LLMQ-Based ChainLocksA few cryptocurrency projects have made headlines recently due to threats of 51% mining attacks. In a 51% attack, a mining entity that controls a majority of hash power can secretly mine a separate chain that is longer than the public one, then publish it — causing a reorganization and orphaning previous blocks on the original chain. This can result in users of the network losing money as transactions in the invalidated blocks are also invalidated.
ChainLocks will significantly reduce the risk of a 51% attack occurring on the Dash network. A Long Living Masternode Quorum is selected, and each member signs the first block it sees — extending the active chain at the current height. When enough members see that block, they will propagate a message to all nodes in the network. When this message is received by a node, it rejects all blocks at that height that do not match the block specified by this message. This not only makes reaching consensus quick and unambiguous, it makes chain reorganizations below this block impossible.
This means that transactions can be considered fully confirmed after the first on-chain confirmation inside a block protected by ChainLocks, and there is no need to wait for more confirmations until a received transaction is considered secure. This feature also removes all incentives for miners to cause chain reorganizations by mining in secret, because a failure to publish blocks immediately could give an honest miner the opportunity to publish a block that would be locked by a LLMQ, and thus made irreversible. This would result in the secret chain being ignored when the malicious miner attempted to publish it.
Link :
https://blog.dash.org/product-brief-dash-core-release-v0-14-0-now-on-testnet-8f5f4ad45c96But what about the longest-chain rule?The longest-chain rule is one of the most important parts of Proof of Work based consensus. The idea is that every node should consider the chain with the most accumulated work as the locally active chain (but only if it is also valid by all other consensus rules). The reason for this rule is that otherwise it wouldn’t be possible to find consensus on which chain to extend. Nodes need to find consensus based on limited information, and the only reliable information which is viable for this is the information found from the chain of headers. Using only the accumulated work (calculable from the headers) makes sure that every node can disconnect and reconnect, and still find consensus at any time.
With ChainLocks, this rule is still in effect, but it can be overridden by a valid CLSIG message. Effectively, only the members of the responsible LLMQ are fully following the longest-chain rule, as they are the ones creating the CLSIG message in collaboration. As the CLSIG message can only be created if enough LLMQ members agree, the presence of the CLSIG message serves as a proof that the referenced block was (or still is) the block resulting in the longest-chain.
This puts quite some trust into CLSIG messages and the Masternode network, but we consider this to be an acceptable tradeoff. The assumption is that the majority of the masternode network is honest, which is basically the same assumption applied to miners in a plain Proof of Work system.
The difference with ChainLocks is that miners AND Masternodes representing 51% of each of the layers would have to collude in order to perform a working attack. And even if an attack succeeded, the attackers would still not be able to cause deep reorganizations, as previous CLSIG messages can’t be invalidated by the attackers. The worst thing that could be achieved is to NOT sign blocks, which would be noticed by all nodes. Also, if any LLMQ with mostly honest masternodes signed a block in-between the attack, all previously unsigned blocks would become fully confirmed as well, making reorganizations for these impossible as well.
Link :
https://blog.dash.org/mitigating-51-attacks-with-llmq-based-chainlocks-7266aa648ec9
) for malicious and/or incompetent Masternode operators to abuse their trusted third party privileges.
