One critical point of confusion about the xx network’s BetaNet Hardware Requirements has been about gateways. Hopefully we can answer a few of your questions.
What is a Gateway? What does it do?
Gateways exist in the xx network due to its unique privacy and security properties. The Elixxir communication layer of the xx network is designed to let a small group of nodes, known as a team, quickly anonymize a large number of communications. During this fast process, all nodes in the team are needed. If a single node drops, that round fails.
This is where the Gateways come in. Instead of the node advertising itself on the internet, the gateway will do so for it. This way if an external attacker tries to DDoS the node to take it offline, all it will do is take down the Gateway. No user will be able to send messages to that node, but any rounds it is in will not fail.
Once we had gateways, we found they are a great location to house other features. They store received messages for users (hence the 240GB ssd) and will store consensus information for quick access for users. Talking to a single one can let a user find out about the rest of the network, which nodes are online, which are not. They can do edge checking for the node, to ensure the node does not have to waste time on bogus requests. They have become quite integral to the architecture.
How do I run a gateway? Do I have to?
Gateways are integrated into the node architecture, at very minimum the gateway software has to be running somewhere with access to enough storage, otherwise a node will not function. How and where it is run determines what security properties it grants.
The way to run the gateway which offers the most security is to run it on a completely separate connection from the server. Either as a VPS in the cloud, or a cheap machine on a seperate line, by having its own bandwidth and IP address, it shields the node.
For BetaNet, reliability is not as important so some properties can be compromised. An operator can run the Gateway on the node itself, although it increases both bandwidth requirements and requires 240GB more storage. For more information please look at the BetaNet Hardware Requirements.
One could run the Gateway on the same connection as the node but on different hardware if they wished, but it ends up not being of much value for the cost.
What about MainNet?
In MainNet, the security gateways provide will be much more important. By MainNet there will be an option to expand a gateway through a load balancer in the cloud to further increase its reliability.