The High Cost and Complexity of Static CT Logs: A Sustainability Debate
This article compares the operational costs and complexities of two CT log implementations: CompactLog and Sunlight. The author demonstrates that Sunlight's 'served directly from S3' architecture suffers from significantly higher write (22.4x) and read (500x) costs compared to CompactLog. Furthermore, Sunlight exhibits security vulnerabilities (accepting 32 spaces as a cryptographic seed), lacks caching, is complex to deploy, and has poor documentation, resulting in high operational costs and maintainability challenges. The author criticizes this design's prioritization of perceived simplicity over sustainability and security, advocating for the inclusion of smaller operators and monitors in shaping the CT ecosystem to avoid consolidation of control by large corporations or cloud providers.