Skip to content

Instantly share code, notes, and snippets.

@jnaulty

jnaulty/Dystopian Labs - cost-reward-calculating.md

Last active September 5, 2020 12:18
Show Gist options
  • Save jnaulty/6fa40346e3bab628362ca8ccad9b7f8a to your computer and use it in GitHub Desktop.
Save jnaulty/6fa40346e3bab628362ca8ccad9b7f8a to your computer and use it in GitHub Desktop.
Download ZIP
Dystopian Labs Trust Less Validator Conference 2020
Raw
decentralization-metrics-and-methodology.md

Decentralization: Metrics & Methodology For Determining The Health (And Viability) Of A Blockchain Network with Reseachers from ConsenSys

With Mally Anderson (ConsenSys) & Everett Muzzy (ConsenSys)

video link

From https://trust-less-2020.dystopialabs.com/

Measure Decentralization in Ethereum

More decentralized and a blockchain is the lower the throughput

Taking a look at evolution of decentralization of blockchain networks over time.

Questions:

  • is ethereum PoW growing more decentralized over time?
  • Is there data showing the network getting more centralized in areas?
  • Given the trends we're observing, can we make any meaningful predictions about the future?
  • How will the switch to PoS affect the (de)centralization of Ethereum?
  • Which of these metrics can we compare across protocls?

Introduced Gresham's Law of Measurement.

Methodology: Subsystems of Decentralization [PoW]

On Chain Categories and Subsystems:

Protocol:

  • consensus algorithm
  • function call diversity growth
  • mining pools v. block production
  • mining pools v. miner payout
  • mining pool diversity + growth
  • network usage (Txs and Calls)
  • Number of Clients

Nodes:

  • Active Node Count v Eth Price
  • Node Size v Active Node Count
  • Node distribution and Growth by Country

Ecosystem:

  • User growth in DeFi + DEXs
  • Total Developers, Monthly
  • Ethereum Account Growth v. Non-0
  • Ethereum Account Growth v Active
  • Number of Companies on Which project relies
  • Diversity + Strength of Power Infrastructure

Token/Coin:

  • Eth ownership (top 10, 100, 1000)
  • ETH trading volume - DEX v Total
  • Token Trading Vol v ETH Trading Vol

Offchain Categories:

  • legal status and financial regulation
  • power grid infrastructure

Which Subsystems are Decentralizing?

Ecosystem

Account Growth v. Active Addresses graph by quarter.

Active Addresse are any addresses that have sent transactions or made calls once within that quarter

Can see decrease in active addresses after 2017 Q4 bubble

Account Growth v Non-0 Addresses

Meaningful non-0 balance (be able to perform 1 transaction when including the gas fee)

See an upward trend of non-0 addresses, although it might correlate with increased diversity, it's hard to prove due to the pseudo-anonymity of addresses.

DeFi + DEX Growth

cumulative percentage of addresses that have transacted with the DeFi protocol (including DEX's)

DeFi adoption does not at first glance look like it's increasing in usage, so further analysis was done breaking down the percentage of growth of across Major DEX and DeFi Platforms

See a large increase in non-DEX DeFi usage, slightly decreasing rate for DEX usage in comparison to all ethereum addresses.

Protocol (network usage)

Transactions and Contract Calls aligns with number of active addresses

Consistent level of activity (number of users active on the network) and transact a uniform amount quarter after quarter.

Interpretations:

  • consistent and stable usage by users on the ethereum network over time despite price volatility
  • consistent point of centralization with most of network relying on a small number of users continuing to transact over time.

Tokens

Top Address Concentration 10/100/100 (ETH Ownership)

Seeing top 10 and 100 addresses see a steady decrease in percentage ownership ETH supply

Having a small percentage of addresses own a large portion of ETH is not 'unhealthy' for decentralization, but this might become an issue when the network shifts to a proof of stake.

Circulating Value in Eth

Taking a look at total circulation quarter by quarter

Taking a look to see if activity on the network was growing more diverse.

Provide a breakdown of percentage of circulation by token.

Nodes

Graph geographical distribution + concentration of nodes over time.

Data about nodes is harder to gather + validate and track historically

Data comes from node tracker in etherscan.

Shows diversity in various geo and policitical systems

Which Subsystems are Centralizing?

Protocol

Mining Pools

Concentration of mining pools over time as a percentage of block production and payout addresses

Four main pools account over 70% and pay out to over 80% of miners in the mining pool.

etherpool + sparkpool accounted more than 51% mining hashrate for ethereum.

Need to test how miners will act if concentration in mining pool increases. show miners that participated in different mining pools in a 24 hour period.

Seeing distinct deline in miners AND mining pools since the market bubble.

measure in onchain payouts (does not include offchain payments)

Node Count V Eth Price + Size

Fluctation of count of fullnodes sharp decrease (half nodes decreased)

total number of active nodes on eth network compared to price

Node count not correlated with eth price (actually looks somewhat negative correlation)

Node size (volume) v node count

Decrease in nodes with increase in disk size

Raw
Dystopian Labs - cost-reward-calculating.md

video link

Certus.one

  • play defcon CTF annually
  • based in SF and Berlin

Why Tendermint(Cosmos)?

  • hard to run a validate and secure it
  • brutal slashing conditions
  • sets the bar for validators
  • one of the largest and most diverse set of validators

How Validators make money?

  • commission rates
    • validators charge a commission rate. This ranges from 0% to as high as 100%
    • annual inflation rate of Cosmos is currently 8.23%
    • if user stakes 1000 atoms for a year to a validator that charges 5% commission, how many atoms would the validator earn?
      • 1000 * .0823 * .05 = 4.115 atoms

How validators decide on commission rates?

  • operational cost
  • risk

Key Takeaways

  • unproportionate amount of profit is concentrated on the top validators
  • fierce competition from 0% commission validators
  • not a venture scale business

Validator costs

  • professional
  • small group
  • idealist

Ballpark figures:

  • professional setup
    • Crazy Professional
      • 15k/month with 50k+ upfront costs
    • Professional
      • 3-10k/month with 10-35k upfront cost
    • Average
      • 2-8k a month with 10k upfront cost
  • small group
    • 2-5k a month with 5-10k upfront cost
    • <1k month (cheap/free location, physical hardware, no redundancy) with <1k upfront cost
  • enthusiast
    • old computer, digital ocean, ledger.
Raw
Dystopian Labs Trust Less Conference - 2020 - approaches-to-validator-architecture-and-security.md

Approaches To Validator Architecture & Security: Trust Model & Slashing Basics

Luke Youngblood founded Blockscale

video link

Slashing Mechanisms

  • exist to protect network from censorship and double-spending attacks
  • validators are slashed when they vote for or produce two different blocks at the same height (equivocation)
  • some networks slash for liveness faults (bft networks, like cosmos)
  • some networks some validators earn reward for presenting evidence of a double signature (effectively placing a bounty on your validator security)
    • if an attacker can cause you to double sign and is first to submit the evidence, they can profit off of that alone

Availability Security Low Cost

secure + low cost: Validate with ledger at home/office

  • availability issues with power + ISP

available + low cost: cloud instances w/out an HSM

  • common for testnets

secure + available:

  • validate with HSMs in cloud or datacenter

Patterns for secure and highly available validatrs

automation and the 2-person rule

  • automate through infra-as-code
    • increase visibility via version control system
      • can thus require approval via quorum (github pullrequests) before being applied
    • less human involvement, less chance for 'accidental' error
  • implementation details
    • track all changes of infrastructure over time in private git repository
    • perform code reviews before any changes are made to production accounts
    • encourage collaboration and code review

Secure your software supply chain

  • do not build artifacts on untrusted sources
    • risks compromising validator
  • understand where dependencies come from
    • pin dependencies and dependencies of those dependencies
  • cloud provider CI preferred over AWS + GCP
  • thought exercise: "what could my evil twin do?"
    • if tomorrow i was replaced with my evil twin, what roadblocks can i put in place to protect from that?

Network and Account Isolation Boundaries

  • compartmentalize validator functions/subcomponents
    • require user authentication
    • require network isolation boundaries
  • secure key storage account on HSM
    • never directly connected to the internet
    • require MFA via bastion host
  • validators never have access to the account where HSMs + key material are stored
    • never have ability to export key material

Remote Signature Generation

  • this is what allows for isolation of validator and key components

  • validator needing access to private key material to generate transactions

  • created middleware called 'remote signer' to proxy for private key access

    • receives signature request from validator node
    • gets signature from HSM
    • performs safety checks on payload
      • inspect and do not trust validator
      • verify it is the correct type of transaction
        • staking operation v funds transfer
        • if funds transfer, is address whitelisted?
    • forward transaction back to validator

  • monotonically increasing high water mark (HWM)

    • detect whether signed a particular block height by keeping track of last block height signed
    • standby validator as a separate system needs to keep track of the same HWM as the active validator

High Available Network Peering

  • targeted denial of service attack
  • build a layer of nodes that act as sentries
  • buffer validator node from downtime
  • sentry nodes connect to public peers
    • validator nodes do not

Tezos Foundation AWS Architecture

cloudHSM --> private link --> vpc with secure validators --> peered with secure relays in another vpc --> aws shield guard duty + aws cloudtrail

Have runbooks for processes, especially process that require humans

Compromise of cloud account should not lead to loss of funds CloudHSM credentials for cryptographic users that can generate signatures in an offline way that are not stored on an online system. Therefore cloud credential does not give access to CloudHSM credentials

Backup Private Key Material - distrubte sharded key material

Raw
how-to-identify-which-proof-of-state-networks-are-worth-mining.md

Trust-Less 2020 Dystopia Labs

How To Identify Which Proof-Of-Stake Networks Are Worth Mining

With Luke Youngblood (Exec. @ Coinbase Custody)

https://trust-less-2020.dystopialabs.com/

video link

PoS is Accelerating in 2020

Temperature of the Water

  • 8% market cap for PoS currencies
  • expected to grow to 20%
  • 100M annual fee revenue for miners/validators
  • Early birds (like tezos and ethereum2.0? have high participation rates)
  • fewer investors in later networks (venture capital funded)
  • cosmos 'Game of Stakes' method (incentivized testnet)
    • helps decentralize token distribution
    • trains operators

Why incentivize testnets?

  • PoS need to maintain independent and geographically diverse validators
    • reduce cartel formation
  • Voting power should be evenly distributed across parties (validators)
  • early backers of new PoS networks are primarily venture capital firms
  • Quality Assurance (find bugs early and in testnet)

He Participated in "Game of Stakes" series 6, Dec 2018 - Jan. 2019.

  • requires 2/3 quorum (testnet upgrade required global community)

  • withdraw rewards + re-delegate

    • rate of inflation accelerated simulating years of network activity in a few week so fitme
    • to come out ahead, had to constantly withdraw + re-delegate

  • Adversarial network

    • censoring transactions
    • required work to make sure transactions were sent through

    AWS Activate

    • easy + risk free way to manage validators as a service

    Great entry point into getting into cryptocurrency engineering jobs at exchanges,

Many more incentivized testnetes

  • Celo Stake off
  • Cosmos Game of Zones
  • Polkadot Kusama

How to Select?

If your desire is to profit from the operation:

  • understand operational costs
    • cloud + datacenter costs
    • bond or deposit required to stake
    • human cost (your time is not free)
    • experts (legal, accounting, tax)

Tezos Example:

  description, cost, recommended quantity, extended cost
  cloudHSM clusters, 2116.80, 4, 8467.20
  tezos public nodes, 128.33, 24, 3079.92
  tezos private nodes, 128.33, 24, 3079.92
  network load balancers, 24.60, 4, 98.40
  bastion hosts, 10.11, 24, 242.64
  baker nodes, 89.33, 16, 1429.28
  estimated data transfer costs, 500, 1, 500

  subtotal: 16897.36

  business support costs, 1182.82, 1, 1182.82

  total 18,080.18

Understand the Risks

Understand risks with validation on a given network Understand mitigations

  • slashing risks
    • good redundancy
  • business continuity
  • legal and financial
    • proof of stake validation is a brand new financial service
      • do you need a money transmitter license? (required in some juridsictions)

Track private key material! Understand when they are exposed Understand how to rotate keys + validators

Model Loss + Profit

model various profit + loss scenarios to help understand what is required for profitability

Annual Expenses, Delegated Ammount, Price in USD, Rate of Return, Commission/Fee, Profit
120,000.00, 5,000,000.00, 4.00, 8.00%, 10.00%, 40,000.00
120,000.00, 5,000,000.00, 2.00, 8.00%, 10.00%, -40,000.00
120,000.00, 10,000,000.00, 2.00, 8.00%, 10.00%, 40,000.00

How to Get involved?

  • setup a validator
  • create unique smart contracts
  • economics + game theory
    • how to take advantage of it
      • polkadot validator nomination example

build tooling, apply for grants

  • new networks need block explorers
    • what's going on
      • who's sending + receiving money

tezos foundation grant program

  • since july 2018
  • 62 entities/projects
  • 23 countries
  • 37.4M total so far (Feb 2020)
  • tezos foundation has 650 million worth of bitcoin

Q+A

(at 39 minute mark)

AWS Activate + Google Cloud Credits

aws activate

  • students

Google has one

Accounting + Expenses

  • in US, definitely should
  • setup LLC, Sole-prop, s-corp, etc

Toqueville group (helps businesses)

  • Working on cloudformation scripts (with speaker)
  • process of documenting (with speaker)

HSM

  • Uses YubiHSM
  • over vpn to validator in cloud

Tezos Foundation routes all logs to sumo logic, helps them with security analysis

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment