With such an open network it can be difficult to get the correct balance of requirements and behaviors across a variety of use cases. Seeing the various factors affecting the decisions from these varied angles is key, as complicated as it may be.
The following is a list of factors affecting work generation design in Nano and isn't meant to be exhaustive, but more of a general guide for those discussing the topic. These areas are worth understanding more about and attempting to consider in any work generation design proposals.
Feel free to suggest others in the comments and we'll do our best to keep this list updated for a good reference.
Who is generating the work? Who has the most incentive or resources to do so?
- Another third-party
How quickly is the work needed?
- Immediate (customer waiting) = pre-cached work
- Small delay acceptable = on-demand work generation
- Timing not important = batch work generation
Are there heavy peaks in the work requirements?
How much work difficulty is needed?
- Default threshold
- Dynamic amount higher than default due to network saturation
- Amount higher than default due to other penalties (none exist today)
What is being used to generate the work?
- Dedicated hardware/client-side generation
- Owned vs. rented/cloud hardware
Is the software used connected to a node?
- Yes, full node with active difficulty and other work changing context
- Yes, but partial node with limits to active difficulty tracking and other work changing context
- No, so need telemetry and other methods for getting context
Is work pre-cached? Can work be pre-cached?
Is precomputing a chain of blocks useful for the scenario?
What is the scenario the work is being requested in?
- Customer paying merchant
- Exchange accepting deposit
- Exchange sending withdrawal
- Processing a bunch of transactions in batches
What affect with the change have on the desirable new route for spammers?
- Cause more horizontal spread across new accounts
- Cause more vertical spread within a single account
What types of attacks/malicious behaviors should be considered?
- Heavy saturation from GPU farms/botnets
- Pending transactions to "burn" accounts (ledger bloat)
- Dust transactions on user accounts (to receive or not to receive, ledger bloat)
How will a particular change impact the desired route for attempting spam? Can multiple changes be connected to help shape impacts to disproportionately affect spam activity?
How complex and risky is the work generation change is vs. the benefits?