Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Rationally Analyzing Shelby: Proving Incentive Compatibility in a Decentralized Storage Network

Michael Crystal, Guy Goren, Scott Duke Kominers

TL;DR

Shelby analyzes incentive compatibility in a decentralized storage network and provides the first formal game-theoretic proof that a two-tier auditing design can achieve incentive compatibility for storage and auditing under realistic parameter settings. The study demonstrates that relying solely on off-chain audits yields a dominating strategy of shirking, while occasional on-chain verification with calibrated rewards and penalties enforces truthful auditing and storage. Key contributions include a non-cooperative game model of storage providers, formal proofs of honest-equilibrium robustness to coalitions, and a minimal vector-commitment enhancement to strengthen collusion resistance. The work offers a design blueprint for incentive-aligned decentralized storage and broader DePIN contexts by showing how scarce but verifiable checks can discipline cheap off-chain actions.

Abstract

Decentralized storage is one of the most natural applications built on blockchains and a central component of the Web3 ecosystem. Yet despite a decade of active development -- from IPFS and Filecoin to more recent entrants -- most of these storage protocols have received limited formal analysis of their incentive properties. Claims of incentive compatibility are sometimes made, but rarely proven. This gap matters: without well-designed incentives, a system may distribute storage but fail to truly decentralize it. We analyze Shelby -- a storage network protocol recently proposed by Aptos Labs and Jump Crypto -- and provide the first formal proof of its incentive properties. Our game-theoretic model shows that while off-chain audits alone collapse to universal shirking, Shelby's combination of peer audits with occasional on-chain verification yields incentive compatibility under natural parameter settings. We also examine coalition behavior and outline a simple modification that strengthens the protocol's collusion-resilience.

Rationally Analyzing Shelby: Proving Incentive Compatibility in a Decentralized Storage Network

TL;DR

Shelby analyzes incentive compatibility in a decentralized storage network and provides the first formal game-theoretic proof that a two-tier auditing design can achieve incentive compatibility for storage and auditing under realistic parameter settings. The study demonstrates that relying solely on off-chain audits yields a dominating strategy of shirking, while occasional on-chain verification with calibrated rewards and penalties enforces truthful auditing and storage. Key contributions include a non-cooperative game model of storage providers, formal proofs of honest-equilibrium robustness to coalitions, and a minimal vector-commitment enhancement to strengthen collusion resistance. The work offers a design blueprint for incentive-aligned decentralized storage and broader DePIN contexts by showing how scarce but verifiable checks can discipline cheap off-chain actions.

Abstract

Decentralized storage is one of the most natural applications built on blockchains and a central component of the Web3 ecosystem. Yet despite a decade of active development -- from IPFS and Filecoin to more recent entrants -- most of these storage protocols have received limited formal analysis of their incentive properties. Claims of incentive compatibility are sometimes made, but rarely proven. This gap matters: without well-designed incentives, a system may distribute storage but fail to truly decentralize it. We analyze Shelby -- a storage network protocol recently proposed by Aptos Labs and Jump Crypto -- and provide the first formal proof of its incentive properties. Our game-theoretic model shows that while off-chain audits alone collapse to universal shirking, Shelby's combination of peer audits with occasional on-chain verification yields incentive compatibility under natural parameter settings. We also examine coalition behavior and outline a simple modification that strengthens the protocol's collusion-resilience.

Paper Structure

This paper contains 31 sections, 6 theorems, 17 equations, 1 figure, 1 table.

Table of Contents

  1. Introduction
  2. Our Contributions
  3. Related Work
  4. The Shelby Protocol
  5. System Mechanics
  6. Data Storage.
  7. Off-Chain Audits.
  8. Audit Report Aggregation.
  9. On-Chain Audit Report Inspection.
  10. Payments and Penalties
  11. Erasure Coding and Data Reconstruction
  12. Protocol Parameters
  13. Incentive Analysis
  14. The "Who-Will-Audit-The-Auditor" Problem
  15. Truthful Behavior under On-Chain Auditing
  16. ...and 16 more sections

Key Result

proposition 1

With only off-chain audits, the unique pure strategy Nash equilibrium is (mutual) full dishonesty, i.e.,

Figures (1)

  • Figure 1: Sequence of events in an audit epoch. SP $i$ is audited by a group of SPs who submit reports to the chain. The chain computes scores, inspects auditors, and may assign extra audits if needed.

Theorems & Definitions (9)

  • proposition 1
  • proposition 2
  • definition 1
  • theorem 1
  • definition 2
  • theorem 2
  • definition 3
  • theorem 3
  • proposition 3