[ANN][XMY] Myriad | Multi-Algo, Fair, Secure - page 275.

8bitcoder

full member

Activity: 146

Merit: 100

Quote from: gatra on April 03, 2014, 11:21:04 AM

Quote from: ahmed_bodi on April 03, 2014, 11:03:35 AM

Quote from: foodies123 on April 03, 2014, 10:55:53 AM

Quote from: iamphoenix on April 03, 2014, 10:50:20 AM

Quote from: notsoshifty on April 03, 2014, 08:15:27 AM

Quote from: 8bitcoder on April 03, 2014, 07:43:49 AM

Quote from: notsoshifty on April 03, 2014, 07:31:51 AM

It also isn't clear to me how a node calculates the best chain. If it is cumulative difficulty, without any normalisation, then what is to stop someone reversing a sequence of low difficulty blocks (e.g. Scrypt or Qubit ones, currently) by means of a single high difficulty block (SHA256D, currently)?

The SHA difficulty is independent from the other algos, so a high difficulty SHA block will not overwrite a low difficulty Scrypt block for example.

Just in the last hour or so I've seen a chain of five non-SHA256D blocks (112715-112719) erased by a single SHA256D block (112715):

[code edited out]

How should this happen if they are truly independent?

anyone want to give this a technical explanation.. maybe a simple explanation too

Dev is only one that can atm

This is general block reorg (also known as a chain of orphans) it happens with a block time of 30 seconds. hell even with the 10 min block time of bitcoin it happens. In myriadcoin every algo has equal standing as each has an equal score. You can see in many POS/POW coins. POS orphans POW as POS has a higher score than its POW counterpart.

Ahmed

exactly! the coin is broken because a single SHA block can force a reorganization and orphan many blocks from other algos. This allows for easy double spending with minimal hashrate. Just mine SHA from the last SHA block ignoring blocks from other algos. When you mine your new SHA block, all the others will be orphaned. If there are enough to confirm a transaction (which is very likely), you can double spend.
But it can be fixed using normalization. Scrypt is about 1024 times SHA. You'd have to calculate the relative weight for other algos.

dev: you can contact me if you need help fixing this, I have experience with alt PoWs - I'm the developer of Riecoin (new primes PoW - currently cpu only)

Someone mentioned a bounty for a technical study on 51% attacks. Is that real? where can I learn about this bounty? what do you need exactly?
Besides fixing this "high diff algo reorganization attack", I have some ideas for preventing 51% attacks on a coin like this.

regards,
gatra

Thanks for your offer. PM sent. There is a 15,500 MYR bounty for analysis. I can also put up another 15K MYR for your assistance.

8bitcoder

full member

Activity: 146

Merit: 100

gatra

hero member

Activity: 583

Merit: 505

CTO @ Flixxo, Riecoin dev

Quote from: ahmed_bodi on April 03, 2014, 11:03:35 AM

Quote from: foodies123 on April 03, 2014, 10:55:53 AM

Quote from: iamphoenix on April 03, 2014, 10:50:20 AM

Quote from: notsoshifty on April 03, 2014, 08:15:27 AM

Quote from: 8bitcoder on April 03, 2014, 07:43:49 AM

Quote from: notsoshifty on April 03, 2014, 07:31:51 AM

It also isn't clear to me how a node calculates the best chain. If it is cumulative difficulty, without any normalisation, then what is to stop someone reversing a sequence of low difficulty blocks (e.g. Scrypt or Qubit ones, currently) by means of a single high difficulty block (SHA256D, currently)?

The SHA difficulty is independent from the other algos, so a high difficulty SHA block will not overwrite a low difficulty Scrypt block for example.

Just in the last hour or so I've seen a chain of five non-SHA256D blocks (112715-112719) erased by a single SHA256D block (112715):

[code edited out]

How should this happen if they are truly independent?

anyone want to give this a technical explanation.. maybe a simple explanation too

Dev is only one that can atm

This is general block reorg (also known as a chain of orphans) it happens with a block time of 30 seconds. hell even with the 10 min block time of bitcoin it happens. In myriadcoin every algo has equal standing as each has an equal score. You can see in many POS/POW coins. POS orphans POW as POS has a higher score than its POW counterpart.

Ahmed

exactly! the coin is broken because a single SHA block can force a reorganization and orphan many blocks from other algos. This allows for easy double spending with minimal hashrate. Just mine SHA from the last SHA block ignoring blocks from other algos. When you mine your new SHA block, all the others will be orphaned. If there are enough to confirm a transaction (which is very likely), you can double spend.
But it can be fixed using normalization. Scrypt is about 1024 times SHA. You'd have to calculate the relative weight for other algos.

dev: you can contact me if you need help fixing this, I have experience with alt PoWs - I'm the developer of Riecoin (new primes PoW - currently cpu only)

Someone mentioned a bounty for a technical study on 51% attacks. Is that real? where can I learn about this bounty? what do you need exactly?
Besides fixing this "high diff algo reorganization attack", I have some ideas for preventing 51% attacks on a coin like this.

regards,
gatra

noegzit

member

Activity: 104

Merit: 10

Quote from: ivanlabrie on April 03, 2014, 05:11:08 AM

Quote from: Changeispermanent on April 03, 2014, 04:10:09 AM

Which algo keeps the GPUs (R9-280x) coolest..Qubit/Groestl/Skein??

Could someone who tested all of them please share.....

Sure, I did try skein and groestl. Qubit never worked quite right (pool's were rejecting shares).

I'll post screenshots after mining for a minute in a sec.

EDIT: someone should fix the OP...the qubit gpu miner posted there gives me HW only mining myriad. Using sph-sgminer everything works fine, same settings.

Groestl comes first, Qubit second, Skein third and Scrypt is the hottest naturally.
Now, power usage, I have no way to test it but I'd be inclined to think Groestl draws less power (it also runs just as fast on a 5870).

Groestl

Qubit

Skein

Scrypt

(I don't mine scrypt at all btw...not anymore)

I have a rig with 3 R9 280X, MSI P67A-G45 (bios flashed for ivy bridge support), intel G2030, 4 Go, Seasonic P1000.
Measured at the wall, taking off 80W for motherboard+CPU+RAM+HD and dividing by 3, I get for one GPU

Groestl : 100 W
Qubit : 115 W
Skein : 175 W
Scrypt : 240 W

Gpu core clock 1100
Memclock from 1000 to 1500 depending on algo
1.150 V

ahmed_bodi

hero member

Activity: 518

Merit: 500

Bitrated user: ahmedbodi.

foodies123

sr. member

Activity: 322

Merit: 250

foodies123

sr. member

Activity: 322

Merit: 250

Quote from: Tekkerr on April 03, 2014, 10:37:07 AM

Ok, screw this, sorry for my French, but if my post get deleted when ask to stop feeding a trollmonkey, while advertising and promoting exploits is allowed, and using WAY more foul language, I'm clearly not in the right place.
Thought this was somewhat a mature community.
Don't know if MYR mod deleted this or what ever, but I'm very disappointing at this, and blame at the moment MYR thread moderator, can't think that a forum admin has time for this, so bye bye MYR thread, the coin I loved. Profit ain't all!

Not a self moderated thread skippy. Only btctalk mod and post owmer can delete a post here.

iamphoenix

sr. member

Activity: 244

Merit: 250

svennand

sr. member

Activity: 462

Merit: 250

Quote from: Tekkerr on April 03, 2014, 10:37:07 AM

Ok, screw this, sorry for my French, but if my post get deleted when ask to stop feeding a trollmonkey, while advertising and promoting exploits is allowed, and using WAY more foul language, I'm clearly not in the right place.
Thought this was somewhat a mature community.
Don't know if MYR mod deleted this or what ever, but I'm very disappointing at this, and blame at the moment MYR thread moderator, can't think that a forum admin has time for this, so bye bye MYR thread, the coin I loved. Profit ain't all!

Kinda curriouse what got deleted Roll Eyes

Tekkerr

member

Activity: 82

Merit: 10

*bleep*

infofront

legendary

Activity: 2660

Merit: 2868

Shitcoin Minimalist

Quote from: linked67 on April 03, 2014, 08:48:49 AM

My P2pool should be OK now. Around 50Mh/s on it and estimated 3h to find a block.

You are all welcome on my powerful server

http://p2poolcoin.com:5567/static/

What algorithm?

linked67

sr. member

Activity: 336

Merit: 250

My P2pool should be OK now. Around 50Mh/s on it and estimated 3h to find a block.

You are all welcome on my powerful server

http://p2poolcoin.com:5567/static/

lunswor

full member

Activity: 159

Merit: 100

Quote from: Zoella on April 03, 2014, 07:57:33 AM

Quote from: lunswor on April 03, 2014, 07:50:05 AM

Myriad Skein Pool running stable
US Stratum is now LIVE. Also have an EU stratum.

Were finding blocks fast and always in the IRC to help miners

Running well on US servers, although SSL on the web page would be nice!

Sure if you want it, you can have it. I will install one by the weekend

ahmed_bodi

hero member

Activity: 518

Merit: 500

Bitrated user: ahmedbodi.

correct. you also have to incorporate the factor that if the hashrate was to rise to a dramatic amount in such a short amount of time and someone had announced it (as people have done). it would be easy for someone like 8bit to hard fork the network to another algorithm before the attacker is able to attack the coin

notsoshifty

sr. member

Activity: 378

Merit: 250

Quote from: ahmed_bodi on April 03, 2014, 07:37:52 AM

What you're missing in there is that the speed of the other algo's acts as a rate limiter as far as i know. as the retarget works to ensure there is an even distribution of 30 second blocks per algo.

Quote from: 8bitcoder on April 03, 2014, 07:43:49 AM

If a malicious attacker wants to attack one algo, it is not enough to get 51% of the network hash rate of one algo (i.e. > 100% of the current net hash rate), he/she will have to get > 400% the net hash rate of one algo (i.e. have 81% of the network hash rate of one algo) to be able to generate blocks faster than the network, since there are 4 other algos you have to outhash.

That makes sense. So a double-spend attack would have to be more than the normal 51% of the network. But an 81% attack (I've not checked your numbers) on a weakly secured not-tried-and-tested algo might be more feasible than a 51% attack on a highly-secured heavily-studied algo like SHA-256D? (I'm not commenting specifically on the algos here, more the principle)

notsoshifty

sr. member

Activity: 378

Merit: 250

Quote from: 8bitcoder on April 03, 2014, 07:43:49 AM

Quote from: notsoshifty on April 03, 2014, 07:31:51 AM

It also isn't clear to me how a node calculates the best chain. If it is cumulative difficulty, without any normalisation, then what is to stop someone reversing a sequence of low difficulty blocks (e.g. Scrypt or Qubit ones, currently) by means of a single high difficulty block (SHA256D, currently)?

The SHA difficulty is independent from the other algos, so a high difficulty SHA block will not overwrite a low difficulty Scrypt block for example.

Just in the last hour or so I've seen a chain of five non-SHA256D blocks (112715-112719) erased by a single SHA256D block (112715):

Code:

SetBestChain: new best=ba0b9ccc3e83c08b0de4142245e606eca3951302a9a9a78c5f7019234b365222  height=112713  pow_algo=2  log2_work=65.474041 tx=330385  date=2014-04-03 12:31:53 progress=0.999997
SetBestChain: new best=617f423cd8c90ccbdbde160de509a0b0268f0c17dbaf57ed449a039f52d5dd7c  height=112714  pow_algo=3  log2_work=65.474042 tx=330394  date=2014-04-03 12:32:14 progress=0.999993
SetBestChain: new best=6d96a7a4a3ffc0d9ebed505d5fbd9c0673cac1fb038ac2c3e5804bcb5f293c62  height=112715  pow_algo=1  log2_work=65.474042 tx=330395  date=2014-04-03 12:32:48 progress=0.999995
SetBestChain: new best=ebbb1b24cbb4567bb37bf133c0361a2ebf8f0e45c4a55318edb829f488b3c23b  height=112716  pow_algo=2  log2_work=65.474042 tx=330396  date=2014-04-03 12:33:18 progress=0.999999
SetBestChain: new best=0788ff62e6b0778dc101e5908607bb220bc3d9f0e1cca8fad0dce2781d8e2a43  height=112717  pow_algo=3  log2_work=65.474042 tx=330397  date=2014-04-03 12:33:23 progress=0.999997
SetBestChain: new best=e263272617f9f0eeba2d57cda5c1747535432c5929744be1bbb30f0cd4464e84  height=112718  pow_algo=2  log2_work=65.474042 tx=330398  date=2014-04-03 12:33:39 progress=0.999998
SetBestChain: new best=71822da2194d901d2df14ca9686d4b70a9cb278976f0a9ee2d0809fcf9758943  height=112719  pow_algo=2  log2_work=65.474042 tx=330399  date=2014-04-03 12:33:54 progress=0.999999
SetBestChain: new best=00000000000001da15b00bfbe1a0a5e309a1ab30feb18229a82a4451e4dc0fb8  height=112715  pow_algo=0  log2_work=65.474165 tx=330395  date=2014-04-03 12:33:02 progress=0.999987
SetBestChain: new best=7ac3dd626976acb299c05a56f0605336a6488a5ef59db342ad36c501e33163f4  height=112716  pow_algo=2  log2_work=65.474165 tx=330401  date=2014-04-03 12:34:12 progress=0.999998
SetBestChain: new best=116bcc515a9055f8491889db4ff154811536a7bbe227e153ee490c106d5de2da  height=112717  pow_algo=1  log2_work=65.474165 tx=330404  date=2014-04-03 12:34:21 progress=0.999998
SetBestChain: new best=00000000000006427de1c271a517c8fa6aad9fd71b88202188273d8b0114825f  height=112718  pow_algo=0  log2_work=65.474285 tx=330405  date=2014-04-03 12:34:16 progress=0.999995
SetBestChain: new best=b447160fbd0a6a78352a529661477b38627c5322d5f84416b9fbbb70f9525d7d  height=112719  pow_algo=1  log2_work=65.474285 tx=330406  date=2014-04-03 12:34:43 progress=0.999997
SetBestChain: new best=0000000000000932e208c27af7eca23e65bb2a5686cb282eb11cc3b8cff7c6d3  height=112720  pow_algo=0  log2_work=65.474399 tx=330407  date=2014-04-03 12:34:56 progress=0.999998
SetBestChain: new best=feeca208a769da31451fd51f324dc80e2dfb2dfacdb3234a4f2617fb5032bf12  height=112721  pow_algo=3  log2_work=65.4744 tx=330415  date=2014-04-03 12:35:04 progress=0.999999

How should this happen if they are truly independent?

Zoella

full member

Activity: 168

Merit: 100

Quote from: ivanlabrie on April 03, 2014, 06:24:53 AM

I used identical settings for all coins...of course you can downclock mem (300mhz) and it'll help with vrm temps, not sure if it'll affect core though.

No, but considering you get lower temps, lower fans speeds, and lower power consumption it definitely is worth it.

Zoella

full member

Activity: 168

Merit: 100

Quote from: lunswor on April 03, 2014, 07:50:05 AM

Myriad Skein Pool running stable
US Stratum is now LIVE. Also have an EU stratum.

Were finding blocks fast and always in the IRC to help miners

Running well on US servers, although SSL on the web page would be nice!

lunswor

full member

Activity: 159

Merit: 100

Myriad Skein Pool running stable
US Stratum is now LIVE. Also have an EU stratum.

Were finding blocks fast and always in the IRC to help miners

8bitcoder

full member

Activity: 146

Merit: 100

Quote from: notsoshifty on April 03, 2014, 07:31:51 AM

Quote from: foodies123 on April 02, 2014, 09:23:22 AM

Quote from: notsoshifty on April 02, 2014, 08:56:23 AM

Quote from: foodies123 on April 02, 2014, 08:15:21 AM

Quote from: notsoshifty on April 02, 2014, 07:32:31 AM

Why do multiple algos make it more secure? Isn't it basically as secure as the weakest link, i.e. the algo with (relatively) least mining power?

since the algos are independent one algo compromised means only 20% of the blockchains is compromised. unlike chained algos like x11 where the algos are sequential and if one link is broken the chain is broken.

myr ftw.

With a single blockchain secured by five algos (with independent difficulties), what does it mean for "20% of the blockchains" to be compromised? Surely a blockchain is either compromised or it's not. Can you expand please?

It's only a metaphorical picture. If a malicious attacker would gain leverage over 1 algo (20% of the blockchain) there are 4 other algos that will secure the blockchain, thus the blockchain will remain unaffected. We only use the percentages to give a better idea of what a 51% attack would look like to myr. There was a 51% accident on scrypt last week about the same time it happened on AUR. You know what happened ? Nothing. The pool with 51% of scrypt forked and that's about it, the blockchain had no reaction whatsover to the fork created and ignored it like business as usual. Like it was explained above 51% in one algo is only about 11% of the whole hash power. It's like cutting off a reptile's limb, the rest of the body remains unaffected and it will grow back the said limb imediately.

Well, I still don't get your point, sorry.

If a malicious attacker gains leverage over one algo, what is to stop him launching a double spending attack using that algo, and reversing several transactions from other algos (no matter how much mining power is put onto them)? Done correctly, a double spending attack could potentially net a malicious attacker substantial funds; more than legitimate mining at least.

It also isn't clear to me how a node calculates the best chain. If it is cumulative difficulty, without any normalisation, then what is to stop someone reversing a sequence of low difficulty blocks (e.g. Scrypt or Qubit ones, currently) by means of a single high difficulty block (SHA256D, currently)?

Perhaps these points are just me being dumb. The technical study on 51% attacks that you have put the bounty out for will be most welcome. In the meantime feel fee to point out my mistakes (in technical terms, without harming reptiles, plz).

If a malicious attacker wants to attack one algo, it is not enough to get 51% of the network hash rate of one algo (i.e. > 100% of the current net hash rate), he/she will have to get > 400% the net hash rate of one algo (i.e. have 81% of the network hash rate of one algo) to be able to generate blocks faster than the network, since there are 4 other algos you have to outhash.

The SHA difficulty is independent from the other algos, so a high difficulty SHA block will not overwrite a low difficulty Scrypt block for example.

Topic: [ANN][XMY] Myriad | Multi-Algo, Fair, Secure - page 275. (Read 850070 times)