A reason not to have google host your pool

The most import thing to reach decentralisation is real diversity.
It’s not worth that much if 900 out of 1000 pools choose the easy&cheap way and delegate their infrastructure efforts to the known big clouds.

Diversity in
geolocation,
autonomous (IP) systems,
Network equipment
Hardware
Operating systems
Ouroboros implementations
Node structure setup
High availability strategies
Monitoring
Admin-teams

Every blockchain can probably defend itself from 51% attacks on a normal day. When the internetpocalypse happens will be the true test of resilience. Those Rock Pi stake pools are starting to look pretty tasty.

So playing devil’s advocate for the sake of provoking a conversation, if the system is designed to make the cheapest and most reliable the most attractive pool, how is decentralisation (as described by @werkof) encouraged?

Ultimately, it is designed using game theory to assume everyone will have their own financial interests in mind when deciding how to delegate. I know that the majority of people who engage in the Cardano community at the moment are “purists” and would therefore be prepared to overlook a pool that provides better returns in the interest of supporting the optimum network, however I suspect once more mainstream adoption happens those people will be less interested in those ideals. After all the common thread with technology adoptions is that it becomes mainstream when the majority don’t have to think about or understand how it works technically.

Maybe the next generation of the protocol needs to consider how pools offering greater diversity can be rewarded.

It’s a good question … one I’ve thought of in the past and haven’t seen addressed by the team.

If 95% of nodes are hosted on AWS, then Charles can’t, in good faith, go around saying Cardano is ‘100 times more decentralized than Bitcoin’.

cool thanx

This is where language becomes a problem (in saying that I recommend to anyone who is interested they read The Tyranny of Words by Stuart Chase, https://www.goodreads.com/book/show/2343374.The_Tyranny_of_Words). It is a common problem for many people (especially in technical discussions) to not first define what they mean by some words.

So what does “decentralised” mean in this context?

Could having a thousand pools owned by a thousand different actors be the criteria for decentralisation, even if they are only using 5 to 10 different infrastructure providers?

Like I said many of the idealists will require as much decentralisation as possible at all different levels, but what types of decentralisation are actually important?

I’ve been thinking that over time the system will get more decentralized in both total number of pools and pools that utilize their own server infrastructure. This hypothesis assumes a rise in overall value of Ada.

I’m not really sure why you came to this conclusion?

From what I’ve read, things like uptime will play into how pools are ranked… and so stake pool operators will chose solutions that are: 1) Cheapest cost 2) Highest reliability.

If most nodes end up running on AWS or like services due to the above, then the entire 1000 nodes will end up centralized on 3rd party services (i.e. centralized server farms).

Guys, I don’t have an answer to this, but I can tell you it’s been discussed in here and I’m sure elsewhere for well over a year. It is not a new idea, very far from it.

As the value of the network grows I think pool operators will worry about having all their eggs in a third party basket. I also think that there will be enough operators who value true decentralization to make that happen. With that said it gets easier to match principles with actions if you have the funds to do so. Regardless of my theory I would embrace incentives for greater pool decentralization baked into the protocol.

The question is though, what do we need to decentralise? It sounds like the protocol can tolerate pool outages, so even if all 1000 pools were only running on 2 different cloud providers and one went down, would blocks still get produced? I suspect so, but if not then what is the tolerance, a third, a quarter?

So if server infrastructure isn’t the key factor in decentralisation, what is? From what I understand it is about decentralising power/control of the blockchain. Multiple pools on the same cloud provider doesn’t affect who controls them.

Call me paranoid but I worry about a court order that bans crypto or some sort of deplatforming effort or other state level attack. I could also see cloud infrastructure being a target for reasons completely apart from Crypto. Regardless having that much infrastructure on someone else’s gear makes me nervous. Especially if we are trying to be the financial stack for a large portion of the world. I don’t think this needs to happen year one. But baby step into it.

Yes these are two separate topics really. There is the concern of network-level-centralization as well as stakeholder-level-centralization. Both pose liabilities when attempting to breed the kind of diversity required for POS systems to operate with proper incentive balancing.

BTW I’m also assuming that due to Sybil requirements most serious pools will need to own a substantial quantity of Ada to have a pool. This would imply whale like resources which could deploy hardware.

It’s perhaps not this simple. Imagine you’re a whale with 20M ADA and you wish to stake. You stake not on a Rock Pi but a custom built $10k server with a dedicated UPS and with the fastest broadband accessible to you. Now imagine that even with this setup, a server farm like AWS actually performs slightly better in terms of uptime (this is what they do btw) and so your staking pool, because its slightly less persistent than a 3rd party solution like AWS, means you’re losing rank amongst other pools and thus losing rewards. Economics would urge this individual to move shop to the cloud.

This is hypothetical, but plausible to me… and I wonder how these kinds of network-level-centralization liabilities are being addressed by the staking protocol. Perhaps it’s not a big deal… but it’s something I’ve thought about in the past and is something all POS chains will need to consider.

I absolutely agree with you. The devil is in the details and I hope incentives within the protocol can be adjusted to effect outcome.

Begs the question…can Ada survive this kind of a prolonged, deliberate attack? Or maybe a better question is, can Ada’s blockchain be reconstituted on the back of flying pigeons sending messages to other Ada holders, each of whom owns their ada and their corresponding blockchain transactions?

Why not a mixed model where by default cardano uses the delegated pos staking pools and if this fails network wise (DoS attacks etc) it auto defaults to randomized selected and confirmed PoS (ala algorand). This way you get best of both worlds with higher smart contract throughput but safety of statistics if first system fails. You could even seperate the two and let SL be randomized PoS while CL is delegated PoS (CL is more throughput dependant and makes sense to use delegated PoS for it.)

Well. AWS itself has zones and regions. So running on a cloud has some inherited diversity. If IOHK can create containers that run on any infrastructure then no one should care the iron or cloud that is running them.