Bacalhau simulator design doc
Luke, 2022-09-22
Context
Bacalhau lacking incentives for SPs to run compute nodes is a major barrier to growth of the network.
A token issue for compute nodes earning money for compute jobs and consumers paying for them would solve this, however it means that the network must be running a protocol which is resilient to attacks, because now real money is at stake.
Such a protocol is proposed here, but the initial protocol is a total guess and is probably poorly specified and full of vulnerabilities.
User stories
- As a member of the Bacalhau protocol development team, Jane wants to find new ways to attack the Bacalhau protocol so that she can harden the protocol before attackers steal all the money
Goals
Write a simulator which allows us to iterate rapidly on the protocol, without running real jobs.
Write visualization tools that allow the state of the simulated network to be seen on the screen to get a tactile, intuitive understanding of the network.
Add malicious clients to the network and observe their wallet balances go to zero! Rinse and repeat until the protocol is as strong as we can make it.
Technical design
- [x] An API server which maintains wallet balances for clients, representing a smart contract
- [x] Maintains wallet balances in memory
- [x] Acts as transport
- [x] Websockets between the server and clients
- [ ] Implement slashing protocol from here in code!
- [ ] Deposits - each new node gets ₾10,000 (₾ looks a bit like a fish, it is actually the currency of Georgia)
- [ ] simplest possible thing: each job costs ₾1
- [ ] Minimum stake to act on the network (enforced)
- [ ] Payments for jobs!
- [ ] Over time?
- [ ] Up front?
- [ ] Malicious client pretending to do jobs
- [ ] Existing hash based verifier
- [ ] Attack: spamming the network with messages
- [ ] Attack: malicious clients, servers gang up on them
- [ ] Modelling payment channels?
- [ ] Or payment channels as optimization?
- [ ] Attack: colluding group of clients and servers
- [ ] The “jobs” should consist of decomposing an integer into its prime factors. Therefore it’s possible to ask for hard work to be done on the network, it’s also possible to run it in a mode where the work is easy (and fast) when the numbers are small
- [ ] or we can just do wasm?
- [ ] Frontend
- [ ] Shows network map as graphs with annotated wallet balances
- [ ] Ideally allows to see the flow of a message through the network (or at least a log of events)
- [ ] Malicious clients
- [ ] Malicious sets of clients might collude with each other using an out of band communication mechanism
- [ ] Protocol will be represented in code, probably in the logic in the server (representing the smart contract) but also in the client code representing requestor nodes and compute nodes
Note: We’re interested in knowing what part of the protocol can live in the smart contract vs. out of band (e.g. libp2p), because there’s a cost to executing the smart contract