I think I have a solution (not centralized) for comparing different blockchain forks.
However I need some more information.
How do yacoin clients fetch data from other peers - do they ask for latest block and then get them one by one by previous block link or do they go in other direction and ask peers for next block from the time of their most recent block on disk?
Topic: [ANN][YAC] YACoin ongoing development - page 96. (Read 379983 times)
I can't seem to wrap my mind around it, why is POS untrustworthy and POW trustworthy? So I have to trust a miner who has millions and millions of hashing power that he will not generate dozens of blocks in a series? That happens now, everyday and no one seems to care.
You can generate PoS blocks without even trying and as it is now, they can "overwrite history", which is bad.For PoW, however, you must spend a lot of electricity so it actually costs you something (quite a lot) trying to change history.
Would you mind elaborating a bit?
1) You have to maximize an active weight. It doesn't matter how you do so, but you have to do it for any price (even for constant trolling from ignorant kids), because that's necessary to survive.2) You have to make attack energy expensive, in order to prevent free attack attempts. Otherwise user will be able to use OpenVZ and 10000+ wallet copies to make 10000+ attempts without any problem.
NovaCoin maximizes active weight using a variable RoI and limited block reward. It also implements a variable trust idea, the consequtive PoS or PoW blocks has lower trust in comparison with a hybrid chain. Attacker have to generate a hybrid chain to make success.
It's forked from an older version of Novacoin.
Would you mind elaborating a bit?
1) You have to maximize an active weight. It doesn't matter how you do so, but you have to do it for any price (even for constant trolling from ignorant kids), because that's necessary to survive.2) You have to make attack energy expensive, in order to prevent free attack attempts. Otherwise user will be able to use OpenVZ and 10000+ wallet copies to make 10000+ attempts without any problem.
NovaCoin maximizes active weight using a variable RoI and limited block reward. It also implements a variable trust idea, the consequtive PoS or PoW blocks has lower trust in comparison with a hybrid chain. Attacker have to generate a hybrid chain to make success.
One question I still have is : what is to prevent a user from forcing the generation of a POS block (which is just a flag when starting the wallet now, correct?), jumping offline before the generation is complete and coming back on 6 hours later. Does it attach to the end of the blockchain? or does it insert where the blockchain was when the block was generated (not submitted), potentially orphaning 360 blocks?
He can generate a PoS block wherever in the chain he likes, however with trust reduced to 1 it's useless to do so. And the "no consecutive PoS" rule prevents him from doing any damage even if he has millions of PoS-eligible inputs.
So, it appears that the genesis for the hash on a POS block is based on the coin age of the input. If POS isn't successful (due to the most recent block being POS), then the coin age is not destroyed, and can be attempted later, which can be as soon as a minute (in an ideal model) as a miner finds a POW block to sit on top of the minter's POS block.
I just wasn't certain if the whole orphaning was being caused by the POS blocks having to be inserted into the blockchain at the point it was generated as opposed to when the minter was connected to the network.
Is cementing an option, or would that be really bad with our current distribution of hashpower (mostly centralized)? https://en.bitcoin.it/wiki/Proof_of_Stake#Cementing
IMO cementing is a bad idea as it requires us to trust PoS (which we don't as of now).
Also there could be some race-conditions and other nasty issues that could easily result in network fragmentation.
I can't seem to wrap my mind around it, why is POS untrustworthy and POW trustworthy? So I have to trust a miner who has millions and millions of hashing power that he will not generate dozens of blocks in a series? That happens now, everyday and no one seems to care.
Could be an exchange, maybe.
That was my first thought too - It might be bter or crypsty.
If it is, we should see coins coming and going from the wallet as well.
Could be an exchange, maybe.
That was my first thought too - It might be bter or crypsty.
If it is, we should see coins coming and going from the wallet as well.
Could be an exchange, maybe.
Those coins have reset age now, so there's a month to post a fix.
No, it's all because of absence of the correct chaintrust calculation.
So YAC needs correct chaintrust calculation.
Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps.
If I understand correctly, this seems to be a key part to the problem.
Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It does seem a bit odd...
Balance: 3,734,100 YAC
Transactions in: 6,781
Received: 3,763,601 YAC
Transactions out: 23
Sent: 29,501 YAC
First Transaction: 2014-01-03 02:22:02
Any of our big hoarders decide to move all of their coins to a single address? Most of the transactions are for the same amount; 3,000 5,000 or 10,000 YAC. That makes me (hope) that someone is just moving all of their coins to a single address for future minting. It looks like the wallet address was only created ~96 hours ago.
I posted about this in the Yacointalk forum to try and keep the development talk on track - http://yacointalk.com/index.php/topic,559.0.html
It appears that someone is taking all their large inputs and sending them to this one address pretty much in every block. We've been talking about a POS attack requiring vast amounts of the coin, well, here's one address with exactly that
No, it's all because of absence of the correct chaintrust calculation.
So YAC needs correct chaintrust calculation.
Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps.
If I understand correctly, this seems to be a key part to the problem.
Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It does seem a bit odd...
Balance: 3,734,100 YAC
Transactions in: 6,781
Received: 3,763,601 YAC
Transactions out: 23
Sent: 29,501 YAC
First Transaction: 2014-01-03 02:22:02
Any of our big hoarders decide to move all of their coins to a single address? Most of the transactions are for the same amount; 3,000 5,000 or 10,000 YAC. That makes me (hope) that someone is just moving all of their coins to a single address for future minting. It looks like the wallet address was only created ~96 hours ago.
I posted about this in the Yacointalk forum to try and keep the development talk on track - http://yacointalk.com/index.php/topic,559.0.html
It appears that someone is taking all their large inputs and sending them to this one address pretty much in every block. We've been talking about a POS attack requiring vast amounts of the coin, well, here's one address with exactly that
Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It does seem a bit odd...
Balance: 3,734,100 YAC
Transactions in: 6,781
Received: 3,763,601 YAC
Transactions out: 23
Sent: 29,501 YAC
First Transaction: 2014-01-03 02:22:02
Any of our big hoarders decide to move all of their coins to a single address? Most of the transactions are for the same amount; 3,000 5,000 or 10,000 YAC. That makes me (hope) that someone is just moving all of their coins to a single address for future minting. It looks like the wallet address was only created ~96 hours ago.
Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
No, it's all because of absence of the correct chaintrust calculation.
So YAC needs correct chaintrust calculation.
Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps.
Thanks a lot for explanation and your valuable insight, Balthazar.
This is really complex stuff and I have read it again and though I do not get it all (and probably not right either), I do have some thoughts.
EDIT-new paragraph:
If this quote from Sairon is correct, PoS window periods mentioned on previous page could be used as checkpoints. Software should calculate the difference between timestamps of PoW blocks between PoS blocks and the result could serve as a chaintrust value.
Blockchain fork with lowest time difference should be considered most valid one.
EDIT-old paragraph ( I don't understand anything written )
If this quote from Sairon is correct, before mentioned PoS window and the next one could be used as checkpoints. If software would be set to calculate distance to next PoS block to be 59 PoW blocks ahead, the difference between timestamps of PoW blocks on both edges between PoS blocks could serve as a chaintrust value - or is it active weight?
Blockchain fork with lowest time difference should be considered most valid one.
And actual equation would probably be more complicated (considering many segments).
Perhaps we could also use PoS timestamp in calculation...
This is really complex stuff and I have read it again and though I do not get it all (and probably not right either), I do have some thoughts.
... I've also been thinking abount the issue Balthazar found (generating lower-difficulty fork from last checkpoint). The only way it can be achieved (the lower diff) is by faking the timestamps in the blocks (to keep diff low) and generating a longer chain than the current main chain. By faking the timestamps to be more distant from each other the difficulty is kept low. ..
EDIT-new paragraph:
If this quote from Sairon is correct, PoS window periods mentioned on previous page could be used as checkpoints. Software should calculate the difference between timestamps of PoW blocks between PoS blocks and the result could serve as a chaintrust value.
Blockchain fork with lowest time difference should be considered most valid one.
EDIT-old paragraph ( I don't understand anything written )
Blockchain fork with lowest time difference should be considered most valid one.
And actual equation would probably be more complicated (considering many segments).
Perhaps we could also use PoS timestamp in calculation...
I've read the previous page again and my understanding is that somewhere in the future attacker generates a chain that replaces original chain with clients that are not on latest chain.
Attacker can generate chain now and publish it a week/month/year later. His chain will be able to overwrite the main chain if it has a suitable length. Of course, if there is no checkpoints... 
A proposed solution (cutting the window of allowed timestamps) can't help here. This checking isn't purposed to use for protection against double-spend attacks, it's just a sanity checking and nothing more.
And that is all because of one (to keep it simple) PoS block inserted?
No, it's all because of absence of the correct chaintrust calculation.
Can someone please explain what can the attacker do if Sairon's fix (no two consecutive PoS blocks) would be merged with criteria for dynamic PoS block window opening a couple of times a week (and later per day or hour)?
EDIT: I've read the previous page again and my understanding is that somewhere in the future attacker generates a chain that replaces original chain with clients that are not on latest chain.
Is that correct?
And that is all because of one (to keep it simple) PoS block inserted?
EDIT: I've read the previous page again and my understanding is that somewhere in the future attacker generates a chain that replaces original chain with clients that are not on latest chain.
Is that correct?
And that is all because of one (to keep it simple) PoS block inserted?
It now seems relatively very simple and innovative--and simple.
And buggy as well.I think nonconsecutive PoS blocks looks even better now.
There is no difference between control through checkpoints or trusted timestamps... This "solution" requires checkpointing control to work properly, so by choosing such design you are choosing a centralization. Maybe it's time to stop kidding yourself and switch to paypal? That's really much simpler than establishment of another centralized system instead of fixing a real source of the problem. There is no problem with proof-of-stake system in terms of stability or efficiency, all we see here are just an issues of particular project. This issues are caused by incorrect chain settings and it's easy to fix it in the right way. But it seems that majority could prefer to use ugly workarounds due to ideological purposes.
2 all
It's not too late, a fate of the project is still in your hands. Just read my messages here carefully and make the your own decision. Anybody including myself can make the mistakes, that's natural. So don't accept flawed solutions so silently from anybody, despite of his authority. Check everything twice before saying "yep, that's acceptable"
Creation of coins to depend on timestamps as well? I think nonconsecutive PoS blocks looks even better now. It now seems relatively very simple and innovative--and simple. I think NXT is going to show how ineffective PoS is compared to PoW in terms of long-term stability. Just secure PoS role as providing security while also stabilizing prices through inflation--my vote as if it matters.
Maybe it has a sense in terms of coins distribution, but not in the terms of security. Because attacker can fake timestamps and there is no way to make a difference between incorrect/correct timestamps if the both timestamps are from the past or present. You can't check it without the help from trusted parties (e.g. https://en.wikipedia.org/wiki/Trusted_timestamping).
Jump to: