Topic: AmericanPegasus initiates coverage on Sia. (Siacoin speculation topic) - page 2. (Read 4516 times)

If you were capable of understanding the issue, you would understand it is insoluble. Sorry I can't prove it to someone who can't comprehend what I wrote on the prior page of this thread.

All I am talking about is that that you did not make it work does not mean someone else won't make it works. Obviously you think the opposite is true.

The difference is I am smart enough and I have demonstrated it. You are free to be ignorant of that fact because you can't comprehend what I write.

This is just a statement. This is not a proof. Everyone can say the same thing. I would believe that everyone think they are smart enough.

When I outright discard a design (instead of holding it in my back pocket for further analysis/research), it is because I am sure it is insoluble. I am smart enough. You are ostensibly not.


I genuinely care about dumbshit being promulgated on n00bs.

That you invented it and it did not work does not mean someone else won't create something better and works. Why did you want to waste your time here? Is that because you are jealous, or because you genuinely care about the tech, or because you are genuinely care about the people in the forum whom you think are not smart enough to you.

Sure he can. He can put all the pieces in the same data center where he can maximize his economies-of-scale, e.g. build own datacenter next to hydropower. Are you so ignorant to not realize that the actual cost of the harddisks is not only component of the cost of storage focused datacenter.

You've just shifted the centralization incentive to the Sybil attack.

And what is the point? We can already pay now for cloud storage on many providers (hosts). The point was that people could stand up nodes, but as you see a datacenter focused Sybil attack will always be more efficient and thus can burn more coins than nodes by those with less economies-of-scale.

Notwithstanding the above which is already sufficient to make your oxymoronic design for a decentralized file store attackable by centralization, additionally any public data can't be encrypted in a way that can hidden from the attacker. So the design is an unarguable failure for hosting public files such as downloadable music, internet web page files, etc..

Additionally it is probably possible to detect which redundant encrypted pieces (in the case of non-public data) are the same, by failing on a request for a piece and correlating with timing analysis and client IP to the request for the other piece. There is no way to prove that a failed request was not a network timeout, which is another problem I haven't yet dropped on you.  


Nonsense.

The renter's can't blacklist that which is performing correctly for them because they can't identify any attack. You failed to address my second paragraph as quoted.


Nonsense again. Your design encourages Sybil attacked centralization. The attacker will own all the copies, because the attacker is more profitable thus can expand his economies-of-scale in virtuous (for the attacker) self-reinforcing spiral towards total centralization and winner-take-all.


No need. I am killing your scam now.

Thanks for disrespecting me and saying that you need to hire Peter Todd, when I am here giving you an education now.

You are doing this of your own free will, and if you feel it is a waste of your time you are under no obligation to continue. When the full technology is complete, we will probably hire someone like Peter Todd to perform the audit.


Renters will probabilistically prefer hosts that have burned more coins, and they will prefer these hosts linearly according to the number of coins burned. This creates an incentive structure where the number of coins you should burn to be profitable is linearly related to the amount of storage you are offering to the network. Hosts that are aggressively burning coins to get ahead will end up burning more coins than they could ever make back through selling their disk space. They will be selected with higher probability, but they will not be profitable. Hosts will be most profitable when they are burning a small percentage (such as 4%) of their total expected revenue.

The short-and-delete attack won't work unless the host has managed to actually collect a sufficient portion of the data (and to collect a sufficient volume of shorts). Getting enough data to drop files, especially high reliability files (>5x redundancy), would require both having low prices and burning more coins than the rest of the ecosystem combined. It's an economically difficult attack, and requires a huge amount of prep work. Buying that many coins and then burning them will cause a supply shock, which will drive the price up, and make the attacker's life even more difficult as the attacker will be buying the coins at a greater price than what anyone else was buying at.


I do assume that some equilibrium level will be attained, because hosts only have so much storage, and burning more coins to get more attention will not be profitable. There's a clear utility curve from burning coins. Going from having burned 0.001 coins per TB to burning 1 coin per TB has a massive utility - for just 1 coin you can increase your chances of being selected by 1000x! But then increasing your chances by another 1000x requires 1000 coins, and though you will pretty much always be selected your drives will be full and you can't make more money back.

"The fact that he only stores the data once (for all his Sybil hosts) reduces his costs" -> this is a deduplication attack, and does not work on Sia. All of the redundant pieces are encrypted with separate keys before being uploaded, which means that as far as an attacker (or honest host) can tell, every single bit of data on the Sia network is uploaded with a redundancy of 1x. The Sybil attacker cannot reduce his costs by storing only 1 copy, because 1 copy is all that existed in the first place. The absolute worst case scenario (assuming the attacker is successful) is that the renter ends up with the X copies they paid for, except that all X copies are on the attacker's machines. The attacker can then, at worst, commit vandalism by dropping all of the data.

An attacker cannot gain cost-efficiency by storing all the data, because the redundant pieces are encrypted with different keys, and the attacker is unable to figure out which pieces are not needed.


No, there was no centralization invoked in any of the explanations I provided above. I'm not sure where you got that idea. The blacklisting happens at a per-renter level. If necessary (though unlikely), warnings can be sent out through the community that suggest a blacklisting strategy, but each person can make their own decision on whether it's needed or not. For the most part, blacklisting is performed behind the scenes based on data that the renter itself is witnessing, and the renter never automatically trusts information provided by other renters. I think it's unlikely that a community-wide notification would be necessary to stop a Sybil attack, but it is nonetheless something we have planned for.

---

At this point, I'm guessing TPTB and I are going to be going back-and-forth over the same problems repeatedly. I am probably going to ignore his posts because I do not feel that he is giving us a best effort. That said, I don't want to be ignoring potential problems, so if someone else is worried about an attack, or thinks that TPTB has made a good point which I have ignored, please repeat it and I will address it.

Fucking low IQ time wasters!


Read my 10,000+ posts so you can gain the level of expertise I have accumulated.

Otherwise, we can debate each issue here as follows to bring you up-to-speed on the relevant technological issues.

Btw, how much are you willing to pay me for this education and distraction from my own work?

The onus is on you to write a coherent, concise, and complete white paper so that I can bring to bear my expertise on tearing the nonsense white paper to shreds. I didn't volunteer to condense my 10,000 posts into a white paper to offer you a concise citation.

I am particularly incensed by you promulgating this crap technology as worthwhile. It wastes my time. I told you I invented proof-of-storage in 2013 and I thought about all the ways it could possibly be made to work and all possible ways were flawed. The onus is on you to do the same and not promulgate and hype faulty technology to the community.


You may myopically think so, but you are incorrect.


And you are not smart and/or experienced enough to see the flaw in this proposed design. Thus you should not be trusted by the community as a lead developer of anything to do with block chains.

If you presume that renters will prefer the host with the most burned coins, then hosts must either burn all their coins to be in the chosen top or they must join together to form an oligarchy of some sort (if that is possible) to stop other hosts from burning all their coins. Because the host that burns all his coins would then be chosen and he can then short the coin and delete all the data stored on the coin and walk away with the value that was in the coin.

If you presume some equilibrium level will be attained by the market where hosts can earn some profit, then the Sybil attacker can burn that many coins too, because he is being paid for all his Sybil hosts. The fact that he only stores the data once (for all his Sybil hosts) reduces his costs, so he can afford to burn more coins than the other honest hosts (or burn the same number of coins as other honest hosts yet have higher profits). And the renter ends up with only 1 copy of the backup instead of the many copies they paid for.

You've solved nothing. And that you can't see this obvious flaw means you don't have the IQ to even be attempting this. Please just do yourself a favor and quit now. This is above your pay grade.


So you attempt to solve decentralized file storage by making it centralized. 

Also you can't identify who the attacker is! For as long as the attacker is successfully storing only one copy but charging for multiple hosts, this is not detectable. That is the entire point I made about why this is insoluble. Duh! You really need a citation? It is a simple logic.


Sorry you are just hyper ignorant.

I can't believe anyone placed investment with you. There are some super n00bs here. I am also amazed that smooth is so clueless that he needs you to write a white paper.

Absolutely. I'm glad to see Taek here promptly defending his tech. There's no way to know if the dream will come to fruition but you certainly want to know it CAN be done. Even if you're just speculating or investing short term it's always comforting to know the developers are putting their brains, time, and energy into making the project a reality and clearing out the FUD.

I seem to recall mention of work on a new white paper but it has not been released yet.

There's currently work being put into improving the gateway code to improve bandwidth usage when syncing since numerous people were getting stuck and could not catch up as well as numerous improvements to the renter/host system to improve scalingto large numbers of files.

That's all well and good if you are a speculator, but if you are an investor (or god forbid, a user), you want to know if the technology works (or can work) as claimed. Speculators (eventually) follow the investors, who eventually follow the users--most people are trying to stake their claims before the followers arrive, so open and honest discussion about the technology's chances for success is more than a little helpful.

Is there a current and complete white paper?

*citation needed


And I explained why you are incorrect. To reiterate, hosts burn coins to get weight. Renters are 2x as likely to pick a host with 2x the burned coins. An attacker can burn a whole bunch of coins 1 time to gain an advantage, but hosts in the ecosystem will ongoing be burning coins, and all of the hosts that have burned coins in the past will have preference that the attacker needs to overcome. A sufficiently disruptive attacker can be displaced with a simple blacklisting.

While the system is young, a 'burn attack' is much more likely than after the system hits maturity. Most attackers aren't interesting in spending more than a few hundred dollars to be destructive (the only ability that the attack gives you is vandalism - you can destroy data but otherwise do nothing useful). On Sia today, a couple hundred dollars would be enough. But as Sia grows, attacks will become expensive as quickly as Sia grows. At full steam (being used by corporations - 1 million TB+), doing a burn attack is going to require millions of dollars, and is only going to be briefly useful (a sudden burn of millions of dollars in coins is almost certainly going to arouse suspicion).


The burned coins can be offset by earnings, correct. It is one thing to burn some coins and make them back over time. Or to build up a history of burned coins that proves ongoing legitimacy. It is quite another to enter an economic system with power equivalent to everyone else in the system. Bitcoin is safe only because it's considered unreasonable for a single party to be able to jump in with sufficient hashpower (hashpower is an analog to economic power) to disrupt the system. Someone with sufficient economic power can 51% attack Bitcoin, disrupting the security model.

Sia works the same way. If you have sufficient economic power, you will be able to Sybil attack the system. But doing so will come at great loss to yourself (you'll need to burn lots of coins), and then the most you can do is siphon up all of the incoming data. You can't even disrupt the data that's already been uploaded to Sia, you can only grab at the new data. Renters will repeatedly request storage proofs across your contracts, meaning not only will you need the economic power to perform the proof-of-burn, you'll also need the economic power to actually store the data that's being uploaded. But it gets worse for you, because renters expect you to put up collateral on the data. So now you've burned a bunch of coins, bought a bunch of storage space, and put up a bunch of collateral. And the only thing you can do with that is delete the data. And if you do, renters will blacklist you, meaning you can't repeat the attack without burning another round of coins.

The collateral requirement and hard disk requirement is reduced substantially if you are only attacking a specific person's files. But you will still need to perform the burn, and the extent of your malice is limited to data destruction. Given that data is stored at high redundancy, you'll need to position your Sybil hosts such that out of N total hosts that a renter selects, N-M are yours. In the default settings, this means that out of 30 randomly selected hosts, 21 must be from you. And each of the 21 has to have burned enough coins to have the renter considering them from the pool of hosts. Renters will avoid newer hosts (instead wait until they've been hosting for a few weeks), will avoid hosts coming from the same geographic region, and will only prioritize low-cost hosts to a certain threshold, after which all hosts are weighted the same (which means setting the price to 0 will give you a limited advantage). And again, the only ability you get by performing this attack is that you can destroy data. There is no profit here. All of these protections means that any malice on the network needs to be both a long-term attack, and needs to have substantial economic backing.

Renters can protect against targeted attacks by uploading data anonymously or through a popular proxy, or by using 10x or 20x redundancy across 100+ hosts. This increases the Sybil attackers requirement from getting 21 out of 30 hosts to getting 91 out of 100 hosts, a much taller order, especially given the burn requirements.

---

Your arguments are not sufficiently fleshed out. You do a substantial amount of handwaving such as 'staking is equivalent to burning' and don't provide support or citations. I can understand your frustration given the plethora of broken cryptocurrencies out in the wild, but in this case you are too quick to dismiss us. I don't really expect you to believe or acknowledge that, but I can ask you to be more rigorous if you are going to continue attacking our coin.

I firmly stand by my assertion that, in a practical real-world system, our methods for dealing with Sybil attacks are sufficient. On Sia, executing a malicious Sybil attack is expensive. Such an attack only gives you the ability to vandalize, and historically people do not spend large sums of money purely to participate in vandalism. And by 'large sums of money', I mean somewhere between 10% and 50% of the total money ever spent on storage within the system. Feasible? Yes. Less expensive than a 51% attack on Bitcoin? Depends, but most likely. As useful as a 51% attack on Bitcoin? Absolutely not. Likely to cause problems in the real world? No, though it's not out of the question. Can an attacker who succeeds once remain successful forever? No, malicious or untrusted hosts get blacklisted, and suspicious activity can be addressed at a social level (sending out warnings, notifications, and instructions for a fix).

Regardless of technical flaws, whether legitimate or not, the truth is that most investors on Poloniex won't bother to investigate these technicalities deeply enough to make a proper judgement on the long-term future of the success of the project. In fact, the great majority couldn't even truly understand the technology if they tried.

That doesn't matter at all if you're just a speculator trying to gain some Bitcoin here. Sia will gain value because people are greedy and they will follow the momentum. It's also very young with plenty of room to grow. Right now Sia is building momentum and owning some seems like a good idea.

Are you suggesting that multiple hosts operating as one would simply ignore new chunks that are identical to ones previously received? Thus, creating a mirage of redundancy yet receiving payment? Is that the specifics of the attack you have mind?

It adds no difficulty. Don't be disingenuous.

It is because after 10,000+ posts, an endless stream of idiots causes me to have to repeat the same technical points over and over and over and over and over and over...

The insults are intended to shame them into doing some reading before posting or investing. After 10,000+ posts, I think I deserve to express such frustration. If you don't, you are free to ignore me.


It doesn't matter. The issue I cited is insoluble. You will never find a technical solution. Ever.


Sybil attack as I had stated. I never mentioned deduplication.


Nope. I already explained why staking (analogously burning) doesn't provide sufficient security.


An illiquid coin is rather useless. If that is your goal, then you are stating it won't be widely adopted.

Edit: note that shorting isn't required to break the economic model for the security. The staked (deposited and risked) or burned coins can be offset by earnings and in fact must be, otherwise no one will be a storage provider.

Also I was the one who invented proof-of-storage in 2013. I abandoned it because the Sybil attack is insoluble. I am the inventor of the shit.

So, there are few problems here, the first is non-technical. I do ask that you don't smear insults throughout your posts because it makes it difficult to see your technical arguments and distracts from your core points. The second problem is that you are citing some pretty old information about how Sia works, and you are missing some important details that help bring the system together and secure it.

I tried to pull out your technical arguments in the quote above, not sure if I'm missing something.

The first technical argument you make is that "anyone can pretend to be running many nodes and keep it all stored on one node". I'm not sure if you are talking about a deduplication attack here, or just a standard Sybil attack. Sia addresses the deduplication attack by using different encryption keys for each portion of the redundancy. Because all of the pieces are using different keys, a host can't perform deduplication, they have no idea how the bytes map to eachother.

The Sybil attack is, in my qualified opinion, the weakest part of the Sia protocol. But we do have sufficient defense against it, and that comes in the form of proof-of-burn. By burning coins, you give yourself legitimacy, and then people can use you. People will prefer you in proportion to the number of coins you burn, perhaps favoring coins that have been burned more recently because there is more certainty about the value of the coins at the time of burning. Other than that, all burned coins are treated as equal. Host have persistent identity, which means you can identify them by their file contracts, and hosts are forced to burn (well, it goes to the siafunds holders) 3.9% all of their income in the file contracts. So, hosts are weighted based on burn, and hosts are continuing to burn more coins as time passes. To Sybil attack the network, you need to burn a significant number of coins, representing a significant financial investment. You suggested above that once the coins are burned, you have the reputation forever, but this is not true. If you start failing storage proofs, or otherwise demonstrating unreliability, clients will blacklist you.  Even if you maintain reliability, you will need to be continuing to burn coins to keep up with the rest of the network. Clients will continually be requesting out-of-band storage proofs on the data you are claiming to hold, and because of the siafund tax there is no cheap way for you to fake holding valuable data. If you are pretending to pay yourself, you are also losing coins to the built-in fee.

Sia has a second weakness here, which is that Nebulous owns most of the siafunds. So, it's expensive for non-Nebulous people to Sybil the network, but it's less expensive for Nebulous to Sybil the network (because we'd get back ~90% of all the coins we burned). Paranoid renters could require a second layer of burn which goes beyond the 3.9% siafund fee. We've also got a handful of other  techniques (such as 1 host per IP address) to defend against Sybil attacks as well. It's not perfect, but it's also going to be nontrivial to Sybil the Sia network. (I will establish that the proof-of-burn is not fully implemented, should be ready sometime around June).

Also you talk about shorting a coin and then using the money raised from shorting it to attack it. You would need to buy the short from somewhere, and you'd need enough money to both buy the shorts and then have enough to do the proof-of-burn. I'm doubting that someone would let you short a massive volume of some asset, if you are shorting that much they would probably get suspicious.

I do feel like I've done a poor job of explaining this. I'm happy to elaborate further, or address other points that you think I've missed, but please leave the insults at the door.

Whoops. This is why technological idiots shouldn't be investing in technology they don't understand.

You are investing in something which has an insoluble technical flaw and can't work:



So a single entity can pretend to be many nodes, and Sybil sign and fulfill many such contracts on the same data, yet the client pays for more backup copies but only gets the resiliency of one backup copy.

As well, that entity might just short the Sia coin and then disconnect all his nodes and destroy the coin.

This is a fucking mess. And I can't believe that idiots are investing in these decentralized storage shit coins. How stupid are these guys on these forums.  


Same as for proof-of-stake deposits, this only has to be deposited once yet can be used to Sybil attack unbounded number of clients ongoing.

And shorting the coin can be more profitable than the deposit staked.

Reputation systems devolve to centralization winner-take-all paradigms due to the power vacuum created by the security hole (the potential to attack the coin and/or clients).

---

Also Side-chains are a flawed mess.

Clearly, any coin is prone to much hype and excitement. Sia has already been through 1 or 2 cycles of moderate hype. I personally think the big "pump" is yet to come. But, putting excitement beside, have you attempted estimating the future worth of Sia based on projected usage and so on?

And if you ignore the factors of hype and excitement altogether, where will Sia be in a few years time in terms of actual users, compared to other coins?

My own projection is that once Sia starts taking on actual users (in the hundreds and then perhaps in the thousands), the price is Sia will just explode and it will