Validator Node Rotation

Overview

As explained in Consensus Protocol, the consensus protocol in LACChain Networks orchestrated by LACNet is IBFT 2.0 Proof of Authority. This established a set of authorized validator nodes that participate in the evaluation, validation, and proposal of new blocks. In the case of Proof of Authority consensus protocols, it is always essential to determine who and under which conditions can become a validator node. If too many entities become part of the validator pool, our networks can suffer from delays awaiting for the 2/3+1 validator node signatures that every block requires. But if the number of entities and nodes allowed to participate in the validation is limited, decentralization and transparency are affected.

This is why we have developed a protocol that establishes a fixed number of 11 active validator nodes and an unlimited number of inactive validator nodes. Nodes from these two groups are constantly been interchanged or rotated, as we call it, following an algorithm that maximizes performance and decentralization. This algorithm also incorporates random entropy so it can not be predicted in a deterministic manner which validators will be selected at any time, so with that we add additional security against potential attacks that intend to control more than 2/3+1 of the validators and manipulate block generation.

Rotation Protocol

The protocol for the rotation of validator nodes applied in LACChain Networks has 7 principles:

  1. Validator nodes are divided into active and inactive.
  2. The number of active validator nodes is fixed to 11, because 11 is the smallest number of nodes to allow for 4 validators down in a BFT/PoA scheme (because 2/3+1 validator signatures are required for a new block to be proposed).
  3. Any entity that meets the technical requirements to run a validator and signs the Adscription Agreement for Validator Nodes is allowed to deploy and operate a validator.
  4. Validator nodes are graded according to the Node Health Score, which is based on five metrics: blocks generated, block time, online time percent, decentralization, and block propagation time.
  5. There are two Rotation Rounds where active  and  passive  nodes are interchanged or rotated, the Health Check Round and the General Rotation Round. Rotation probabilities are calculated according to health scores (i.e., a node with a higher score has lower probability of being rotated out).
  6. The Permissioning Committee supervises the process.
  7. Active validators must enable the rotation with their votes by adding and removing the validators indicated by the rotation protocol in the Rotation Rounds.
 

Scoring Validator Nodes

In order to rotate nodes in a way that maximizes the performance and decentralization of the network, it is necessary to first understand the health and contribution of active validator nodes. This framework proposes doing this by calculating a Node Health Score, based in the following 5 metrics:

Table 1. KPIs evaluated in validator nodes.

The Node Health Score algorithm is as follows:

  • blocks_score: blocks_generated / max of blocks_generated across all nodes.
  • block_time_score: 1 / (block_time / 2).
  • decentralization_distance: avg distance to every other node / number of nodes in same location.
  • decentralization_score: decentralization_distance / max of decentralization_ distance across all nodes.
  • online_score: online_time_percent / 100. • propagation_avg_score: propagation_avg_time / propagation_time. if the result is greater than 1, score is 1.
  • propagation_time_score: propagation_time / median of propagation_time across all nodes. if the result is greater than 1, score is 1
 

Table 2 shows an example of 3 nodes being scored according to the Node Health Score algorithm. Table 3 shows the overall score for the same set of nodes and performances.

Table 2. Example of scoring for three nodes.
Table 3. Example of overall score.

Rotation Rounds

The validator Node Health Scores are useful to monitor the health of the network, and they are used as inputs to determine the rotation of active and inactive validator nodes. Active validator nodes can be rotated out under two circumstances:

  • Health check round

  • General rotation round

Health Check Round

The Health Check rounds are periodical checks on the validators’ performance. They are intended to identify active validator nodes that are underperforming and rotate them with a node from the inactive validator pool before they lead to a malfunction of the network (e.g., delaying or interrupting block generation). The rules applied are the following:

·   Every 30 minutes, the scoring methodology will run to 1) calculate an overall health score for each active node and 2) identify any nodes that are performing below thresholds. Thresholds are presented in Table 4.

·    If a node is performing below threshold in the 30 minutes check, a report and an alert are sent to the Permissioning Committee which will decide if the node should be immediately rotated out.

·     If the node continues to perform below thresholds for 24 hours, the node will be flagged for rotation out and rotation will be triggered automatically.

In the example scores presented in Tables 2 and 3, node #2 would be identified as not hitting the online time percent threshold and node #3 would be identified as not hitting the block time threshold.

 
Table 4. Thresholds of minimum performance accepted.
General Rotation Round

The General Rotation Round is the process established to organically rotate out active and rotate in inactive validator nodes. The purpose of this rotation is to allow any entity capable of maintaining a reliable validator node to participate in the block generation while keeping the number of validators set to the optimal number 11 (see Section 2.3). This allows for a high degree of decentralization. The rules applied are the following:

  • Every 2 weeks, there will be a general rotation round where 2 active nodes are flagged for rotation out and 2 inactive nodes are proposed for rotation in.

  • The algorithm selects the 2 nodes to be rotated out based on rotation probabilities that are based on the Node Health Scores. The lower the score, the higher the rotation probability. The algorithm for the adjusted overall score is 1 / (1+EXP(- 20*(overall_score-0.9))) and for the rotation probability is (1 – Adjusted overall score) / Sum of adjusted overall scores.

  • When an active node is rotated out during general rotation, they will keep their historical health scores and be put in a pool of inactive nodes ready for rotation back in. Active nodes that have been rotated out due to poor performance will not keep their historical health scores and instead be flagged for review by the Permissioning Committee; after review, the node will start from a clean slate and be put into the pool of inactive nodes ready for rotation in.

  • The logic for inactive nodes chosen for rotation in are as follows depending on how many nodes need to be rotated in is:

    • 1st replacement node: If available, a node with historical health scores chosen based on the probabilities determined by their average health scores.
    • 2nd replacement node: If available, a node with no previous health scores (e.g., either a complete new node or a previously poorly performing node that was reviewed and cleared by the Permissioning Committee).
    • Continued, flipping between nodes with scores and nodes without scores as available

Open Source Implementation

The implementation of the Rotation Protocol is open source and can be found in the corresponding Github repository.

Check our terms and conditions, privacy policies, and cookies policy.

Twitter Linkedin Youtube

Copyright 2024 © All rights Reserved. Designed by LACNet