CODEX-MARKETPLACE: New Raw RFC #36
Conversation
codex/marketplace.md
Outdated
| | --------------- | --------- | | ||
| | Storage Nodes | A Codex node that provides storage services to the marketplace.| | ||
| | Validator Nodes | A Codex node that collects, validates and submits proofs to reward or penalize other storage nodes or validator nodes. | | ||
| | Regular Nodes | The main Codex client that interacts with other nodes to locate and retrieve data. Also considered to be an ephemeral node (light client) | |
There was a problem hiding this comment.
This is vaguely defined in the write up. I am proposing that the next RFC should be a Codex node raw rfc. The reference implementation: codex-node
There was a problem hiding this comment.
This is likely a bit off. Are we defining specs for our current implementation or for the end result of what Codex will be in the future?
Codex node roles are defined in the (WIP) whitepaper and likely could be used here. Will DM the link to you.
There was a problem hiding this comment.
Currently defining this spec based on current implementation, past and future designs can be mentioned.
Co-authored-by: Eric <5089238+emizzle@users.noreply.github.com>
codex/marketplace.md
Outdated
|
|
||
| When storage providers are selected to fill a slot for the request, | ||
| storage providers MUST NOT abandon the slot, unless the request is canceled or complete. | ||
| If canceled, the slot state SHOULD be changed to cancelled or failed. |
There was a problem hiding this comment.
Is this correct, or is it just cancelled?
There was a problem hiding this comment.
Not sure if cancelled is implemented as of now, but we should support it, in that case cancelled and failed are correct states.
codex/marketplace.md
Outdated
| Each slot represents a chunk of a dataset provided during storage request. | ||
| The first state of a slot is reserved, meaning that the slot is waiting to be reserved by a storage provider. | ||
| The Codex network selects storage providers by using a variation of the Kademila distance function, | ||
| as described in [CODEX/NODE-DISPERSAL](https://github.com/vacp2p/rfc-index/blob/codex-disperal/codex/slot-dispersal.md). |
There was a problem hiding this comment.
Proposed a separate RFC for dispersal, currently in draft. Should this stay separate or combine into this rfc? #39
There was a problem hiding this comment.
Great start, especially considerating you had to dig up all the details! IMHO it needs a lot of work to have it really in usable state. I will try to help you as much as I can to get it there. I would like to see few things clarified and few to work in.
- Can you please elaborate "what are we specing"? Are we specing the smart contract or module implementation that interacts with the smart contracts? This should be clarified and also noted in the document. IMHO this spec should be the second.
- Do you have experience writing spec with "external driver" like a smart contract? Very often some state is dictated by the smart contract and this happens "automatically". Quick question, how much are you familiar with smart contracts and how they work/operate? It would be good idea to find maybe some examples from other projects on how to write this sort of spec.
- I would like to have some diagram about the states flow of purchasing (eq. client request storage) and sales (eq. storage provider fills the slot) to explain it better to the reader. An example: https://github.com/codex-storage/nim-codex/blob/8b12934fe242381df8a65ac6afd32c6e171dac4a/codex/purchasing/purchase.nim#L6
These are just my initial thoughts, I will do another pass of the review to give more inputs.
codex/marketplace.md
Outdated
| | Terminology | Description | | ||
| | --------------- | --------- | | ||
| | Storage Providers | A Codex node that provides storage services to the marketplace. | | ||
| | Validator Nodes | A Codex node that collects, validates and submits missing storage proofs for a reward. | |
There was a problem hiding this comment.
| | Validator Nodes | A Codex node that collects, validates and submits missing storage proofs for a reward. | | |
| | Validator Nodes | A Codex node that check for missing storage proofs and triggers for a reward. | |
In the future, there will be Aggregator nodes that will collect and submit proofs on-chain. In the current design, Validators only check if there are missing proofs. If so, they mark them on-chain, which then triggers slashing and eventually leads to removing the failed host and starting the repair process.
codex/marketplace.md
Outdated
| client nodes MUST split the dataset into data chunks, $(c_1, c_2, c_3, \ldots, c_{20})$. | ||
| Using a erasure coding technique, | ||
| the data chunks are encoded and placed into separate slots. | ||
| The RECCOMENDED erasure coding technique is a [Reed-Soloman algorithm](https://hackmd.io/FB58eZQoTNm-dnhu0Y1XnA). |
There was a problem hiding this comment.
I am not so familiar with RFC terminology as this is my first main dive into "specs", but I am wondering about the RECOMMENDED part here. Currently, we support only this erasure coding technique. If somebody writes an alternative implementation of Codex and decides to use different erasure coding, they would be effectively non-compatible with "our" Codex as our implementation would not know how to reconstruct the data from the other implementation. Of course, at some point, we could add a new erasure coding technique, but IMHO then the RFC should be amended with the requirement that all implementations will implement the new erasure coding technique in order to maintain the network compatibility.
Soooo shouldn't this be a MUST?
There was a problem hiding this comment.
Sorry I am editing my response from previously, it should be changed to a SHOULD instead of MUST because an implementor can still use a different encoding algorithm and create a slot. Even if the data can not be decoded, do storage providers check the same erasure coding is used before store the data? RECOMMENDED I assumed an implementer could use a different algorithm if desired.
codex/marketplace.md
Outdated
| Using a erasure coding technique, | ||
| the data chunks are encoded and placed into separate slots. |
There was a problem hiding this comment.
I guess the spec for how to do this exactly should be referenced in some other RFC?
There was a problem hiding this comment.
I will open this for discussion at a later time. @dryajov
codex/marketplace.md
Outdated
| The requester MUST provide a `duration` value for the storage request along with the appropriate `reward`, | ||
| payment for request. |
There was a problem hiding this comment.
Are we specifying here required parameters for the storage request? Because there is quite much more. Pretty much all the parameters of Request (see here) object needs to be specified (eq. non-zero).
There was a problem hiding this comment.
This describes the required values that a client should provide with a storage request transaction. Is it required that an implementor create the same objects as your reference implementation (here)?
codex/marketplace.md
Outdated
| all slots MUST be filled by storage providers before the request is officially started. | ||
| If the request does not attract enough storage providers after a pre-defined network timeout, | ||
| which is defined by the Codex node as `expiry`, | ||
| the request MUST be canceled. |
There was a problem hiding this comment.
Wondering about the MUST here. This is done "automatically" by the smart contract, not the node. What needs to happen though, is that the Client node SHOULD withdraw back the remaining funds from the Request and the SPs that filled the slot before expiry SHOULD collect the partial payout for the time they were filling the slot. These actions are not required as the money can be kept in the smart contract indefinitely.
There was a problem hiding this comment.
MUST here describes that the implementation must have all slots of a given request filled before the state is changed to Started, the objects RequestState object. I assumed that the Codex node set a predefined value for expiry instead of the requester creating a new value for each request. As for funds associated with the request, the next statement defines, "If canceled, collateral SHOULD be returned to any storage providers and
reward returned to the requester." Should this statement mention partial payout for time waiting for state change to Started?
There was a problem hiding this comment.
I assumed that the Codex node set a predefined value for expiry instead of the requester creating a new value for each request.
Currently, the requester defines the timeout. The reasoning is that, the requester should define how long it wants to wait for it's contract to start, the minimum and maximum wait values are unspecified as of now, but its something we might want to consider.
Should this statement mention partial payout for time waiting for state change to Started?
Yes, nodes that have provided storage proofs during the "contract initiation" phase, should be compensated (at least this is the current thinking), and as such this should be captured.
There was a problem hiding this comment.
Wondering about the MUST here. This is done "automatically" by the smart contract, not the node.
Regardless of who is initiating this it "MUST" happen.
codex/marketplace.md
Outdated
|
|
||
| Client nodes can create storage requests on the Codex network via the Codex marketplace. | ||
| The marketplace is a a smart contract on a EVM compatiable blockchain. | ||
| The smart contract SHOULD handle storage request, storage slot state, |
There was a problem hiding this comment.
What does "SHOULD" mean in this context?
There was a problem hiding this comment.
You are correct, this should be MUST.
codex/marketplace.md
Outdated
| storage provider rewards, storage provider collateral, and storage proof state. | ||
|
|
||
| To create a request to store a dataset on the Codex network, | ||
| client nodes MUST split the dataset into data chunks, $(c_1, c_2, c_3, \ldots, c_{20})$. |
There was a problem hiding this comment.
| client nodes MUST split the dataset into data chunks, $(c_1, c_2, c_3, \ldots, c_{20})$. | |
| client nodes MUST split the dataset into data chunks, $(c_1, c_2, c_3, \ldots, c_{x})$. |
We do not split data only into 20 chunks...
codex/marketplace.md
Outdated
| `reward` returned to the requester. | ||
| The requester MAY create a new request with different values to restart the process. | ||
|
|
||
| The storage request SHOULD initiate a new storage contract with the following parameters: |
There was a problem hiding this comment.
All these parameters are required so most probably it should be MUST?
There was a problem hiding this comment.
MAY in this context refers to the requester's choice of creating a new transaction. SHOULD in this context refers to the requester providing the values for the request. In most cases a MUST is used for described the behavior of the application itself not the user because a user may not provide all the values.
codex/marketplace.md
Outdated
| The following is related to storage provider who has offered `collateral` | ||
|
|
||
| If a storage provider, filling a slot, | ||
| fails to provide enough proofs of storage, the `collateral` MUST be forfeited. |
There was a problem hiding this comment.
Again there is the question of "what are we specing here":
the
collateralMUST be forfeited
It is not like the nodes MUST "forfeit" their collateral by doing some smart contract call. This is handled by the smart contract in the form of slashing. As smart contracts can not "act automatically" (eq. they automatically slash collateral when nodes miss their proof), these actions need to be triggered by somebody submitting transaction (and paying for it), we could potentially talk about who SHOULD/MUST do this triggering. But honestly I would leave that to separate section where we should spec how Validator node should behave.
| fails to provide enough proofs of storage, the `collateral` MUST be forfeited. | |
| miss the critical amount of submitted proofs of the storage, the `collateral` will be slashed. If a critical amount of `collateral` is slashed, then the slot is vacated and the repair process kicks in. |
There was a problem hiding this comment.
I agree forfeited may be the wrong term to use here. From my understanding slashing refers to a user losing a portion of their tokens. This should be mention as well as total lost of collateral when maxNumOfSlashing occurs.
There was a problem hiding this comment.
I think forfeited is an appropriate term here, I also think that leaving the mechanics of how this is accomplished open ended is the right approach here. The fact that a contract cannot trigger actions internally and has to be externally initiated is an implementation detail, and a limitation of the underlying execution environment and should be captured in a different spec, possibly by the validator spec.
IMO, this spec should be generic enough, that it can be implemented on top of a different execution environment altogether.
So, I overall agree with the current wording.
codex/marketplace.md
Outdated
| | --------------- | --------- | | ||
| | storage providers | A Codex node that provides storage services to the marketplace. | | ||
| | validator nodes | A Codex node that collects, validates and submits missing storage proofs for a reward. | | ||
| | client nodes | The most common Codex node that interacts with other nodes to store, locate and retrieve data. Also considered to be an ephemeral node (light client). | |
There was a problem hiding this comment.
An ephemeral node isn't a light client, in fact we avoid the usage of the term light client al together, due to it's ambiguity.
codex/marketplace.md
Outdated
| name: Codex Storage Marketplace | ||
| status: raw | ||
| tags: codex | ||
| editor: Dmitriy <dryajov@status.im> |
There was a problem hiding this comment.
We should list Mark here as well (I can't tag him in this repo, he should be invited - https://github.com/markspanbroek)
|
Great start, lets have Mark review this as well. |
There was a problem hiding this comment.
Great work pulling this together @jimstir! Sorry that it took me a while to review it; I've had a lot of other things on my todo list. But here's my review, it looks good overall but I have some suggestions below.
codex/raw/marketplace.md
Outdated
| 2. [CIDv1](https://github.com/multiformats/cid#cidv1) | ||
| 3. [Proof-of-Data-Possession](https://hackmd.io/2uRBltuIT7yX0CyczJevYg?view) | ||
| 4. [Codex market implementation](https://github.com/codex-storage/nim-codex/blob/master/codex/market.nim) | ||
| 5. [CODEX/NODE-DISPERSAL](https://github.com/vacp2p/rfc-index/blob/codex-disperal/codex/slot-dispersal.md) |
There was a problem hiding this comment.
The description of node dispersal is now moved inside this document, so we don't need this reference anymore, I think.
codex/raw/marketplace.md
Outdated
| Each slot represents a chunk of a dataset provided during the storage request. | ||
| The first state of a slot is `reserved`, meaning that the slot is waiting to be reserved by a storage provider. | ||
| The Codex network selects storage providers by using a variation of the Kademila distance function, | ||
| as described in [CODEX/NODE-DISPERSAL](https://github.com/vacp2p/rfc-index/blob/codex-disperal/codex/slot-dispersal.md). |
There was a problem hiding this comment.
This should become a reference to the paragraph below, instead of a reference to a separate document.
codex/raw/marketplace.md
Outdated
| tags: codex | ||
| editor: Dmitriy <dryajov@status.im> | ||
| contributors: | ||
| - Mark <mark@status.im> |
There was a problem hiding this comment.
| - Mark <mark@status.im> | |
| - Mark <mark@codex.storage> |
| status: raw | ||
| tags: codex | ||
| editor: Dmitriy <dryajov@status.im> | ||
| contributors: |
There was a problem hiding this comment.
Should you not be in the list of contributors @jimstir?
codex/raw/marketplace.md
Outdated
| | --------------- | --------- | | ||
| | storage providers | A Codex node that provides storage services to the marketplace. | | ||
| | validator nodes | A Codex node that checks for missing storage proofs and triggers for a reward. | | ||
| | client nodes | The most common Codex node that interacts with other nodes to store, locate and retrieve data. Also considered to be an ephemeral node. | |
There was a problem hiding this comment.
I would remove this last part about the ephemeral module. I don't think it helps to explain what a client node does, yet raises all sorts of questions that are not answered in this document.
codex/raw/marketplace.md
Outdated
| #### Slot Dispersal | ||
|
|
||
| Storage providers compete with one another to store data from storage request. | ||
| Before a storage provider can download the data, they MUST be selected to obtain a reseversation of a slot. |
There was a problem hiding this comment.
| Before a storage provider can download the data, they MUST be selected to obtain a reseversation of a slot. | |
| Before a storage provider can download the data, they MUST obtain a reservation for a slot. |
codex/raw/marketplace.md
Outdated
|
|
||
| Storage providers compete with one another to store data from storage request. | ||
| Before a storage provider can download the data, they MUST be selected to obtain a reseversation of a slot. | ||
| The Codex network handles selection by using Kademlia distance function to select eligible storage providers per slot. |
There was a problem hiding this comment.
| The Codex network handles selection by using Kademlia distance function to select eligible storage providers per slot. | |
| The Codex network uses an expanding window based on the Kademlia distance function to select storage providers that are allowed to reserve a slot. |
codex/raw/marketplace.md
Outdated
|
|
||
| hash(blockHash, requestId, slotIndex, reservationIndex); | ||
|
|
||
| `blockHash`: unique identifier for a specific block |
There was a problem hiding this comment.
The word "block" is rather ambiguous in our context, so I'd mention specifically that it's the Ethereum blockhash.
| The source address is used along with the storage provider's blockchain address to calculate the Kademlia distance. | ||
| This is represented by: | ||
|
|
||
| $$ XOR(A,A_0) $$ |
There was a problem hiding this comment.
It's not clear to me what A and A_0 mean in this context.
|
|
||
| $$ XOR(A,A_0) $$ | ||
|
|
||
| The allowed distance over time $t_1$, can be defined as $2^{256} * F(t_1)$. |
There was a problem hiding this comment.
We should probably specify what F is here.
codex/raw/marketplace.md
Outdated
| ## Motivation | ||
| The Codex network aims to create a peer-to-peer storage engine with strong data durability, | ||
| data persistence guarantees and node storage incentives. | ||
| To reach this goal, a data availability and retrieval mechanism is needed. |
There was a problem hiding this comment.
Not sure where this came from, Codex isn't about data availability, it is strictly about data durability.
There was a problem hiding this comment.
I found this in the codex white-paper, data availability is mentioned often. "This makes data availability one of the principal requirements for decentralized storage. To reach that goal, Codex implements strong incentives and a robust data dispersion scheme that allows for extreme flexibility at the moment of accessing a dataset."
codex/raw/marketplace.md
Outdated
| The Codex network aims to create a peer-to-peer storage engine with strong data durability, | ||
| data persistence guarantees and node storage incentives. | ||
| To reach this goal, a data availability and retrieval mechanism is needed. | ||
| Support for light clients, like mobile devices should also be embraced. |
There was a problem hiding this comment.
Don't use light client, better use resource restricted devices.
| Support for light clients, like mobile devices should also be embraced. | |
| Support for resource restricted devices, like mobile devices should also be embraced. |
codex/raw/marketplace.md
Outdated
| data persistence guarantees and node storage incentives. | ||
| To reach this goal, a data availability and retrieval mechanism is needed. | ||
| Support for light clients, like mobile devices should also be embraced. | ||
| The protocol should remove complexity to allow for simple implementation and |
There was a problem hiding this comment.
I would remove this phrasing. This isn't a concrete goal that can be properly quantified.
| address client; | ||
|
|
||
| // content identifier | ||
| string cid; |
There was a problem hiding this comment.
I've noticed this before, but forgot to bring it up - we should not store the Cid as a string but as a byte array/string. It should be changed in the contract implementation and should be correctly captured here.
There was a problem hiding this comment.
Good point, we should be using the binary format instead of the stringified form. Adam already created an issue for this: codex-storage/codex-contracts-eth#107
codex/raw/marketplace.md
Outdated
| - MUST be generated by the client node | ||
|
|
||
| `reward` | ||
| - total amount is REQUIRED in transaction to initiate storage request. |
There was a problem hiding this comment.
This wording is a bit weird, I'm not sure what it means.
There was a problem hiding this comment.
Added this in response to feedback from mark, here. I'll word differently
A raw RFC for Codex marketplace design. Open discussion to create a Codex node RFC which should be referenced in this RFC and future Codex RFCs.
Implementation Reference: nim-codex