Secure the Chain by Removing Compromised Nodes

Due to recent revelations that Allnodes has access to the seed phrases of their hosted & run client validators we now know that there is a major security risk.

A LUNC seed phrase cannot be changed. Therefore these nodes are permanently compromised. In the interest of the chain, they should spin down their nodes & create new nodes on either VPS or bare metal set ups where they alone know their seed phrase.

Until these validators leave, they are a major security threat as they fundamentally DO NOT own their nodes, which are in fact owned by Allnodes.

1 Like

100% agree. Remove all the compromised nodes and save the chain

1 Like

Thank you. I agree.

I don’t run any validator node.

That is why I would like to inform you that my proposal has no conflict of interest.

I think hard-line policy is the last resort in all matters.

If Allnode is only one Node hosting provider in the world, this proposal could work.

But if the number of validator using AWS or other provider company services increases in the future, do We have to remove them again? It’s a vicious cycle.

458418_430012_244

The same problem exists in other chains, such as ETH and SOL. However, they do not preemptively and forcefully respond to the risks that may arise in the future.

Two questions must precede this.

  • Are validators running personal equipment more secure than providers?

  • Are their social responsibility and credibility higher than provider companies?

Biggest companies coexist with the trust they have built up as they grow and the social responsibility they have to protect. We use services based on their trust.

For example,

We don’t reject Google Maps for fear of tracking Google’s location.

We do not reject the Pentagon for have a red button for nuclear missiles.

Because I think it’s safer for the socially responsible to manage a huge power than for the individual. It is not an ideology that excludes decentralization. It’s a mutual commitment based on trust.

However, there is a possibility that the problem of Node provider, which certain people are concerned about, will happen in the future. We can probably set some rules to prevent this from happening.

  1. We allow up to 5 validator provided by one node provider company.

  2. We limit the maximum amount of coins that can be delegate to one validator to 5% of the total steak.

The proposal could also solve the problem of certain validator who are playing chicken games with 0% percent commission for increase voting power.

If you have a better offer than this, please suggest it. However, please refrain from suggestions that can benefit specific people more. An equal offer is good for everyone.

5 Likes