An amazing thing about the Internet Computer is how complex services become like phone apps. Multi/dex is a great example. There's no database, no kunernetes, no AWS, no sys admin, just canisters — pure onchain logic and data that's tamperproof + UX
ICP cloud engines solve so many growing needs: Sovereignty, security, resilience, enabling AI, powering AIware, and... hosting systems that don't fall down when individual data centers are struck. Increasingly, this is a *worldwide* threat.
https://t.co/vZMwPsVtzS
https://t.co/c91gCXdI78 focused on helping people implement AIware on the Internet Computer or an ICP cloud engine (coming soon), where you spend more time in AI chat than you do in the traditional UX. This is the future.
MULTI/DEX is live on https://t.co/THp2nkOhaV in Play Mode. The community eval process has begun...
Trade to win prizes!! Send bugs and exploits to [email protected] for bounties!! GitHub link to follow.
100% onchain. Owned by the world. DeFi 3.0. NNS autonomy for safety 🔥📈
Congratulations @dfinity and $ICP 🎉
We have reached 50 Subnets📈
Proposal 142743 has passed! ✅
This proposal creates the second TEE-enabled subnet on the IC to provide confidential computing. Initially, it is intended to host the upcoming MULTI/DEX, which benefits from the stronger security and confidentiality properties that this environment provides.
The subnet is formed from 7 nodes spread across 7 node providers and 7 jurisdictions. All 7 nodes are SEV-enabled.
MULTI/DEX is coming🔥
Imagine the $ICP burn rate if Multi/DEX is as successful as we think it is.
Capturing even a fraction of the perp DEX market could send ICP's market cap soaring.
ICP uses a highly sophisticated security and decentralization model, which all blockchains that wish to function as clouds will need to copy.
Justin's latest misunderstandings (below) provide a good segue to talk about this, and share some expertise that even networks he's invested in might use.
1. Node count does not equal security or independence from centralized actors.
The claim that the number of nodes in a proof-of-stake network reflects decentralization and security is only an attractive idea that boils down to industry folklore and marketing. The node count doesn't matter per se, as I explain below.
For networks that depend on consensus to function, their security actually derives from the total number of *independent participants* involved consensus, and how voting power/participation power is divided between them.
In proof-of-stake networks, voting power derives from stake, rather than nodes. However, large stakers often stake via lots of nodes, sometimes to create the impression of decentralization, sometimes to partition access to their keys, and other times because their networks limit how much stake can be attached to a single node.
But here's the rub: if someone controls enough stake to control the network, it doesn't matter how many nodes they have spread their stake across.
Today, many networks have large numbers of nodes, but are in fact can be controlled by one entity, or a group of closely related entities.
This creates the following problems:
— They might make an honest mistake upgrading or configuring the network, and cause a disaster by accident;
— a hacker might commandeer their control to do something terrible;
— they might go bankrupt, and switch their nodes off, potentially causing loss of hosted data, and worse;
— they might subtly manipulate computations and data, to extact value from users somehow, sometimes without anyone being able to detect what is happening and;
— may other things
2. When someone says "the network is very secure and decentralized because it has lots of nodes..."
We know that across the "monolithic" proof-of-stake networks Justin is currently invested into, validator companies often operate tens of thousands of nodes using stake lent to them by customers in return for a share of the staking rewards.
In plain sight, this provides a demonstration of how the number of nodes in a network doesn't equal the number of independent consensus participants. However, hidden centralization is more of a problem.
For example, some time ago, the Crypto Leaks website shared video of a senior Ava Labs technical administrator claiming that in fact the company, and its founder and CEO, Emin Gün Sirer, own a huge portion of the AVAX supply that controls the Avalanche blockchain, and in fact, secretly operate the majority of its nodes, which they use to stake their holdings to both earn the lion's share of rewards and maintain hidden control.
They are not alone. Many proof-of-stake blockchains are run by companies and cabals of founders, execs and investors that secretly own a huge portion of the supply, and hide the fact by self-operating large numbers of nodes.
Aside from helping them get rich, this hidden centralization also helps them with two other things:
1) It provides them with hidden de facto control over their networks, which allows them to force through orderly node upgrades and configurations without the difficulty of decentralizing and having to invest effort developing specialized autonomous network governance and orchestration systems, such as the Internet Computer's Network Nervous System (NNS).
2) It inflates the price of their token: because they earn the lion's share of the staking rewards, they can stash them away for later, preventing them hitting the markets, which isn't a problem for them, because they have huge additional holdings they can sell from. By reducing the flow of tokens to the markets they keep the price higher, which i) enables to them to sell their holdings to the public at higher prices, and ii) keeps the market cap of their networks higher, which lends them prestige, which further attracts investors, including institutional investors who don't understand the game they're playing.
The public would be upset if they could see the truth. For this reasons, they often create large numbers of nodes while peddling the nonsense that the nodes are evidence of great decentralization.
3. Node count vs decentralization in open networks
For any decentralized network, whether its a monolithic network, or a subnet within a larger network, like a subnet on the Internet Computer, what matters for security and resilience is how consensus participation rights are divided amongst independent parties.
There are proven laws of mathematics governing how this works. If one party has 1/3 or more of the participation, then they can start exercising various forms of control over the network.
Thus, if participation is distributed equally over nodes, as it is on the Internet Computer (where the specialized hardware involved plays the role of a form of stake), it doesn't matter if a subnet has 1,000,000 nodes, and one party controls 333,334 of them, or 10 nodes, and one party controls 4 of them — each creates a similarly bad situation, since one party has 1/3 and can thus exert hidden control.
To capture this reality, the blockchain industry came up with the concept of the "Nakamoto Coefficient."
This is a number that tracks the number of independent parties that must collude to control a network. In both of the above examples, the Nakamoto coefficient is 1, even though vastly different numbers of nodes are involved, since a single party can exert control.
Again, what matters is the number of independent parties involved in consensus, not the number of nodes. People who claim otherwise are often just trotting out the same old snakeoil.
4. A key problem: the anonymity of node operators and stakers
A key challenge for proof-of-stake networks is that stakers/node operators are usually *anonymous*. This design choice is often sold to the public using old cypherpunk rubrics that anonymity allows networks to resist government control.
Of course, there is some truth in this, esepcially as concerns proof-of-work networks, but the proof-of-stake people making these argument are hardly ever cypherpunks!
The reality is that in practice anonymity has just become a way to fake decentralization, and hide massive unscrupulous profiteering.
(A further technical observation is that anonymity is anyway a weak shield in practice. For example, November 2022, Hetzner, one of Europe's largest clouds, decided to ban Solana nodes, and deleted 40% of the network's nodes overnight. The fact is they were able to easily identify the Solana nodes among the millions of other compute instances through technical means. The government could too.)
5. Moving on from anonymity, and creating powerful incentives for node operators not to be evil
The Internet Computer eschews node operator anonymity. When a prospective node operator wants go gain a "node provider" ID, through which they can join nodes to the network, they have to submit a proposal to the Network Nervous System, which includes identity and background information that allows the community to verify who they are, and what relationships they might have to other operators. Once they receive their node provider ID, this feeds back into how the Network Nervous System combines nodes.
Upon this foundation, the NNS combines nodes to form subnets that it knows are operated by independent parties — which combinations create the required levels of decentralization in a deterministic way, while using the minimum number of nodes for efficiency purposes.
Further, non-anonymous node providers join a system where they have powerful incentives to behave honestly.
Simply put, as the result of their declarations, if node providers act in an evil way, for example colluding to corrupt their subnets, they become legally liable, worldwide, for the results of their nefarious actions. Moreover, if they seriously disrupt the correct functioning of the network, they could additionally face criminal prosection under laws such as the UK's Computer Misuse Act from 1990.
The Internet Computer can slash misbehaving node providers, banishing their expensive hardware from the network, and proof-of-stake networks can similarly slash the stakes of their node operators.
However, slashing is a financial incentive that exists within a hypothesized microeconomic framework. In some scenarios, it's possible that a node operator might extract more value through dishonest actions than they lose when they get slashed.
The introduction of legal penalties for dishonest behavior act as a far more powerful real-world incentive.
The Internet Computer is more secure by design.
6. Scaling and efficiency using deterministic decentralization
The Internet Computer is essentially a network of super advanced subnet blockchains, which run under the control of its Network Nervous System, which runs on its own subnet (which also chains cryptographic keys to the subnets it creates, enabling the result of every call/tx into the network that triggers onchain computation to be transitively signed by the public key of the NNS — yes, Justin is talking nonsense when he says there is no shared security).
Individually, these subnets can host serious amounts of onchain computation and data, and they can even serve web. However, to scale-out horizontally, the network has to create additional subnets on demand.
This is only possible because the Network Nervous System can look at the available pool of nodes, and then draw down just the right combinations of nodes required to create new subnets with the necessary Nakamoto coefficients.
By design, it uses only the minimum number of nodes required to create the necessary Nakamoto coefficient, minimizing the replication of computation and data, driving incredible efficiency.
7. Going beyond node operator independence
Deterministic decentralization makes other considerations too, in addition to combining nodes from independent operators. Here they are:
Data centers — if a subnet's nodes are in the same data center, data center failure would also take the subnet down, so it combines nodes installed in different data centers.
Geographies — a nuclear strike might take out all the data centers in a geographical area, so its combines nodes in data centers that are geographically dispersed around the world.
Jurisdictions — if a jurisdiction such as the EU suddenly banned blockchain (hopefully not!) they might take down all nodes inside the regions they control, so it combines nodes based in different jurisdictions too.
Using this more nuanced understanding of decentralization, deterministic decentralization squeezes incredible security and resilience from the minimum number of nodes. This is something that just isn't possible on proof-of-stake networks with anonymous stakers and node operators.
8. Security and resilience on a cost curve
In practice, deterministic decentralization is also applied within the context of considerations about the most appropriate balance of security and cost.
Today, Ethereum replicates computation and data across hundreds of thousands of nodes. This is one of the reasons why its onchain computation costs are many orders of magnitude greater than on the Internet Computer. Yet, the computer science says that the amount of security and resilience they are gaining by adding more and more nodes exponentially decayed to zero long ago.
The Internet Computer, meanwhile, is focused on providing cloud, which demands efficiency.
In fact, the Internet Computer always aims to combine the minimum number of nodes required to produce the level of security and resilience appropriate for the application, because in reality, cost/benefit curves are often vastly different, and one size doesn't fit all.
Justin complains that shared public subnets used by the Internet Computer to host applications and services only use 13 nodes. In fact, this number of independent parties creates a Nakamoto coefficient of 5, which is much higher than actually exists on most proof-of-stake blockchains behind the scenes. Simply put, it is sufficient for these applications.
The soon to be released cloud engine technology will provide market validation (cloud engines are private subnets created by enterprises that wish to select their own nodes).
My bet is we will mostly see enterprises configure cloud engines with just 4 or 7 nodes, which will provide Nakamoto coefficients of 2 and 3 respectively, which they will see as easily sufficient for their needs. They will only add more nodes if they want to scale out query capacity, or reduce web latency times in different regions.
This works both ways.
For example, the Network Nervous System allocates ~50 nodes to its own subnet, and a similar number to subnets involved in the hosting of threshold cryptography, which allows hosted software to create public keys that the network can sign for on demand (e.g. to custody bitcoin within an application) and securely encrypt data stored on the network (e.g. the vetKeys functionality).
These subnets benefit from a huge Nakamoto coefficient of 17+, as well as the additional considerations that deterministic decentralization makes. If it wanted to, it could combine hundreds of nodes to create a subnet, thanks to the advanced nature of the network technology involved.
The ability of the Internet Computer to dynamically configure subnet nodes in pursuit of the precise amount of decentralization required, when considering all relevant factors, reflects its incredible sophistication, and why it can provide tamperproof unstoppable onchain cloud.
To date, the implementation of deterministic decentralization remains unique to the Internet Computer.
But, like other innovations the network pioneered years ago, which others are only now pursuing, such as reverse gas, chains that covet cloud provision will inevitably also attempt to adopt these methodologies.
Possibly, even those that Justin holds dear.
⚠️"ICP can be taken down by attacking a handful of nodes"
Attacking 9 of 13 nodes takes down ONE subnet, not ICP!
Those nodes are deliberately spread across different DCs, operators & countries and the NNS can eject nodes & recover the subnet... That is not a "takedown" by any stretch
⚠️"No shared security, subnets are on their own"
Own consensus per subnet; true
Fully sovereign islands; false!
The NNS root subnet controls the registry, node membership, protocol versions & can recover ANY subnet so it's not zero shared security.
⚠️ "At most <40 nodes, at worst 13"
Fiduciary subnet: 34 nodes.
NNS subnet: 40+
1 ICP node = identified hardware in a vetted DC
1 PoS "validator" = a stake entry; often thousands running on the same AWS account!
Apples to oranges
⚠️ "All features inherit weak 13 node security"
Wrong!
The threshold signing keys live on the 34-node fiduciary subnet; backups on a system subnet
BTC integration runs on a dedicated system subnet
ckBTC security != whatever app subnet your dapp sits on
⚠️ "Public data centers allow targeted attacks"
Public identity isn't a weakness, it's part of the security model.
ICP deliberately uses legally identified, NNS-vetted node providers distributed across independent data centers, jurisdictions, countires, and operators.
A successful "targeted attack" would require coordinated physical operations across multiple countries against SEV-SNP protected nodes at the same time, while avoiding detection.
Even if some nodes were compromised or failed, subnet divergence is detected and the NNS can recover the network.
By comparison, attacking an anonymous validator set concentrated in a single cloud provider or jurisdiction is a far cheaper and more realistic attack vector.
⚠️ "Nothing at stake except reputation"
That's incorrect.
ICP replaces token bonds with real world capital and legal accountability.
Node providers invest tens of thousands of dollars in specialized hardware, commit to long-term data center contracts, are legally identified, contractually bound, NNS-vetted, and forfeit future revenue if ejected.
Real capital at risk is still capital at risk. It's a different security model, not the absence of one.
⚠️"DKG creates a hard subnet limit"
That's not how ICP works.
Every subnet performs its own independent DKG to generate its threshold signing key.
Other subnets and external clients simply verify signatures using that subnet's public key from the NNS registry, there is no network-wide DKG or pairwise key ceremony between subnets.
You're turning a per-subnet protocol into a network-wide scaling bottleneck that the protocol simply doesn't have.
⚠️"BTC private keys are stored in canisters"
The key never exists ANYWHERE!
Threshold ECDSA = shares split across the 34-node signing subnet. Signatures produced collectively; the key is never assembled!
No canister, no node, no admin holds it.
⚠️ "Chain-key ECDSA exists in ETH contracts"
EVM contracts literally cannot do threshold ECDSA!
tBTC & co. bolt an EXTERNAL MPC network next to Ethereum.
Offchain signer networks != "ETH contracts do this"
The ICP on protocol version is the innovation.
⚠️ "Canister admin keys could steal the BTC"
That's an app trust model, not an ICP flaw. The same applies to every upgradeable Ethereum contract. The ckBTC minter is NNS-controlled.
⚠️ "HTTPS outcalls, how ridiculous"
Every replica makes the call independently & responses must pass consensus. No single node can inject fake data so not ridiculous; just not what you think it is.
⚠️ "HTTPS outcalls ARE the oracle problem"
Not quite.
HTTPS outcalls solve delivery trust, not source trust. They remove the oracle network in the middle, but they can't make a dishonest source honest.
Fetch from multiple independent sources and reach consensus, no additional oracle middlemen required.
⚠️ "Supply"
The genesis breakdown is public and documented! 24.7% seed (370 outsiders),
23.9% foundation,
9.5% early contributors,
7% strategic...
ICP has no mining; 100% of genesis existed at launch
The same as EVERY PoS chain, including ones you endorse.
✅Here's what this entire thread misses
ETH, SOL & every chain all optimizing the same thing: moving/interacting with tokens as fast as possible in the most decentralized way possible. That's it. That's the whole design space.
$ICP is not playing that game.
It's solving general-purpose compute: full applications deployed & served entirely onchain. Frontend, backend, storage; no clouds , no bridges, no middleware ...
Judging that by token-transfer/swap decentralization metrics is like reviewing a server farm as a payment terminal.
Different problem. Different design. Deliberate trade-offs, not mistakes...
Be serious for a second & look up who actually designed #InternetComputer
Dominic Williams (distributed systems veteran)
Jan Camenisch (IBM cryptography veteran, 140+ papers),
Timo Hanke (AsicBoost),
Ben Lynn (the L in BLS signatures!),
Andreas Rossberg (co-designer of WebAssembly itself)...
This isn't an anon team forking code...
Now the timeline: @dfinity started in 2015 as a decentralized cloud project.
2015! When the entire industry was still debating how to make tokens interact onchain (smartcontracts), they were engineering a general-purpose computing blockchain, while everyone else built payment rails.
You don't have to like the trade offs. But calling this "technobabble" & "obfuscation" only reveals who did their homework & who didn't.
https://t.co/9XFBYxRpua
$ICP just got its own Hyperliquid (built by @dfinity)
Building never never stops:
- MultiDEX launching this week
- @LiquidiumFi exploded since $ICP integration
- @oisy x @LiquidiumFi integration
- New NNS proposal to further cut ICP inflation
And $ICP is still at its cheapest price in 5 years 👀
MULTI/DEX — the world's most advanced DeFi — will be released in game mode later this week, together with source code for ICP community eval. Players to get $100k dummy assets to compete. Will be offered to the NNS for autonomous/ownerless execution. *True* DeFi that mimics CEXs.
Following MULTI/DEX.. cloud engines, and an "Open SaaS" suite, built using ICP's "AIware" technology. For enterprises that want to put AI at their heart, ICP will be the new stack they seek. It's going to be a big summer for the Internet Computer!
While everyone is watching the $ICP price, something much bigger just happened...
Internet Computer has rolled out a major network upgrade that could strengthen security and long-term adoption & transactions per second are now showing #ICP is a big player competing with Solana & other fast blockchains.
Is the market completely overlooking this? 👀
Full breakdown ⬇️
#InternetComputer #DFINITY #Crypto #AI #Web3
I won't speculate on how much cycle burn CaffeineAI or Cloud Engines will contribute. For the broader crypto market, I think DFINITY needs to build a killer app.
The upcoming MultiDEX should be part of Oisy, and they should put their full focus on making it fully multichain.
One wallet for every (most) chain, with a built-in multichain DEX (spot and futures), lending, and everything users need in one place.
Then hire a professional marketing agency, pay influencers, work with crypto media, and focus on acquiring a few million users who use it as their primary crypto wallet, regardless of which blockchain they prefer.
ICP is the most UNDER-VALUED crypto
ICP may be one of crypto’s clearest mispricing stories, and the on-chain data is the reason. This video breaks down why Internet Computer is still priced like a forgotten asset while the network has pushed toward 300 billion mainnet transactions and past daily activity close to 800 million transfers. We look at the gap between ICP network activity and market valuation, why the market still remembers the 2021 crash, and how on-chain activity, cycles, compute, canisters, and decentralized hosting point to a very different story.
Subscribe for more in-depth crypto breakdowns. #ICP #Crypto #InternetComputer
Kudos to the Caffeine team for getting this done. Many other things in the pipeline.
Internet Computer cloud engines can also run across hyperscaler infra. We'll see them on AWS soon.