Difference between revisions of "Decentralization"

From Internet Computer Wiki
Jump to: navigation, search
(Some clarifications)
 
(4 intermediate revisions by one other user not shown)
Line 1: Line 1:
Decentralization is key to making Web3 dapps run in a trustless manner. However, decentralization has many dimensions and cannot be understood and quantified using a single number or coefficient. One can distinguish between the decentralization of the entities running the machines on top of which a protocol runs, the decentralization of the consensus and sharding mechanism, the governance system, the owners of liquid tokens etc. In this case, the whole is greater than the sum of its parts and one cannot understand decentralization as a single discussion on each of these topics.
+
Decentralization is key to making Web 3.0 dapps run in a trustless manner. However, decentralization has many dimensions and cannot be understood and quantified using a single number or coefficient. One can distinguish between the decentralization of the entities running the machines on top of which a protocol runs, the decentralization of the consensus and sharding mechanism, the governance system, the owners of liquid tokens etc. In this case, the whole is greater than the sum of its parts and one cannot understand decentralization as a single discussion on each of these topics.
  
For a truly decentralized system, anyone must have the possibility to contribute to the computing power and supporting infrastructure. Anybody should be able to check the integrity and authenticity of Web3 content served. No part of this should be restricted by a single party and all decisions should be taken by the community via a DAO. See also [https://assets-global.website-files.com/5fd11235b3950c2c1a3b6df4/62af6c641a672b3329b9a480_Unintended_Centralities_in_Distributed_Ledgers.pdf Trail of Bits Decentralization Report] and [https://arxiv.org/pdf/2205.04256.pdf SOK: Blockchain Decentralization] for related publicly accessible reports on these topics.
+
For a truly decentralized system, anyone must have the possibility to contribute to the computing power and supporting infrastructure. Anybody should be able to check the integrity and authenticity of Web 3.0 content served. No part of this should be restricted by a single party and all decisions should be taken by the community via a DAO. See also [https://assets-global.website-files.com/5fd11235b3950c2c1a3b6df4/62af6c641a672b3329b9a480_Unintended_Centralities_in_Distributed_Ledgers.pdf Trail of Bits Decentralization Report] and [https://arxiv.org/pdf/2205.04256.pdf SOK: Blockchain Decentralization] for related publicly accessible reports on these topics.
  
'''Node provider decentralization:''' Reducing this aspect to the number of machines is definitely insufficient, if the majority of them are owned or operated by a small number of parties or reside in a small number of companies’ data centers. Furthermore, for censorship resistance the jurisdictional location is important, while availability in the face of outages benefits from geographical distribution. In other words, decentralization is reflected by the number of nodes, the number of node providers, the number of data centers and the number of countries and continents where they are located. In February 2023, all 56 [https://dashboard.internetcomputer.org/providers IC node providers], which operate between 1 and 65 of the total 1235 nodes are known legal entities. How many nodes they operate and where they are located is publicly available information. Anyone can submit a proposal to become a node provider, which the community can then choose to accept. In contrast, node providers for most other blockchains remain anonymous and it is impossible to find out how many nodes they operate and where they are located.
+
== Node provider decentralization ==
 +
Reducing this aspect to the number of machines is definitely insufficient, if the majority of them are owned or operated by a small number of parties or reside in a small number of companies’ data centers. Furthermore, for censorship resistance, the jurisdictional location is important, while availability in the face of outages benefits from geographical distribution. In other words, decentralization is reflected by the number of nodes, the number of node providers, the number of data centers and the number of countries and continents where they are located. In February 2023, all 56 [https://dashboard.internetcomputer.org/providers IC node providers], which operate between 1 and 65 of the total 1235 nodes are known legal entities. How many nodes they operate and where they are located is publicly available information. Node providers must provide a [[Node_Provider_Self-declaration|self-declaration]] of identity and good intent, and can be held liable under misconduct. Anyone can submit a proposal to become a node provider, which the community can then choose to accept. In contrast, node providers for most other blockchains remain anonymous and it is impossible to find out how many nodes they operate and where they are located.
  
'''Consensus and sharding decentralization:''' For the consensus and sharding mechanism, the number of corrupted entities required to lead to forks is crucial. Other important factors are the assignment of nodes to shards and the guarantees offered for the communication between shards. The main assumption the IC is based on requires more than ⅔ of the nodes to adhere to the protocol. No system can work with fewer correct nodes in the presence of arbitrary node behavior and guarantee consensus. This is the highest fraction of potentially malicious actors that any system can tolerate with a communication network that doesn’t guarantee any bounds on message delivery (see the [https://internetcomputer.org/whitepaper.pdf whitepaper] for more details on these assumptions). As long as this assumption holds in all subnets, all messages are guaranteed to be processed according to the interface spec, regardless of which subnet their canisters reside in. Subnet membership is subject to NNS votes, thus the community can assess if the assignment of nodes of different providers and different jurisdictions is satisfying their decentralization requirements.  
+
== Consensus and sharding decentralization ==
 +
For the consensus and sharding mechanism, the number of corrupted entities required to lead to forks is crucial. Other important factors are the assignment of nodes to shards and the guarantees offered for the communication between shards. The main assumption the IC is based on requires more than ⅔ of the nodes to adhere to the protocol. No system can work with fewer correct nodes in the presence of arbitrary node behavior and a potentially unreliable network, and still guarantee consensus. Indeed, this is the highest fraction of potentially malicious actors that any system can tolerate with a communication network that doesn’t guarantee known bounds on message delivery (see the [https://internetcomputer.org/whitepaper.pdf whitepaper] for more details on these assumptions). As long as this assumption holds in all subnets, all messages are guaranteed to be processed according to the interface spec, regardless of which subnet their canisters reside in. Subnet membership is subject to NNS votes, thus the community can assess if the assignment of nodes of different providers and different jurisdictions is satisfying their decentralization requirements.  
  
'''Governance and token ownership decentralization:''' The evolution of a system depends on the governance mechanism that defines how a system can change (deploying user-facing improvements, tokenomics changes, API and cryptographic protocol modifications, node management, …). In some systems this is basically decided by the entities running the nodes, while for others, e.g. in case of the IC, the NNS canisters define the governance mechanisms, including the parameters for staking, voting and rewards. Users can stake ICP to be able participate in voting. Among other topics, the IC community votes on the protocol version running in the subnets, node provider remuneration and voting rewards, the addition/removal of node providers and the assignment of nodes to subnets. The DFINITY and ICA foundations are the parties with the highest voting power in the ecosystem, currently holding less than 23% of the total voting power. The overall voting participation is above 99%. More information on Governance and Tokenomics can be found [[NNS Canisters|here]] and [[Tokenomics of a DAO|here]].
+
== Governance and token ownership decentralization ==
 +
The evolution of a system depends on the governance mechanism that defines how a system can change (deploying user-facing improvements, tokenomics changes, API and cryptographic protocol modifications, node management, …). In some systems, this is basically decided by the entities running the nodes, while for others, e.g. in case of the IC, the NNS canisters define the governance mechanisms, including the parameters for staking, voting and rewards. Users can stake ICP to be able participate in voting. Among other topics, the IC community votes on the protocol version running in the subnets, node provider remuneration and voting rewards, the addition/removal of node providers and the assignment of nodes to subnets. The DFINITY foundation and the ICA are the parties with the highest voting power in the ecosystem, together holding less than 23% of the total voting power. The overall voting participation is often above 99% due to the use of liquid democracy. More information on Governance and Tokenomics can be found [[NNS Canisters|here]] and [[Tokenomics of a DAO|here]].

Latest revision as of 11:20, 20 November 2023

Decentralization is key to making Web 3.0 dapps run in a trustless manner. However, decentralization has many dimensions and cannot be understood and quantified using a single number or coefficient. One can distinguish between the decentralization of the entities running the machines on top of which a protocol runs, the decentralization of the consensus and sharding mechanism, the governance system, the owners of liquid tokens etc. In this case, the whole is greater than the sum of its parts and one cannot understand decentralization as a single discussion on each of these topics.

For a truly decentralized system, anyone must have the possibility to contribute to the computing power and supporting infrastructure. Anybody should be able to check the integrity and authenticity of Web 3.0 content served. No part of this should be restricted by a single party and all decisions should be taken by the community via a DAO. See also Trail of Bits Decentralization Report and SOK: Blockchain Decentralization for related publicly accessible reports on these topics.

Node provider decentralization

Reducing this aspect to the number of machines is definitely insufficient, if the majority of them are owned or operated by a small number of parties or reside in a small number of companies’ data centers. Furthermore, for censorship resistance, the jurisdictional location is important, while availability in the face of outages benefits from geographical distribution. In other words, decentralization is reflected by the number of nodes, the number of node providers, the number of data centers and the number of countries and continents where they are located. In February 2023, all 56 IC node providers, which operate between 1 and 65 of the total 1235 nodes are known legal entities. How many nodes they operate and where they are located is publicly available information. Node providers must provide a self-declaration of identity and good intent, and can be held liable under misconduct. Anyone can submit a proposal to become a node provider, which the community can then choose to accept. In contrast, node providers for most other blockchains remain anonymous and it is impossible to find out how many nodes they operate and where they are located.

Consensus and sharding decentralization

For the consensus and sharding mechanism, the number of corrupted entities required to lead to forks is crucial. Other important factors are the assignment of nodes to shards and the guarantees offered for the communication between shards. The main assumption the IC is based on requires more than ⅔ of the nodes to adhere to the protocol. No system can work with fewer correct nodes in the presence of arbitrary node behavior and a potentially unreliable network, and still guarantee consensus. Indeed, this is the highest fraction of potentially malicious actors that any system can tolerate with a communication network that doesn’t guarantee known bounds on message delivery (see the whitepaper for more details on these assumptions). As long as this assumption holds in all subnets, all messages are guaranteed to be processed according to the interface spec, regardless of which subnet their canisters reside in. Subnet membership is subject to NNS votes, thus the community can assess if the assignment of nodes of different providers and different jurisdictions is satisfying their decentralization requirements.

Governance and token ownership decentralization

The evolution of a system depends on the governance mechanism that defines how a system can change (deploying user-facing improvements, tokenomics changes, API and cryptographic protocol modifications, node management, …). In some systems, this is basically decided by the entities running the nodes, while for others, e.g. in case of the IC, the NNS canisters define the governance mechanisms, including the parameters for staking, voting and rewards. Users can stake ICP to be able participate in voting. Among other topics, the IC community votes on the protocol version running in the subnets, node provider remuneration and voting rewards, the addition/removal of node providers and the assignment of nodes to subnets. The DFINITY foundation and the ICA are the parties with the highest voting power in the ecosystem, together holding less than 23% of the total voting power. The overall voting participation is often above 99% due to the use of liquid democracy. More information on Governance and Tokenomics can be found here and here.