| fip | title | author | discussions-to | status | type | created |
|---|---|---|---|---|---|---|
0026 |
Extend sector fault cutoff period from 2 weeks to 6 weeks |
IPFSUnion(@IPFSUnion) |
Final |
Technical (Core) |
2021-10-01 |
Due to force majeure factors such as major natural disasters, storage providers may not be able to restore services in a short period. According to the current implementation of the protocal, the sector will be forcibly terminated after two consecutive weeks of faults. Two weeks is not enough to complete the EiB-level data migration and recovery, so we hereby propose this FIP.
Filecoin needs to extend the fault period so that large storage providers have enough time to complete the data migration. Six weeks is generally enough for overseas migration, including overall planning, customs application, sea or air transport, etc.
Any country in the world is likely to face force majeure factors such as major natural disasters or social abnormal events, causing storage providers to be unable to provide services normally for a long period of time. To this end, we must plan ahead.
Up to the current V13 network, the sector will be forcibly terminated if there are two consecutive weeks of faults. However, two weeks is not enough for a large storage provider to complete the data migration and restart the service. If appropriate measures are not taken, it will not only cause huge economic losses to the storage provider, but also cause large fluctuations in the storage power of the entire Filecoin network.
Therefore, it is necessary to make some adjustments to the sector fault period.
Extend fault period of the sector before sector termination from 2 consecutive weeks to 6 consecutive weeks.
Extend the sector fault period to buy time for storage providers to migrate data
The proposal extends the fault period of the sector, so such changes must be completed through version upgrades.
Test PR: filecoin-project/specs-actors#1506
Strong incentives remain for Storage Providers to keep proving all their sectors reliably, which should prevent any increased variability / unreliability in network storage power.
The maintained FaultFee structure provides strong incentives for storage providers to maintain great quality of service and keep any downtime to a bare minimum.
So this proposal seeks to extend the fault window without recalculating the fault fees schedule. it is thus fundamentally irrational for storage providers to choose to fault on sectors for an extended period of time. This reinforces the idea that this extended fault period ought to be viewed as a worst-case-scenario provision, rather than a benchmark for how long someone could reasonably take data offline. The current punishment is quite exspensive so that it is unlikely to incentive unreliable storage behavior.
Increasing the sector forced termination window increases the potential time between when a storage provider could stop storing/proving data to the network, and when storage clients would have their payment refunded. This could be annoying/frustrating from a sector repair perspective, since there is a longer window before it is clear whether a storage provider is coming back online, which the client isn't compensated for.
Specs-actors PR: filecoin-project/specs-actors#1504
Note:
This proposal will not go into effect until v14 Chocolate network upgrade.
If a storage provider were to fault on their Window PoSt submission before the upgrade (scheduled for the end of October), they would still be bound to the 14 day fault sector period. On day 15, for example, they could experience sector termination even if this FIP had been approved.
Copyright and related rights waived via CC0.