Design a global reputation system

[s-tikhomirov]

The initial Store incentivization PoC only includes a local reputation system, which may not be sufficiently secure for a global network.

Design a global reputation system for Store servers, based on the research of prior work (#47) and an initial local reputation system (#48).

Think also of the definition of global reputation:

• each client has a score for each server, or
• additionally, each server has the same score?

The latter definition sounds like consensus, which may make it impractical, although it's unclear yet whether we'd really need this property (further investigation warranted).

Another concern: malicious actors may farm reputation by running clients and querying their own servers.

Ideas from a PR discussion

@jm-clius:

Hard for me to see how we wouldn't eventually have some need for a global reputation mechanism. This incentivises store nodes not only to good behaviour, but also to keep their original identity in tact to build reputation.

It's hard to make this local reputation more than very short lived. Many clients, for example browser nodes, exist only for short sessions and it's not always possible (or perhaps desirable?) to persist anything, including Store node reputations, across sessions.

The shorter lived the reputations, the easier the system becomes to exploit. The only "identity" we currently use for store nodes are their peer IDs, which are exceedingly trivial to cycle. Even if the first query from a client leads to minimal revenue I can easily spin up millions of fake Store nodes to get this small payment, knowing that most clients will have very little local reputational info to avoid my nodes.