Modification: Recommendation for removal of notaries for abusing Filecoin Plus

[raghavrmadya]

Issue Description

Certain notaries have been found to have abused the Filecoin plus program by awarding DataCap without conducting thorough due diligence and raising flags for collusion

Impact

Proposed Solution(s)

Remove the following notaries from the Filecoin Plus program:

1. ND Labs
2. Newwebgroup
3. Gate.io
4. ipfscan
5. STCloud
6. Tom - Origin storage

Timeline

1. Proposal discussed in Jan 17th, 2023 Governance calls.
2. All notaries in question will pause signing completely
3. Community Discussion until Jan 20th 2023 at 12 noon PST
4. Action taken by RKH based on community consensus

Technical dependencies

RKH singing to remove notaries from multisig

End of POC checkpoint (if applicable)

Risks and mitigations

Related Issues

[herrehesse]

@Jefferson111 @claydrone @flyworker @kernelogic

Here is my proposal for placing notaries under supervision until they have demonstrated themselves to be trustworthy actors. https://filecoinproject.slack.com/archives/C01DLAPKDGX/p1674642993882069

[caoxinhe0108]

filecoin-project/filecoin-plus-large-datasets#335

@herrehesse @raghavrmadya
https://github.com/filecoin-project/filecoin-plus-large-datasets/issues/483 https://github.com/filecoin-project/filecoin-plus-large-datasets/issues/335

it does seem to be problematic

The first LDN was applied by @cryptowhizzard . He shared the CID with the second LDN, repeated 4.65P data, and the sharing rate reached 93%, and @cryptowhizzard signed 6 times for the second LDN. It's probably their own LDN, so it's basically a guess that he signed his own LDN and @cryptowhizzard is the main initiator of this survey, but did not conduct a survey on its own LDN

[herrehesse]

@caoxinhe0108, allow me to provide you with an explanation of the situation. I would also welcome you to pose the same question to both applicants.

@cryptowhizzard is one of the most reputable and experienced notaries in the entire ecosystem. He is fully aware of all forms of misconduct and will provide you with honest responses, as one should expect.

@xinaxu is an extremely capable software engineer working for Protocol Labs. He has developed tools such as Singularity, which help data preparers and clients automate the creation of .car files. His work is not only respected, but he is also the sole developer of one of the most critical pieces of software for the Filecoin+ ecosystem.

What occurred with the above situation is a prime example of how CIDs work effectively. Both @cryptowhizzard and @xinaxu independently built the valuable dataset of Next Generation Weather Radar (NEXRAD) (https://www.ncei.noaa.gov/products/radar/next-generation-weather-radar) and due to the nature of CIDs, they appear as duplicates.

There has been no reuse of CIDs, we are simply discussing a valuable dataset that has been created and stored by two different organizations and data preparers.

This has no relation to the CID abuse that is currently being addressed, and I strongly object to any suggestion that active developers from PL and one of the most diligent notaries are committing potential fraud.

[caoxinhe0108]

I also found a very meaningful thing, the SPs of this LDN also have the VPN duplicate nodes mentioned above

[herrehesse]

@caoxinhe0108 Good to finally see people doing due diligence, this should have been done 6 months earlier. Indeed one of our storage providers from Q3 2022 have been storing NEXRAD deals from us. The company who back then stored the data was Chainup.com and their mining operations fall under Origin Storage.

[caoxinhe0108]

@caoxinhe0108, allow me to provide you with an explanation of the situation. I would also welcome you to pose the same question to both applicants.

@cryptowhizzard is one of the most reputable and experienced notaries in the entire ecosystem. He is fully aware of all forms of misconduct and will provide you with honest responses, as one should expect.

@xinaxu is an extremely capable software engineer working for Protocol Labs. He has developed tools such as Singularity, which help data preparers and clients automate the creation of .car files. His work is not only respected, but he is also the sole developer of one of the most critical pieces of software for the Filecoin+ ecosystem.

What occurred with the above situation is a prime example of how CIDs work effectively. Both @cryptowhizzard and @xinaxu independently built the valuable dataset of Next Generation Weather Radar (NEXRAD) (https://www.ncei.noaa.gov/products/radar/next-generation-weather-radar) and due to the nature of CIDs, they appear as duplicates.

There has been no reuse of CIDs, we are simply discussing a valuable dataset that has been created and stored by two different organizations and data preparers.

This has no relation to the CID abuse that is currently being addressed, and I strongly object to any suggestion that active developers from PL and one of the most diligent notaries are committing potential fraud.

Everyone is an in-depth participant of FIL +, don’t take everyone as a fool, everyone understands the process of data encapsulation, even if the data set is completely consistent, in the process of encapsulation and cutting, any slight difference in a file will cause a different CID, which is as high as 93% repeatability is impossible. I'm just asking my question.

[herrehesse]

@caoxinhe0108 thank you for explaining the fraudulent practises we have also seen on the VPN miners discussed. It's great to finally hear this from someone else.

[caoxinhe0108]

you are avoiding my question please answer it

[caoxinhe0108]

why are you defending them

[herrehesse]

@caoxinhe0108 I am trying to convey information to you, however, it seems that you are not open to considering any perspectives that differ from your own and not taking in any logical reasoning.

[Jefferson111]

I really do recommend a thorough research to be completed before continuing this issue further. Many of the "evidences" here lack context, and people are just throwing "evidences" at one another without proper due diligence, including the v1 research here to a small extent.

For the record, notaries and SPs are allowed to have overlapping roles in the same LDN, iirc the limit is up to 20% or something.

There is also a Great Firewall in China we need to take note of when investigating China-based SP miners; the physical location of the nodes may be outside, but they may appear in China, vice versa.

And also note that people don't work 24hrs around the clock, delays and inactions are expected.

CID sharing is also allowed when the CIDs are supposed to be the same, this would require inspecting the LDN & data in question. An example would be large LDNs spanning across many smaller LDN github issues.

SPs are also allowed to be the same under certain conditions. Again, same example, when there is a large LDN spanning across many smaller LDN github issues.

SPs are also allowed to be in the same geographic regions. An example would be Project Beacon when explicit request was made an allowed by the governance team.

Data can also be encrypted. While currently, most of these LDNs are routed to the E-Fil+ program, there are still LDNs not part of E-Fil+ that have their data encrypted such as Project Antartica and Bearded.

And many more...

When anyond find a particular "evidence", it would be great if these different scenarios are evaluated & accounted for, before making a claim.

[herrehesse]

@Jefferson111

"There is also a Great Firewall in China we need to take note of when investigating China-based SP miners; the physical location of the nodes may be outside, but they may appear in China, vice versa."

Correct, but this does not mean we should accept 600PiB worth of datacap being stored by the same company who is physically in the same datacenter. This is a clear abuse of the Filecoin+ program rules.

If the storage providers say: We use a VPN, but "this" is our physical location, notaries and applicants can take note to have proper distribution executed.

[caoxinhe0108]

@caoxinhe0108 I am trying to convey information to you, however, it seems that you are not open to considering any perspectives that differ from your own and not taking in any logical reasoning.

How many people believe your explanation, I think you can consult the technical team of FIL+ to ask about the credibility of this question, timely data set consistency, car file size, cutting rules, any link in the cutting process is different , this probability is almost as low as the probability of finding two identical people in the world. If the FIL+ technical team agrees with this conclusion, I have nothing to say. Then I think FIL has no future at all.

[Tom-zhang987]

@Tom-zhang987 I kindly request that you cease attempting to manipulate the situation. The applications in question are duplicates due to the fact that the datasets are identical, which results in identical CIDs, as confirmed by the CID reporter. The packing and distribution labor has been done by both @cryptowhizzard as @xinaxu.

I respectfully request that you provide evidence, as you have claimed "I've made it clear above that I can confirm the first 5" on these questions:

• The ownership and control of these miners remains uncertain and unverified.
• The reasons behind the sequential nature of the addresses used by these miners are unclear.
• The similarity in growth patterns exhibited by these miners raises questions.
• The allocation of the full datacap of numerous applications to these miners is worthy of investigation.
• The recent creation of GitHub accounts associated with these applications raises questions.
• The prevalence of fraudulent, fabricated or inadequately vetted applications, all of which are signed by the same notaries, raises questions.
• The poor or inaccessibility of these miners is concerning.
• The apparent inability to retrieve data from these miners is a significant issue that requires attention.

@herrehesse @raghavrmadya

What evidence is needed, I can try to communicate and provide.

[Jefferson111]

@Jefferson111

"There is also a Great Firewall in China we need to take note of when investigating China-based SP miners; the physical location of the nodes may be outside, but they may appear in China, vice versa."

Correct, but this does not mean we should accept 600PiB worth of datacap being stored by the same company who is physically in the same datacenter. This is a clear abuse of the Filecoin+ program rules.

If the storage providers say: We use a VPN, but "this" is our physical location, notaries and applicants can take note to have proper distribution executed.

While that is likely true and backed by substantial evidence, the crux of this issue is the notaries rather than the SPs. So the questions & thought process here should be: Are notaries suppose to do VPN check themselves, if yes why did they fail to do so, and then subsequently is it a tolerable offence, if not why, and if they are repeated offenders, how many times did they do this particular offence and what are the evidence to back this etc.

As for the fradulent SP, we should have a entire separate issue to address it.

[herrehesse]

@Jefferson111

Yes this statement would be true if SP's, applicants and notaries where actually separate entities. Which they are clearly not. They are all one and the same. There is no devision. Non-compliant behaviour of one, is most likely of all. We can not cut away the responsibility of the one and only entity financially profiting from this non-compliant behaviour, the SP.

[Jefferson111]

@Jefferson111

Yes this statement would be true if SP's, applicants and notaries where actually separate entities. Which they are clearly not. They are all one and the same. There is no devision. Non-compliant behaviour of one, is most likely of all. We can not cut away the responsibility of the one and only entity financially profiting from this non-compliant behaviour, the SP.

I maybe missing something, so here the claim is that all of these notaries, SPs, LDNs belong to one single entity?

I would say that that is a very bold claim and you will need real substanital evidence to prove, such as financial statements, shareholders of each company and more. Just because there is a huge overlap in notaries signing the LDNs is definitely not sufficient.

[herrehesse]

@Tom-zhang987 Here you go.

• Who owns and controls these miners and why is it uncertain and unverified to date?
• What are the reasons behind the sequential nature of the addresses used by the entity?
• What causes the similarity in growth patterns exhibited by these miners?
• Why is the allocation of the full datacap of numerous applications given to these same miners?
• What is the reason behind the recent creation of GitHub accounts associated with these applications?
• What is the reason for the prevalence of fraudulent, fabricated or inadequately vetted applications, all of which are signed by the same notaries?
• Why is there poor or complete inaccessibility these miners?
• What is the reason for the apparent inability to retrieve data from these miners?

[cryptowhizzard]

I found a lot of LDNs that share CIDs, let's round it up, don't know why the table skipped those LDNs, I'll keep looking

filecoin-project/filecoin-plus-large-datasets#77

filecoin-project/filecoin-plus-large-datasets#339

filecoin-project/filecoin-plus-large-datasets#403

Hello,

I have been afk for a few hours, reading back up.

The first thing that came through my minder "He does not know what he/she is talking about" I will set a short explainer here because you attempt to divert the discussion away from the main topic, notary's who did not do what they should do and are up for removal.

• 1. I did not sign on / in any of these LDN's you mention. ( On contrary of some notary's who are up for removal who are signing in their own LDN's where they have stake in).
• 2. The CID sharing ( as far as you can see it ) is between wallets in the same project of in case of Evergreen => this is a project initiated by protocol labs. It is designed to fetch deals that expire soon and re-deal them on chain so the data will keep available. You are accuring Protocol Labs now of wrongdoing, just saying...........
• 3. The data stored is always the data as stated in the LDN's. Non compliant LDN's in my spreadsheet with CDN sharing stored different data then they stated. This is one of the main differences.

Conclusion: You don't have an idea what you are talking about, the tone of voice is aggressive (as always) and only attempting to draw the attention away of the people who did things wrong in the main post.

[Tom-zhang987]

@Tom-zhang987 Here you go.

• Who owns and controls these miners and why is it uncertain and unverified to date?
• What are the reasons behind the sequential nature of the addresses used by the entity?
• What causes the similarity in growth patterns exhibited by these miners?
• Why is the allocation of the full datacap of numerous applications given to these same miners?
• What is the reason behind the recent creation of GitHub accounts associated with these applications?
• What is the reason for the prevalence of fraudulent, fabricated or inadequately vetted applications, all of which are signed by the same notaries?
• Why is there poor or complete inaccessibility these miners?
• What is the reason for the apparent inability to retrieve data from these miners?

How does this relate to the VPN issue mentioned in the article?

[Tom-zhang987]

I found a lot of LDNs that share CIDs, let's round it up, don't know why the table skipped those LDNs, I'll keep looking filecoin-project/filecoin-plus-large-datasets#77 filecoin-project/filecoin-plus-large-datasets#339

filecoin-project/filecoin-plus-large-datasets#403

Hello,

I have been afk for a few hours, reading back up.

The first thing that came through my minder "He does not know what he/she is talking about" I will set a short explainer here because you attempt to divert the discussion away from the main topic, notary's who did not do what they should do and are up for removal.

• 1. I did not sign on / in any of these LDN's you mention. ( On contrary of some notary's who are up for removal who are signing in their own LDN's where they have stake in).
• 2. The CID sharing ( as far as you can see it ) is between wallets in the same project of in case of Evergreen => this is a project initiated by protocol labs. It is designed to fetch deals that expire soon and re-deal them on chain so the data will keep available. You are accuring Protocol Labs now of wrongdoing, just saying...........
• 3. The data stored is always the data as stated in the LDN's. Non compliant LDN's in my spreadsheet with CDN sharing stored different data then they stated. This is one of the main differences.

Conclusion: You don't have an idea what you are talking about, the tone of voice is aggressive (as always) and only attempting to draw the attention away of the people who did things wrong in the main post.

I'm a Filecoin investor and I checked and found these issues. isn't it a problem? From a technical point of view, what is the probability of this happening? I didn't change the subject, isn't it the shared CID mentioned in the article.

[cryptowhizzard]

filecoin-project/filecoin-plus-large-datasets#335

@herrehesse @raghavrmadya filecoin-project/filecoin-plus-large-datasets#483 filecoin-project/filecoin-plus-large-datasets#335

it does seem to be problematic

The first LDN was applied by @cryptowhizzard . He shared the CID with the second LDN, repeated 4.65P data, and the sharing rate reached 93%, and @cryptowhizzard signed 6 times for the second LDN. It's probably their own LDN, so it's basically a guess that he signed his own LDN and @cryptowhizzard is the main initiator of this survey, but did not conduct a survey on its own LDN

<Edit ... sorry, i went out of line here> @Tom-zhang987

If two LDN applicants build the exact same dataset ( In this case Nexrad ) and download the exact same data from AWS S3 and use the exact same software to build it ( Singularity ) it is logical that you get 100% the same CID's. This only proves that we both build authentical dataset's.

This is different that the LDN's who are provided in my sheet. Where applicants state for example they will store School class video's or advertising video's while storing data from example ... Nexrad or other fake things.

[cryptowhizzard]

@Jefferson111 Yes this statement would be true if SP's, applicants and notaries where actually separate entities. Which they are clearly not. They are all one and the same. There is no devision. Non-compliant behaviour of one, is most likely of all. We can not cut away the responsibility of the one and only entity financially profiting from this non-compliant behaviour, the SP.

I maybe missing something, so here the claim is that all of these notaries, SPs, LDNs belong to one single entity?

I would say that that is a very bold claim and you will need real substanital evidence to prove, such as financial statements, shareholders of each company and more. Just because there is a huge overlap in notaries signing the LDNs is definitely not sufficient.

Hi.

I gave this explanation already way up.

There is one notary who signed on 16 applications where he himself controls the SP's ( In VPN ) in it.

There are 3 notary's who are in one organization and share the same stake ( They own the same miners ). The applicants stated so when applying as notary. You can read it in their issues. If they would not sign jointly on one LDN there would not be any problem, however they did.

There are 2 notary's who are involved in storing non compliant with FIL+ in their own LDN's. As notary's you have to be of impeccable behaviour (Clean sheet).

[Tom-zhang987]

filecoin-project/filecoin-plus-large-datasets#335

@herrehesse @raghavrmadya filecoin-project/filecoin-plus-large-datasets#483 filecoin-project/filecoin-plus-large-datasets#335 it does seem to be problematic The first LDN was applied by @cryptowhizzard . He shared the CID with the second LDN, repeated 4.65P data, and the sharing rate reached 93%, and @cryptowhizzard signed 6 times for the second LDN. It's probably their own LDN, so it's basically a guess that he signed his own LDN and @cryptowhizzard is the main initiator of this survey, but did not conduct a survey on its own LDN

<Edit ... sorry, i went out of line here> @Tom-zhang987

If two LDN applicants build the exact same dataset ( In this case Nexrad ) and download the exact same data from AWS S3 and use the exact same software to build it ( Singularity ) it is logical that you get 100% the same CID's. This only proves that we both build authentical dataset's.

This is different that the LDN's who are provided in my sheet. Where applicants state for example they will store School class video's or advertising video's while storing data from example ... Nexrad or other fake things.

@cryptowhizzard
This is not what I discovered, I am just an investor, I hope everyone can look at this issue from a higher perspective. What is the real status of FIL+ now? I hope everyone can understand.

[Tom-zhang987]

@cryptowhizzard I know what I'm talking about, don't confuse everyone's attention, I found a lot of such projects, I will find someone to check in detail in the future, purely from the perspective of the rules, the LDN I sent above is indeed against the rules , do you admit this fact?

[cryptowhizzard]

@cryptowhizzard I know what I'm talking about, don't confuse everyone's attention, I found a lot of such projects, I will find someone to check in detail in the future, purely from the perspective of the rules, the LDN I sent above is indeed against the rules , do you admit this fact?

No.

Like i said, you are probably accusing Protocol Labs now of re-storing deal data in the Evergreen project. Second option is that participants have build and identical dataset -> in this case one should check the participants LDN to see the data they indicated they would store.

The status of FIL+ is that it open for everyone with good intentions. The fact that some of the notary's are up for removal or that there was Non compliance detected does not make it anymore less alive. It is just natural evolution in the project.

[Tom-zhang987]

@cryptowhizzard

Please don’t change the subject. There must be no problem with the project, otherwise it will not get the quota. My question is that it has a shared CID. Why didn’t the notary do due diligence? It also needs to be listed in the list.

[herrehesse]

Throwaway GitHub account? Check. Asking questions to differ from the original discussion? Check. Not listening to rational answers from anyone? Check. Asking the same question over and over again even after being answered? Check. Making the whole thread cluttered for everyone? Check.

[Jefferson111]

@Jefferson111 Yes this statement would be true if SP's, applicants and notaries where actually separate entities. Which they are clearly not. They are all one and the same. There is no devision. Non-compliant behaviour of one, is most likely of all. We can not cut away the responsibility of the one and only entity financially profiting from this non-compliant behaviour, the SP.

I maybe missing something, so here the claim is that all of these notaries, SPs, LDNs belong to one single entity? I would say that that is a very bold claim and you will need real substanital evidence to prove, such as financial statements, shareholders of each company and more. Just because there is a huge overlap in notaries signing the LDNs is definitely not sufficient.

Hi.

I gave this explanation already way up.

There is one notary who signed on 16 applications where he himself controls the SP's ( In VPN ) in it.

There are 3 notary's who are in one organization and share the same stake ( They own the same miners ). The applicants stated so when applying as notary. You can read it in their issues. If they would not sign jointly on one LDN there would not be any problem, however they did.

There are 2 notary's who are involved in storing non compliant with FIL+ in their own LDN's. As notary's you have to be of impeccable behaviour (Clean sheet).

Got it. So I see 3 very different & separate issues against 3 different parties. Each of them commit very different violations as a notary and we should address them individually, not under 1 issue here.

From what I understand:

1. The VPN issue is that the SPs are believed to be all under a single entity Origin Storage. IMO, this has nothing to do with notaries, but the SPs, no way notaries would be able to do such a deep VPN check. But it does require a re-evaluation of Origin Storage's position as a notary.
2. This issue claims that 3 different Notaries actually belongs to the same organization, and own the same miners. My main question here is why wasn't this flagged during Notary Application? If it was, what was the rationale allowing them to become notaries?
3. The last issue is that 2 independent Notaries violating a whole set of different violations. The type and extent of CID sharing should be listed down along with the various timings.

[herrehesse]

@Jefferson111 Lets hop on a call so I can explain things to you and make things hopefully clearer?

[cryptowhizzard]

@Jefferson111 Yes this statement would be true if SP's, applicants and notaries where actually separate entities. Which they are clearly not. They are all one and the same. There is no devision. Non-compliant behaviour of one, is most likely of all. We can not cut away the responsibility of the one and only entity financially profiting from this non-compliant behaviour, the SP.

I maybe missing something, so here the claim is that all of these notaries, SPs, LDNs belong to one single entity? I would say that that is a very bold claim and you will need real substanital evidence to prove, such as financial statements, shareholders of each company and more. Just because there is a huge overlap in notaries signing the LDNs is definitely not sufficient.

Hi. I gave this explanation already way up. There is one notary who signed on 16 applications where he himself controls the SP's ( In VPN ) in it. There are 3 notary's who are in one organization and share the same stake ( They own the same miners ). The applicants stated so when applying as notary. You can read it in their issues. If they would not sign jointly on one LDN there would not be any problem, however they did. There are 2 notary's who are involved in storing non compliant with FIL+ in their own LDN's. As notary's you have to be of impeccable behaviour (Clean sheet).

Got it. So I see 3 very different & separate issues against 3 different parties. Each of them commit very different violations as a notary and we should address them individually, not under 1 issue here.

Almost. 3 different issues against 6 notary's in total.

From what I understand:

1. The VPN issue is that the SPs are believed to be all under a single entity Origin Storage. IMO, this has nothing to do with notaries, but the SPs, no way notaries would be able to do such a deep VPN check. But it does require a re-evaluation of Origin Storage's position as a notary.

Not exactly. As notary you are not allowed to sign on applications submitted by yourself. The miners in the applications ( VPN'ned ) originate to origin storage for each of them. Apart from the fact that the VPN is solely used to fake location here, there are 2 violations.

2. This issue claims that 3 different Notaries actually belongs to the same organization, and own the same miners. My main question here is why wasn't this flagged during Notary Application? If it was, what was the rationale allowing them to become notaries?

Well, yes. But the last time the issue was parked by the governance team because the mentioned participants indicated their understanding and committed not to sign jointly according to the issue on git. Now the situation changed so it should be re-discussed.

3. The last issue is that 2 independent Notaries violating a whole set of different violations. The type and extent of CID sharing should be listed down along with the various timings.

The type is clear. They stored data other then they were telling in their LDN application. I mentioned the application numbers involved above.

Regarding the comment is these all should be separate issues i am neutral. This action is initiated by the governance team.

I am just adding my findings.

[Jefferson111]

Not exactly. As notary you are not allowed to sign on applications submitted by yourself. The miners in the applications ( VPN'ned ) originate to origin storage for each of them. Apart from the fact that the VPN is solely used to fake location here, there are 2 violations.

Notary can help clients to structure their LDNs, and be SPs as long as they don't own more than ~20% of the data. I think you were the one who raised it and discussed during governance a year ago during the Project Antarctica/Bearded incident, the idea of Fil+ is to onboard useful data in a decentralized fashion. I won't count self-signing part as a violation, but notary owning all the data in the LDN is a violation.

No qualms on other stuff.

Well, yes. But the last time the issue was parked by the governance team because the mentioned participants indicated their understanding and committed not to sign jointly according to the issue on git. Now the situation changed so it should be re-discussed.

Agree, I think we should revisit that incident and continue the discussion from there on, so we can have a better context.

The type is clear. They stored data other then they were telling in their LDN application. I mentioned the application numbers involved above. Regarding the comment is these all should be separate issues i am neutral. This action is initiated by the governance team.

I would say they are quite far off from the original claim and should definitely be open and discussed as a separate issue.

[cryptowhizzard]

Not exactly. As notary you are not allowed to sign on applications submitted by yourself. The miners in the applications ( VPN'ned ) originate to origin storage for each of them. Apart from the fact that the VPN is solely used to fake location here, there are 2 violations.

Notary can help clients to structure their LDNs, and be SPs as long as they don't own more than ~20% of the data. I think you were the one who raised it and discussed during governance a year ago during the Project Antarctica/Bearded incident, the idea of Fil+ is to onboard useful data in a decentralized fashion. I won't count self-signing part as a violation, but notary owning all the data in the LDN is a violation.

No qualms on other stuff.

https://github.com/filecoin-project/notary-governance/tree/main/notaries

Operational Guidelines As stated above, Notaries are given a high degree of autonomy in their decision making power. In order to build trust in the stability of this mechanism, below outlined are some basic criteria by which all Notaries are expected to adhere. In the future these restrictions may be reduced or removed, upon approval by the community (going through the standard PR process).

Upfront Disclosures: Prior to being confirmed as a Notary, Notaries are expected to disclose all relevant addresses which they control, have a financial stake in, or are strongly connected to by other means. For the disclosure, the Notary should state the relevant addresses and the nature of the relationship.

Promoting Client Best Practices: Notaries agree to educate approved clients about the best practices for using their DataCap (e.g. how to request additonal services from miners, storing data redundantly across many miners, etc). Some reference information can be found https://github.com/filecoin-project/notary-governance/issues/9.

Commitment to effeciently serving the Network: Notaries agree to serve as fiduciaries of the Network, striving to work towards bringing useful data onto Filecoin and improving the experience for clients to do so. Notaries should generally be able to respond to Client applications and updates within 3 days, and should be comfortable communicating with Clients and Notaries if an application needs to be redirected.

No Self Dealing: To prevent conflicts of interest, Notaries should not allocate DataCap to Clients over which they control the private keys, or to a Client who intends to specifically spend the allocated DataCap with an address affiliated with the Notary. When in doubt, Notaries should bias towards transparency (i.e. public disclosure) or to getting a different Notary to handle the individual request.

---

I think this is crystal clear for the notary in question with the VPN / Selfdealing. There has been no disclosure on the LDN itself, on the VPN's, on the SP's used etc.

[Jefferson111]

I think this is crystal clear for the notary in question with the VPN / Selfdealing. There has been no disclosure on the LDN itself, on the VPN's, on the SP's used etc.

Yes, I believe it was went through during the governance calls on what should constitute as self-dealings. While the notary in question definitely perform self-dealing, self-signing (referring to the act of signing a LDN in which the notary knows the Client) is perfectly fine (and should not be confused with self-dealing) based on governance call discussions which predates after whatever u quoted and isn't in conflict.

[lamborghiniandy]

It is really a huge discuss. Long time no see such a big debate in fil community. I spend quite a lot time thoroughly going over all the comments under this discussion and would like give a summary of the whole discussion.

Two European notaries accuse 6 Asian notaries for abusing data cap signing because some LDN were found VPN problem and CID sharing problem. However, the people in approval of Asian notaries said two things as their arguement. One is that they are not network experts and failed to find the VPN problem. The other one is that before the robort was developed, no tool can be used to detect the CID sharing. And furtherly some ppl say that nearly all notaries can be find signing CID-sharing LDN, therefore it is unfair to remove only the 6 listed notaries.

I think the debate reflects a fact that the governing rule of notary is not sound. When should a notary receive a yellow card? And when should him receive a red card? I believe every notary is a believer of fil and can help filecoin grow better in many dimension. Growing community is very difficult, and even much more difficult in a bear market. Is eliminating the 6 Asian notaries or maybe more Asian notary or SPs in line with the whole interest of filecoin community? It is hard to say. Giving up asian market and falling back to Europe is definitely not a good choice for the entire filecoin community. No laws in the world directly sentence criminal to death. In the contray, law should give ppl chance and teach criminal to turn to good ppl in the future. Removing the notary is easy but it is hard to call them back in the future. And I think if we dig the thing deeper, nearly 99% of Asian notaries would be accused.

Maybe the accused Asian notaries don't do their job well. But I think giving them a warning and requiring them to be cautious is an appropriate treatment. They do make huge contribution in absorbing a large amount of capital and attention in early time, that European notaries cann't be compared with. It is at the best consideration for the entire community. Meanwhile, we should encourage ppl come up with better due diligence process and better detecting tools. Governing such a huge community should rely on more objective process, standards and rules to guarentte the maximum fairness and align different interests. @raghavrmadya

[cryptowhizzard]

It is really a huge discuss. Long time no see such a big debate in fil community. I spend quite a lot time thoroughly going over all the comments under this discussion and would like give a summary of the whole discussion.

Two European notaries accuse 6 Asian notaries for abusing data cap signing because some LDN were found VPN problem and CID sharing problem. However, the people in approval of Asian notaries said two things as their arguement. One is that they are not network experts and failed to find the VPN problem. The other one is that before the robort was developed, no tool can be used to detect the CID sharing. And furtherly some ppl say that nearly all notaries can be find signing CID-sharing LDN, therefore it is unfair to remove only the 6 listed notaries.

I think the debate reflects a fact that the governing rule of notary is not sound. When should a notary receive a yellow card? And when should him receive a red card? I believe every notary is a believer of fil and can help filecoin grow better in many dimension. Growing community is very difficult, and even much more difficult in a bear market. Is eliminating the 6 Asian notaries or maybe more Asian notary or SPs in line with the whole interest of filecoin community? It is hard to say. Giving up asian market and falling back to Europe is definitely not a good choice for the entire filecoin community. No laws in the world directly sentence criminal to death. In the contray, law should give ppl chance and teach criminal to turn to good ppl in the future. Removing the notary is easy but it is hard to call them back in the future. And I think if we dig the thing deeper, nearly 99% of Asian notaries would be accused.

Maybe the accused Asian notaries don't do their job well. But I think giving them a warning and requiring them to be cautious is an appropriate treatment. They do make huge contribution in absorbing a large amount of capital and attention in early time, that European notaries cann't be compared with. It is at the best consideration for the entire community. Meanwhile, we should encourage ppl come up with better due diligence process and better detecting tools. Governing such a huge community should rely on more objective process, standards and rules to guarentte the maximum fairness and align different interests. @raghavrmadya

Apart from our differences where our opinions are far far far far :) apart i do agree on one thing with you. Removal of all may not be the best choice forward for all these notary’s. The reason is simple, if we remove them there will be new ones doing the same thing in notime.

My recommendation would be to put some of them on hold for 6 months. In this 6 months they need to follow a course ( 4 online meetings during 2 months where everything is explained again and discussions / debate explanations on the things that went wrong ) , a part of homework for 2 months where they evaluate applicants KYC and applications, learn what to expect and make recommendations for signing (or not). As last part a 2 months mentor period where they start signing again as “road to recovery” but communicate everything they want to sign before they sign to a mentor for final approval.

Note: I use the word “some” as some notary’s did things more wrong then others and I yet have to see the first apologies to be made. It is my believe that those involved know they are and know what they did. If they want a second chance considered a apology would be a first step? Secondly it seems there is confusion about the way things work here on the continent where I live. We might have a softer stance towards employees and second chances and you might be surprised @lamborghiniandy. The decision is with the RKH and personally I think they are still waiting for the first people to come forward to see if they even are interested in a genuine part to recovery at all because if there is a lack in understanding the road to recovery will not be found.

[raghavrmadya]

As a result of the discussion to issue #811 i.e. proposal to remove notaries, I would like to suggest not removing the aforementioned notaries but have the following repercussions:

Ask all notaries to show how they complied with their due diligence plan shared in their notary application in the 15 most recent signed applications. Notaries are welcome to record a video or shared a response explaining their approach. The goal here is to identify how I and the governance team can assist them IF they were trying to do the right thing.

If the evidence they provide is not convincing to the community, I suggest we give the notaries in question ways to regain trust by assisting with active due diligence for applications they are not signers on and meet a threshold of 50 applications each.

[raghavrmadya]

I welcome other suggestions on these notaries can regain community trust. If members still feel that the situation calls for opting for the last resort i.e. removal of notaries in question, please post your thoughts as well in this thread.

[SmallMiner]

Removal would be a smart choice.

We believe that after removal, they still have other notary qualifications to continue to participate in the community, but they will be more cautious in their future behaviors, which is a small part of the cost they should pay.

It is not only in the interests of filecoin, but also acceptable to other compliant athletes. Moreover, removal can officially stop the endless discussion, and the growth of QAP can quickly return to normal, which is the most important thing.

[Jefferson111]

My personal thoughts would be to re-trial them individually based on the offences committed. As one of the outcome of the discussions, all of us agree that there is a mismatch in the misconduct and notaries in this current issue. As such it would not be appropriate to apply the same form of penalty to all the notaries. And also at the same time, there would be time to round up all the other notaries who were omitted from this issue and apply the corresponding penalty.

If not, like @cryptowhizzard has mentioned and also alluded in issue #816, there is a good chance we have the new ones doing the same old things all over again.

[kernelogic]

My opinion is to NOT remove them as well. Some of them have provided lengthy explanation in this issue, and by reading through them, some are caused by lack of tooling (such as CID Checker) back then.

These are the most active notaries in the community, the more you sign, the more you will likely encounter fraudulent clients. If they are simply removed, we are only left with less active notaries.

[liyunzhi-666]

In my opinion, the removal of the remove notary should be the last step rather than a heavy penalty at the beginning.Until the CID checker comes out, notaries don't have a good tool to check for duplicate CIDs, so there will be some "wrong" signings. At the moment we don't have a good instruction manual for notaries, nor do we have a good warning mechanism. There are red and yellow cards in football, and we need them here too, and T&T DAO is necessary and urgent.

There are some notaries who do not have a technical background, so it is not easy for them to operate the Lotus client directly to check information on the chain. We should not exclude them, but rather find more ways or tools to help notaries perform their duties better. Previous chats with RG and the Lisbon meeting revealed that more data checking tools are being developed, which I believe is one of the reasons for the existence of T&T WG.

Shouldn't it be the clients and SPs who are really getting the benefit and cheating? So I suggest that the data cap already used by SPs should be removed so that they no longer have 10X power. blacklist SPs and clients.

[herrehesse]

@raghavrmadya

Ask all notaries to show how they complied with their due diligence plan shared in their notary application in the 15 most recent signed applications. Notaries are welcome to record a video or shared a response explaining their approach. The goal here is to identify how I and the governance team can assist them IF they were trying to do the right thing.

If the evidence they provide is not convincing to the community, I suggest we give the notaries in question ways to regain trust by assisting with active due diligence for applications they are not signers on and meet a threshold of 50 applications each.

Seems a fair approach to us. Can we draw a line at self-singing datacap of your own company, and remove those notaries or suspend them for a longer period?

[fillove]

To a certain extent, I also agree with you @herrehesse , as long as you agree, all those who have signed VPN and CID will be revoked and suspended.

Otherwise, you will face a problem: You thought the VPN or CID or something removed one or more notaries.

Then, once it is found that other notaries have also signed VPN or CID or SP distribution is uneven, should they also be removed?

If it is not dismissed, what is fair?

[fillove]

I also want to express a point of view, it is feasible to cancel FIL+.

Because before FIL+ came out, it was all CC.

By canceling FIL+, the community can really stop the chatter.

[fillove]

The entire network will suspend FIL+ for half a year, and the community will surely return to calm.

Penalizing notaries does not bring peace, it just leads to more reporting, more accountability, more revelations, more notaries and even the removal of all notaries.

I am sure that no notary is perfect, and all people have shortcomings and loopholes. Once we start the recall, then the recall will continue until there is no notary and until FIL+ dies.

[fillove]

我发现了很多共享 CID 的 LDN，让我们总结一下，不知道为什么表格跳过了那些 LDN，我会继续寻找

filecoin-project/filecoin-plus-large-datasets#77

filecoin-project/filecoin-plus-large-datasets#339

filecoin-project/filecoin-plus-large-datasets#403

@raghavrmadya My God, why are they @herrehesse @cryptowhizzard not on the list of revoked notaries?

Just because they explained it? Why must their explanations be reasonable? Other people's explanations must be unreasonable? Doesn't this completely violate the spirit of decentralization?

[fillove]

And is up to 3P CID sharing?

Excuse me, if you do large data, can you share CID lawlessly?

Excuse me, if you do large data, you can steal data, right?

If a notary like gate who has not signed any problematic LDN needs to record a video explanation, then please be fair, please be just, please be fair, please give sufficient reasons instead of perfunctory reasons, Tell me why they can be both referees and players.

[fillove]

For a single LDN, s0nik42 signed more than 6 times, MegTei signed more than 4 times, flyworker signed more than 3 times, Reiers signed more than 3 times, What the hell is going on here?

[fillove]

@raghavrmadya