snip: 28 (temporary number)
Title: Staking v2 proposal
Author: @NatanSW and @ob1337
Status: Draft
Type: Standards Track
Creation date: **
Github link:

Abstract

By the end of 2025, significant progress on the decentralization of SN is planned. Such progress entails entrusting some core functionalities of SN to SN’s Validators. As a prerequisite for such a significant milestone, testing and verifying the following two things is needed:

• The incentive structure makes economic sense
• The Validator set consists of entities capable of running reliable infrastructure.

Staking v1 was mainly focused on the former, and v2 will be focused on the latter.

Staking v2 should be ready to launch on Starknet mainnet in Q2 2025.

In this SNIP, the staking v2 proposal is described, alongside its timeline, and its relation to future steps in decentralization in detail.

Motivation

Starknet continues its steady progression towards decentralization - which is a core requirement for any public blockchain, as outlined in SNIP 18. Currently, Validators are required to run full nodes, but with the addition of public validation performance and reliability can be tested.

Based on insights from Staking v1 and the current stake distribution, the economic incentive structure also needs some improvement. To address these challenges, two key enhancements are proposed for Staking v2: validator block attestation (which will be included) and an ability to increase Validator commission from its delegators (which will probably be included).

Motivation for validator block attestation

Before entrusting SN’s validators with a role that affects SN’s consensus (planned by the end of 2025), ensuring their liveness metrics are sufficient is vital. Demanding liveness from validators will also allow Delegators to compare the liveness and reliability of different Validators, allowing them to make informed staking decisions.

Validator block attestation will require Validators to attest to randomly selected blocks during each epoch, ensuring they actively track network activity. This mechanism will link Validator rewards to their successful attestation, encouraging consistent network participation. Introducing epochs as part of this design is another stepping stone towards the decentralized protocol version.

This upgrade also provides a valuable opportunity to test how Validators handle protocol changes and allows for improvements in future iterations based on real-world feedback before these changes affect SN stability.

The need to allow validators to take an active role and show liveness metrics well before they get a formal role in the consensus is what drove this version and what gives high motivation for this feature to be released well before the end of Q2. Therefore, the other feature in V2, detailed below, has a certain risk of getting postponed to V3.

Motivation for commission increase feature

The current commission structure allows the commission to only decrease. While sensible in the short term, this model has a risk of breaking whenever the cost of being a validator goes up. Examples of why the validating cost might increase significantly in the long term include increased usage (which will require the validators to use stronger hardware) or the requirement to produce proofs and not only produce blocks (which is also on SN’s decentralization roadmap). When it becomes unprofitable to be a validator, the validator might exit the protocol entirely, automatically kicking all the users out of participating - which is extremely disruptive.

However, an unbounded, sudden 0→100 increase in commission is also something to avoid - as DeFi users deserve greater transparency around what commission they will pay in the future, and when their commission might change - which is why there is more to this feature than simply allowing commission increase.

Specification

Epochs

Staking v2 is about adding a “work”, or something that validators should actively do periodically, as a condition to receive rewards. In the future decentralized phase, the staking power of a validator should be an input to the work function (so the more stake you have, the more blocks you need to produce). However, to make things predictable, the staking weights can’t map change immediately when someone stakes or unstakes. To handle this, similarly to what is done in many other protocols, a notion of epochs is introduced into the protocol.

Epochs represent checkpoints where Staker’s staking power is set. This “discrete” view of staking power will be used as an input to the consensus algorithm. Think of each epoch as 30 min to a few hours duration.

Therefore, a new latency parameter k is introduced, and update the staking power and rewards as a result of changes made in epoch i in epoch i+k. In the long term, when validators would produce blocks, k would be greater or equal to 2, as the producer of the first block of epoch j must be known before the last block of epoch j-1. However, in the staking v2 context (where validators are not yet producing blocks), k may be equal to one.

To illustrate with an example, let’s say a validator A with 50K STRK staked. During Epoch i, someone delegates to A an additional 10K STRK. during Epoch i+1, someone undelegates from A 30K STRK. Here is what A’s weight and reward are going to look like:

epochs_explanation1446×608 59.7 KB

Block attestation

The primary proposed change in Staking v2 is the introduction of a block attestation mechanism for Validators. This section outlines the technical details of the attestation process. For now, epochs are treated as groups of E blocks (a detailed explanation will follow in a later section).

• Each Validator is assigned a unique identifier per epoch, which equals to Hash(staked_amount, epoch_id, validator_address) % 2^N.
• During an epoch, Validators have the opportunity to attest to specific blocks. A block qualifies for attestation of its block hash modulo 2^N equal to the identifier
• Attestation involves submitting an attest transaction within a defined block window. If T represents the block number that meets the matching criteria, the attestation window spans from block T+11 to T+W (for instance, where W = 20). In addition, the attestation must be sent within the corresponding epoch. This means that the last 10 blocks within an epoch cannot be attested.
• Each Validator is required to perform only one attestation per epoch.

This mechanism ensures Validators actively use full nodes, as they need to track block hashes continuously. Additionally, the attestation reflects their activity and is publicly verifiable. This ensures Validators’ reliability is publicly tested, which is crucial before Starknet’s security and liveness depend on them.

Note that in this proposal, the work is the same for all Validators, and only the rewards are proportional to their stake. This is done to simplify the implementation, so time and effort may be saved for the later stages. This is essential as testing Validators’ reliability is crucial before handing them core responsibilities. Also, Running a full node is the main cost and effort, which is obligatory for all Validators.

Lastly, the exact parameters of epoch length (E), Modulo power (N), and attestation window (W) will be determined later and added to this proposal, but here are some thoughts about what is bounding them:

• E should be more than 2 to the power of N, but not orders of magnitude more. Notice that with some small probability ((1-1/2^N)^(E -W) ), validators will not have the opportunity to submit transactions. We want this probability to be small (less than 1%) to keep the rewards variety small. However, too large an E (with respect to N) means that validators with high probability may stop tracking the network until the end of the epoch when a small percentage of the epoch is done
• E should be large enough to keep the Operator’s cost sensible—even on a day with high gas fees, the yield for an Operator that has staked only 20K STRK over an epoch should be significantly more than the cost of the transaction it would have to submit. E should be small enough so latency on activities that depend on epoch (such as adding or removing stake) will not be too cumbersome.
• W should be small to ensure liveness. But also - not too small. We want to incentivize people to react in real-time but also to avoid scenarios where, due to sporadic spikes in the network, the validator failed to submit a transaction in time.

Rewards

Rewards are still proportional to stake and calculated using the minting curve. The only change is that they are accumulated only to Validators who performed their attestations in the epoch. Notice that this means the global index of rewards is removed.

In Staking V2, rewards will be “all or nothing” per epoch - so a validator that submitted a transaction during the epoch which proves he tracked the network will receive all the rewards for the epoch based on his staked amount, while a validator that didn’t do it will get 0 rewards for the epoch’s duration.

After performing the attestation, the rewards that go directly to the validator will accumulate in his account, and the rest will go to this validator’s pool. When a delegator will claim his rewards, instead of looking at the global index we will accumulate all the rewards the delegator has received from all epochs since the last time he claimed rewards. The complexity of this operation will not be O(number of epochs since last claim) but rather O(number of this delegator’s balance changes since last claim), which is assumed to be small enough to fit in one transaction in any real-world-scenario.

Latencies

As the notion of epochs is introduced, the latency from when a user transfers STRK in or out of the staking protocol to the time staking rewards reflects this operation is determined by the remaining time in the current epoch plus the duration of k-1 more epochs. The withdrawal lockup period will still apply after exiting the protocol. (During the withdrawal lockup period, the funds are no longer counted for staking but are still locked within the staking contract)

*Although Stake Delegators are subject to a security lockup when withdrawing funds, they can move between Stakers without waiting for the full lockup period, enhancing the delegation market’s competitiveness. This pool switching will have an added latency of k epochs when exiting one pool and entering another.

New protocol parameters

Here is a table summarising the new protocol parameters proposed in this version:

Commission increase (if included)

After exposing some routes for allowing commission increase, the current suggestion it to opt for something close to option three which was detailed there. Namely:

• Validators will be able to commit to a certain maximum commission M, and the last date that this commitment is relevant for. Until this last date arrives, validators will not be able to increase their commission beyond M, but can freely change their commission in the range [0,M]
• Validators will be able to declare ahead one additional commission commitment. For example, a validator that commits to a maximal commission of M=5% until 1.6.2025 can also commit to a maximal commission M’ = 3% or M’ = 7% until 1.1.2026. To elaborate more on how it would work:
  • If M’ = 7%, then the commission is guaranteed to be at most 5% until 1.6.2025 and to be at most 7% on 1.6.2025-1.1.2026. Except these upper thresholds nothing is limiting the validator from changing commission.Nothing will happen to the actual commission rate on the 1.6.2025.
  • If M’ = 3%, then the commission is guaranteed to be at most 5% until 1.6.2025 and at most 3% from 1.6.2025 to 1.1.2026. Nothing limits the validator from changing the commission except for these upper thresholds. On 1.6.2025, if the current commission is higher than 3%, it will be forced to drop to 3%. Defacto, this will be forced whenever the validator does some work (so relatively quickly on staking v2, but might take a bit longer time in future staking versions).
• Once given, the validator cannot change the commitments. The validator also can’t include more than one commitment that refers to a future date (so in the example above, no further commitments can be given until 1.6.2025)
• Commitments may not refer to more than one year from the date they are given. The purpose here is to be future-compatible with other features around commission (such as imposing minimal commission for large stakers) which may be added in the future. When the protocol stabilizes, the period the commitment refer to will be extended.
• One edge case that the description above doesn’t cover is if/how to prevent validators to go 0→100 commission the day after v2 is released, when no commitments are yet done. To counter that, we consider preventing any commission increase in the first two months after v2 goes live, giving the users ample time to switch validators according to the relevant commitments made by the different validators.

Validators are encouraged to impose limitations on their commission to give maximal transparency to the users. The plan is that staking platforms and dashboards would highlight validators without commitment, or validators where the current commitment will expire within the next month with no followup commitment, as a “dangerous” validator where commission could suddenly change unexpectedly.

Backward compatibility

Rewards
All rewards accumulated before the upgrade will be accessible and will be acocunted the first time validator or delegator performs an operation on the contract (claim, deposit or withdraw STRK for delegators, perform work for validators). As usual, these rewards will be transferred out only on claim.

Accumulating rewards after the upgrade will happen only if Validator will attest to blocks
Getting rid of the Index structure on the Staking contract all together.
Cost of reward-claim by delegator will now depend on the number of times this delgator changed his balance since last claim

Epochs upon entering and exiting.

• Users that enter the protocol on epoch i will start get rewards on epoch i+k
• Users that intent exit the protocol on epoch i will still get rewards on epoch i till i+k - 1

Economical feature

• Validators will be able to increase commission

Actual potential ABI and events - we will update here when will know more.

Security Considerations

New security considerations

1. Operational address is now used - the operational address Valdiators provided upon registration will now be used for submitting transactions to the network. Hacking the operational address can now lead to lose of yield for the validator and its delegators
2. Preventing fast switching between validators - to prevent delegator behaviours where delegators that see their validator fails to perform work to too-quickly move a validator and enjoy the work it has performed. To prevent this, switching declared on epoch i will take effect in epoch i+1.

The other security considerations are the same as they have been on Staking V1 (SNIP 18). They are restated below for the ske of self-containment.

The staking protocol’s design includes several key security measures to ensure its integrity and user safety.

Modular architecture

The proposed protocol will be implemented using a modular architecture, where different functionalities are separated into distinct contracts, such as staking, delegation, rewards supply, and more. This approach offers several advantages:

• Simplifies Logic: Each contract has a clear and specific role, making the code easier to test, audit, and understand.
• Enhances Access Control: By defining specific permissions for each contract, the risk of unauthorized access or misuse is reduced.
• Allows Targeted Upgrades and Changes: Updating only the relevant contract minimizes the potential for introducing new vulnerabilities.

Permissions and Key Management

The Staking protocol allows users to define different addresses for different functionalities. Thus, cold addresses with minimal activity can control important functionalities, reducing exposure to threats and enhancing user security.

Stakers register with three addresses:

• Staking and Unstaking Address: This address has permission to Stake, add Stake and unstake. This means that it handles large amounts of STRK tokens and is only needed when entering or exiting the protocol. Thus, it can be kept by a cold wallet (minimal activity) to maximize security.
• Rewards Address: This is the address where rewards will be sent to. It can also be maintained with minimal activity, i.e., as a cold wallet.
• Operational Address: This address represents the Staker for operational purposes, for example, block attestations, and in the future block proposing etc. Note that this address does not handle large amounts of funds. As it will be frequently used, it should be categorized as a hot address.

Stake Delegators register with two addresses:

• Entering/Exiting Address: This address has permission to Delegate Stake, add Stake and unstake. This means that it handles large amounts of STRK tokens and is only needed when entering or exiting the protocol. Thus, it can be kept by a cold wallet (minimal activity) to maximize security.
• Rewards Address: This is the address where rewards will be sent to. It can also be maintained with minimal activity, i.e., as a cold wallet.

Permissions: The protocol uses a hierarchical approach between user roles. Colder addresses, which control larger funds, can replace more active ones if compromised. Specifically, Staker and Stake Delegator addresses can replace the rewards address.

Security lockup period

When exiting, users face a 21-day lockup, during which no rewards are earned, and funds cannot be withdrawn. This disincentivises sudden large withdrawals that could destabilize the network. Future versions will tie the exit process to epochs, maintaining the lockup period for a secure exit mechanism.

Timeline

The development work is well underway, and the first stage of stakes is planned to go live as early as Q2 2024. You can follow the development on our open-source repo.

Future stages will include Stakers gradually assigned responsibilities, eventually validating and sequencing blocks. This gradual transition ensures stability and allows for thorough testing and improvements. For more details on the decentralized protocol, check out @Ilia’s series of blog posts.

More details and proposals on subsequent stages will be introduced, as we progress. The next step is already in the research and planning stages, set to launch a few months after the second stage. Our objective is to roll out these updates smoothly, with ongoing improvements guided by community feedback.

Feedback

We want you to share your feedback and ask questions. You can comment on the community blog post and follow our development on our open-source repo.

Copyright

This SNIP will be released under an MIT license.

Thank you for this post, it contains some good information about the path to decentralization.I have a few questions on the specifics of this design.

Is the epoch ID here a simple number? And at what point in time is the staked amount taken?

The reason for the above questions is that, in general, being able to calculate values ahead of time is a good thing for validators so if the epoch ID is a simple number, and the staked amount is the amount staked at (for example) the beginning of the previous epoch, it allows validators to prepare accordingly.

What is the reason here for basing this on block hash rather than block number? Block number allows for knowing in advance when attestation will be required. I don’t see this being a detriment to the process, because a synced chain will be required regardless.

A tweak if the attestation duty was based on block number could be when Hash(staked_amount, epoch_id, validator_address) % E == block_number % E, which would reduce the complexity of the design with fewer parameters to select. This also ensures that every validator will have a block against which they can attest in each epoch (and you can tweak this easily if you want a validator to have x number of attestation opportunities per block).

(And if you have the 10-block window at the end of the epoch for not attesting you can swap E for E-10, although see below.)

What’s the rationale behind the window starting at T+11, rather than T+1? In general it’s better to avoid having to retain state within validator clients, so if a validator client generates the attestation and signs it just past T=0 it makes sense it to be able to submit said transaction immediately rather than hold off broadcasting it until a later date.

And re: not attesting to the last 10 blocks: not allowing attestations to be included in the following epoch makes accounting simpler, but does provide an odd asymmetry in the protocol. Ultimately it makes sense for attestations to be continuous, rather than have this difference, as it could open up attack vectors once attestations start to mean something other than “validator client is alive”.

Is there any benefit to a validator performing more than one attestation per epoch? If not then this suggests that validators would be more likely to attest earlier in the epoch, and later blocks would not gain attestations.

A separate comment on your rationale for W:

This seems a little at odds with the overall approach that this is a system for confirming reliable infrastructure. Being able to respond in a timely fashion will be critical for further stages, so it makes sense to be testing that ability now rather than having a very broad inclusion window now that won’t give you much information about validators’ ability to handle more complex and time-critical operations in future. And having some sort of sliding scale of rewards based on inclusion delay would create an incentive for that behavior now where it can be observed early.

The reason here is that we want validators to continuously listen to the chain, as they would have to do in the decentralized version. As block times are constant (30 seconds now, 2 seconds after 0.14), working with block numbers generates a too-predictable information of sporadic times when the validator’s machine need to be operational. This is different than having to maintain something that will listen to the network continuously. This is also the reason we work with end of epoch amounts (in responding to your first question)

I agree that T+1 is better, however as the attestation need to be proven on-chain, we are limited by the Starknet OS capabilities that allow only accessing hashes from 10 or more blocks ago. The reason there is that block creation is parallelized with executing the tx of the next block

no, your analysis is correct. This is why I mentioned we don’t want the epochs to be too long.

I agree that there is a tradeoff here. Without allowing validators to directly signal they are active in the p2p network, we are limited by send transactions considerations (time to access previous hashes, can’t be too demanding in times as congestion might get in the way, etc). This is a compromise we suggest so we will have ample time to have somehow check validators, as it may be the case that very soon after the p2p network will be available we will already expect validators to interact with it in ways that affect the liveness of the protocol

Although I understand the idea, in reality there is very little difference between the two options in terms of requiring access to a synced node. Being proactive or reactive in terms of when you attest isn’t a massive difference unless you have the ability to take a node from unsynced to synced in a matter of minutes, then turn it off again, and somehow make that cost-advantageous. You should also consider that relying on the block hash makes the number of attestations available for each block probabilistic, and possibly 0.

That fact that you can’t verify it until T+11 doesn’t mean that you can’t require the attestation to be on-chain earlier, and verify it later once the hash is available. You can still have accounting on a when-possible basis without compromising the liveness requirement you are trying to achieve with attestations.

This is related to my prior point, but if validators are going to impact the liveness of the protocol then they need to be attesting as soon as possible, and with a relatively tight deadline. Otherwise it becomes trivial for validators to run using a centralized RPC service and wait for other validators to attest to given blocks, and the lazy validator can then attest whichever way the majority of other validators are doing. Awarding validators higher rewards for attesting early (basically, immediately) is a key component of ensuring validators run their own nodes.

cant wait for Staking v2 to be launched on Starknet mainnet in Q2 2025.

Thank you for the post; it really clarifies things for me. I have a few questions, though.

• Is it correct to say that the last to eleventh block will have just one valid block (the last block of the epoch) in which the attestation can be sent?

• Can two validators attest the same block ? If not, wouldn’t this introduce competition between validators in case 2 validators had the same E for that epoch, as it’s possible there might be just one block available in that epoch for those two to attest?

Can you explain this a bit? According to my calculations, I got it to ((1-1/2^N)^(E -10)) excluding only the last 10 blocks that can’t be attested in the calculation instead of W blocks. Also, in case a validator didn’t get any opportunity to attest and the condition was not true for any block for that validator, will it still lose rewards?

We took this to internal discussion and we tend to agree that your suggestion will not significantly change the infrastructure needed to run a Validator. We will dive into the details, and if a change is decided upon, we will update the post accordingly as soon as possible.

First, I would say that if we change the proposal to be based on block numbers instead of block hashes, we might be able to eliminate this issue entirely.

The reason this issue arises when using block hashes is that you cannot reference a previous block unless more than 10 blocks have passed. If we take the approach you suggested, a key question would be: who verifies the attestations after submission, assuming they cannot be verified immediately? Again, this might not be a major issue, as I pointed out earlier.

The question of the exact window length is tricky. Ideally, in a P2P network, we would have made it as short as possible, as congestion wouldn’t prevent a node from submitting on time. However, since attestations are transactions sent on the public chain, we need some buffer to account for network congestion.

What do you think should be the optimal length of this window in seconds, assuming we want some buffer?

Yes, you are correct.

In this version, two validators can attest to the same block, so there is no competition of the sorts you described.

I think you are correct, but as we got different results, I will check internally again.

Thank you for the detailed SNIP. I’m interested in learning more about the attestation monitoring and reliability aspects.

In Staking V2, rewards will be “all or nothing” per epoch - so a validator that submitted a transaction during the epoch which proves he tracked the network will receive all the rewards for the epoch based on his staked amount, while a validator that didn’t do it will get 0 rewards for the epoch’s duration.

1. I was thinking about monitoring validator reliability in real-time - while we could track successful attestation events and infer misses from their absence during an epoch, I wonder if explicit events or indicators for the complete attestation lifecycle might make monitoring more straightforward? This could help LSTs and delegators better evaluate validator performance over time.

2. The reliability tracking aspect is quite interesting. I’m curious about distinguishing between validators who:

• Consistently attest early in the window
• Attest later in the window
• Occasionally miss attestations

Has there been any consideration of a graduated reward structure within W where earlier attestations could receive higher rewards? This might provide helpful metrics for delegator decision-making while keeping the current safety buffer for network conditions.

Would an event indicating a successful attestation answer your needs?

If the event mentioned above would include enough information to figure out where in the window the attestation was sent, would this be enough?
BTW, why do you want to track this?

In this version, we are trying to keep things simple and straightforward. The full incentive structure, when more responsibilities will move to Validators, can be more nuanced.

I don’t know the details, but some sort of mechanism to store the attestation on-chain where it could be evaluated at a later point (either by another smart contract, or, more likely, the node itself) would seem to make sense here.

“Immediate” is good, because of the fact that at some stage attestations will likely decide if the current chain is valid or needs some sort of re-organization.

You could start with a simple sliding scale of rewards for an attestation, where if an attestation for block n is in block n+1 you gain the full reward, if in n+2 you gain half the reward, n+3 a third of the reward etc. with a cap at +10 or wherever point you feel that the attestation would no longer be of use when the chain was considering block validity. If you had this then even in times of higher congestion a validator could make a call to pay a higher fee to include their attestation earlier and hence gain higher rewards, and the system becomes dynamic and self-regulating.

A sliding scale for attestation is a complexity we don’t want to include, as it will not be part of the future economical incentive structure. Probably will opt for a very short window, close to immediate.

In regards to ensuring the economic incentives make sense for individuals to spool up a validator, developing a Delegating App that allows a certain percentage of STRK to be delegated to a random validator would be a great way to incentivize running a validator. A dapp that allows users to select a few parameters and then execute multiple delegations with one wallet confirmation would be a fantastic marriage of simplifying the staking process for users, decentralizing the network, and providing revenue to validators that would otherwise not have received delegations!

The dapp could be configured to only select from validators with reliable liveness metrics and allow the user to determine what percentage of their total stake goes to the random validator. It could also allow manual selection of a single or even multiple validators to receive the bulk of their stake. This would minimize the users risk of delegating funds to an underperforming validator, while still accomplishing the goals of network decentralization and economic incentives for running a validator. Another parameter could be to ensure that validators in the top 5% of stake holdings are excluded from the pool of random validators. I’m sure people more familiar with coding a dapp can come up with a nice clean interface that is simple to use and effective, just don’t let engineers design the UI!

I currently run a validator because I’m a purist, but from a practical standpoint, it makes little sense to run a validator just to save 0-5% on staking fees. I am not a big social media person and thus have little hope of ever garnering any staking delegations beyond friends and family. However, if 50k delegators all decide to use this dapp and set 10% of their stake to be dispersed randomly to small-fish validators like me, well then, I might just spool up 10 validators to increase my odds of being chosen!

Hey @KadiumRA , I think it is a very cool idea, and it was also brought up in the STRK Staking TG group. Someone wrote they are actively developing such an app. I’ll try to connect you both.
Also, when it exists, I will add it to the official docs.

Working on Building a dapp to help staking decentralization and solo stakers!
the idea is to show how centralized is delegated Strk, and provide a chance for small stakers to get delegated strk

-One feature shows metrics about the distribution of staked stark and delegated across validators
-Other allows you to stake into a random validator from the 20 with less delegated stark, giving a chance to the small ones!

in my head sounds great as initiative and dapp, but ill love some input about the narrative, how to pack it into a a great product!

Feedback on above really apreciated
@KadiumRA Quite close to have a productive solution, should be online some time this week, hit me a DM on tg if you wanna collab! @satoshinakamoto420

Repo:

Screenshot 2025-02-18 at 02.50.061533×996 189 KB

Kick ass! Man that was fast! I had a good convo with Clem on the Voyager tg about some important details. I’ll summarize now:

The list of ‘random validators’ should not truly be random. It should be curated by the Dapp and then further filtered by the user. Once Phase 2 of Staking is launched, validators will begin doing some type of work. The ability or inability of each validator to perform necessary tasks will generate what StrkFnDn is calling ‘Liveness’ metrics. So your Dapp should have access to these Liveness metrics and should only allow properly performing validators into the pool that will receive random delegations. Furthermore, any validators that are determined to be malicious will not be allowed into the pool.

As for the users ability to filter who they randomly delegate to, your Dapp should have a few parameters to set:

1. Primary validator (if any) to receive the bulk of their stake
2. Percentage of their stake they would like to be delegated to the random validator(s)
3. Number of random validators they would like their stake to be split between
4. Maximum fee they are willing to pay to the random validator
5. Top percentage of validators they want excluded

I’m usually in favor of less options are better, it has worked great for Apple. Just design a clean and extremely easy to use interface, and most people really don’t care about the details going on behind the scenes. I suppose you could have an ‘Advanced’ interface mode, but my guess is less than 5% of people would use it.

An additional issue raised by Clem is how to handle delegated stake when a validator drops offline. Consideration needs to be given to both the delegator and the node operator. Since the intention of this Dapp is to incentivize more people to spool up validators, that will inherently mean PC’s in people’s garages, apartment closets and all manner of normal real world conditions. Real world PC’s don’t reside in data centers with 99.9% uptime and RAID backup systems that allow seamless hardware upgrades. So when Joe needs to upgrade his PC or move across town, his validator will be offline. I think the ideal response to this would be for the stake to be moved to another validator after some threshold of downtime has been met, and then when the validator is back online for some period of time, the stake is transferred back. This prevents the delegators from being penalized and also prevents validators from permanently losing all their delegated stake, which would obviously be discouraging for a guy who spent a year or two running a successful validator, and then lost power in an ice storm and all his revenue generating stake. I’m not sure if a Dapp could account for this, or it’s something that has to be built into the staking contract. Maybe the technical solution cannot account for an ideal remedy, but the issue needs to be considered. Clem suggested a simple grace period that does not affect Liveness metrics, or maybe validators can be given a function that notifies the network of intended downtime and gives them the ability to manually transfer the stake to Argent and then request it back without the normal 21 day holding time.

I will DM you to continue this discussion and we can use this SNIP as a place to summarize things. It’s nice to see you’re already getting good feedback on tg, I’ll see you over there.

Great app. Would it be possible for this to extend beyond top 20? I only ask because I am currently 23 , And would also like my validator to grow and get some exposure from this initiative.

From talking with NJ, we think the best approach will be to allow a user to restrict the size of the random pool of validators by simply entering a Top Level Cutoff %. So if they enter 5%, only the top 5% of stake holders will be restricted from the random pool, the remaining 95% of validators will have an equal chance of being selected.

This is amazing, and comments and discussions later, what a great community!

My initial concerns about the increase functionality of commission have been addressed further down in the proposal.

Glad to see that users don’t have to worry about validators secretly upping the commission at any time.