As most probably know by now, we are big fans of decentralization and are impressed with the efforts of the Solana team to foster this. However, the events of 4th December, with an as yet unidentified bug halting the mainnet and a restart that took some time to co-ordinate a sufficient number of validators, raises questions about the pace of decentralization and whether it might be worth adjusting the Foundation’s delegation strategy in the short-term to strengthen the network. We would like this thread to serve as a basis for discussion and would welcome any constructive thoughts on this subject.
The lengthy network outage was not lost on the wider crypto-community, it was widely publicized, appeared to trigger a token-price decline on the markets and, not unexpectedly, was pounced on by trolls. With mainnet still in its beta stage we could encounter similar incidents and it is clearly in the community’s best interests to be as well prepared as possible to minimize downtime.
The large number of less experienced validators, without sufficient monitoring/alerting to bring such an issue to their attention seems to have prolonged the restart. This is not a criticism of them, indeed, in the long term we want anyone to be able to validate on Solana. Part of achieving this goal is tooling that not only makes node provisioning easy, but also provides comprehensive monitoring/alerting and logging tools; components that professional validators like ourselves use today. The development of all this tooling in an easy to use format will take time and is not available yet.
To strengthen the network in the interim we suggest that the Foundation restricts its initial delegation to a smaller number of validators (potentially in the 50 to 100 region), for the next 3-6 months. This number should then be expanded as we improve confidence in the network.
Potential selection criteria could include:
- Length of time on testnet/mainnet
- Running parallel TdS node
- Running a backup mainnet node
- Responsive to software upgrades
- Responsive to any delinquency issues with their nodes (with an agreed target response time)
- Provision of logs whenever requested
- Email address for alerting to a critical incident requiring a sub 1 hour response
- Deploy software built from source
- Located at a datacentre with fewer than say 5/10 other Solana nodes
At today’s prices the current plan to delegate around ~270,000 SOL to each mainnet beta validator would only provide annual rewards that are barely sufficient to cover a validator buying and co-locating hardware for a year despite this being the most preferable form of deployment for network strength. This also assumes that the validator will provide admin and personnel costs for free, which is not tenable in the long-term. The proposed reduction in the initial number targeted for delegation would increase rewards 4 fold which could begin to fairly compensate validators for providing quality infrastructure and the resources to support it 24/7 plus devoting energy to tooling development, testing and adoption.
These estimates are obviously based on the current price with a small circulating supply; there is a significant risk that price is adversely affected when the majority of the supply is unlocked in January and if this were to happen we believe it only strengthens the case for reducing the target number of validators in receipt of a Foundation delegation, in order to maintain a strong network.
Whilst this may seem a significant change in temporarily going from ~400 to 100 validators supported by the Foundation, it is worth bearing in mind that absolutely anyone can still run a node via token holdings they either own or from delegations they can attract.
If we go down this route Solana would still be significantly more decentralized than many networks and the number of validators will only increase over time. In parallel we can work to improve the Nakamoto coefficient by implementing some form of @eric’s excellent yield-throttling proposal to create the incentive for nodes holding many millions of staked tokens to redistribute, preferably by stake re-delegation. A network with only 100 demonstrably independent nodes but a better Nakamoto coefficient is likely much more robust and censorship resistant than one with 400+ nodes in which the top 7 are capable of halting the network.
We would love to hear other people’s thoughts on this. I think it boils down to 2 key decisions:
Are people in favour of a change that would concentrate the Foundation’s delegations on an initial small high-quality validator set and then grow it over time?
If so, what are good values for the selection parameters for this smaller set?