This is a list of all the centralized points of Spacemesh. We explain each of these points and the mitigations methods to avoid or remove them.
Special Privileges
Beacon value: Beacon is critical for bootstrapping. When we started genesis, we couldn’t run the beacon protocol ahead of time, since it was impossible to determine eligibility to participate. To work around this, Spacemesh started providing this value every epoch, as a fallback for when the protocol didn’t run properly in the previous epoch. This can only happen if there’s a prolonged network downtime or attack, but still gives Spacemesh a privilege that others don’t possess.
Shared active set: As a result of the abnormal growth in the number of ATXs, the sync process isn’t as effective as it should be. It does not guarantee that node will download all missing ATXs which then causes poor ATX propagation. As a result, many nodes are using slightly different active sets.
In order to guarantee that most nodes are using the same active set, we have implemented a short term solution which
includes sharing an active set from our server that nodes use as a base (they can add any additional ATXs they know
about). The long term solution would be to encode the active set with a difference, rather than re-encoding whole activeset #5282. and additionally we may consider building active deterministically from 1 or several blocks, #5288. This may not be an issue at all if sync and gossip are improved and work as intended.
These are points where there’s a necessary common good, but there’s no incentive to operate this part of the network. Running these services should either be incentivized or the network should not rely on them.
Booster nodes: The current P2P implementation doesn’t work well behind a NAT. Since most users are behind a NAT, there’s a de-facto reliance on publicly accessible nodes that people behind NATs can use as relays. There’s no incentive to run such a node, other than wanting to keep the network alive. The solution is to make our P2P implementation work behind most NATs, so there’s no reliance on boosters.
PoET: While anyone can run a PoET, there’s currently no easy way to monetize it. The default client should make it easy to use a paid PoET service by allowing users to commit a share of their future rewards to the PoET.
Social Consensus
Checkpoint restore: In theory, anyone is able to create a new version of the client and then it’s up to them whether they succeed in convincing people to switch to that new version or not. Spacemesh does not have any “official” power with checkpoint restore that would force people to switch to a new version. We should feel confident enough with the way the network works that we don’t need code in place to make this dangerous process easy.
Summary
This is a list of all the centralized points of Spacemesh. We explain each of these points and the mitigations methods to avoid or remove them.
Special Privileges
Beacon value: Beacon is critical for bootstrapping. When we started genesis, we couldn’t run the beacon protocol ahead of time, since it was impossible to determine eligibility to participate. To work around this, Spacemesh started providing this value every epoch, as a fallback for when the protocol didn’t run properly in the previous epoch. This can only happen if there’s a prolonged network downtime or attack, but still gives Spacemesh a privilege that others don’t possess.
Shared active set: As a result of the abnormal growth in the number of ATXs, the sync process isn’t as effective as it should be. It does not guarantee that node will download all missing ATXs which then causes poor ATX propagation. As a result, many nodes are using slightly different active sets.
In order to guarantee that most nodes are using the same active set, we have implemented a short term solution which includes sharing an active set from our server that nodes use as a base (they can add any additional ATXs they know about). The long term solution would be to encode the active set with a difference, rather than re-encoding whole activeset #5282. and additionally we may consider building active deterministically from 1 or several blocks, #5288. This may not be an issue at all if sync and gossip are improved and work as intended.
See mitigating problems with the network due to poor atxs propagation and bloated active sets · Issue #5366 · spacemeshos/go-spacemesh · GitHub
Lack of Incentives
These are points where there’s a necessary common good, but there’s no incentive to operate this part of the network. Running these services should either be incentivized or the network should not rely on them.
Booster nodes: The current P2P implementation doesn’t work well behind a NAT. Since most users are behind a NAT, there’s a de-facto reliance on publicly accessible nodes that people behind NATs can use as relays. There’s no incentive to run such a node, other than wanting to keep the network alive. The solution is to make our P2P implementation work behind most NATs, so there’s no reliance on boosters.
PoET: While anyone can run a PoET, there’s currently no easy way to monetize it. The default client should make it easy to use a paid PoET service by allowing users to commit a share of their future rewards to the PoET.
Social Consensus
Tasks