Decentralized SPO Usecase Update

Jennifer Bourke
NuNet
Published in
6 min readMar 14, 2024

Greetings, NuNetopians,

Following our announcement in the “Technical Roadmap Updates 2024” we’re excited to delve deeper into the progress of our Decentralized SPO Use Case, a pivotal initiative funded by Project Catalyst. This blog aims to elucidate the current situation, milestones, and deliverables, providing our community with a clear understanding of our journey and achievements.

Original Proposal and Current Status

NuNet embarked on a mission to empower Stake Pool Operators (SPOs) by leveraging community-provisioned hardware, thus improving the resilience and decentralization of the Cardano Network. Our vision was grounded in implementing secure and efficient functionalities for the Cardano ecosystem.

Challenges and Functional Advancements

As we navigate through the early months of 2024, the NuNet team has been vigorously advancing towards achieving our set goals, despite facing several challenges along the way. Our journey towards creating a decentralized ecosystem for compute providers and Stake Pool Operators (SPOs) has been marked by both significant progress and areas where our high ambitions were met with complex hurdles.

One of the key areas we’ve focused on is enhancing the security of our platform, particularly in providing a secure operating environment for compute devices. Our exploration into using Firecracker, a very lightweight virtual machine or microVM, marks a crucial step in this direction. Developed by AWS for their serverless Lambda service, Firecracker is designed to offer enhanced security by isolating multiple microVMs on the same host machine, catering to different customers while securing the host from potential breaches from within the VMs.

However, our unique use-case presents a distinctive challenge. Unlike the AWS Lambda service, where the primary concern is securing the host machine against threats emanating from inside the VMs, our focus extends to ensuring the security of the contents within the VM from external snooping, especially given that compute providers could potentially access the data within. This dual-direction security concern is critical in our ecosystem where trust in the compute provider is paramount, particularly when deploying VMs to host the Cardano node.

It’s important to clarify that the advancements we’ve made in secure shell access for node operators, achieved through the robust libp2p protocol, are not directly related to addressing the Firecracker security concern. Though this development marks a significant stride towards enhancing platform security, it focuses on providing a secure and encrypted channel for node management, and it is still in the phase of rigorous testing to ensure it meets our stringent security standards.

Our infrastructure has experienced considerable growth, notably with the successful provisioning of hardware that lays the foundation for our platform’s scalability. Yet, the implementation of a reward system that compensates providers and SPOs appropriately is still in the pipeline. This underscores the necessity to further refine our hybrid model, ensuring it aligns with our vision of a fair, sustainable ecosystem for all participants.

In summary, as we continue to push the boundaries of what’s possible within the decentralized computing landscape, we are constantly learning and adapting. The challenges we encounter, such as securing VMs in a manner that protects against both internal and external threats, only serve to sharpen our focus and drive our innovation. Our commitment to creating a secure, efficient, and transparent environment for our community remains unwavering. We look forward to sharing more updates as we progress and refine our solutions to meet the complex demands of our ecosystem.

Data Persistence: A Frontier of Active Exploration

Data persistence is a complex puzzle we’re diligently working to solve. It’s crucial not only for the current iteration but for the adaptable future of blockchain technology.

Strategic Milestones and Pivotal Deliverables

Our roadmap is defined by strategic milestones, each aiming to overcome the unique challenges of decentralization.

Here’s an update on our progress and the adjustments we’ve made in light of recent insights:

  • Secure Sandbox Implementation: Utilizing the Firecracker VM has marked a significant step towards achieving enhanced security through robust encryption techniques. However, our pursuit of a completely secure operational environment has encountered obstacles. Initially, we considered encrypting the Firecracker filesystem to restrict access solely to the Stake Pool Operator (SPO). This approach, however, proved impractical due to various complications. As we move forward, our strategy has shifted to eschew the storage of any sensitive information within the VM. The current direction, as tested by our team, involves a setup where the SPO manages sensitive operations from a separate, ideally air-gapped machine, ensuring a higher degree of security and control.
  • Secure Shell Access: The development of secure shell access has been a focus, aiming to significantly enhance the usability of our platform. It’s important to clarify that the actual implementation of secure shell access is still in progress. Our team has been dedicated to this task, and we are optimistic about finalizing this feature shortly. This effort underscores our commitment to providing accurate and transparent updates on our development process.
  • Infrastructure Developments: The completion of our hardware provisioning milestone has successfully established the foundation for the scalability and performance of our platform. This achievement is a testament to our team’s effort and paves the way for further advancements in our infrastructure.

The Path Forward: Updated Deliverables

Given the evolving landscape and our learnings, we’ve refined our deliverables to better align with our objectives and challenges:

  • Streamlined Compute Provider Onboarding: We are committed to enhancing the onboarding experience, making it more intuitive and straightforward for compute providers. Our goal is to facilitate a smoother integration process that enables providers to seamlessly contribute to our ecosystem.
  • Private Relay Nodes Layer: We have initiated the setup of machines designated to run Cardano relay nodes. This development is aimed at offering SPOs the option to connect their block-producing nodes to our relay nodes, enhancing the robustness of the Cardano network’s infrastructure. However, it’s crucial to acknowledge the inherent nature of relay nodes as a protective buffer in the broader context of internet security. This strategic move underscores our commitment to strengthening the security and efficiency of block production within the Cardano ecosystem, while also navigating the intricate balance between connectivity and protection.
  • Revolutionizing Blockchain Data Access: Recognizing the need for innovative approaches to data storage and access, we are exploring new methods for storage sharing that could offer the flexibility and security necessary for blockchain data. While traditional technologies like Network Files Systems (NFS) represent familiar territory, our focus is on pioneering solutions that transcend conventional limitations. This exploration is still in its preliminary stages, and we are careful to approach it without preconceived notions about specific technologies like IPFS, which, while promising, require further experimentation to understand their applicability and potential benefits fully.

Decentralized SPO Computing Continuation Milestones

To meet our updated deliverables, we’ve recalibrated our milestones:

  • Block Producing Nodes on NuNet: Enabling SPOs to run block-producing nodes directly on our network, enhancing the network’s resilience and performance.
  • Management Dashboard and Accounting System: Developing an advanced framework to capture and analyze telemetry information, facilitating a transparent environment for SPOs.

Embracing the Future

As we continue on this ambitious path, we remain committed to our vision of a decentralized, secure, and efficient Cardano ecosystem. The challenges we face only sharpen our resolve, and with each milestone achieved, we inch closer to realizing our goals. Stay tuned for more updates and join us on this exciting journey towards revolutionizing decentralized computing.

Follow Our Progress

Stay engaged with our open-source journey and witness the unfolding of the Decentralized SPO use case. Your support, feedback, and collaboration are invaluable as we navigate this pioneering endeavor.

About NuNet

NuNet lets anyone share and monetise their computing resources, turning cloud computing power from a centralised service into an open protocol powered by blockchain. Find out more via:

--

--