Topic: [ANN][XRB]Cryptocurrency's killer app: RaiBlocks micropayments - page 163. (Read 775279 times)

It appears (from the writeup) that you are unaware of sybil attacks?

The graph of transactions in bitcoin already functions like what you describe (except 'accounts' are single use txouts); Bram Cohen likes to call Bitcoin without the blockchain "bitpeso".  In Bitcoin the blockchain is overlaid on top of "bitpeso" to resolve "complex forks" (using your language) in a manner that allows someone to join the network and know which resolution is authoritative in a way which is both robust to sybil attacks and does not require membership (because a membership process would create control over the system).

In your description you appears to liberally conflate forks and double-spending.  In Bitcoin, double spending a traditional txout requires malicious behavior, just as you describe.  Blockchain forking in the absence of double spending is benign and no different to the "multiple resolution rounds" you mention from your resolution protocol but fail to describe detail sufficient to permit any analysis.

http://www.apastyle.org/learn/faqs/use-double-quotes.aspx


I warned you not to write condescendingly to me again. Now I will more forcefully state the facts.

I can see I am dealing with a pedantic Dunning-Kruger jackass who has too limited understanding of the technical field to discern technobabble from expertise.

Arguing with someone who is not knowledgeable enough in the field to know whey are acting as a Dunning-Kruger jackass, ends up being an enormous waste of time and effort for the expert.

When you are ready to come down from your ignorant high horse and learn, let me know.

Note most readers here are not knowledgeable enough to discern that you are not an expert. Thus you can probably convince them to invest in your project. The proof of failure will come down the line. No need for me to educate you beforehand, given your attitude.

I'm afraid I largely agree with TPTB_need_war; without a voting history, I find it hard to see how there can be a reliable, unforgeable consensus for 'now'.


This is true in the real world because time travel is impossible.  Cryptocurrencies must strive to make time travel, voting on past history, or presenting fraudulent histories very hard, or the 'now' won't be reliable or consistent.

I will wait to see a public post from monsterer if he disagrees with my assessment. Are you referring to private discussions with him? Because in my quick perusal of his public posts in this thread, they seem to be congruent with my points. Feel free to point out a case where you think his points are not congruent with mine.


Perhaps American English is not your native language? I did not quote you. If I did, I would have used the normal forum quoting as I always do. Placing a phrase between double quotes can also mean that the quoted description is an example of how someone might say it (not specifically any person, since the quote was not attributed to any person).


Do NOT again write an absurd condescending remark that assumes I hadn't yet researched the fundamental concepts.

Try to remain respectful please (and leave the ad hominem diarrhea aside) as we had been up thread.

I have no idea what rational basis you have told yourself to justify assuming I don't understand the definition of Byzantine fault tolerance. How could I possibly be commenting with so much technical knowledge in your thread if I hadn't yet researched the fundamental concepts.

https://en.wikipedia.org/wiki/Byzantine_fault_tolerance


This ad hominem noise again.

Yet another vacuous argument demonstrating that you do not understand that Bitcoin is partition tolerant within its Byzantine fault tolerant objectivity. Byzantine fault tolerance doesn't mean that CAP has to be fulfilled for those observers who are ignoring the longest chain rule or who are unwilling to accept the probabilitistic nature of the expectations (and thus the fault tolerance). Within Bitcoin's objectivity of the longest chain, all three of the CAP attributes are attained. And my criticisms of your design are about its ill-defined objectivity.

Let this technical rebuttal be instructive to you on the fact that my skills/expertise/research in this area are higher than you apparently assume (given your condescending remarks and your continual unwillingness to accept that 3 experts gmaxwell, monsterer, and myself have come into your thread and graciously tried to explain that your design has serious flaws).

The rest of your reply really seemed to start going off the rails of rational logic. But I will try to find the desire to reply to it point-by-point after I cool down from the lashing of your condescending assumptions above.

Sounds right I think, bootstrap poisoning is one attack vector.  One way to address this would be to bootstrap to your representative or whoever gave you your wallet code.  Presumably if you trust them enough to download and execute a program that manages your private keys, you can trust them to bootstrap you correctly.

Another option is to bootstrap to someone you're interested in sending to, a merchant perhaps, because in the end the only thing that matters is if they'll accept your payments as valid and they'll tell you what they're accepting through bootstrapping.

Another problem would be if almost everyone simultaneously changed their representative while forks were occurring. This would would require every account to be online and simultaneously signing a change to their representative; interesting but I don't see that actually happening.

Indeed. He starts by saying "If an attacker succeeds to put himself between a merchant and the RaiBlocks network he can ... ".
Well, I say : Hold your horses cow-boy, if you successfully performed a Mitm attack, then you have already won, no matter the crypto currency or bank. For example, you can just replace all bitcoin, xrb, eth, ... addresses where your victim wants to send funds by yours.

Intresting coin but why it's not listed at main exchanges like bittrex, binance, bitfinex ect ? It will be more easy for investors to buy this coin. I'll buy some but for that i need to register at new exchanges

In current vote it is winning:
https://www.binance.com/vote.html

No RaiBlocks social is advertising it and they don't talk about exchanges until the moment they are already listed.

Currently just the usual three shity exchanges list XRB (Bitgrail, Mercatox, Bitflip).

In past times Cryptopia and Bittrex (just two days testing and then no listing) listed it and delisted after a while.

any news on bigger exchanges? what about the voting contest on binance?

Wow looks like RaiBlocks have large list of problems

Encourage users to make your account representative. Sometimes one pool had more than 50% of hashrate in Bitcoin network = Bitcoin is centralized

Why RaiBlocks is not secure.

In this article I will try to explain why RaiBlocks is not secure and why its technology is any better neither comparable than the Bitcoin technology.

1. Decentralized payments
Decentralized payment networks are, in opposite of centralized payment network like banks, a way to secure your money without having the risk that a central authority could steal your money or manipulate the money in the market. Decentralized payment networks use asymmetric cryptography to ensure that you are the only one who can spend your money.
When you create a cryptocurrency wallet you are given a public key and a private key. The public key allows other people to send you money, while the private key allows you to spend them.  

But how other users know how many money do you have?
To accomplish this, every user of a decentralized payment network must download the entire transaction database which is replicated on the entire network. When you send a payment over the network, it is received by all the users connected on the network allowing them to know your updated wallet balance and allowing them to discard that payment if you don’t own enough funds.

2. Double Spending
The main problem that afflicts decentralized payment networks is double spending: the ability of an user to spend his money multiple times. In the real world, when you pay someone you give him the real cash. In a centralized payment network, like VISA, the central database is updated every time you make a payment, and they will not allow you to spend more money than your balance.
In a decentralized payment network what happens if you send the same amount of money on two users of the network in the same time? Since their database takes time to update for a small amount of time they both will receive the payment and accept it. In a later moment, when the network tells them that you double spent your money, they will cancel the payment, this is possible because every payment is broadcasted to the entire network, not only the receiver.
Without any other security layer, if a malicious user double spends his money and succeeds to block a payment receiver to know that he sent the same money to someone else (or even better, to another wallet of his own), the payment receiver will accept the payment and ship the good. This is so bad, since even a network connection problem could temporarily lead a payment receiver to undetect double spendings.

3. The Bitcoin Solution
To solve this problem, Bitcoin relays on the fact that after you receive a payment you need to wait a confirmation block, the confirmation block tells you that the payment you have received has been accepted by the entire network and you are allowed to spend it. To create a confirmation block, the miners create a list of all the pending unconfirmed transactions and solve a very difficult mathematical puzzle. The miner who solves the puzzle first, sends the block he found with all the list of confirmed transaction and the solved puzzle to the network, the users of the network will check if the puzzle solution is valid and then reward him with some free coins plus the sum of all the payment fees of each transaction in the block. The miners must create a valid list of payments to be accepted by the network, so double spend attempts are just discarded.

In Bitcoin an attacker,  to make a succesful double spending, should not just stop you from receiving a double spend attempt message, but he should also solve the puzzle to create a confirmation block in a reasonable time frame. Currently solving that puzzle with a single computer would take years; at writing time to solve that puzzle a network of thousands dedicated hardware is used, an attacker would require a billionaire investment to replicate that network. Moreover, it would not only need to create one confirmation block but six of them (6 confirmation blocks are required in the Bitcoin network to trust a payment).

Critics of Bitcoin say that all the computation power used to make the Bitcoin network secure is just a waste of energy because there are other reliable and better technologies. Is that true?

4. What is RaiBlocks?
RaiBlocks is a crypto currency that advertises itself as a fast, fee-less and secure currency, unlikely Bitcoin which is currently slow and high-fee (usually requires 1 hour to a full payment confirmation).
But the key point is that Bitcoin has been made that way to guarantee his users a certain amount of security to prevent double spendings.
 
RaiBlocks completely ignores the Bitcoin technology and relies on a special version of the Proof Of Stake concept.
When you receive a payment in the RaiBlocks network you have to wait a certain amount of time to be sure that a double spending has not been attempted (and remember the first problem, if an attacker stops you from receiving the double spend you would never know!)
When a double spent is detected, the RaiBlocks network starts a vote. Every peer connected to the network vote to accept the payment A or payment B; every user vote is weighted with the amount of his balance. Usually each peer votes for the first transaction he receives. The transaction which the sum of votes reaches the 51% of online amount of currency wins. The winning transaction is accepted by the network and the other one is discarded. (Reference https://github.com/clemahieu/RaiBlocks/wiki/Double-spending-and-confirmation)

The payment receiver, if his network has not been compromised, will then know if he can trust the payment or not, and will ship the good accordingly. This system leads to an unsolvable problem.

5. The Man in the Middle attack.

If an attacker succeeds to put himself between a merchant and the RaiBlocks network he can just filter the double spending payment packets, and the merchant will never know that he is receiving a double spending. The Raiblocks network will discard that payment while the merchant will accept it.

https://s18.postimg.org/7pnm6yweh/doublespend.png

6. Solutions proposed by the RaiBlocks team

a) The merchant should ask a vote for each payment he receives and wait for the confirmation.
The problem is that the attacker could manipulate the vote by telling the merchant that only his peers are connected to the network thus he will win the vote by filtering only his votes. Plus, asking a vote for each payment would cause a huge increment of bandwidth usage that many peers could not handle.

b) The merchant should have a remote node verifying the payment.
The attacker could just attack that network too.

c) The merchant should ask the RaiBlocks.net website if the payment has been accepted.
The attacker can hack the RaiBlocks.net website. Also if you have to rely on a website you can no longer consider RaiBlocks a decentralized network.

Other solutions

1) A payment to be accepted should require a vote with a minimum weight quorum.
It's difficult to establish a correct quorum, and if that quorum is offline no payments will be processed.

2) A payment need to be accepted by some trusted representatives.
This will stop the network on being decentralized. Also, if those representatives are offline the payments are not processed.

7. Why Bitcoin is not vulnerable to this type of attack
Simply because an attacker, to be trusted by a merchant, would require to solve a very difficult puzzle for six times. An attacker cannot alter the difficulty of that puzzle.

8. Other observations

a) RaiBlocks is just Bitcoins without the Bitcoin securing algorithm. The creator of Bitcoin, Satoshi Nakamoto, describes the double spending problem in the original Bitcoin paper: https://Bitcoin.org/Bitcoin.pdf. The developer of RaiBlocks just thinks to solve the problem by ignoring the problem.

b) The official representatives of the RaiBlocks network own more than 52% of total voting weight, allowing the developer to manipulate every vote on his will.
Source: https://dev.RaiBlocks.net/page/representatives.php


9. References
https://RaiBlocks.net/media/RaiBlocks_Whitepaper__English.pdf
https://github.com/clemahieu/RaiBlocks/wiki/Double-spending-and-confirmation

- https://raiblocks.net/page/representatives.php (the Official Representatives control 56% of the representation of all RaiBlocks)