Design a local reputation system

[s-tikhomirov]

In the incentivization PoC, clients assign reputation scores for servers. Think of how exactly a reputation score should be calculated. Learn from prior work - see #47 .

Local reputation approaches are suitable for the initial PoC. Local reputation scores depend on prior experience of the client with the server. The key problem that may arise is that servers can generate new identities easily (aka Sybil attack).

This issue focuses on how exactly local scores are calculated.

We may explore global reputation approaches in the future - see #49.

Potential ideas

Ideas from a PR discussion (emphasis mine).

Decaying or capped reputation function

@mart1n-xyz:

You can have a cap on reputation points (or a decaying function) such that at some stage you give more weight to "negative reputation" and newer nodes can catch up to the reputation of old, trustful but centralizing servers. Or reputation points may expire gradually.

Transitive reputation

@mattyTokenomics:

Loosely speaking clients consistently retrieving files from servers are incentivized not to over concentrate reliance on any one point of failure, so they should be exploring other servers to discover those that are reliable as well.

Inherited or transitive reputation may help with this as well. If Client A interacts via messaging or otherwise with Client B, and Client B trusts Server C, Client A should reasonably trust Server C even if never having directly interacted with it before.

[mattyTokenomics]

I think EigenTrust supports both what Martin is referring to due to how it normalizes local trust scores, so that every peer's trust is essentially a relative number not an absolute one. In effect this means that if newer peers can gain relative share, especially if more active than older peers. It also is by its very nature an implementation of transitive reputation, and has the desired quality of being able to aggregate local reputations that converge to a global reputation score.

It is for a peer-to-peer context, so may need some adapting for a client-to-server context, but so far I think it has all the properties people have brought up as desirable.