Adrian,
Wrong, the funds on today’s keys are fully spendable. In the event a hacker takes a baker’s key. They get the immediately available funds, and then proceed to race the baker in draining the rest as the bonds unfreeze. Game over for the insecure baker and bounty paid to the hacker.
Adrian you run the largest bonding pool company in Tezos. The Cryptium Labs baker is bank rolled by other peoples coins. Somewhat ironic to argue that out sourcing the consensus key is bad when that’s basically your business model. You just do it by borrowing coins.
So the big question, why do you want the consensus key non-spendable?
You keep arguing for a non-spendable key, while at the same time arguing that it doesn’t matter security wise because the same amount of funds are at risk. This is logically inconsistent.
To understand why there is inconsistency in Adrian’s argument you have to know his incentives. You can’t trust people but you can trust them to act on their incentives. This is true of nearly everyone.
Adrian’s bonding pool company Cryptium Labs is likely his primary source of income, not the developer grant.
He wants to de-risk his bonding pool by having the consensus key made non-spendable. So he doesn’t have worry about data center staff, his own staff, or a hacker stealing the key. Adrian knows that it is extremely unlikely any of these parties will setup a baker and coordinate a slashing event in such a way that they are likely to get the rewards. However long term non-spendable keys leads to insecure setups. Like bakers storing the keys on disk, which opens us up to state actors and rival chain attacks. Fatal.
Making the consensus key non-spendable removes skin in the game by allowing those with less than immaculate security setups to sleep easy at night. These are almost always bonding pool companies as is the case with Adrian and Andrew or others running similar centralizing businesses like hodl.farm.
Adrian’s support of hodl.farm makes his statements on security and decentralization once again logically inconsistent. Hodl is a baking as a service (BaaS) company. They charge a monthly fee, in return they send users blocks and endorsements which the users then blindly sign remotely.
This is bad for network security as these signers are not doing validation. If BaaS ever hit scale, as it may well do if the consensus key becomes non-spendable, then we will see fewer network validators undermining the networks security. BaaS is security rent-seeking, get paid without doing the work.
Its usually impossible to get someone to understand something when its against their incentives. So whenever someone is advocating for a non-spendable key look at their incentives.
The majority of the community is using Tezos to store wealth for the future. However a minority of centralizing services like some bonding pool companies, and BaaS companies are optimizing to extract wealth today rather than store for the future. Having a non-spendable consensus key allows them to do that easier.
While Adrian has added value in the past. I do not believe that anymore community funds should go to his team. At this point nearly all his protocol development efforts are geared towards his own personal business incentives, be it giving bakers smart contracts or non-spendable consensus keys. These are network centralizing proposals. That are at the expanse of the majority of users who are trying to use Tezos to store and transfer value for which security is everything.
-Justin
