NEAR: NEAR Foundation occasionally supports validators.
• Avalanche: No formal program, but high staking rewards (26% inflation) naturally encourage delegation.

4. Marketing & Reputation

• Validators promote themselves via:
  • Websites, performance stats (e.g., Polkadot’s Staking Dashboard, Solana’s StakeView).
  • Community engagement (Discord, Twitter, on-chain identity).
  • Transparency: High uptime and no slashing history build trust.

5. Pooling Resources

• Polkadot: Nomination pools let small stakers combine funds.
• Solana: Third-party staking services like Marinade aggregate stakes.
• NEAR: No native pools, but some third-party solutions exist.

Summary

• Polkadot: Most competitive – requires 1.8M+ DOT, with heavy reliance on nominators and structured delegation programs.
• Avalanche: Most self-funded – requires 2,000 AVAX upfront, but no slashing makes it lower risk.
• NEAR: Performance-based – requires dynamic stake, with validators competing for seats based on performance.
• Solana: Lowest barrier – validators need SOL for voting fees, but attract delegators via low commissions and high uptime.

Each network shapes validator entry through self-stake vs. delegation balance, with Polkadot favoring community nominations and Avalanche demanding direct investment.

The core idea is to:

1. Encourage stakers to delegate to NPs based on reputation.
2. Factor stake amount into the algorithm.
3. Require NPs to stake a minimum amount of ICP (e.g., 10K ICP).
4. Slash rewards for misbehavior.

We could even start with points 1 and 2 without major changes.

this is such outdated data for Avax validators, check avalanche 9000 upgrade

@marcio I appreciate the thought and effort you’ve put into this, and I’d like to share my perspective as well. I believe this proposal comes from concerns raised by community members about possible collusion among certain node providers (NPs) to compromise the network. The suggested solution seems to be a PoS system with enhanced KYC measures.

Issue 1: ICP’s Unique Infrastructure and Validator Costs

ICP operates as a closed system, including its own OS (IC-OS). Unlike other networks, it would require a complete overhaul to make it compatible with this proposed model. The hardware costs alone range from $500K to $1M, which makes it inaccessible for standard validators running on an OPEX model.

Expecting validators to invest such a massive amount upfront, pay an additional $50K–$100K for self-staking, and then hope they get selected while also covering high data center and ISP costs (especially in regions like APAC) is unrealistic. This is one of the key reasons many networks lack APAC validators.

From my own research and work with various networks (which I won’t name), I’ve seen and found cases where CEOs were accused of running multiple validators and using foundation funds for self-staking to collect millions in validator rewards. Blaming APAC for centralization issues isn’t productive—the problem lies in the underlying incentive structures.

PoS Validator Model is Outdated, 2023

A PoS validator system with staking requirements feels like a step backward. The industry has already moved past. Instead of building an expensive and time-consuming staking-based system for validator, why not invest in better KYC methods? If necessary, physically verifying NPs at their locations would be far more cost-effective.

We should be focusing on AI and AI agent markets. I’m currently working with the largest AI agent provider in crypto, and this space isn’t slowing down—it’s only accelerating. Even Dfinity is hiring massive numbers of AI engineers, as I recently noticed from their job postings.

My suggestion
Better KYC for NP, focus on AI and AI agents

I don’t claim that staking is a perfect solution, but relying solely on KYC isn’t ideal either. Physically verifying that individuals A and B exist and reside in the regions they claim doesn’t eliminate the risk that they know each other or might collude later.

Staking provides a different guarantee—“skin in the game.” By locking a significant sum of money on the platform, providers risk losing this stake if the platform is compromised. While the initial hardware investment ($10-20k per node) might seem sufficient, hardware can easily be resold. Given that financial incentives primarily drive platform attacks, consider a scenario where an attacker could gain a guaranteed $100M; losing a $100k hardware investment would hardly be a deterrent.

However, this illustrates precisely why staking alone isn’t sufficient either. If the potential reward outweighs the staked amount, an attacker may accept losing their stake in pursuit of greater profits.

A more robust solution might involve staking one’s honor, reputation, and legal accountability in addition to hardware investments. This approach aligns closely with the current direction of the IC, though it remains incomplete. In my view, we should advance further along these lines:

• Mandatory hardware purchase
• Requiring full transparency of the node provider’s identity
• Demanding a significant investment into the platform, either through a substantial staking amount, meaningful development contributions (similar to efforts by Allusion/Aviate Labs and other providers), active governance involvement (like CodeGov), or other demonstrable commitments sufficient to assure the COMMUNITY (i.e., human stakeholders) that the provider is trustworthy
• Implementing an enhanced self-declaration, including a formal commitment from providers that explicitly states they will neither engage in malicious activities nor collude with others. Violations would carry severe legal repercussions, including significant financial penalties (e.g., a fine of $10M), a critical element currently missing. Research in behavioral economics consistently shows that the psychological deterrent effect of potentially losing millions far outweighs the impact of smaller, immediate stakes ($50k-$100k), even if large penalties are statistically less likely to be enforced.
• EXTREMELY important: Requiring a clear declaration that providers possess the technical skills necessary to independently maintain their nodes without relying on external community support, as such reliance introduces an additional vector for potential attacks.

Note that this is MY PERSONAL view only, and not necessarily the view of DFINITY.

Definitely some interesting points here. I agree that there should be meaningful penalties for anyone found to be bad actors, more rigorous proof of an NP being part of the IC community and at a minimum all NPs should have the technical knowhow to run the machines they control.

But how would you envision your last point, all nodes are hosted in data centers, so presumably everyone would utilise some kind of remote hands service of the data center at some point? This is pretty normal for data centers and also allows node provider to react quickly. Even if I live near the data center, I may be on holiday, sick, or data center may also take time to grant me physical access etc. So the quickest route is usually the remote hands service of the data center.

And how would we assess sufficient technical skills, the skills involved here are more of a network administration type of role and there are many people who don’t actually hold verifiable qualifications like a certification etc, but are rather self taught. This will only increase as time goes on, one can already learn so many skills oneself without formal training. I think if someone is sufficiently incompetent they will anyhow get penalised soon when performance based node rewards are implemented. And as far as node providers who onboarded as an individual, sure, one could say that this person themselves needs to operate the nodes without any help (except remote hands service of the DC presumably). But how about legal entities? Legal entities might indeed have UBOs but also employees and contractors etc. Would we then not want any legal entity to be a node provider? I am not sure this is the right way to think about the problem.

I also don’t think fines, however large or small, would actually be enforceable given the many jurisdictions involved here. And not sure if this would really be in the spirit of a decentralised network anyway. I think penalties via node rewards would probably be more enforceable, like is already being discussed for nodes that don’t perform.

I see no issue with utilizing a “remote hands” service. This scenario is already considered in the “Target Topology,” which limits deployments to one node per data center per subnet. An attacker would need to compromise dozens of geographically dispersed data centers simultaneously to gain control over the NNS or another critical subnet. Achieving this would likely be quite challenging, and easier or more cost-effective attack vectors probably exist.

This is an important consideration. However, right now, we require absolutely no demonstration of technical capability, which results in applicants who struggle even with basic tasks like logging into Linux or executing console commands. I believe it’s crucial to implement at least a minimal verification or a statement of technical competence. A simple, transparent system such as “three strikes and you’re out” could work here. The risk of capital loss in that case could be a sufficient financial incentive to hire a competent technical expert.

Additionally, I have no issue if a node operator delegates technical responsibilities locally: one party invests capital, and another provides technical expertise and labor. As long as this arrangement is transparent and treated as a single provider entity, it should not be problematic.

Indeed, enforcement across multiple jurisdictions would present a challenge. However, it might still be feasible by clearly defining the jurisdiction in advance—for example, explicitly designating Switzerland, an EU country, or perhaps the US—where such fines could realistically be enforced. The key point is creating a significant/meaningful enough risk to discourage undesirable behavior.

Isn’t it possible to create a contract that simulates these conditions? Let’s say Dfinity pays part of the nodes with the condition that if there is misbehavior, it can take the nodes away. It looks like the main difference with respect to other chains is the price of the nodes.

This is a very interesting idea - subsidizing nodes. Thank you @marcio!
I’ll remember it and bring it up in future discussions on the topic.
It does create a problem of centralizing around DFINITY, but that’s the current situation anyway. So it doesn’t make it worse. I believe.

I’ve been thinking also about another idea that someone else brought up, which is an “SNS of node providers”, where anyone would be able to invest money and get a cut of the (reward) cake. And then there would be technical people who would actually run nodes and they would have to be strictly controlled for decentralization. That would IMO provide similar benefit since in real world there are people with cash but not technical expertise and there are people with technical expertise but no cash. On the IC we do expect the NPs to have both the cash and the technical skills. In reality, in most cases it’s either one or the other. Rarely do node providers have both.

I sent Adam that thread earlier today, the SNS of node providers. This thread yeah? Node Provider DAO

Thought it was something we should defo explore, although I was bit concerned if we supported it it would be seen to be us wanting to take over. I think something like this could be an option but there has to be contract specified rules as to who is just a voter, who has responsibility to maintain etc. I am sure there are many supporters of the IC that would love to be part of an NP but cant do it themselves. I know its a KYC nightmare and until we all have scannable chips that prove who we are (which may or may not be a good thing) that would be tricky.

Bad idea, people start spinning up nodes on AWS. Better KYC will fix most issues, in 1 subnet, just keep 1 node from every provider, even if few know eachother, it dont break network. If they know eachother, just move nodes to subnets where other party dont have node. KYC + face to face on onboarding.

100% agree with invest in KYC validation in PERSON. Deterministic decentralization works perfectly, but we need to be 100% that this
Node providers are who they say they are in their KYC

Why you don’t mention the real solution to this issue called node shuffling? I don’t want to sound rude but @dominicwilliams brag about having 200 engineers focused on “R&D” I would love to see the “R” (research) word being applied some day, I know node shuffling can be technically hard to develop, but sounds like the team is always avoiding at all cost developing top notch technology, sometimes I feel The team has relaxed and stopped creating and innovating, they seem to be focused on implementing quick fixes to fundamental issues. @Jan

You need also to understand that not all countries are europe, or USA, where can be a bit harder (but not impossible) to fake KYC documents, I live in south america, and it’s so easy for bad actors and criminals to get fake ID’s, fake bank accounts statements, etc you got my point, what is the solution to this particular issue? Doesn’t matter how many node providers we have what matters is verifying that this people applying to be node providers really are and matches with the KYC. I don’t know if you guys don’t understand how risky this particular issue is, you may think I’m exaggerating, would you like me to apply as a node provider with a fake identity? And proof you ? That’s how easy is, now imagine I’m a bad actor and I really start getting tons of individuals with the same idea.

Come on I have to much money
Involved here and that’s why we don’t have more value on this network because isn’t safe for big investors.

FOCUS ON KYC VALIDATION IN PERSON, then implement node shuffling, build that feature and stop giving quick and easy solutions that won’t help. The team are 200 top engineers, please show us what you have!

Penalties doesn’t work if the KYC of the node provider involved in an attack isn’t real, if it’s faked data.

Example, If i rob a bank and I’m an insider in charge of the vault manager or something like that, but I applied for the job with a fake identity, real world laws will go after whom? The identity I provided? Or me ? But they have nothing real from me, so I don’t care robbing the bank, anyway they don’t have proof against me

Please don’t come saying this example doesn’t make sense, it’s just an analogy of what is happening now with ICP node providers KYC, there’s nothing stopping smart bad actors to shit down a subnet, or steal funds (of course if they get control over the subnet by introducing more
And more of this malicious nodes.)

I know in the bank they will take your fingerprints, scan your eyes, they have physical ways to validate
Who you are, so u think that’s what
We need, or
Something like that.

What if there’s a way to use this project from sam altman, I forgot the name, have you ever stopped to think why he created a whole infrastructure on every single country to take peoples identities in person? Does he plan to sell
This data to interested parties? If we get that infrastructure every node provider that wanna join will have to go to this places and they will have to identify in person. How does the internet works? They have the ICANN right? We have the ICA, ICA could do something like that.

It has occurs to me in the past, that with a modicum of success, some staking and slashing will be come an essential security feature, at least on the chain fusion subnets. We can’t really have billions in btc and earth secured on a 34 node subnet that is only secured with 34x50k investment. At some point the amount that can be taken through collusion needs a counter weight.