If this position were to be taken, node operators would likely have to be idemnified against loss in the event of failure in order to sign on. They also would have to weigh the business impact on their reputation (it could be positive or negative). It also means every time an node is installed in a new jurisdiction, a case could potentially go before the court in that jurisdiction. Not all jurisdictions have judicial integrity or independence.
Did I understood boundary nodes to work as something like gate(keepers) between the internet computer (ICP) and the rest of the internet(IP), correct?
So anything coming from the IC goes through? Mario was showing up as something like this? $ host boundary.dfinity.network ?
I understand that the boundary node provides confidentiality services and implements an information flow policy to protect and enable communication with canisters.
So from the outside it might look like the content comes from the boundary node while it actually doesnât and just assists with communication between canisters and the e.g. browsers?
PrĂŠcis
The Internet Computer Protocol Community was faced with its first contentious governance issue since the May 2021 Genesis. In response to a well recognized copyrighted game being deployed on the IC, a notice of copyright infringement was filed with a node provider by the copyright owner. A proposal to remove the offending canister was put forward on the NNS by the Dfinity Foundation. The game was taken down voluntarily by the canister owner, and subsequently the vote for removal was voted down.
Discussion on the Dfinity Forum has been passionate and polarized. It can be construed as follows:
⢠Hands off
⢠Intervene
Factors being discussed:
⢠The NNS should not be involved in content moderation â it should be treated like a telecom carrier.
⢠Moderating content for any reason enables censorship and invites governments to interfere.
⢠The NNS having the capability to remove content unintentionally provides the mechanism to implement censorship.
⢠Government regulations differ globally and trying to moderate in this context is impossible.
⢠The ability to identify nodes exposes data centres and node operators to litigation.
⢠Removing canisters is anathema to the wider crypto community and impacts social scalability.
⢠The IC must survive in a real-world with legal constructs.
⢠Some in the community support the protection of IP, and removal of inappropriate content.
⢠Node operators will likely unplug if faced with legal action.
⢠IP Infringement notices can be weaponized.
⢠Node operators should be protected from litigation.
⢠A legal defence of boundary operations should be considered.
⢠The ICP is not yet censor-proof
⢠Other blockchains have not had to deal with storage issues (e.g. Bitcoin and Eth).
⢠The appropriateness of Dfinity putting the matter to a vote.
⢠The lack of defined process accepted by the community.
Too much armchair philosophy, not enough solutions. Letâs talk about solutions.
@Ciaran proposes absolutely no moderation. This would require an NNS vote, and legally jeopardize most current node operators. I doubt this will pass, but @Ciaran how about you submit a proposal?
I have proposed to fork/integrate Kleros, a crypto-economic court system, to handle disputes regarding content, on a per-subnet basis. The NNS will ratify content policies per subnet, except for Badlands, which will have no moderation ability. Kleros 2.0 launching in 2022 will support arbitration on external chains, and Iâm sure ICâs Chain Key/Eth integration could help facilitate using the canonical Kleros, if we donât want to burden Dfinity engineers with forking it (and translating Solidity to Motoko/Rust). This will allow us to have high performance data center nodes in most countries AND a full (but slower) censorship-resistant subnet. It will take time to integrate Kleros but we could start using it immediately as a signalling mechanism, in which successful disputes signal NNS voters to remove a canister.
Another idea proposed by @superduper is to create a market for running canisters, where node operators bid on canisters awaiting deployment. Legally risky canisters will receive less bids and thus pay a higher price for resources, and it empowers node operators to determine their own legal risk. This would require a major redesign to the protocol. For instance, subnets would probably have to be changed to be created on-the-fly for each canister/app, where the nodes that bid on it get placed into this subnet which then only runs that canister (or group of canisters all part of the same app).
A fourth idea mentioned elsewhere is to hire professional teams that run neurons for the sole purpose of content moderation. Neuron users then delegate just the remove canister action to these neurons, assuming they trust their judgement. Per-subnet content policies are then interpreted by these professional teams.
What other solution ideas do we have to move forward with?
I propose it for technology thatâs ready. Itâs become clear to me that The IC was launched before it was capable of functioning as a Web 3.0 platform, because, unlike in other blockchain networks, it leaves node operators liable.
So apart from me agreeing with you that it wonât pass, I donât see the point in proposing it because even if it does pass, it wonât matter. Node operators would be on the hook and thatâs simply not viable.
Iâm going to start a new thread - as this one descended into mud slinging - and outline why I think a totally censorship-resistant base layer wouldnât be the disaster some think it would be. It would simply mean you kick governance up to other layers where more focused, local and resourced teams can use various tools to pursue their political goals. Eg, there are still ways to disappear things from the internet without deleting them from servers.
We already see the negative externalities of irreversible TXs being mediated on other blockchains through various innovations and I donât see why this would be different with The IC.
The key point is that if you donât have a secure base layer that canât be routinely tampered with, you donât have the foundation Web 3.0 needs to exist (forget just surviving, to actually exist). You need to deliver that first, then you deal with the challenges it creates for other public policy goals.
Cool @Ciaran look forward to your thread. I would be interested to read a practical design for a network that meets your goals.
Ill propose one more idea:
Have one app per subnet, app deployer specifies how many nodes they want, and the acceptable geographical locations of the nodes. Then the IC automatically finds nodes with capacity for this app, creates the subnet, and joins the nodes to it. The cycles cost scales with # of nodes. Then, if node provider gets DMCA or similar legal threat, they simply remove themselves from that subnet. This pushes the problem to node providers but is a more legally defensible position (see DMCA safe harbor rules), and absolves the NNS from dealing with moderation decisions. This is closer to the market-based solution so it could be an interim design to get to a market-priced cycles cost in the future, which allows the free market to price in legal risk. Also, subnets could have a âclassâ that represents the types of nodes it needs (high storage, GPU, etc).
So⌠used only once is fine for Eth, but not for the InternetComputer?
Hi @NickM , I was just remembering the case⌠I remember reading about it, the DAO hack and the role back⌠I am not saying it is fine to role back. Personally, for me it felt like a âmoveâ (a decision from the ETH community) that I was not expecting, because as we know, one of the great things about the blockchain is that we canât just simply role back ⌠it has to be a hard fork, with the majority of nodes/miners accepting it.
@Ciaran it seems the problem is about there being a single liable entity under the current state of the IC, would you be okay not absolutely removing [content] governance but remaking the system such that decisions are distributed enough across participants that no single entity becomes liable? e.g. requiring extraordinary neuron participation, disallow voting by following, making dfinity unable to vote on governance, only on technical issues, etc⌠and making nodes unaware of what theyâre hosting somehow. That way you can still have content moderation at the protocol level, but it would become extremely unlikely to happen, and if it happened it would NOT be for external legal reasons.
This seems to be a middle point between the positions displayed in this thread that solves the problem of external entities having a reach into the protocol.
Web3, Mario64 is up and running:
https://bafybeia42zsdngribu7xq5enfpqh5vdpxdfbxscnsosyk6wlkfehofshj4.ipfs.infura-ipfs.io/index.html
source :
https://boards.4channel.org/biz/thread/44226694/runs-directly-from-the-blockchain-on-any-device
Still interested in hearing more about how you use quadratic voting to implement systems of intellectual property if youâre willing to share (perhaps in a different post).
Doesnât quadratic voting suffer quite a bit from the Sybil problem?
Hereâs a useful thought metric to gauge how âOpenâ the âOpen Internetâ is really going to be:
How many websites that are indexed by search engines on the âclosedâ web would be banned from existing as Canisters under any given rule change to the Internet Computerâs policies?
Hereâs what I want to knowâŚwhat happens when Craig Wright issues a copyright infringement claim for a Canister serving Bitcoin smart contracts? O_O =)
Iâm still just really really really struggling to add the following up:
âWeâre building an unstoppable network to withstand electromagnetic pulse attacks and nuclear warâ
Vs.
âWow, Nintendoâs pretty mad, hereâŚwe better seriously re-consider what the Internet Computer is going to be about.â
Coming from the same Foundation.
Especially when the Internet Computer is being presented as this âbig threatâ to a lot of players â given this discussion, I get the feeling itâs posing a far larger threat to the people that trusted the initial claims around it than it is to anybody else.
@free Hereâs an example that may be more tangible instantiation for you:
In 1933, the President of the United States signed Executive Order 6102, declaring it illegal for private citizens to hold gold (USG proceeded to amass a supply from citizens at a mandated exchange price of $20.67 and then subsequently raised the price to $35 through another law when they had gathered a suitable amount.)
Many people were prosecuted for the audacity to hold that dayâs equivalent of Bitcoin as a hedge against government. Nationwide mandate, in a large country.
So, if something like that happens again, the Foundation is for banning any Canister that facilitates the purchase of XAU by private individuals, yeah?
Only in the countries where itâs declared illegal, or all over or what?
This is why I think @Manuâs approach holds a lot of promise, because it essentially opens up the ability for Canisters to be âglobal citizensâ in a sense, operating in jurisdictions where they are legal to serve content and functions that may be in demand from ethical citizens of other countries where what the Canisters are doing is or would be outlawed for no legitimate reason at all.
By the way, I wrote a ~600 word response to your other thing, but it was apparently too long to post on the forum.
Yeah, I really question whether or not DFINITY understands how large the magnitude of the backlash to voting for some kind of top-down censorship initiative is going to be, in many ways.
â I think one of the key takeaways of this discussion so far is that the most resilient solutions (like the market-based approach youâre proposing) give node operators the ability to calibrate their own risk profile.
In the examples of Snowden/Assange/etc⌠that I gave above, Iâd like to think at least one node operator somewhere in the world would decide they felt strong enough to host that content, thereby providing pushback against global censorship while allowing those who didnât feel comfortable with the legal risk to opt out.
I think the reality of the situation hit them hard, if all nodes are hosted in data centers and can be kicked from it if they dont follow DMCA guidelines the whole network will slowly deteriorate. Iâm impressed this scenario took so long to happen and Iâm impressed nobody talked about it before it did, but yeah no matter which side youâre on, if node providers are liable for content hosted on their servers we dont have much choice.
@Ciaran would a middle ground not be to make it extremely difficult to censor by making the thresholds extraordinarily high?
There appears to be a false dichotomy drawn between off-chain and on-chain governance systems. Itâs being posited that off-chain governance systems are immutable and unstoppable. But, of course, upgrades in btc and eth are possible through hard forks. So actually, if we want to be precise, Bitcoin and Eth are not immutable and unstoppable - itâs just that itâs extraordinarily difficult to push through changes as widespread coordination and convincing is involved in hard forks. The DAO hack is an example of that.
Would it not be possible to similarly make certain things such as censorship similarly difficult on-chain? For example, the US Constitution is very difficult to change but it is possible, and as a result it hasnât changed much. Perhaps for those things one would need a massive overwhelming majority, following would be disallowed, quadratic voting was introduced, etc. etc.
Seems like an agreed NNS constitution could solve the issue. Thatâs effectively what btc and eth has. Itâs called what it takes to get a hard fork done.