You are viewing a single comment's thread from:

RE: Do we have the best witnesses? Questions for the witnesses.

in #witness-category7 years ago (edited)

Thanks for making this post @asbear. It is healthy for a DPoS network to critically look at itself and its block producers. I think Steem is especially suited to DPoS security. I've had experience with other DPoS chains and without an active social nexus for their stakeholders to actively participate in, their decentralization and security tend to be compromised. If not immediately, then over time from disinterest and general entropy.

Are you concerning geographical redundancy?

One of my backup nodes is located on a different continent from my primary and secondary witness nodes.

Are you voting to any witnesses with biased feed or not feeding the price frequently?

Price feeds don't need to be too frequent. The actual network feed price ends up being the median of witness feeds over the last 3.5 days. It's supposed to be a bit fuzzy. It would not change much if every witness only updated twice per day. Backup witnesses especially don't need to update it frequently. Also the feed price doesn't necessarily need to be updated if the market price has stayed static for some time.

Some witnesses are still using 0.19.2 that is known to have a security hole. Then voting to the witness who are using 0.19.2 can never be a reasonable choice.

This is true and not true. The original release of Steem v0.19.2 has some security/DoS issues. There were two updates that patched these. Neither of them updated the Steem version number that gets reported by witness nodes. Later, a release containing both security releases was officially tagged as v0.19.3, but that was the only change between the latest security release and the tagged. So while some higher ranked and top 20 witnesses are reporting 0.19.2, they are likely running the patched version but did not see the need to update just for the version report change.

However I think it is important to broadcast that the node is up to date and that is why I updated my witness server to show it.

Sort:  

Much appreciated @pfunk, you are the one of my favourite witness.

Price feeds don't need to be too frequent. .....

I have a different view on this. And probably this perspective is what I think bothers the top witnesses.

I agree that systemically it does not make a big difference. But eventually it degrades the professionalism of Steem witnesses. We should not expect the Investors and competitors understand this system as much.

Price feed is very simple and nearly cost nothing. I would be still quite disappointed if any top or standby witnesses are not managing one of their very basic duty. Broken window theory fits here. I respect your view of the feed though.

Thanks about the versions. I didn't know that clearly and learned now. I will reuse my reply to @timcliff

Thanks for pointing out the version tag. I was unaware of it. However I still think staying in 0.19.2 is not the best no matter what patch is applied under the bonnet because what the people outside of the circle think is also quite important. You know what I mean. I naively hope someone like you could make a voice about it.

Also, no other people can prove the witness has 0.19.2 without the security hole. Should we just trust? I would say no. You know and I know that upgrading from 0.19.2 to 0.19.3 is super easy. Don't even need to replay as I recall. I don't think it is asking too much for top witnesses to spend some time to make it look better for everyone.

I am not a business man, consultant, manager or something similar. I am just an engineer. Even someone like me can see something unprofessional. How would that look to the others is the question.

@pfunk, I believe you would not regard me as a troublemaker, and hopefully other witnesses would not as well. Many thanks for your reply.

@pfunk, I believe you would not regard me as a troublemaker

Not at all!