londons_explorer t1_j03uyis wrote on December 13, 2022 at 9:49 PM

People are talking about malicious clients...

But I wonder more about accidentally evil clients. For example, someone was modding the code and accidentally connects to the public swarm and returning NaN for every request.

Can we have an API which returns the git hash that it's running from and detects if the working directory is clean?

ReginaldIII t1_j04y036 wrote on December 14, 2022 at 2:27 AM

That's what I mean by malicious clients.

You'd be relying on the malicious client to self report the git hash of the code it is "running". It can just lie to you.

The only defence is by duplicating each computation across multiple workers in the pool and having them compare results, most common result wins.

londons_explorer t1_j0642cz wrote on December 14, 2022 at 9:50 AM

I suspect there will be far more accidentally malicious clients (because someone is experimenting with the code) than deliberately evil clients.

In fact, as long as the percentage of deliberately evil clients is small, and the weight updates they send have capped magnitudes, I suspect you can just ignore the problem - they won't have a substantial effect on the results.