Difference between revisions of "New Subnet Creation"
Line 10: | Line 10: | ||
* Create a new subnet with the registered nodes that were not yet assigned to any subnet. | * Create a new subnet with the registered nodes that were not yet assigned to any subnet. | ||
− | == Adding/Registering | + | == Adding/Registering New Nodes == |
We new describe a series of steps that need to be followed to add a new node to the Internet Computer. | We new describe a series of steps that need to be followed to add a new node to the Internet Computer. | ||
* Node provider purchases a NitroKey (a Hardware Security Module), generates a public-key/secret-key pair, and submits an NNS proposal to add his public key to the NNS registry. The community votes on the proposal. If the majority accept the proposal, then the node provider's credentials are added to the NNS registry. From now on, the NNS canisters trust the messages signed by the node provider's secret key. The entire process is specified in the [https://wiki.internetcomputer.org/wiki/Node_Provider_Onboarding node provider onboarding article]. | * Node provider purchases a NitroKey (a Hardware Security Module), generates a public-key/secret-key pair, and submits an NNS proposal to add his public key to the NNS registry. The community votes on the proposal. If the majority accept the proposal, then the node provider's credentials are added to the NNS registry. From now on, the NNS canisters trust the messages signed by the node provider's secret key. The entire process is specified in the [https://wiki.internetcomputer.org/wiki/Node_Provider_Onboarding node provider onboarding article]. |
Revision as of 21:44, 22 November 2022
This Page is Still Work in Progress
Ever wondered about the meaning behind DFINITY? It’s Decentralized + Infinity. It’s named that way because the Internet Computer is designed to scale infinitely. It means that the Internet Computer can host an unlimited number of canisters (smart contracts), store an unlimited amount of memory, process an unlimited amount of transactions per second. In simple words, Internet Computer is designed to host even large scale social media platforms in a fully decentralized way.
There are two types of widely-used approaches to improve the scalability of a system. (1) Vertical Scaling, and (2) Horizontal Scaling. Vertical scaling means adding more CPU, RAM and disk to a single computer. Horizontal scaling means adding more computers to the system. There is a limit to vertical scaling. But with horizontal scaling, one can achieve unlimited scalability. Internet Computer is one of the first blockchains to successfully use horizontal scaling.
The nodes in the Internet Computer are divided into subnets, each containing a few dozen nodes. The set of nodes in a subnet together maintain one blockchain. Each subnet can host a few thousand canisters and process messages received by those canisters. Each subnet has a limited capacity in terms of the number of canisters (a few thousand), amount of storage (a few TB), and bandwidth (a few hundred transactions per second). But as more subnets are added to the Internet Computer, its overall capacity increases proportionately. There is no limit on the number of subnets that can be added, resulting in unlimited scalability.
We need to do 2 things to create a new subnet.
- Add/Register new nodes.
- Create a new subnet with the registered nodes that were not yet assigned to any subnet.
Adding/Registering New Nodes
We new describe a series of steps that need to be followed to add a new node to the Internet Computer.
- Node provider purchases a NitroKey (a Hardware Security Module), generates a public-key/secret-key pair, and submits an NNS proposal to add his public key to the NNS registry. The community votes on the proposal. If the majority accept the proposal, then the node provider's credentials are added to the NNS registry. From now on, the NNS canisters trust the messages signed by the node provider's secret key. The entire process is specified in the node provider onboarding article.
- Node provider purchases node hardware with the recommended specifications and places it in a data center rack that meets the recommended specifications.
- The node doesn't yet have any operating system. The node provider needs to install the IC-OS operating system on the node. The detailed procedure can be found in the IC-OS installation runbook articles (Installation for SuperMicro, Installation for Dell Poweredge).
- The node provider inserts the NitroKey usb stick into the node machine. The NitroKey contains the secret key of corresponding to the node provider's registered public key.
- The node provider then switches on the node to boot the IC-OS operation system, which starts a few processes including orchestrator, crypto and http adapter processes.
- The crypto process finds that it never generated any cryptographic key material before. The crypto process then generates new cryptographic keys. This includes node signing key, NIDKG key, ECDSA key, TLS key, etc.
- The cryptographic key material need to be registered with the NNS registry. For this, the crypto process sends the keys to the orchestrator, which then crafts a message containing the key material, signs the message with the node provider's signing key present in the NitroKey, and sends the message to the NNS registry canister.
- The NNS registry canister creates a record for the new node and stores its cryptographic key material.
- The node is now registered in the Internet Computer, but not yet assigned to any subnet.
Creating a New Subnet
We now describe the process of creating a new subnet. To create a new subnet, one just needs to submit an NNS proposal. The proposal specifies a type (create subnet) and a payload. A few sample proposals to create a new subnet can be found in the dashboard (Proposal 57048, Proposal 49018, Proposal 55730). Anyone who staked their ICP can vote on the proposal within a deadline. After the deadline, if the majority of the voters accept the proposal, then the subnet is created as described below.
The payload for the proposal contains the list of parameters to be used by the new subnet. Some of the fields in the payload are as follows.
- Subnet Type - The type of the subnet to be created. Subnets of different type might exhibit different behavior, e.g. being more restrictive in what operations are allowed or privileged compared to other subnet types. There are a few types of subnets.
- Application subnet - A normal subnet where no restrictions are applied.
- System subnet - A more privileged subnet where certain restrictions are applied, like not charging for cycles or restricting who can create and install canisters on it.
- Verified application subnet - A subnet type that is like application subnets but can have some additional features.
- Node id - List of node ids of unassigned nodes to be included in the subnet.
- Parameters for the P2P layer -
- Parameters for the Consensus layer -