[Approved & Executed] The First Vote of the ThreeFold TF Chain (L1) DAO: Gold Certified Farming

Note: The below proposal was approved and executed at Block 3508279.

As of ThreeFold Grid v3.6.1, the DAO functionality has been live on TF Chain, and today we’re thrilled to announce that the first TF Chain (L1) DAO proposal is now live and ready for voting!

While we’ve been using DAO votes here on the forum to make decisions for some time, this will be the first time that an on-chain vote can directly initiate new functionality in TF Chain. This is a very exciting step towards decentralization whereby Grid stakeholders are in direct control of the future of the network.

The Proposal

This proposal is regarding the creation of the Gold Certified Farming Policy on TF Chain. The Gold Certified Farming was approved via a Grid Enhancement Proposal on the forum, and now we are opening the vote for the implementation of the policy on the blockchain.

How to Vote

Farmers with active nodes are eligible to participate and can vote in the ThreeFold Dashboard: dashboard.grid.tf. This particular DAO vote only needs ten votes to pass, as the proposal has already been approved via the forum (this is just about implementation), although you may continue to vote until the end of the voting period.

If you’re not already set up on the dashboard and you’d like to get started, you can follow the instructions here. (Note that in the documentation the dashboard is referred to as the portal.)

Once logged in, click on Portal, then your Account, and then DAO. You should now see the proposal on your screen along with the option to vote. Note it might take one or two seconds to show up.

Want to become a Gold Certified Farmer?

At the end of the voting period, if the vote has been approved, the policy will be enacted on TF Chain. Early next week we will create and share a forum topic about how to become a Gold Certified Farmer.

You will want to prepare ahead of time materials to verify you meet the agreed-upon requirements:

  • Hardware approved by the DAO (please provide details of your hardware)
  • Minimum 5 IPv4 addresses per server
  • Two power supplies or PDU with 2 power feeds which automatically fails over
  • Two routers per rack (connections to internet)
  • At least Two Internet Service Provider connections
  • Tier 3 or 4 data center certified to ISO 27001
  • Uptime 99.8%
  • Network connection at least 1GBit/sec per TBD nr of CU/SU
  • Geographic decentralization - no more than one full datacenter rack per TBD Region size unless and until utilization in that rack is > 50%.
  • The 3Nodes need to be certified (can be done by TFTech or other actors on blockchain)
6 Likes

It’s only for the big money guys as always…

What do you mean?

Gold Certification is there to make sure Threefold can compete with other server/cloud providers on a high level.

At the same time, almost any computer can be turned into a 3node and can farm TFT. So Threefold is very affordable in this sense. But it also has different “level” of entry, you can have a very “cheap”/affordable DIY 3node, a certified 3node and also a gold certified 3node.

Having a Gold certification clearly requires more resources and money than a typical DIY 3node but it comes with more farming rewards.

What do you think @warrior ?

It’s good to have the feedback of the TF community.

2 Likes

My slight issue is that this kind of things are very good for the network but somehow are not visible to the masses.

It will be interested to see what the voting on the final specs for gold farming machines. Because it’s becoming clear that the machines may have to support secure boot to become certified, it rules out much of what has been purchased over the past months, sidelining many potential and serious DC farmers with more than reasonable servers. Also, I’m not aware how we are able to get existing machines certified, since it requires a signed os from tf. Do we expect a big thread on specs and requirements soon?

Maybe for these farms, we’d need someone from Threefold that is credited to certify. This perso could be going from farm to farm, looking at the 3nodes and certifying them while adding the secure boot option.

Because, as you said @RobertL, it constitutes a big part of the TF Grid. Many big farms are out there eager to get the certification.

Thanks Mik, as official seller on the marketplace we could assist in our region. But I’m mainly talking about machines like the great R620’s which don’t even have secure boot as an option. Not even the latest bios update.

Yeah, as Robert just discovered the generation almost everyone is using will not qualify for gold certified as secure boot really only came out in the next generation. I’m not saying that is necessarily a bad thing, this will get people to run newer, more expensive hardware.

Locking up rewards unless utilized will get everyone else to get their servers in a DC to offer public IP’s.

where does the requirements talk about secure boot beeing neccessary?!?!

there is no indication of R620s not beeing sutable

We just came to this realization yesterday. Certified nodes require secure boot. I’m assuming gold certified would be no different, but I may be wrong.

Before we forget …I’d like to thank @gosam for publishing the first DAO proposal. That’s a big step forward… apart from the particular vote here. Congrets on this milestone!! So important in the future. :pray:

We were really looking forward to the gold certified farming programm being passed. As some of you mighth know we are running a farm of 40x nodes in a DC for a couple of month now. We would like to officially apply for gold certifed farming certification.

  • Hardware approved by the DAO (please provide details of your hardware)
    The farm is built of 38x Dell R620s and 2x HPE Proliant D360 Gen9 servers.
    Every server has at least 40 threads, 320GB RAM and 4TB SSD-Storage

  • Minimum 5 IPv4 addresses per server
    At the moment we only have 40 public IPs made available to the farm. Actually it was quite hard to get so much IPv4-Adresses. By Sepmeber our DC will provide a complete */24 public IP net so we will have up to 250 public IPs available.

  • Two power supplies or PDU with 2 power feeds which automatically fails over
    Every node has 2x individuell PSU installed. Each connected to different PDUs feeded by 3 seperate secured power curcuits with automatic and seemless failover.

  • Two routers per rack (connections to internet)
    We do have two routers ready in the rack. However I’m not sure what “Two routers per rack (connections to internet)” is refering to in detail. Here I would like to refer on the following posts:

  • At least Two Internet Service Provider connections
    see above

  • Tier 3 or 4 data center certified to ISO 27001
    Our DC is certfied for ISO27001 as well as EN50600. Both certificates are available to us.

  • Uptime 99.8%
    Last month 39/40 nodes reached 100% uptime. one node needed to be rebooted in this period which results in an uptime of +99,9% for those node.

  • Network connection at least 1GBit/sec per TBD nr of CU/SU
    the farm is connected with two seperate uplinks, each providing 1 Gbit/s.

  • Geographic decentralization - no more than one full datacenter rack per TBD Region size unless and until utilization in that rack is > 50%.
    This is our first and only DC farm at this location.

  • The 3Nodes need to be certified (can be done by TFTech or other actors on blockchain)
    looking forward to get in touch with TFTech team to get this done!

Dany, that means you have the same issue; all the r620’s won’t be certified, since it requires the BIOS to support 'secure boot ’ which they don’t. No secure boot means no certified nodes. It won’t take the software. No certified nodes means no Gold farming. That’s what Nelson and i were trying to say. That is; if the requirements that Kristof posted will be the final requirements. Since there’s still upcoming voting on final specs I foresee some resistance on this.

A possible solution might be to get another level of Silver farming which requires slightly easier specs but still more than enough for the majority of users. Same DC requirements, same double power feed a d 1gbit connections, but only a single switch and reasonable speced nodes. Just giving an idea…

PS. You seem to be good for the Proliants…

1 Like

I really don’t get where this information comes from. Secure boot was never mentioned anywhere when it comes to DC farming. Also it does not make much sense to me or I don’t see the purpose of secure boot on DC farming nodes. Secure boot is used on certified standalone nodes like Titans and Pekings f.e. to make sure that those nodes aren’t manipulated and are used for TF farming only. I don’t understand why secure boot would be a must have on gold certified farming nodes. There is so much more of increased requirements to be certified like f. e. provided bandwith, redundant networking infrastructure, PDU/PSU design and capacity, ISO certification of DC. That can’t be “secure booted”… this has to be verified within the certification process by TFTech-team like the nodes themselves. I guess that there are different understandings of the term “certified”.

As mentioned already: I don’t see why R620s (fitted with decent CPUs, ECC-RAM and durable storage) won’t be suitable here. As stated by @kristof some certification prozess will be developed.

In addition here is a great statement from @weynandkuijpers about why refurbished hardware is fitting with TF.

Well… really looking forward to talk to TF-Tech-Team members for the certification process and more details.

2 Likes

As a note, this proposal was closed and executed at Block 3508279. Next steps to follow!

2 Likes

I’ve been discussing this with the team for the last few days, and secure boot will indeed be a requirement for Gold Certified nodes. Furthermore, we’ll begin by offering gold certification to farmers with nodes purchased from our partner vendor HPE, as outlined in the spec, and new vendors may be added later through a DAO process.

Secure boot is important for providing assurance that nodes are running an unmodified version of Zero OS. In combination with a TPM chip, it’s possible to verify the entire boot sequence of a device and ensure the integrity of the code that’s running. This is the highest level of assurance that nodes can execute sensitive workloads in a secure way. It will also require that someone either from ThreeFold or a third party will need to configure the BIOS in these nodes, as our certified vendors do.

I know this will be disappointing news for some farmers hoping to become Gold Certified. The good news is that there will be other ways to increase your farming rewards according to your infrastructure investments. We have planned, but not yet implemented, boosters for this purpose, which could be based on uptime, bandwidth, IP addresses offered, or utilization of nodes. If you have proposals for the first boosters we should bring online, please create a topic here in the forum so we can discuss it further.

1 Like

So what’s the point of voting if specs are set in stone upfront?

1 Like

Is this how we must expect future DAO approvals to be proceeded? Just posting some unspecified thoughts into forum and make it a poll … declare it as “approved” after you guys let the community discuss for month, telling them to take those comments into consideration … than just ignore every single contribution and put the same imprecise so-called “agreed-upon” requirements to a TF-Chain based vote (to be approved by just 10 voters. really?!) …. and then - ”tata” - here comes the magic: “…let’s just do what we want and specify details afterwards.” Is this what you guys call “transparency” and “community first”?!? I’m stunned! Didn’t see this one coming and would never have expected how this went.

There are so many imprecise expressions, completely unspecified parameters and unanswered questions with what is “DAO approved” here.

You are asking for 5 public IPs per node. It took me month to figure out how public IPs need to be configured because you guys couldn’t really tell. I was asking so many times for knowledge base and support. Sometimes I was waiting days or even weeks for an answer on most trivial questions. Sometimes I didn’t even get an answer and we still don’t have proper documentation on networking in detail (not only public IP configs).

You never made clear how gold certified farming networking infrastructure should be configured. There is no whitepaper, best-practise or basic concept at all, or it has never been communicated. I “wrote a book” about the single-point-of-failure problem and I even didn’t get a technical based answer. You expect us to work with phrases like “Two routers per rack” and “At least Two Internet Service Provider connections”?! What is this?!? How can you base such an important program on so imprecise expressions? That’s not ok!

And now you come up with secure boot and TP-module?! NOW?!?! That was never mentioned anywhere, anytime!! Is this a joke?! Have you guys ever spent a second together and even tried to think this through??? You can’t tell me you forgot about that…and you also can’t tell me that we (farmers) could have known this from the once more imprecise phrase of “3nodes need to be certified”. Most refurbished servers don’t come along with TP-modules. There are hundreds of those servers running on the grid right now. Many of them waiting to be moved to DCs. And TF should be happy to have them as nodes. Apart from it seems like you are trying to sell us secure boot and TP-modules as the holy grail of security and that it would be indispensable. That’s just not true! There are countless hacks on TPM and proves of secured booting sequences being manipulated. Apart from… you are dealing with farmers not enemies! What do you think we are going to do with the nodes after being certified? Or is it just ZERO-OS being so vulnerable that it must be hardware based secured?! I thought it would be secure, self-healing, autonomous and so on?!? I’d love to get detailed information on that, but sources are very much limited.

I mean I understand that you guys might have a specific idea of how gold certified farming should look like. BUT!!! That’s maybe not the most important thing to take care of right now?? Now TF should be appreciating every node that’s being run in a DC. But instead of getting support, you cut us of.

THAT’S NOT OK! YOU CAN’T DO THAT!!!

We relied on you. You made us believe that we will figure this out together and that we will find a solution how to get it done. Instead, we are left with a big “here…eat this shit!”. And you guys just do this by the way. And then this is called “maybe disappointing”?!? That’s not disappointing…

…that’s a big fucking mess!!!

sorry if you feel this way, everything was done with best intentions,

we have indeed been talking about this for months
as far as I know we integrated all info we could and integrated in proposal, see the forum

and we together agreed on the very basic specs for certified gold, this is by no means complete enough, over next weeks we will have to complete this specs to something very concrete (e.g. a contract).

its important to realize there are 2 different ways how rewards are given for farmers who do the extra mile:

  1. certified farming has been from day 1 a service which ThreeFold Technology company would be occupied with, it means users will need license agreement, support. We have quite some commercial farmers who spend lots of money (some of them millions) since years to make it all possible. The certified farming has been developed for them. In future more commercial companies can do this.
  2. then there is rewards for people hosting in datacenters and doing their best to have best uptime, bandwidth, … for this we have the boosters, which need to be defined properly

We are in the middle of defining specs for TFGrid 4.0 which will have hopefully more details for all of above and gives us something to discuss about for the next steps.

If your worry is being rewarded in line with your effort, I think we all together want to exactly accomplish that. Let’s make sure this happens, but for non commercial farmers this will be done by means of boosters, because we need a decentralized way how we can do this. Certification is not decentralized and never has been intended to be decentralized, this is done by means of contracts, payments, license agreements … everything any commercial provider would expect from us.

thank you

Kristof

1 Like

ps secure boot was always mentioned, certified farming means, using certified nodes, certified nodes means the nodes need to be locked by a certification partner (today threefold tech) by means of bios, secure boot and in future TPM.

This is the only way how we can provide security for the TFGrid users and thats the point of the certified farming & certified nodes.

2 Likes