Topic: A Consensus Protocol Based on the Ability of Network Dispersity. (Read 349 times)

Besides that you have to have enough stake in your branch which is not active in the main branch and that is difficult to achieve.

In my protocol the online stake can be precisely counted so that the difficulty can be adjusted by a different way from the PoW protocol. We can calculate the difficulty by using the amount of online stake and that will ensure the fake branch grows slower than the main.

In other protocols, we can build a kind of math model to restrict the blockrate into a certain range according to the current blockrate and difficulty to make sure that the higher mining power generate blocks faster than the lower.

In other words, there are objective methods to tell the difference between different mining power by refering to the current blockrates and the difficulties.

So, as an attacker creating a fork, I poison the main branch by using my stake in the main branch and in another branch thereby increasing the odds the main branch will be discarded in favour of my competing fork which contains no 'double-active' stake.


Because the is no objective way to tell the difference between the main chain and the competing fork with historical keys - both appear to have the same amount of 'online stake'.

The first rule is the longest or heaviest branch; the second rule is according to the proportion of the double-active stake: the lower proportion, the higher probobility to be choose to the main branch. There could be some complex judgment basis but they basically follow those rules.

By the way , I still don't get why the fake chain can catch up with the speed of the main chain. Since the growth speed is determined by the online stake, why would a branch with partial stakes grow faster than the one with full stakes?

Either you select the canon chain based on highest stake, or you don't. If your standard rule is to select based on highest stake, then your secondary rule must use some other criteria. If that is the case, then you don't have 33% attack tolerance anymore, you have a lesser tolerance which will be exploitable much more easily.

Have you thought about how? Take notice the proportion is measured by stake. So you have to fake the activities on the fake chain using the active private keys on the main chain.

What is the other reason it wont work?

There may be more than two rules in Pos system, such as : the first N blocks are not reorganizable.

Lets assume for a moment that this solution will work (it wont, but for the sake of argument, lets assume it will). So now instead of one rule for selecting the correct fork you have two rules. Now instead of being a majority stake holder, the attacker can just try to trigger your other rule to discard the canon chain as fake, and have your new selection rule pick his fake chain instead.

I have thought seriously about the problem you posted and maybe I have found a way to mitigate it. It's useful to any PoS protocols.

First of all the reorganizition is designed to prevent forks. Under normal circumstances,  some stakeholders would be active(trading or mining) in both branches (caused by NaS too) if there appears a fork. According to the probability there will be similar stake proportion of "double-active" users between both branches.

But if the branch is a fake chain built by the attackers, they will be disproportionate —— the proportion mentioned above in the mainchain will be much less than that in the fake one, unless you have bought every account, which is impossible. Under this circumstance, the branch should never be accepted no matter how long it is. This operation is also nessesary to prevent some group of users from getting extra advantage by unfair means when forks come.

By the way, the situation you have mentioned:"any syncing node querying at random will find his fake nodes with fake history" could be resolved by controling the p2p links——
The attacker needs to try through a lot of past blocks so that the longer range he seeks, the better chance he would success. But the longer range he starts the fork, the more obvious the disproportion will be. I think that might increase the difficulty you launch an attack, after all you gain those private keys by "buying".

I know what you mean with "NaS" but I used that word with the meaning of the "double voting problem".
If the problem mentioned at that post is still unresolved, I must say that's the problem we haven't resolved yet. But we have at least resolved the first one.

It's all NaS in the end. Every problem that PoS has is due to NaS.

edit: in any case, what I've posted isn't 'long' range, but instead *any* range.

Long range attack is an other problem of PoS but we are discussing the NaS problem aren't we?
https://blog.ethereum.org/2014/05/15/long-range-attacks-the-serious-problem-with-adaptive-proof-of-work/

That won't help you at all. It doesn't address the problem of historical private keys. I suggest you read this post: https://bitcointalksearch.org/topic/m.14058047

I recommend you to read the article "Transactions as Proof-of-Stake" by Daniel Larimer whose idea was close to mine in this respect.

Words like 'sealed' have little meaning in any system where block generation has zero cost.

I hope this could explaine:

All stake based protocols suffer from NaS - yours included.

And provides incentives to build open development multi-chain systems which may be a progress in the field of cryptocurrency.

We assume that you are right that it has the same security level as PoS, which actually not(you will know that if you read the section "51% attack"). At least the new model don't have the common flaws of PoS such as the wealth concentration issue or "nothing at stake" problem.

My point was, if you only achieve the security model of PoS with this technique, why bother at all?

You are right, that was one reason that I use stake to measure the power of voting. But it was not a compensation because the "stake" property plays other important roles like “balance the mining power”.
you could see it here: https://github.com/yj1190590/PoND/blob/master/README_eng.md#compete-for-the-voters.
You can consider it as a kind of PoS mechanism in this respect, that's OK. But from some other respects it has many differences from PoS. About this question, you could refer to: https://github.com/yj1190590/PoND/blob/master/README_eng.md#faqs if you'd like to.

Sybil attacks are not so easy just because I use the "stake" property like you said.