Validators enter the scene: immersion in the heart of the security system of Polkadot
Back to the second Polkadot Francophonie meetup
Responsible for the validation and the data recording on the blockchain, the validators are the true guardians of its integrity.
Last Thursday, September 16th, the Polkadot Francophonie community organized its second meetup focusing on the theme of validators.
This new meeting, held at Bpifrance’s offices in Paris (public investment bank), aimed to demystify the role of the different actors involved in this security process and to understand how it works.
Ivan de Lastours, blockchain lead at Bpi introduced this session with a short explanation of the financing activity of the public body, and their blockchain participations. Seduced by Polkadot’s cross-chain approach, our host of the day shared his enthusiasm and support for our community.
We then meet up with David, Polkadot ambassador, who started the session with a little ecosystem update; mentioning the winning projects of the second round of auctions [1] as well as the last two articles by Gavin Wood explaining in detail the specificities of the XCM language-format which aims at the interoperability of Polkadot and the blockchain (a third part has just been released).
Let’s also thank Benoit, Polkadot ambassador, who remotely managed the live and the relationship with the community.
The evening went on with a real immersion in the heart of the security ecosystem, through the presentations of François, our developer met during our first meetup, Benjamin (aka bLd), Astar Network ambassador and validator, Gauthier (aka GTStaking), validator and Vladimir, co-founder of Lugus Lab with François.
The validator, guardian of the network integrity by consensus
François started this meeting by explaining the mission of the validators and the specificities of the Polkadot validation process.
Relay Chain, validators, collectors, staking, what does all this mean for the security of the ecosystem? Here is a summary.
As a reminder, the Relay Chain offers interoperability to the parachains that connect to it, allowing the data and transactions registered on their network to become mutually operable (for a comprehensive overview of the basics of Polkadot, we invite you to watch the replay of our first meetup).
This relay chain also brings shared security to all parachains.
In practice, validators of the relay chain become the real securers of state transitions [2] of the parachains.
As a result, these parachains can dispense with the need to deploy their own network of validators at launch and simply run a few collection nodes. These nodes — called collators — aggregate transactions into “candidate blocks” and produce proofs transitons for the validators.
A validator therefore seems to play a key role in the security of the ecosystem, but what is it really about?
Remember, a blockchain is a real ledger distributed and replicated between various actors, who manage [3] the nodes (servers) of the network.
In such a system without a central control agent, it is necessary to reach a shared consensus on the state of the ledger. To do this, it is necessary that a network participant verify the conformity of the transactions [4], anchor them on the registry [5] and redistribute the new state to the entire network.
This is where the validator comes into play, responsible for creating new blocks on the chain. For each block created [6], (s)he receives a reward in the form of tokens from the network.
By virtue of this power and responsibility, the validator therefore embodies the role of true guardian of the network’s integrity.
Nonetheless, to be eligible for this role, the validator must prove that (s)he is sufficiently reliable.
In blockchain networks, this proof always entails a significant personal contribution that guarantees the reliability of the validator. In principle, this discourages any malicious actor from applying for the role of validator.
On the bitcoin blockchain, it is called “proof-of-work” (PoW).
To create a block, miners [7] must solve a complex mathematical problem that requires an infrastructure with very high computing power. The first miner who solves this calculation is assigned to the creation of a new block.
This energy-intensive proof system is very expensive for the miner.
To participate in the security of the network, the validator must prove the possession of a certain quantity of tokens (called “stake”). These tokens must then be deposited (blocked) for the duration of the validation cycle (this operation is commonly called “staking”). Its contribution is made binding to the extent that any malicious action is punished by the permanent loss of some or all of its deposited tokens (a phenomenon called “slashing”).
In the Polkadot ecosystem, the token brought by the validator is a variation of this Proof-of-Stake involving new actors.
Polkadot uses the Nominated Proof-of-Stake (NPoS) mechanism that encourages token holders in the network to participate in its security. These actors are called nominators.
Any KSM or DOT holder can thus choose to delegate (nominate) part of his tokens to the validator(s) of his/her choice.
The weight of the validator’s stake is thus reinforced by the participation of other token holders, maximizing their chances of being selected for the production of a block. When the validator is assigned to the production of a block, (s)he remunerates its nominators by distributing to them a percentage of the reward received on the creation of the block, in proportion to their respective stakes.
On the other hand, if the validator is insufficiently available or creates blocks in an inconsistent or insecure manner, (s)he loses his/her personal stake as well as that of his/her nominators.
This proof of stake by nomination therefore increases the responsibility of the network stakeholders, reinforcing the preservation of its integrity.
Once the guardian’s status has been proven, the network must agree and designate the validator who will be responsible for producing the block. This operation must be performed at a specific time so that everyone synchronizes on a shared state. This is where the notion of consensus comes in.
Proof of Work (PoW) and Proof of Stake (PoS) are often wrongly used to designate consensus mechanisms. On the Bitcoin blockchain, for example, the PoW providing agreement on the author of a block is only one dimension of the Nakamoto consensus.
In reality, the network finality — the permanent and immutable nature of the data recorded in the blockchain — is strictly guaranteed by the computing power required to create the blocks.
Indeed, after a certain number of blocks successively created and confirmed, the computing power necessary to attack and compromise the integrity of the chain becomes too important and too costly for a malicious actor.
The finality of the network state is therefore said to be probabilistic.
For the rest, the mining industry has become more and more centralized (cfr. mining pool), which does not eliminate the risk that these large mining actors could at some point take control of enough computing power to damage the integrity of the network.
The purpose of any database, of any registry, even a distributed one, must however be certain and provable, preserving its integrity.
Polkadot has its own consensus guaranteeing the finality of the network state.
Polkadot uses BABE/GRANDPA which splits the creation of blocks into two parts. The BABE algorithm creates the blocks while GRANDPA finalizes the state of the chain.
A major difference with the Nakamoto consensus is that GRANDPA finalizes the chain rather than the blocks. As soon as a minimum of ⅔ of the validators attest that a chain contains a given block, all blocks preceding that block are finalized and the state of the network is final. We say that finality is proven.
Moreover, since the assignment of validators to the production of a block is determined in a pseudo-random way (and not on the basis of the resolution of a complex calculation), no attack will ever enable an actor to reconstruct a new chain with a new history.
The integrity of the ecosystem is therefore protected by a robust consensus and a high degree of responsibility on the part of the securers.
Nominated Proof-of-Stake: which roles, which stakes?
With the basics laid out, Benjamin presented us the functioning of the staking mechanism and the election process of the Polkadot validators.
Here are some key concepts:
A validator secures more tokens than it owns
As we have just seen, Polkadot uses proof of stake by nomination to select its validators. The stake pool of the validator is thus composed of his personal stake as well as that of his/her nominators.
The validator becomes active according to the size of his global stake (validator pool).
A specific algorithm named Phragmén retrieves all the nominations and determines the list of validators with the highest stakes. This list constitutes the active validators set, in charge of creating blocks during a given validation cycle.
An era is a validation cycle associated with a given list of active validators
It lasts 6 hours on Kusama and 24h on Polkadot. A new set of active validators is thus elected at the end of each era for the next 6h or 24h.
Each block created offers a fixed reward to the validator
The staking system rewards validators equally, regardless of their stakes. The fact that an active validator has collected more stakes than another does not increase the block rewards (s)he receives.
The nominator does not choose the size of the stake allocated to each of his/her validators
Besides determining the list of active validators, the Phragmén algorithm also allocates the stake of the nominators to the validators they have nominated. In fact, the algorithm smoothes the nominations according to the global stake of the nominated validators. A validator who already has a large stake pool will receive a smaller or even zero stake from a nominator.
This mechanism minimizes the differences in the stakes allocated to each validator so that the rewards for the nominators are as fair as possible.
The nominator’s choice is therefore solely based on the designation of his validators and the amount of tokens (s)he wishes to stake.
The nominator is committed to the network’s decentralization and security
It is important to choose your validator(s) carefully in order to protect the network and encourage its decentralization. Indeed, it is quite common for a single validator to hold several nodes on its own. Since these nodes are often managed remotely and configured in the same way, if one of them is slashed (voluntary/involuntary network corruption attempt, poor maintenance/monitoring of the network), it is potentially the entirety of these nodes that is evicted.
A nominator must therefore re-evaluate its validators frequently.
Game, set and match
Gauthier (GTStaking) then joined us and chose to talk about the Thousand Validators Program (TVP) which helped him to become a validator on the Kusama network.
The Thousand Validators Program was created at the initiative of the Web3 Foundation and Parity Technologies to facilitate the integration of validators into the active validator set.
In practice, the two organizations fund the validators’ nominations and guarantee them a weekly appointment.
Validators undergo a strict evaluation process of their node beforehand to verify the reliability of their technical infrastructure.
The program thus facilitates the integration of validators who are new to the program or have a smaller stake and allows them to easily gain a reputation.
It also further contributes to node decentralization by reducing the weight of validators holding several dozen servers on the network. [8]
We invite you to re-experience this immersion with Gauthier in order to get more detailed information about the conditions for participation and the registration procedure for the Thousand Validators Program.
With great power comes great responsibility
As Gauthier and Vladimir clearly explained, becoming a validator is not something that everyone can do. Beyond the minimum personal stake required, it requires a certain level of knowledge in systems administration to be able to always remain compliant with the required technical requirements. If you are not confident in your ability to manage your infrastructure, it is therefore recommended to engage as a nominator.
Indeed, while the remuneration of the validator may be a real incentive to secure the network, it is not sufficient. In fact, a poorly installed or poorly secured node can be slashed at any time.
Vladimir explained the two main sources of slashing in Polkadot:
- Liveness slashing: validators have to meet strict availability requirements. They must normally be present and active at all times. As long as the total number of unavailable validators does not exceed 10%, no validator is slashed. As soon as the rate of offline validators exceeds 10%, the network starts to punish the unavailable validators.
- Equivocation: the phenomenon of equivocation occurs when a validator manages several nodes at the same time with the same session keys, resulting in a high risk of double signatures. This risk is prevented by slashing the nodes involved. The high availability of nodes could also be a source of slashing if it is not properly managed by the validator.
It should also be noted that beyond the risk of losing the tokens involved, poor management of a node also severely damages the validator’s reputation.
A validator must therefore be able to manage and resolve technical problems and discrepancies in his/her node himself/herself, or risk incurring significant risks.
Vladimir closed the meetup with a rich presentation on the best practices for managing the validator’s infrastructure and the technical requirements.
We invite you to find all these explanations below:
- Required skills and infrastructure
- How to secure your machine, the network and your session keys?
- What is the problem of high availability?
- How to avoid equivocation?
- What types of upgrades should be performed?
- How to automate the deployment of your node? How do I start it?
- What should be monitored? Why is this important?
On the road to governance
The issues behind these new distributed models are not limited to technical questions of infrastructure management. These initiatives are fundamentally based on a new vision of society, new modes of organization, creation, distribution and exchange of values involving new power issues.
As François rightly shared with us, an IT consensus is very different from a social consensus. Such aspirations require the construction of new models of governance that are more transparent, collaborative and equitable.
We have therefore chosen to dedicate our November 10th meetup to the theme of governance. During an evening, we invite you to come and exchange freely on the use of these new distributed tools enabling new participative decision-making processes.
On October 6th, we will also continue our meetings with the French-speaking ambassadors of the ecosystem! For this occasion, we will meet Romain (RCajina) who will present the Moonbeam project on Twitch (the replay is available here).
A big thank you to all the participants for their careful listening.
We look forward to sharing, building and deconstructing with you on October 21st in Paris!
[1] This second auction series will end on October 6th
[2] A change of state corresponds to the creation of a new block on the blockchain
[3] The node is an entity that creates blocks and interacts in a network with other nodes
[4] Mathematical/cryptographic verification, purely automated
[5] These two steps relate to the creation of a new block on the blockchain
[6] Containing a series of cryptographically consistent transactions
[7] The miner is a validator with the difference that (s)he must have a machine with a very important computing power to be able to demonstrate his/her proof of work by solving a complex mathematical problem.
[8] Within the limits of the rules in force, each nominator can currently support a maximum of 16 different validators.
Bpifrance
Bpifrance finances and supports companies -at every stage of their development- providing credit, guarantees, innovation aid and equity capital. In doing so, Bpifrance supports public policies conducted by the State and the Regions. Bpifrance supports them in their development, ecological and energy transition, innovation and international projects.
Bpifrance’s mission is to make the French economy more dynamic and competitive through financing and investment. To this extent, Bpi supports the French blockchain ecosystem and has, to date, funded over 120 blockchain startups.
Polkadot Francophonie
The Polkadot Francophonie community is the French-speaking partner of the official Polkadot community, promoting the exchange of content focused on the Polkadot/Kusama ecosystem. Polkadot Francophonie federates the actors, the French-speaking ambassadors of the projects which gravitate around the Polkadot ecosystem, supporting the sharing and the communication between them and the community.
