-
Notifications
You must be signed in to change notification settings - Fork 107
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
storage: Weekly / bi-weekly storage group meeting summaries.
- Loading branch information
1 parent
2fbea7b
commit 0ca99db
Showing
13 changed files
with
527 additions
and
0 deletions.
There are no files selected for viewing
29 changes: 29 additions & 0 deletions
29
storage/design/storage-group-meetings/storage-group-meeting-summary-20240822.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,29 @@ | ||
|
|
||
| Orchid Storage Technical Meeting: Provider Selection and Repair Incentive Mechanisms | ||
|
|
||
| The meeting aimed to address the mechanics and incentives around provider selection and payment settlements within the Orchid Storage framework, covering failure handling and repair processes within the decentralized storage network. | ||
|
|
||
| 1. **Provider Selection**: | ||
| - **Current Model**: The existing model leverages a stake-weighted random selection algorithm (detailed in Section 3.1 of the paper), with the idea that each client can autonomously choose a set of providers from the available pool based on their unique criteria. | ||
| - **Curator Role**: Curators act as intermediaries, improving client-provider matches through a stake-based mechanism. However, the meeting noted that the curators themselves may encounter issues, such as “null” or inactive curators that could disrupt the provider selection chain. | ||
| - **Failure Cases**: Two failure cases were highlighted: | ||
| - *Null Curators*: Instances where a curator list is empty or does not contain any valid providers. | ||
| - *Provider Misalignment*: Situations where the cohort might not agree on the selected provider, potentially leading to issues in storage data consistency. | ||
|
|
||
| 2. **Repair Incentive Design**: | ||
| - **Incentive Structure**: The repair protocol (Section 3.4.3) incentivizes providers to quickly identify and address missing or incomplete blocks through a mechanism termed “rate certificate.” If a provider fails, the cohort initiates a repair process, benefiting economically by providing necessary blocks to a new provider. | ||
| - **Incentive Alignment**: Honest providers are economically motivated to adhere to the protocol. This ensures only the correct recipient can retrieve data efficiently, reducing the possibility of data misuse or “repair scams” where dishonest actors might try to exploit the rate certificate system. | ||
| - **Fallback Approaches**: Discussed potential fallbacks when a provider or curator list is inactive, emphasizing the need for protocol flexibility and forward compatibility. | ||
|
|
||
| 3. **Economic Safeguards Against Dishonest Actors**: | ||
| - **Self-Audit Mechanism**: Providers are expected to perform regular self-audits, which rely on bonded commitments and rate certificates, enforcing economic penalties for dishonesty (as noted in Section 3.3). This mechanism discourages providers from submitting false reports due to the risk of losing their bond. | ||
| - **Coordination and Collusion Risks**: The discussion acknowledged that while individual dishonest actions might be contained, a larger risk exists if a cohort colludes with a client for misaligned incentives. The proposed solution is leveraging a robust authentication process and periodic commitment to the blockchain for verification. | ||
|
|
||
| 4. **Future Enhancements could allow procedural provider selection** | ||
| - While still conceptual, the integration of a VM-like sysstem would allow for customizable configurations directly on the provider machines. This could enable more advanced provider selection algorithms without dependency on current protocol limitations, possibly enhancing reliability in complex environments. | ||
|
|
||
| 5. **Open Questions and Further Steps**: | ||
| - **Fallback Design**: Further refinement is needed to handle cases where a curator disappears or curates incorrectly. Adding a backup mechanism or a reputation alternative could improve reliability. | ||
| - **Data Coordination Challenges**: The meeting concluded with a consensus on the need for more robust coordination mechanisms in scenarios involving complex data sharing and multiple providers to prevent data bottlenecks or delivery slowdowns. | ||
|
|
||
| This discussion highlighted incentive alignment, aiming to make provider selection and repair both economically viable and resistant to misalignment or collusion. |
49 changes: 49 additions & 0 deletions
49
storage/design/storage-group-meetings/storage-group-meeting-summary-20240829.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,49 @@ | ||
|
|
||
| Orchid Storage Technical Meeting: Rate Certificates and On-Chain Settlement Mechanisms | ||
|
|
||
| ### Summary: | ||
| This meeting centered on challenges and potential solutions regarding **rate certificates, on-chain settlements, client-provider interactions**, and **provider incentives**. | ||
|
|
||
| #### Key Points: | ||
| 1. **Rate Certificates for Payment Assurance**: | ||
| - Clients issue **rate certificates** to providers, outlining payment conditions for storing data. | ||
| - Rate certificates must be securely designed to prevent unauthorized use or manipulation by providers. | ||
|
|
||
| 2. **Client-Provider Dynamics**: | ||
| - Offline clients should retain assurance of data storage without incurring excessive costs. | ||
| - Providers need mechanisms to settle payments and prove data integrity even when clients are offline. | ||
|
|
||
| 3. **On-Chain Settlement Mechanism**: | ||
| - In the absence of client verification, providers use **on-chain verification**. | ||
| - This requires submitting cryptographic proofs (e.g., KZG commitments) and other metadata to validate data storage. | ||
| - High costs associated with on-chain operations necessitate thoughtful batching and cost amortization strategies. | ||
|
|
||
| 4. **Provider-Paid vs Client-Paid Costs**: | ||
| - Initial discussions proposed the client bearing on-chain costs. However, the final consensus leaned towards providers paying for on-chain settlements, as: | ||
| - Providers can batch settlements for cost efficiency. | ||
| - They are better positioned to align costs with incentives to retain clients. | ||
| - Providers can adjust service pricing to reflect these operational expenses. | ||
|
|
||
| 5. **Griefing and Incentive Design**: | ||
| - Addressed potential griefing attacks where malicious providers force unnecessary on-chain settlements. | ||
| - Proposed countermeasures include slashing mechanisms tied to **bonded commitments** and incentivizing proper provider behavior. | ||
|
|
||
| 6. **Fallback Mechanisms**: | ||
| - Ensured fallback paths exist to maintain trust: | ||
| - Forcing compliance via blockchain mechanisms when disputes arise. | ||
| - The cohort's role in verifying and maintaining block data. | ||
|
|
||
| 7. **Implementation Constraints**: | ||
| - Discussed potential hurdles, such as: | ||
| - Blockchain data accessibility (limited historical state access in some chains). | ||
| - Designing efficient proof systems within existing Ethereum frameworks. | ||
| - Future considerations include leveraging technologies like **Proto-Danksharding** to reduce costs. | ||
|
|
||
| 8. **Open Questions and Next Steps**: | ||
| - Explore optimal mechanisms for storing and verifying commitments (e.g., off-chain storage vs. blockchain-logged metadata). | ||
| - Deepen the analysis of amortization benefits in batch processing of claims. | ||
| - Ensure compatibility with future Ethereum updates and alternative blockchain ecosystems. | ||
|
|
||
| ### Outcome: | ||
| The meeting outlined a strategy for managing the complex interaction of costs, incentives, and proof mechanisms in decentralized storage systems. Key implementation challenges were flagged for further exploration, with a follow-up session proposed to delve into **bonded commitments** and refine on-chain verification workflows. | ||
|
|
47 changes: 47 additions & 0 deletions
47
storage/design/storage-group-meetings/storage-group-meeting-summary-20240909.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,47 @@ | ||
|
|
||
| Orchid Storage Technical Meeting: Discussion of Bonded Commitments | ||
|
|
||
| ### Summary of Discussion | ||
|
|
||
| #### Purpose of Bonded Commitments | ||
| - **Definition:** Bonded commitments are mechanisms that incentivize storage providers to act correctly even in the absence of active monitoring by clients. | ||
| - **Objective:** Ensure that providers maintain and securely store client data, with penalties (slashing conditions) for failure. | ||
|
|
||
| #### Key Concepts Explored | ||
| 1. **Bond Growth Over Time:** | ||
| - Providers post a bond for every commitment made, which grows as they handle more data over time. | ||
| - Bond size scales with the number of clients and data sub-blocks associated with the provider. | ||
| - Bonds can only be reclaimed by proving correctness through cryptographic methods or client signatures. | ||
|
|
||
| 2. **Slashing and Incentives:** | ||
| - If a provider fails an audit (interactive or non-interactive), their bond is partially or fully forfeited. | ||
| - The slashed amount can fund data repair or be awarded to replacement providers. | ||
|
|
||
| 3. **Two Approaches to Verifying Commitments:** | ||
| - **Backward-Looking Protocol:** Bonds are posted and later justified through proofs at settlement, ensuring correct behavior over a longer period. This method minimizes on-chain interactions but introduces delays in penalizing failures. | ||
| - **Forward-Looking Protocol:** Cohorts of verifiers actively assess correctness in real-time, which might allow immediate responses to failures but could increase operational costs and complexity. | ||
|
|
||
| 4. **Challenges and Debates:** | ||
| - Incentivizing verifiers to actively perform checks when failure probabilities are low. | ||
| - Balancing cost-efficiency with robustness in detecting incorrect or incomplete commitments. | ||
| - Determining the practicality of encoding metadata to simplify verifications while ensuring correctness and scalability. | ||
|
|
||
| #### Implementation Challenges | ||
| - **Protocol Simplicity vs. Flexibility:** | ||
| - Initial proposals favor protocol-defined constants (e.g., fixed bond sizes per sub-block) to simplify design and implementation. | ||
| - More sophisticated mechanisms for scaling bond sizes dynamically were considered but may require further analysis for feasibility. | ||
| - **Network Partition and Repair Protocols:** | ||
| - Addressing how overlapping cohorts handle incomplete or conflicting audits. | ||
| - Ensuring effective and prompt data repair mechanisms to maintain client trust. | ||
|
|
||
| #### Open Questions | ||
| - How to efficiently encode and verify metadata for bonds? | ||
| - What are the optimal values for fixed constants in initial implementations? | ||
| - Can incentives be effectively aligned for real-time cohort-based verification without adding excessive cost? | ||
|
|
||
| #### Next Steps | ||
| - Finalize parameters for bonded commitments (e.g., bond size, posting frequency). | ||
| - Investigate metadata encoding techniques to simplify cohort checks. | ||
| - Develop prototypes for both backward-looking and forward-looking protocols to compare efficiency and reliability. | ||
| - Solicit feedback on the feasibility of incentivizing cohort members for correctness checks. | ||
|
|
40 changes: 40 additions & 0 deletions
40
storage/design/storage-group-meetings/storage-group-meeting-summary-20240916.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,40 @@ | ||
|
|
||
| Orchid Storage Technical Meeting: Goals for Specification Documents | ||
|
|
||
| **Summary of Technical Discussion:** | ||
|
|
||
| 1. **Purpose and Context:** | ||
| - Building on the concepts from the Orchid Storage litepaper, the meeting focused on drafting a practical, implementable specification for decentralized data storage. | ||
| - The objective is to create a clear, actionable design that developers can use to build the system. | ||
|
|
||
| 2. **High-Level Goals:** | ||
| - Produce three key documents: | ||
| - **Implementation Document:** Detailed enough for developers to build smart contracts, provider-side, and client-side systems. | ||
| - **Spec for Open Contribution:** A high-level but comprehensive specification to allow external developers to contribute. | ||
| - **White Paper/Outreach Document:** Explains the technology and positions it within the broader decentralized storage ecosystem. | ||
|
|
||
| 3. **System Design Approach:** | ||
| - Defined roles (client, provider, blockchain) and their interactions: | ||
| - Clients encode data into erasure-coded blocks. | ||
| - Providers store these blocks and self-audit using bonded commitments and cryptographic proofs. | ||
| - Blockchain mediates payments and ensures correctness through legible and irreversible audits. | ||
|
|
||
| 4. **Discussion Breakdown:** | ||
| - **Phase 1: Initial Data Storage** | ||
| - Client chooses a cohort of providers using the Orchid Directory. | ||
| - Data is erasure-coded into blocks and distributed among providers. | ||
| - Providers commit to storing blocks and send KZG commitments to the client. | ||
| - **Phase 2: Regular Operations** | ||
| - Providers perform periodic self-audits, submitting bonded commitments to ensure availability and correctness. | ||
| - Cohorts verify each other’s commitments, ensuring redundancy and preparing for potential provider failures. | ||
| - **Phase 3: Repair and Failure Handling** | ||
| - Failed providers are identified via incomplete audits. | ||
| - Cohorts collaborate to reconstruct missing data and onboard new providers using the twin-coding repair mechanism. | ||
| - Payments to providers are settled through blockchain interactions based on verified audits. | ||
|
|
||
| 5. **Proposed Next Steps:** | ||
| - Develop a narrative-style technical document starting from a user story ("As a client, I want to store data"). | ||
| - Outline actor responsibilities and data flows in increasing detail. | ||
| - Focus on drafting APIs and pseudo-code to guide implementation. | ||
|
|
||
| By clarifying the operational flows and specifying interactions between clients, providers, and the blockchain, the meeting laid the groundwork for a comprehensive, implementation-ready specification. |
37 changes: 37 additions & 0 deletions
37
storage/design/storage-group-meetings/storage-group-meeting-summary-20240926.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,37 @@ | ||
|
|
||
| Orchid Storage Technical Meeting: Provider and Cohort Core Interactions | ||
|
|
||
| --- | ||
|
|
||
| #### **Key Themes:** | ||
|
|
||
| 1. **Provider Stories and Core Interactions:** | ||
| - The meeting began by structuring the provider's journey through decentralized data storage. The provider's role involves: | ||
| - Advertising storage capabilities via staking mechanisms. | ||
| - Accepting storage tasks based on incoming Rate Certificates (RCs). | ||
| - Validating RCs to ensure they are credible commitments. | ||
| - Performing bandwidth transactions while assembling data blocks. | ||
| - Constructing cryptographic commitments (e.g., KZG) to ensure auditability. | ||
|
|
||
| 2. **Cohort Mechanics:** | ||
| - A "cohort" represents a group of storage providers collaborating to maintain data reliability. | ||
| - Interactions within cohorts include: | ||
| - Sharing metadata about members. | ||
| - Identifying incomplete or invalid commitments during audits. | ||
| - Supporting data reconstruction using erasure coding. | ||
| - Providers are incentivized to participate in repairs and verification, enhancing data durability. | ||
|
|
||
| 3. **Operational Phases:** | ||
| - **Phase 1:** Core interaction between a provider and a client: | ||
| - Focused on direct commitments and bandwidth exchanges without external dependencies. | ||
| - **Phase 2:** Integration of cohort-level interactions: | ||
| - Handling failures and repairs collaboratively. | ||
| - Incentive alignment ensures honest provider participation in the cohort's repair processes. | ||
| - **Phase 3:** Reconstruction and repair: | ||
| - Providers execute client-signed recovery tasks even in the client’s absence. | ||
| - Cohorts employ erasure and twin-coding schemes for efficient block regeneration. | ||
|
|
||
| 4. **Document Structure and Levels of Detail:** | ||
| - There was a consensus to separate design and incentive motivations from detailed technical specifications (the "spec"). | ||
| - Abstract concepts like Rate Certificates, Bonded Commitments, and Erasure Coding need discrete sections for clarity. | ||
|
|
48 changes: 48 additions & 0 deletions
48
storage/design/storage-group-meetings/storage-group-meeting-summary-20241001.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,48 @@ | ||
|
|
||
|
|
||
| Orchid Storage Technical Meeting: Cohort Data Repair Operations | ||
|
|
||
| ### Meeting Summary: | ||
| The meeting extensively discussed the design and operational nuances of the repair process. | ||
|
|
||
| #### 1. **Repair Mechanisms**: | ||
| - The repair process involves two distinct perspectives: **sending data for repair** and **receiving data as a repair target**. | ||
| - **Sending Perspective**: | ||
| - Providers monitor for failures in the cohort through bonded commitments and selection algorithms. | ||
| - The repair process initiates when a failure is detected, and a new repair target is selected based on the client-defined selection algorithm. | ||
| - Cohort members race to send repair data, as they profit from bandwidth payments for their contributions. | ||
| - **Receiving Perspective**: | ||
| - Newly selected providers verify their role using the selection algorithm and authenticate the received rate certificate. | ||
| - Key distinctions include handling erasure-coded data, paying for bandwidth during data retrieval, and ensuring the rate certificate's conditions are met, including proving prior provider failure. | ||
|
|
||
| #### 2. **Challenges and Incentives**: | ||
| - **Provider Cohort Dynamics**: | ||
| - Potential risks include cabal-like behavior where small groups of providers could manipulate the selection and repair process. | ||
| - Ensuring fair representation in cohorts is critical to avoid centralization. | ||
| - **Fraud and False Repairs**: | ||
| - Mechanisms must prevent the cohort from initiating unwarranted repairs or providing fraudulent rate certificates. | ||
| - On-chain verifiability and transparency, as outlined in the litepaper (e.g., Proto-Danksharding methods), are crucial. | ||
| - **Bandwidth Costs**: | ||
| - Bandwidth payments present a vulnerability to griefing attacks, where dishonest providers force repair targets to incur unnecessary costs. | ||
| - Discussion noted the need for economic disincentives to such attacks. | ||
|
|
||
| #### 3. **Design Philosophy**: | ||
| - The protocol is heavily reliant on **trustless operations**, utilizing: | ||
| - **Erasure coding** for efficient storage and repair. | ||
| - **Rate certificates** as commitments ensuring fair payments for services. | ||
| - **Bonded commitments** to enforce storage correctness without external auditors. | ||
| - The interplay of these components ensures a self-healing system capable of operating autonomously even when clients are offline. | ||
|
|
||
| #### 4. **Open Questions**: | ||
| - How to enforce rate certificate validity and prevent their misuse in griefing or redundancy amplification? | ||
| - Can additional metadata enhance transparency for both internal and external actors without significantly increasing overhead? | ||
| - Are current assumptions about incentive structures robust enough to handle real-world edge cases? | ||
|
|
||
| ### Recommendations: | ||
| 1. **Clarify Incentive Models**: | ||
| Refine the incentives for both sending and receiving providers to align with self-interest while preventing abuses. | ||
| 2. **Enhance Transparency**: | ||
| Consider metadata publication to improve trust and allow broader verification without undermining efficiency. | ||
| 3. **Iterative Design Validation**: | ||
| Engage in further modeling and simulations to ensure edge cases, such as collusion or griefing attacks, are effectively mitigated. | ||
|
|
Oops, something went wrong.