Topic: Blockchain vs DAG (Byteball's concencus algorithm). - page 2. (Read 11018 times)

Here is the part I am willing to publish now (some of it is redacted):

I don't have access to my unpublished whitepaper at the moment wherein I summarized Raiblocks, and I am not sure I want to release that summary (yet) as I contrasted it against my design.

Suffice it to say that Raiblocks is insecure nonsense. You can locate TPTB_need_war's old debates with the creator (it used to be named block lattice). @monsterer also pointed out the flaws (note @monsterer seems to be gone now)

RaiBlocks had a separate partition (“blockchain”) for each user balance. Each user balance partition was an eligible witness voter for each transaction event. Consensus voting was required for transfers between partitions to prevent double-spends. The consensus ordering delegate set was the quorum on each epoch of voting, which was claimed to be final. There were alleged security flaws in this design^{[^RaiBlocks-divergence]}, which is obvious given its consensus ordering set is unbounded and has nothing-at-stake, which can’t be secure per the generalized theory...

^{[^RaiBlocks-divergence]} Shelby Moore III. RaiBlocks divergence. Bitcointalk.org, “Block lattice” thread, post #4, Oct 24, 2015.

I am interested to invest in raiblocks. How flawed is it ?
The dev is very active, so is there any chance of upgrade ?

If you only understood how horrendously flawed that design is.

8.1 Byteball’s “Stability Point” Rule

...

Witness units which do not transitively reference their prior unit in their ancestor path^* are provably misbehaving and ignored thus can’t do any harm other than if the majority does. If the threshold of the count for the stability point is only the majority, a single witness could make finality ambiguous by signing two conflicting observations which (transitively) reference their same prior unit without one of the the observations (transitively) referencing the other. The faulty witness could publish one of the conflicting observation units after delay, possibly enabling the reversal of finality for some conflicting transactions. But this requires the minority of witnesses which didn’t reference the first to then reference the delayed observation unit― which seems to require a majority (aka “50+%” or “¹/₂+”) attack even if the delay was within ambiguity due to propagation delay because all (which is not random) of those minority have to join the attack. To increase the safety of finality, the said threshold could be increased to +²/₃ of the witnesses so that reversing finality would require +¹/₃ to sign conflicting observation units and in all likelihood +²/₃ to be malevolent. Thus would reduce the liveness threshold from ¹/₂+ to +¹/₃.

...

The stability point algorithm is able to achieve non-asymptotic BFT with only ¹/₂+ quorums because the ordering of the published observation units (analogous to validator votes) for each witness is orthogonal to those of the other witnesses. Whereas, Byzantine agreement requires +²/₃ quorums because validators much coordinate in quorums such that each validator can claim the unresponsiveness of the others because for a vote to published, all must combine their votes in a quorum.

I also invested in RaiBlocks.

For visibiility, a discussion on IOTA and IoT, from the Iota unmoderated thread

It is not that we are scared of changes. I am eager to diversify some of my BTC portfolio, to make gains faster by getting into a project that is not smoke and mirrors/not a plain meme, the problem is, I can't find it. There is always something that makes me thing im investing into a short lived pump and dump, or medium term pump and dump at best if the project is something ambitious but ultimately has flaws that make it nonviable long term.

I don't feel like getting my hard earned BTC scammed by investing in altcoins that don't end up delivering anything relevant enough beyond what BTC can currently (or in the future) offer. And I work my ass off for a low paying job with bad health in order to invest in my BTC portfolio and continue growing it so that makes me extra cautious when investing a single satoshi.

That is funny, since last time I checked Iota, the PoW didnt help against Sybils, and instead people were asked for social proof to join the network, that ist he Sybil prevention. 

No, that is not my point that "pow is heavy", read my post again and try really try hard to see the big picture. No offense, just open your eyes.

Hardware, Jinn, if you place one of these on a chip, someone will place 100 000 of them together in one big chip, call it a Specialized Processing Unit, and it would then be able to outpace and outrun at least 100 000 of other smaller chips. What I mean is, at IoT power levels, can not ever compete with a normal PC, lulz that should be obvious and clear as blue day, no matter if you place "specialized non-existent magic hardware" on it or not.

Hence, PoW and IoT are oxymorons. Pick one. You cant protect your IoT devices with PoW scheme.

But you can, with a signature based scheme such as Byteball, and other cryptocurrency, even DPoS works better. See IOTA developers and fans, say, "Oh but IoT will not be a full node, it will only send/sing transactions", Well duh, obviously, any fucking cryptocurrency can delegate a chip to be dumb and trust another full node. What good cryptocurrencies do is, allow the IoT chip to send/receive transactions with its own keys - by signing shit just as other full wallets, and get the protection from scammers and attackers as the rest of the network. Spicy isnt it.


Of course, IOTA, bragging about IoT so much, and now we hear from its supporter "IoT will be handed differently." WHAT. OK.

You stated 1 which by itself is hilarious statement to make if you want to design publicly accesible and usable cryptocurrencies.
Then you made another statement from a diffrent contexr, proving something not related to statement 1..

PS. I have no reputation and dont wish to aquire it, in fact I shit on both mine and your reputation.

You probably forgot how it was:
1. I stated that consensus and attacks are different things
2. You used pics to imply it was wrong
3. I showed that it's right

If you still don't believe me then google difference between Paxos and Byzantine Paxos. As you said it yourself, the most of others don't need explanation for basics in cryptocurrencies.

So, what statement do you want me to defend? Upthread I already gave a link to a counter-example of your claim (which proved my statement) and there are zillions of other links on the Internet.

PS: I don't mind continuing this convo, I like watching you digging a deeper and deeper hole for your "reputation"...

it is you who should defend your dumb statements and not require handholding like a baby.

Besides most readers dont need explanation for basics in cryptocurrency.

Nothing concrete, as always when you can't defend your position. 90% of your post are from this category.

The laughing image is not enough to describe how hilarious you are.

Thank you man, you provide me with enough hilarity so I can continue to chuckle for weeks.

I cant even focus to make a short explanation to other readers. Just hilarious chuckle worthy material.

This is worth to be added into my collection of your fuckups.

PS: If anyone thinks that those are NOT different things then read http://work.tinou.com/2009/05/faulttolerant-distributed-systems-made-simple.html (you can jump straight to these words: )

The Paxos algorithms can help us. The specific Paxos algorithm discussed below is the "basic" one (there's a bunch of Paxos algorithms).  The model is asynchronous and non-Byzantine.  This means that a process may crash and recover, but doesn't do anything weird like sending random, deceitful messages to other processes.

sorry for getting offtopic.

but did you realise that is an almost sig-add free topic.

now back to the topic i tried to understand.

We shouldn't confuse countermeasures against an attacker and achievement of consensus. These are different things.