Topic: [ANN][YAC] YACoin ongoing development - page 99. (Read 379983 times)

Would you mind elaborating a bit?

Rewards manipulation or denying the consecutive PoS/PoW blocks is not a solution.

NovaCoin resolved this issue very very long time ago using a complex of measures like dynamic RoI and variable block trust concept.

If we allowed max 2 consecutive PoS blocks, then every PoS miner has the ability to deliberately orphan a single PoW block at the tip of the chain (assuming the last two blocks were both PoW). Thus all transactions in that block will be reversed and allowed to be double-spent (not that big of a deal, as they had just 1 confirmation anyway, but still - it would be incredibly easy to do this so we better avoid it).


Case #0 - as it is now:
I can choose any point in the blockchain that hasn't yet been checkpointed (hardcoded height and block hash in the source code) and place my chain of PoS blocks there. Should this new fork happen to have a higher trust value than the original, longer chain - it will be accepted as a new valid chain, orphaning millions of transactions in the process. This happens quite often and (I believe) accidentally - so you can see just how incredibly easy it is to abuse if you deliberately decide to do so.

Case #1 - only disallowing two consecutive PoS blocks:
Imagine the tip of the chain looks like this:
(whatever)-S-W-W-W-W-W-S-W-W-W-W-W
(S denotes PoS block, W is for PoW)

I can now orphan the last 4 blocks by placing my new PoS like follows:
(whatever)-S-W-W-W-W-W-S-W-S

So this is bad, too...

Case #2 - make only the trust value equal:
Again, we have a chain that looks like this:
(whatever)-S-W-W-W-W-W-S-W-W-W-W-W

Now I prepare a chain of PoS blocks that's one longer than the number of last N blocks I want to orphan. Eg. if I wanted to orphan last 10 blocks, I'd make a chain of 11 PoS blocks and hook it to the chain as follows:
(whatever)-S-W-S-S-S-S-S-S-S-S-S-S-S

Easy, isn't it?

Case #3 - the proposed solution:
None of the above flaws work here.

So far I've been able to come up with only one theoretical flaw to this system - lowering the "51%" attack hashrate threshold by PoW-mining in cunjunction with PoS-mining - however, I believe it's not much of an issue as the attacker would need to own a significant percentage of active stake in the PoS system. The worst-case is 25% attack - and the attacker then would need to own 100% of active stake (if my math is correct). So it's more like work-stake trade-off and not an outright vulnerability.

That's one more reason why we need more hoarders (and pools, too!). And remember - the way it is now costs a potential attacker near to nothing as he only needs some (very little) active stake.

Bottom line: I've come to a conclusion that the current hybrid PoW/PoS blockchain system is crap and needs a complete rehaul to actually do the core functions it promised to provide (like increasing chain security by PoS checkpointing with stake actually being something that's in stake - right now staking coins doesn't mean a sh*t).

+1 on #2

I'm not familiar with these things but have some questions.

1) What's the benefit of disallowing consecutive POS blocks in contrast to, eg., just disallow more than 2 consecutive POS blocks? Allowing 2 consecutive POS blocks won't let big holders easily overturn confirmed transactions if POS and POW have the same trust value, right?

2) What's the benefit of disallowing consecutive POS blocks AND having the same POW & POS trust value compared with only disallowing consecutive POS blocks while still giving POS a somewhat higher trust value?

Note that a malicious entity would not mind suffering loses in an attack if they benefit from supressing this alt. I wouldn't rely on 'incentives to be good'.

Could we just require alternate PoW - PoS blocks?

I've written like 5 post here about why I belive Sairon's rules alone bring a lot of problems since these new rules could be exploided by a few. The few would then profit from harming the whole community for their own profits.I hope they made it clear why I think this way and won't repeat that unless someone states a question(or critics) about them.



On my additional rules in addition to Sairon's rules.
Well, there' a reason for choosing exactly double rewards* AND higher minimums for PoS.


Doubling PoS rewards woud make PoS-PoW more profitable than PoW-PoW so miner wouldn't benefit from a PoW-only currency. No incentives to fight PoS blocks (regardless if possible/profitable/...). As you noticed it's far more radical, but the real radicalism is in raising the minimum balance for PoS.

This would prevent most people from ever generating their own PoS blocks later on. The current minimum of ~20YAC to mint would be some money if YAC get's widly accepted, but for this to work it would have to be far far higher. I think a minimum of 1000YAC would be nessasary to prevent PoS-pooling and requireing fees on everyone that isn't in a pool.

Again this isn't something I want, it's something I belive is nessasary. Otherwise PoS could be pooled and miners would keep their PoS-blocks secret to exclusively mine on their own PoS-blocks. Chances of finding a block are euqual, but if they get lucky that would be a super-jackpot. Double rewards means magnitudes more profit for them since PoW mining is expensive. There is no cost for not submiting a valid PoS block.

All this wouldn't be very problematic, but since every mining pool would use pooled PoS-adresses (that are only used if a block is found by the pool) stuff get's messy and PoS isn't decentralized anymore. (Among other problems, f.e. fees for confirming a big PoS block)


*) Reducing all PoW-rewards that aren't directly after a PoS-block by 50% would have the same effect, but I doubt we could ever agree on such. I'd actually prefer that, but it's utopical that we could ever agree on such.

EDIT: Edit edits his edit... Don't know whats wrong with me today.

Actually, I'm not clear on why you think disallowing adjacent POS blocks would be harmful - if a POS block fails, the coin age is not lost and it can be re-attempted after a POW block has been completed - with 1 minute target block intervals, would it even be noticable?

It seems like checking the type of block that occurred and not allowing adjacent POS blocks is significantly less radical of a change than your suggested doubling POW rewards for blocks that follow POS blocks and requiring wallets to be arbitrarily large to even allow them to POS.  I'm failing to see what benefit those changes would have other than it keeps people from attempting malicious activity with small numbers of coins - the POW doubling just seems arbitrary..

As I said in my previous few post I belive those new rules on it's own are exploidable and would harm YAC more than CentralCheckpointing. There is a reason why other PoS coins decided to use that awful solution.
Read my previous posts to undertand why I think so.


I don't think they can be changed at all, I have spend hours thinking about on alternatives that would also prevent double spends. My conclusion was that these can't be changed, but maby we could add something to them.

What I don't know is what how we could solve this, but I had a few ideas:
.)Sairon's rules
I hope I made it clear why I belive that they aren't good without some additional rules. Basically a trading a tecnical for a huge economical problem.

.)Sairon's rules + Doubling PoW reward on blocks after a PoS block AND requireing a far higher minimumbalance for PoS

.)Decentralised CentralCeckpoints
A big wallet (50k+) can be staked for the privilege to checkpoint and gets coins for doing so. If the network realizes that this guy wasn't honest we will never ever allow transaction from that wallet. Everyone with that much YAC should be able to do it.
Opens a box that shouldn't ever be opend, but maby a lottery +big earning for an honest winner could resolve this.
.)CentralCheckpoints from the dev

.)Proof_of_Stake#Cementing
Very very bad idea

.)Suggestions?

As you might notice they all got their drawbacks and frankly I'd prefer the current system to work or CentralCheckpointing if we can't fix the problems with sairon's rules.

All they would have to do is make it useless for the purposes it should serve. Centralizes PoS would work but would also be pointless.

Examples:

1)All miners would benefit if most blocks are PoW and the few remaining (big) PoS are paying a fixed fee. Rich adresses would benefit from excluding small wallets from PoS-rewards. The other people don't matter.

2)Even if miners can't agree on a fixed fee, they could agree on a minimum size for a wallet to PoS. (Higher minimum->less PoS blocks ->more PoW->far more new coins generated->more profit). Benefits both miners and rich guys.

3)When several PoS blocks are competeing for one spot miners can decide who will win the spot. Combined with richguys spliting up their wallets they could together require a fixed fee for a PoS-spot. It doesn't matter for the miner on what block they mine ontop of.



All those possibilities would destroy the benefits of PoS and make it useless. That are just 3 obvious ones and it's likely that there is a non obvious but profitable one. The problem with your rules is that they can be easily exploided by a few for just their own benefit. Usually if that's possible it will also be exploided (examples:banks, govermets,... mankind)


Very very (very) bad idea ... NO.

IMO cementing is a bad idea as it requires us to trust PoS (which we don't as of now).
Also there could be some race-conditions and other nasty issues that could easily result in network fragmentation.

So, it appears that the genesis for the hash on a POS block is based on the coin age of the input.  If POS isn't successful (due to the most recent block being POS), then the coin age is not destroyed, and can be attempted later, which can be as soon as a minute (in an ideal model) as a miner finds a POW block to sit on top of the minter's POS block.

I just wasn't certain if the whole orphaning was being caused by the POS blocks having to be inserted into the blockchain at the point it was generated as opposed to when the minter was connected to the network.

Is cementing an option, or would that be really bad with our current distribution of hashpower (mostly centralized)?  https://en.bitcoin.it/wiki/Proof_of_Stake#Cementing

PoW miners certainly won't maximize their profits by orphaning PoS. On the contrary - their mining revenue would be much lower if they decided to attempt orphaning PoS.

Only when PoS is fair and the new rules could be abused so that only rich adresses (>10kYAC) can PoS while most other (poor) people can't)

I'm not talking about individual blocks, I'm talking about the whole PoS system vs the whole PoW system.
It favours it since PoW can ophran a PoS but it's not possible the other way round.
That's something we want, but also something that brings new problems.

PoW miners will never be able to remove the whole PoS function and every block, but they could make the whole PoS system useless in order to maximize profits. I belive the rules you proposed are they only way besides CentralCheckpoints to solve the current doublespend problem.

They do come with some enourmous problems that we have to fix befor we implement them, later isn't possible. I don't think we can change your rules, but we have to add something to them to save POS. Doubling rewards for a PoW block after a PoS would strengten PoS but also increase inflation dramatically.

Then we would also have to change the chaintrust on PoS blocks so that always the biggest PoS candidate wins.
This will be a complex problem if we don't want to screw up.

The whole point of PoS was to add security and inflation. Favoring PoW over PoS or vice-versa isn't benefiting one rich group over another.  If anything, PoS favors the 'rich'. I think there is a problem with bitcoin and litecoin when inflation through PoW slows and eventually stops completely. I think a great coin would allow a modest amount of inflation (2% or more) through PoW indefinitely (by percentage, not fixed number of coins).

I'm still wondering what disallowing consecutive PoS blocks will do aside from fixing the PoW orphan issue.  Does that mean coins could be 'staked' for much longer? How long? There seems to be a lot of gamemanship with PoS minting, and I'm not sure that fix would change that aspect... it would just change the rules of the game.  

He can generate a PoS block wherever in the chain he likes, however with trust reduced to 1 it's useless to do so. And the "no consecutive PoS" rule prevents him from doing any damage even if he has millions of PoS-eligible inputs.

Having read more articles and publications on POS and attacks, and listening to input here, I really can't offer a better solution than no consecutive POS blocks.  

Knowing POS exists as a wey to secure the blockchain with less electricity waste may not be as critical to YACoin as it is to other coins.  With a higher N, the power consumption on my cards is lower (comparing YAC to LTC or any other N=9 Scrypt coin).  This may drop even further i the future.  If disallowing consecutive POS blocks now keeps YAC from imploding, I say we have to do it.  This may be a case of kicking the can down the road, but the only other solution we've seen implemented is centralization of the blockchain.

One question I still have is : what is to prevent a user from forcing the generation of a POS block (which is just a flag when starting the wallet now, correct?), jumping offline before the generation is complete and coming back on 6 hours later.  Does it attach to the end of the blockchain? or does it insert where the blockchain was when the block was generated (not submitted), potentially orphaning 360 blocks?  

If anyone has any good references on the subject, I'd love to read them.  I've read
https://en.bitcoin.it/wiki/Proof_of_Stake
http://bitcoinmagazine.com/6528/
http://www.peercointalk.org/index.php?topic=936.0
http://www.peercointalk.org/index.php?topic=809.0
http://www.peercointalk.org/index.php?topic=979.0

I belive that (if profitable) miners/groups interrested could rape (think of it as a hack) the protocoll and make PoS useless.
You can't ban PoW-PoW-PoW since we don't have that many PoS, we're only talking about banning POS-POS


If significant (<50%) of miners could agree f.e. on not accepting a small PoS block and only working on top of big PoS and PoW blocks. Just because the protocoll says that you should always build on top of the longest chain doesn't mean it can force you to always do.


How miners could profitable ignore small PoS blocks:

1)New unofficial rule: Don't build on small PoS blocks or better ask for a fixedPoS-fee (no fork or official announcement)
2)A new small PoS apears, but miners rather continue their work on a block where a lot of work has been done already.

No PoS-block could be mined on top of the small PoS so they don't matter at all. Only PoW matters and the honest network would have to be stronger than the unethical network that has already done a lot of work. Beeing unethical gives more rewards since rewards on PoW>>>>>PoS.

Big wallests will always be able to protect there PoS-blocks with a fixed fee and most others won't be able to pay such fee.

--> PoS useless.

The argument ("but then they will have to fight against honest PoS and PoW") doesn't work either. (Pooling PoS possible)

EDIT:red stuff