Storage shard proposal
Storing large files on a normal shard should remain expensive. We propose a restriction of normal shards called "storage shards". A storage shard charges less for storage but also restricts the set of allowable contracts to a small whitelist. The whitelist includes the mint, bonding and unbonding contracts, the registry, wallets, and any other contract necessary for administering the shard. The whitelist also contains signature-guarded cell contracts for creating, updating, and deleting files. These contracts contain a wallet parameter to charge for the storage service separately from the computation.
In any proof-of-stake system, users running contracts are vulnerable to a quorum of validators. Therefore, in analyzing the security we must assume that less than a quorum are Byzantine. Nodes must keep track of the data in the tuplespace in order to compute the root hash correctly for participating in the Casper algorithm, so there's no risk of the nodes simply discarding the data. On the other hand, a node is free to ignore deployments, since it can always claim that network troubles prevented the message from arriving. There does not seem to be a way to force a node in a shard to acknowledge a request for data any more than there is in a centralized system; however, if at least one node in the system is honest and up-to-date, it can provide the data. Ejection is planned as a future enhancement to all shards; once ejection is possible, storage shards will probably make extensive use of it, ejecting those nodes that ignore requests for data.