Closed raghavrmadya closed 1 year ago
If the community has suggestions on how the notaries in question can earn back trust if evidence fails community consensus, please post in the thread as well.
I am not satisfied with the evidence provided and i am not satisfied with the change in behaviour.
This issue for example has two notaries who ( on the last datacap approval ) approved a clearly abusive LDN application. This goes for Metawave and Unionlabs (IPFSCN) and this just happened days ago. It should stop inmediately.
This issue is still open. The signature is still not revoked where it should be revoked. This goes for Metawave.
Above notary's applied to be a R4 notary and stated in their own notary application that they would provide KYC and duediligence. None of this is being done and until they start doing what they promised I strongly advise to have them paused.
I am not agreeing with both the provided evidence and the apparent lack of substantial change in behaviour.
I must express my deep frustration and disappointment with the notaries in question. In my opinion, they have completely eroded the trust of their respective communities, and as a result, they should not be allowed to sign any further applications. At an absolute minimum, they must demonstrate good faith by taking measures to rectify their abusive behaviour that has been documented. It is irrelevant whether their actions were intentional or not, as the outcome remains the same. Notaries have a responsibility to exercise due diligence and possess the necessary skillset to conduct tests on applications.
This is a list of the notaries who should be immediately barred from signing any further applications until they have regained the trust of their respective communities.
Notary Name | Signed CID Abusive Applications |
---|---|
Tom-OriginStorage | 30 |
swatchliu* | 26 |
liyunzhi-666 | 23 |
newwebgroup | 21 |
MetaWaveInfo | 18 |
MRJAVAZHAO | 18 |
I suggest this separate list below for those notaries who require close monitoring to ensure they are adequately performing their due diligence, but can still sign applications. Most of these notaries acted in good faith, but did not know they where singing an application with high CID abuse.
Notary Name | Signed CID Abusive Applications |
---|---|
kernelogic | 15 |
psh0691 | 15 |
PluskitOfficial | 13 |
stcouldlisa | 13 |
UnionLabs2020* | 11 |
BlockMakeronline | 11 |
Defil2022 | 10 |
I would like to propose two additional points. Firstly, I recommend that notaries who remain idle and have no utility to the community be discontinued as a notary after a period of at least three months of absence, or a shorter duration if deemed appropriate. Secondly, I suggest maintaining a list of notaries who have been signing applications without adequate due diligence. These notaries should only be re-given the community's trust after they have performed due diligence on 50 new applications.
(* these notaries have been seen doing more damage to the ecosystem by signing known fraudulent applications)
@herrehesse are the number of CID abusive LDNs counting from all time or only after the CID checker bot comes out? There was no way to check CID sharing before the bot comes out so signatures done before that shouldn't count as intentional abuse.
@raghavrmadya I have signed hundreds of LDNs of all time, actually I am the No.1 notary signed the most LDNs according to PL's statistics. If we look at the percentage of good vs bad, I should actually get an award for my hard work instead of getting questioned of playing favors or collusion?
What qualifies "significant pushback"? This is something the T&T DAO or voting should decide, not some random new GitHub accounts. I suggest these gas-lighting new GitHub accounts should go through KYC to identify themselves first.
@kernelogic Agreeing with you here, the numbers are factual so I can not change them, but most (close to all) of your signatures were before the CID checker report. This does not change the fact that close to none due diligence have been done on those signed applications. That is something we hope to permanently improve in 2023.
In this list, all signings occurred before the CID checker came out. So this shouldn't be considered a signature abuse.I agree with @kernelogic .
This is something that notaries should improve on afterwards. Each notary has his or her own requirements and views on scrutiny. But with a credible tool such as the CID Checker, it is better to eliminate misunderstandings between the community and notaries.
It 's too crazy!
I would appreciate if this thread was focused on notaries that were in question for 811. I do not see any evidence shared yet by the 6 notaries in question. If community members would like to flag other notaries, kindly open a new issue so that we can stay focused.
@raghavrmadya Since the end of #811, I have actively participated in notary meetings where galen expressed the opinion that each notary has his own investigation protocol Therefore, I signed a total of 4 LDNs after 811 closed, and I retrieve all of them before signing them, and give the retrieveable proofs on GitHub at.
I'd like to request further DD on #1078. @Tom-OriginStorage should be put on hold until everything is clear.
Hey @raghavrmadya From #811 so far, we have not signed any LDN. During this time, we have been trying to learn more about the Fil+ rules, actively participating in notary meetings and T&T group meetings, and learning more by talking to other notaries (e.g., how do you verify that an SP can support a search via Lotus? etc.) We will continue to refine our KYB investigation methods to help us be able to get back to normal faster.
@raghavrmadya , hello We never signed any LDNs after #811, We also not be signing any LDNs for the next 3 months(May 18, 2023) Thanks
hi @raghavrmadya signing LDNs, and asked for an explanation for the 15 recently signed LDNs. In #811, we gave detailed explanations for the 15 recently signed LDNs Among them, 5 signatures are the first round of LDN, all of which require the applicant to complete KYB according to the rules at that time or other notaries have completed KYB, and the other 10, 9 of which robot inspections are in compliance with the rules, of which 638 has 9 Sector CID sharing, communication is an operational error, which can basically be ignored For detailed information, you can go to #811 to view, In #811, if our interpretation can be recognized by the community, we can continue to sign, just like @raghavrmadya said, there was no notary objecting at that time, so after #811 ended, we made the signature rules In-depth study, and some communication with other notaries, Two weeks later, on February 13th, we returned to the community and started due diligence and signing of the LDN. I signed a total of 4 LDNs, 3 of which were due diligence by the rest of the notary, and I conducted due diligence again. , They all comply with the rules and have no CID sharing, and they can all be retrieved; the other one has been reviewed by myself, and its packaging basically complies with the rules. There are 5.7T of CID sharing in the same project, and the retrieval is also normal;
I'd like to request further DD on #1078. @Tom-OriginStorage should be put on hold until everything is clear.
no problem thank you for your attention ,I gave the answer below 1078
Hi @raghavrmadya , thanks for raising a proposal that allows the community to have a complete discussion and to bring closure to proposal #811. First of all, welcome everyone to review the form of how ND signed for the last 15 LDNs. I have also marked on the form why we are willing to support and sign. Please see attached. Also, I would like to explain the two LDNs I signed after the #811 here.
(Regarding why ND has done the signatures in the past few days, I need to explain why. We attended every session of the governance call and the answer we got at the call was that the community was allowing the notary to do signatures if a reasonable review was done. So after #811 was not going through, we took a period of hiatus before we started signing again. During this time, Dcent, the active notary in the community, DMed me about whether ND needed to be able to sign after 50 LDN reviews, and I explained to Hid why we could sign. As it turned out, as RG stated in here, we were allowed to sign during that period, provided we conducted due diligence on the LDNs, which we did not misunderstand.) The above is ND's explanation as an active and challenged notary. In addition, ND would like to take this opportunity to express some of our own views on the community situation. First, the standards of review for notaries are not mandatory and may differ from notary to notary, and they are always changing with the different tools available. (which is great and is a sign of keep moving of Fil+ community) At present, we have communicated with other notaries and ND's own review standards are as follows: 1、The client conducts KYC email confirmation to ensure that the application is submitted by the client's own will. 2, the information of the application is complete and has a reasonable data sample, we also consider the data backup situation of the LDN to make a comprehensive judgment. 3, the client has a reasonable explanation for the community members' questions, and the community members have no new questions. 4、After the check bot is launched, we mainly refer to the check bot inspection, such as the client sharing too many CIDs or storage is not in compliance with the rules, notaries will require an explanation in a public way, and will not sign without a reasonable explanation. 5、We will test the connectivity of SPs for recent LDNs, in addition, by communicating with Xinan Xu, we believe that it is best if one LDN has more than 4 different operators.
Finally, I would like to say that Filecoin is a friendly community, we have members from different countries, and we all have different cultures but we all share a common goal, which is to make the Filecoin project go further and better. Just like the news of FVM's launch this year, it has given everyone long-awaited confidence. However, the current situation in the community does have some "voices". We hope that the community can help notaries and the community to be more transparent and reasonable by building a consensus on notary review standards as well as the launch of open source tools like check bot and VPN check to complete the due diligence reasonably. Cause the only constant is continuous change.
I'd like to request further DD on #1078. @Tom-OriginStorage should be put on hold until everything is clear.
no problem thank you for your attention ,I gave the answer below 1078
That answer was however not answering the question itself. I asked if Xhash is / was your customer. A clear yes / no is missing. Secondly you indicated that you spoke to Xhash themselves and that they indicated that their storage plan was not in line with the FIL+ rules for the first allocation(s) . This communication is / was not forwarded to the community for review, to conclude there is no proof that due diligence is or was done, hence you still signed where you should not.
"They all comply with the rules and have no CID sharing, and they can all be retrieved; the other one has been reviewed by myself, and its packaging basically complies with the rules. There are 5.7T of CID sharing in the same project, and the retrieval is also normal;"
This is simply not true. See above. Bending the rules does not make an applicant comply with the rules. A famous saying -> A little bit poison in your drink is still poison.
@cryptowhizzard
1: I can tell you that XHASH is not a customer of OriginStorage, you can find out what they do. I have explained your question politely, please don't question without reason, don't think that only your rules are correct, if you have time, you can answer the Decent/Speedium shared CID on slack; https://filecoinproject.slack.com/archives/C0405HANNBT/p1676654179383529
2: Regarding the current rules of FIL+, I believe everyone is very clear that the final packaging of LDN needs to meet the standard. The first packaging is only 50T. Not everyone can auction the quota like dcent; use the quota to earn income;
Hi Tom,
This issue is about the applicant’s LDN and about you who put a signature in this LDN. If you have questions about my notary due diligence you are welcome to open an issue about this on git in the governance repo.
I have no clue what you mean about the rule of final packing and what you figured out for own ruleset’s over there but the guidelines are clear for approving applications. I still don’t see prove of due diligence done, neither a data storing plan.
@cryptowhizzard What I mean is that they only have a 50T quota at the moment, and it is a bit premature for us to draw conclusions on the distribution of data. They promised that the new SP will be reflected in the second round of 100T quota. If you want to see the later results, please help them sign and let him continue to show you the later results
@cryptowhizzard What I mean is that they only have a 50T quota at the moment, and it is a bit premature for us to draw conclusions on the distribution of data. They promised that the new SP will be reflected in the second round of 100T quota. If you want to see the later results, please help them sign and let him continue to show you the later results
Well, i asked for the data onboarding plan where the next data will be stored. It still is not present because you did not do proper due diligence. I asked if this is a customer of you ( it would explain the kyc already done and agreement on storage ) .. but since you confirm this is not the case i must presume this signature came out of the blue? Why do you sign without DD on someone you don’t know and against your own commitments in your application?
If the data onboarding plan would show the 100% selfdealing before or on the moment you signed then this would be more credible. Now it isn’t.
He is not my client, he contacted me on WeChat through some people, because we are all in the blockchain industry, I communicated this issue with them in detail on WeChat, I am completely sure of the authenticity of their company Yes, they are also well-known in the blockchain industry. As for the problem you mentioned that there are currently only 3 SPs, they will solve it in the second round, because the current 50T quota in the first round has been used up. The latest rule for FIL+ is to store 4 copies, but isn’t this just the beginning? The entire LDN just stores 1% of the data. Can you see what I mean?
I promise that I will follow up #1078 Data storage reaches at least 4 SPs
Let’s close this conversation between us. It is not helpfull.
There are dozens of examples here on Github why failure of proper KYC leads to mishandle of datacap. Wechat contact is not KyC.
Second, there are no 3 service providers. There is only 1 ( one ) . That one has 3 machines he controls and that is why this is self dealing and should not have been signed.
Lets convene with the governance team how we should move forward with this application ok?
1: The first round has been assisted by a notary to complete the KYC, 2: WeChat records in China can be used as legal evidence;
hi @raghavrmadya signing LDNs, and asked for an explanation for the 15 recently signed LDNs. In #811, we gave detailed explanations for the 15 recently signed LDNs Among them, 5 signatures are the first round of LDN, all of which require the applicant to complete KYB according to the rules at that time or other notaries have completed KYB, and the other 10, 9 of which robot inspections are in compliance with the rules, of which #638 has 9 Sector CID sharing, communication is an operational error, which can basically be ignored For detailed information, you can go to #811 to view, In #811, if our interpretation can be recognized by the community, we can continue to sign, just like @raghavrmadya said, there was no notary objecting at that time, so after #811 ended, we made the signature rules In-depth study, and some communication with other notaries, Two weeks later, on February 13th, we returned to the community and started due diligence and signing of the LDN. I signed a total of 4 LDNs, 3 of which were due diligence by the rest of the notary, and I conducted due diligence again. , They all comply with the rules and have no CID sharing, and they can all be retrieved; the other one has been reviewed by myself, and its packaging basically complies with the rules. There are 5.7T of CID sharing in the same project, and the retrieval is also normal;
Hey bro, what's wrong with my application form? #638
hi @raghavrmadya signing LDNs, and asked for an explanation for the 15 recently signed LDNs. In #811, we gave detailed explanations for the 15 recently signed LDNs Among them, 5 signatures are the first round of LDN, all of which require the applicant to complete KYB according to the rules at that time or other notaries have completed KYB, and the other 10, 9 of which robot inspections are in compliance with the rules, of which #638 has 9 Sector CID sharing, communication is an operational error, which can basically be ignored For detailed information, you can go to #811 to view, In #811, if our interpretation can be recognized by the community, we can continue to sign, just like @raghavrmadya said, there was no notary objecting at that time, so after #811 ended, we made the signature rules In-depth study, and some communication with other notaries, Two weeks later, on February 13th, we returned to the community and started due diligence and signing of the LDN. I signed a total of 4 LDNs, 3 of which were due diligence by the rest of the notary, and I conducted due diligence again. , They all comply with the rules and have no CID sharing, and they can all be retrieved; the other one has been reviewed by myself, and its packaging basically complies with the rules. There are 5.7T of CID sharing in the same project, and the retrieval is also normal;
Hey bro, what's wrong with my application form? #638
Sorry it's LDN 638, I've changed it
He is not my client, he contacted me on WeChat through some people, because we are all in the blockchain industry, I communicated this issue with them in detail on WeChat, I am completely sure of the authenticity of their company Yes, they are also well-known in the blockchain industry. As for the problem you mentioned that there are currently only 3 SPs, they will solve it in the second round, because the current 50T quota in the first round has been used up. The latest rule for FIL+ is to store 4 copies, but isn’t this just the beginning? The entire LDN just stores 1% of the data. Can you see what I mean?
I promise that I will follow up #1078 Data storage reaches at least 4 SPs
@Tom-OriginStorage, can you share the DD process you did for #1078 directly? I think communication evidence would be the best way to clear what @cryptowhizzard flagged above.
Also, i would recommend all notaries involved in #811 do the same to prove that they did proper DD and regain the trust of the community.
These notaries continue to claim "unintentional" mistakes despite being proven to be self encapsulated, undue kyc, etc. Community inclusivity does not mean all mistakes should be excused. If such violations will be accepted, think of what R4 with 100+ noatris will become. @raghavrmadya
Thank you for the discussion on this topic. As outlined above, this issue will be closed today. Based on the discussion above and compliance with the request for evidence, ND Labs, Newwebgroup, STCloud, Tom - Origin storage are no longer under review and can continue to sign LDNs. I understand and truly appreciate the concerns that active community members have flagged here.
That said, the T&T WG expects that the aforementioned notaries might receive some questions on their signing but I would encourage ND Labs, Newwebgroup, STCloud, Tom - Origin storage to continue to sign and provide supporting evidence rather than pause signing.
I understand that some community members might still be unsatisfied by the signing evidence provided by the aforementioned notaries and such diversity of opinion is representative of a healthy community imo.
I will be sharing this on the T&T WG Call.
I do not see any evidence shared by ipfscn and gate.io and as such, they are still paused from signing. Not signing is not a solution or answer to an allegation. If you believe you did the right thing, kindly share your voice with the community.
In the last 15 IPFSCN signatures, 6 were for large datasets and 9 were for company-type signatures. The following are the details for each signature: Flying Swallow #983, 1104, 1105: 4 times signed in total, twice for #983. The reason for signing was due to the cooperation with over 10 SPs, the allocation of SPs was reasonable and ensured decentralization, and the backup was healthy.
@raghavrmadya We recorded a video, but since the content of the file is too large to upload on GitHub, I will send it to you privately.
Sorry, I still haven't found a proper way to upload videos, so I wrote a text version
@raghavrmadya Here is our video link: https://youtu.be/ttMBp3xnHxg
Hello everyone, I recorded the video about 1 month ago, I found that GitHub could not upload it, because the video was too big, so I sent it to @raghavrmadya and @Kevin-FF-USA and @philippbanhardt about a month ago,
@raghavrmadya , hello We never signed any LDNs after #811, We also not be signing any LDNs for the next 3 months(May 18, 2023) Thanks
Thanks for everyone's attention, we also always pay attention to the filecoin community.
Finally, our commitment will not change and I will not sign for the next three months.
Issue Description
https://github.com/filecoin-project/notary-governance/issues/811
The notaries in question in issue 811 were requested to provide evidence of how their signing is aligned with their due diligence plan. Some did so in the comments but given the number of comments on this popular thread, things got lost.
T&T WG, seeing no pushback on evidence, assumed that the community was satisfied with the evidence provided but recent discussion shows that might not be the case.
Impact
Based on a community review of the evidence provided, T&T WG will action as follows:
Proposed Solution(s)
Post evidence already shared n this thread for the community to review.
Timeline
Feb 15th 2023 - Feb 20th 2023 - Community discussion Feb 21st 2023 - Consensus announced at T&T WG call
Technical dependencies
N/A
Risks and mitigations
Slowdown of LDN TTD
Related Issues