So I’ve had some thoughts and prior discussion about how the computational model of Codius is secure, and without any kind of verifiable computation, it’s unclear to me how you can ensure that someone executes your code. It seems like it’s the responsibility of the client to figure out whether or not the Codius endpoint is doing something malicious and then cut-off payments from there.
But if you don’t leverage a secure enclave, i.e. Keystone for RISC-V or Intel SGX, then why wouldn’t I just run a Codius node and trick people into paying me? Seems trivial given that there’s nothing preventing me from creating multiple identities (sybil resistance), etc.
Therefore the solutions are to:
- Federate the network somehow (unclear how you can do this without any sybil resistance or universal identity, maybe URLs are enough and if someone gets scammed the damage is limited because the URLs will get a bad reputation?)
- Require secure enclaves to run contracts (actually a good idea, I think it does a better job of leveraging end-to-end arguments than running a full on consensus layer for smart contracts)
Am I missing something here? I know that you can have secure enclave providers on Codius, but if you don’t require it, it’s pretty easy to fool people into performing real computations. The alternatives are slow Homomorphic encryption which heavily limits what kind of jobs you can do, or if you can divide the computations into some kind of samples, sort of like a map-reduce job, then maybe you can do some kind of tit-for-tat protocol.