Introduction to Layer-0 Governance
In typical layer-1 blockchains, governance operations primarily take place on-chain. This means that the rules of the network, including decisions about its future direction and the resolution of disputes, are handled by on-chain processes and are directly encoded into the blockchain. However, this method of governance is not foolproof. Malicious nodes could potentially gain control over the network if they manage to secure an on-chain majority, thereby providing them with the capability to manipulate the network for their own interests.
To counteract this vulnerability, Q introduces a layer-0 governance (L0 governance) mechanism. The fundamental purpose of L0 governance is to equip root nodes with the capability to implement countermeasures to rectify and safeguard the on-chain governance structures, especially in scenarios where these structures have been compromised by malicious validators.
Layer-0 Governance Mechanisms
Currently, L0 governance oversees the management of the following two types of lists. To update these lists, a quorum and majority must be achieved as defined in the Q constitution, under Appendix 5 titled "Voting":
Root Node List: This list encompasses the public addresses of root nodes and designates the entities that are authorized to approve L0 governance actions. By maintaining this list up-to-date, the root nodes ensure that only legitimate and trustworthy nodes possess the power to enact L0 governance changes.
Validator Exclusion List: This list serves as a blacklist of public validator addresses. Any validator that finds themselves on this list is barred from producing new blocks. Each banned validator's address is accompanied by the block number at which the ban was implemented. This exclusion serves as a preventive measure against malicious activity, as misbehaving validators are effectively removed from consensus.
How Layer-0 Governance Works
The L0 governance process is designed to add an extra layer of security to the Q blockchain network. If it is suspected that malicious validators have gained an on-chain majority, root nodes, utilizing their authority, can intervene to prevent potential network abuse. This is achieved by blacklisting these validators, thus excluding them from producing new blocks and further influencing the network.
The decision to blacklist a validator is not made lightly. It is a significant action that is only undertaken when there is clear evidence of malicious activity. Moreover, the block number at which the ban is enforced is recorded, providing transparency about when and why the action was taken.
In this way, the layer-0 governance mechanism serves as a network safeguard, ensuring that the on-chain governance of Q remains robust and secure, even in the face of potential threats. By providing the means to intervene at a higher level when needed, L0 governance ensures that no single entity can gain undue influence over the network, thereby maintaining the integrity and decentralized nature of the Q blockchain.
FAQ
Q: What is co-signing according to paragraph 5.3.9 of the Q constitution?
A: Co-signing by a root node, as outlined in paragraph 5.3.9 of the Q constitution, refers to the validation of a "transition block" that contains the list of validator nodes for an upcoming validation cycle or "epoch". A block is co-signed under the following circumstances:
- It lists validator nodes with the highest total accountable stake in Q tokens at that time (per 5.3.9 (a)).
- Its validator node list does not include any main account or alias from the validator node exclusion list (per 5.3.9 (b)).
Upon satisfying these criteria, the root node client automatically co-signs the block. The only prerequisite for this process is that the node utilizes an unlocked private key (usually activated upon node startup) paired with a public address from the root node list. Consequently, this process is fully automated, eliminating the need for manual intervention by root node operators and ensuring precise and efficient block validation.