Hi, I’m Jehan Tremback, and I’m the product manager for the Cosmos Hub team at Informal Systems. The Informal Hub team has decided to start doing monthly updates for the Cosmos Hub community. This month we have been focused on:
Getting the V8 and V9 releases of the Cosmos Hub out
Addressing community feedback on replicated security
Setting our team’s roadmap for 2023
You might be wondering- why are they doing two releases at once? Well, v8 contains an update of IBC with a bug fix for Interchain Accounts that we wanted to get out as soon as possible, while v9 contains the much-awaited feature, replicated security. It would have been simple to just put the bug fix and replicated security into the same release and only have one thing to focus on. However, we wanted to get the bug fix out as soon as possible and avoid delaying the bugfix due to delays in v9, or putting undue pressure on the v9 release.
We had some delays due to bugs found at the last stages of pre-release testing of v8, and these delays also cascaded to v9. I’m not going to go into much detail here, but you can read about it. We’re compiling all the different release-blocking bugs we encountered and will figure out how we can avoid delays in the future. Mostly, this will likely consist of moving many of our final testing practices into more frequent testnets or nightly tests so that we learn about problems in our code and in our dependencies more quickly. Since many of the bugs were in third party modules, we will also be instituting policies for maintainers of these modules to adhere to.
Fortunately we’re mostly past that now. V8 is currently live on the Hub. V9 (with replicated security) has just gone into the final testing stage. If all goes well, replicated security will be live on the Cosmos Hub at the beginning of March.
We posted a draft proposal for replicated security in mid-December. Since then we have received a lot of feedback on the proposal. Most of this feedback is in two main categories which I’ll summarize below:.
Validators will need to run all consumer chains that are approved by governance or face downtime slashing. This is essential to preserve the high security properties of replicated security, at least until we have workable fraud proofs for Cosmos-SDK (more on this some other time).
Some validators are concerned about the cost of running additional consumer chains. We are taking several steps to address this:
First, consumer chains will set their downtime window to 3+ days, meaning that validators can be down for a long time before receiving a downtime jailing. The Hub and many other Cosmos chains have downtime windows of around 16 hours. This increased leniency means that validators can run consumer chains with less redundancy, cutting costs. This will not pose a problem for the reliability of consumer chains.
Second, we will be helping the first consumer chain teams prepare financial projections quantifying the rewards that can be expected by the validators and delegators of the Cosmos Hub. This will help the community decide whether a given consumer chain is worth approving.
Some community members were concerned that a malicious consumer chain could send falsified slashing packets to the Hub, causing validators to be slashed unfairly. This is one of the main reasons that consumer chains need to be audited and approved by governance. Although we judged that this scenario is very unlikely, it is a valid concern and we had already implemented some throttling code to slow down the slashing process to buy time to stop this attack.
To make things even safer, we made some small changes so that slashes for double signing (the most serious type of consensus offense with the highest punishment) need to go through one additional step of being approved by governance. This will provide extra safety in the early stages of replicated security’s launch.
This is a temporary measure. We are working on an “untrusted consumer chain” protocol to allow the Hub to cryptographically verify double signing evidence. At this point it will no longer be possible for malicious consumer chain code to falsify a double signing slash packet and we will be able to make it fully automatic again.
We’ve been working on our roadmap for 2023. I’d like to make it clear that this is our team at Informal’s roadmap. The Cosmos Hub is decentralized and other teams contribute to it as well. We’re still polishing it up for a public release but I can go over the broad categories here:
Replicated Security v1.1: These are the many changes we want to make but could not get to before launch. These include:
Random code cleanups and protocol simplifications
Untrusted consumer chain protocol: Make it so that there is no way a consumer chain can cause inconvenience or harm to the Cosmos Hub, while bringing back automatic slashing as detailed above.
Soft opt-in: Make it so that the bottom 10-20% of validators on the Hub do not need to validate every consumer chain, making things easier for the smaller validators.
Interchain Security future: Work on the next versions of ICS
Opt-in security: Make it so that every validator can choose which consumer chains they want to validate. This requires fraud proofs or something similar.
Mesh security: Participate in the design and adoption of Mesh security. This likely also requires fraud proofs. We’ll be releasing an analysis soon.
Hub governance improvements: There are a lot of improvements to the Cosmos SDK governance system that could make deliberation easier and more constructive, and make community pool funding more accountable.
Streaming/vesting funding: Allow a funding recipient to vest their funds over time, subject to claw backs if they don’t perform, or set up a streaming payment of future funds, also subject to clawback.
Stabilized funding: Automatically exchange Atoms from the community pool for a stable asset, or adjust streaming funding amounts over time in response to an Atom price feed.
Multichoice proposals: Allow voters to choose between several acceptable options- this would make it easier to pass proposals that accurately reflect what voters want.
Follow @informalinc for more monthly Hub updates.
— Jehan