Daedalus Turbo

Hi, this is Charles Hoskinson broadcasting live from warm, sunny Colorado. It's actually snowing outside, but sometimes Colorado surprises you. Today is March 14, 2024, and it is Pi Day. I’m making a brief video to talk about something that has come up. There’s a diversity of opinions floating around the ecosystem about how people should write software, what matters, and what the boundaries of security are.

Reasonable people can disagree, but there are sometimes things that need to be pointed out. I saw a tweet from the Daedalus Turbo project that says they are already testing a Windows 11 build. The video shows an updated sync screen with a duration forecast and detailed info about consumed resources to suggest which hardware upgrades can help. Recorded on a high-end Windows laptop with 1 Gbit internet, it claims to take just 9 minutes. That’s an insanely dishonest and misleading statement.

Just because you can pull from a centralized server the totality of the Cardano blockchain in 9 minutes does not mean that you’re actually processing and validating the blockchain. A blockchain is a sequential process at its core. It’s very difficult to parallelize because of the nature of the data sets. You have blocks one, two, three, four, five—it's a linked chain. Every single thing that goes into the next block has some form of a reference to the prior set of work, and you validate sequentially.

You can’t break the chain up into batches and say, “This bucket over here and this bucket over here will run in parallel on different cores,” because it’s a sequential process. The only way you could do that is if you have proofs that you’re validating against, like Mithril certificates or some other artifact. When someone says they’re retrieving a blockchain in 10, 15, or 20 minutes—a multi-gigabyte file that has an enormous amount of complex cryptography that runs in a sequential process—they’re essentially saying they’re connecting to a single peer, pulling that data, getting it into their local database, and either completely trusting it or not checking it. They’re not saying, “I’ve retrieved all of this, and I’m able to sweep the entire chain and validate it.” The problem is that the vast majority of people reading that tweet don’t understand how blockchains work, and they assume there’s some magical thing that has been done that automatically translates to complete security and validation.

There is no peer-to-peer in this implementation, and there’s no support for Ouroboros Genesis in this implementation. If this were to exist and proliferate, no one would have Ouroboros Genesis, which is likely coming this year, based on the work of TWE, a fundamental security goal of the entire ecosystem since 2018 when that paper was written. Mithril is already in the lab. We’ve shown how to do parallel validation with that technology, and it exists in orders of magnitude that are very competitive. It takes hours to synchronize the full node.

This is not a network problem; it is easy to build a server-client model where you download from a single source an arbitrarily large set of data and then store it unvalidated. It is much harder to do fast validation in a sequential process. Cryptographic data lacks structure and order by design. Hashes, encryption, signature outputs—these types of things are unordered, unstructured, and unpredictable by design. If they had patterns, they would not have security.

There’s not much you can do to optimize large sets and blobs of them. If you have a linked list of objects, you have to do A, then B, then C, then D—0, 1, 2, 3. You have to work your way through it and validate every step of the way with numerous different types of validation logic by the IRAs of Cardano. This is why a full node is a complicated affair. It’s a database, a server, and a wallet.

While differences of opinion can form, there’s TX pipe, and people are building full nodes of Cardano, like Harmonic. People are looking at a Go implementation of Ouroboros, and we’ve been remarkably supportive throughout the years of diversity and having different opinions and priorities. Whenever something occurs that is either misleading or compromises the security of the system or destroys the incumbent roadmap and prevents us from moving to things like Ouroboros Genesis if adopted at scale, or doesn’t have capabilities like peer-to-peer, these are concerns that I have. It’s my obligation and duty to inform people that they’re being misinformed. It is not honest to represent 9 minutes as a full sync equivalent to the Daedalus copies that many of you have installed.

It is a fundamentally dishonest statement, and you have to understand that that’s not okay. There’s an asterisk there; there’s fine print. It’s awesome that people have gotten funded to go and experiment and improve things. From our part, we’ve tried very hard to work with this particular team and convey some ideas on how Daedalus can be improved, including support for Mithril. They’ve chosen a radically different path.

It is our belief that that radically different path does not correspond with the security and functionality that people in this network expect. Take of that what you will. If it was so remarkably easy to make things work in 9 minutes, you have to ask yourself why it wasn’t done. Were we lazy? Were we incompetent?

Did we just want to inconvenience every single person? Then ask yourself why this hasn’t been done in Bitcoin for full nodes, or Ethereum for full nodes, or ICP for full nodes. Tell me, even in the fast sync conditions of an Ethereum node, optimistically, how long does it take to validate a full node? Does it make sense to you that that could be done in 9 minutes when these are multi-day affairs? There’s something missing there.

It’s the validation part that’s the constraining factor. You’re not network constrained; you’re process constrained by computation. That’s just a universal reality. The only way you get out of that is with architectural changes, data structure changes, new proof structures, and other such things that allow some degree of parallelism. There have been numerous proposals throughout the years for how one can accomplish that, and that was one of the design goals of Mithril.

We encourage every single wallet maker in the Cardano ecosystem to get involved in the Mithril program. We’re at an inflection point where we’re going to start moving in that direction. We’re already talking about Mithril integration with Lace wallet in the browser. We’ve also been discussing Mithril integration with a full node and trying to create a full wallet with it. One of the reasons we haven’t released a Lace desktop edition is that we were waiting for Mithril support because we believe you can massively parallelize and improve the speed at which people sync a node and validate a node.

With optimizations in peer-to-peer, you can start downloading blocks much faster. But you have to understand that this network is built with resilience in mind. Things aren’t necessarily the fastest because you have to protect against eclipse attacks, network asymmetries, and all kinds of other things that come up in a Byzantine peer-to-peer network. Sometimes, people’s internets go crazy; sometimes nodes get compromised by botnets; sometimes people purposely modify their software to attempt to take things down and damage things. Your security model has to perform in all of those cases, not just one or none.

If you adopt things only for one aspect, maximizing download speed from a single server, you’re brittle. The minute you step outside of that security model, it breaks the entire network for all of those full nodes. Six and a half years of research and development went into Cardano’s network stack. We have the single most advanced and sophisticated network stack in the entire industry. Of all the things we’ve done, this is one of our greatest accomplishments.

The R&D that’s put into Daedalus, however slow or inconvenient it can be, is built this way. There have been enormous improvements and new functionality throughout the years, including full peer-to-peer building up to Genesis, which gives us parity with what Bitcoin has accomplished with proof of work. We are the first proof-of-stake network in the entire industry to achieve this. You will not get this with the current design of this software, and it’s disingenuous to say otherwise. I just figured I’d make this video and relay this message.

I’ve been very patient, and it is what it is, but it’s starting to cascade, and people are beginning to believe things that are simply not true. They’re starting to think that, for some reason, we got this wrong. We fully admit design mistakes that we’ve made or issues that we’ve had. For example, the interface in the node could have been more permissive, and DB Sync would have been a lot easier to construct. Plutus applications could have been done a little differently.

There are dozens of design choices, roadmap choices, and other things that, in reflection and hindsight, were not the best. But with respect to the wallet backend, Daedalus, and a full node, best practices of the industry as a whole were followed, and unique design decisions were made that massively secure the Cardano network. To throw those decisions away and then broadcast that things are orders of magnitude better without explaining what has been done is a dishonest thing to do. Tweets like that are counterproductive to what we’ve achieved as an ecosystem. So I have to take a position at some point, and that’s the position I take.

Take what you will from it; it’s an open ecosystem. People can certainly do what they want to do. The fact that Daedalus Turbo got funded and continues to operate is an indication of the ecosystem's will. But do know that you should be armed with full disclosure and full information. It is my opinion that this software does not fully validate the node.

It is not a full node, and it is not designed in accordance with the current desires and goals of the network to have Genesis and full peer-to-peer. If those things were accounted for, the performance gains would go down dramatically and be less than a node that’s enabled with Mithril. We highly encourage all wallet makers to use Mithril, whether it be a light node or a full node. We’d love to collaborate with every single person. Arno is a very friendly person, as is the rest of the team that’s worked on that.

There are many great stake pool operators already running Mithril. It was built for this purpose—to be there for light nodes and fast bootstrap. We’ve already tested Mithril repeatedly in the lab, and we know that it does a lot. We would love to see it proliferate among the wallets in the ecosystem and would be happy to work with the wallet makers to see that reality for the benefit of everybody in Cardano. What’s not okay, though, is to ignore the entire security model of the system, do something radically different, and then represent it as if it’s a major innovation while suggesting that everybody else is getting it wrong.

I don’t understand why a person would choose that approach. Again, this is not a video one makes lightly. There’s been a lot of back-and-forth contact, and there have been many discussions throughout the months privately to try to align and reconcile, but they have not been successful. When I see tweets like this, it tells me that we’re just going to continue moving in the other direction. If that’s the case, that’s fine, but at least you need to know our opinion and the technical reality on the ground.

I hope that you take that to heart and use some wisdom and discretion in your judgment. Thank you.