Topic: Can you secure a sidechain with it's main chain? EDIT: Ardor does this. (Read 392 times)

There have been some musings on recent bitcoin-dev emails about using your main-chain stake to secure a POS side-chain.

Normally you imagine using the internal currency of the side-chain to determine consensus.. but since that is self-reflexive poo poo.. using main-stake coins makes sense. Main stake coins have base value, whether the sidechain works or not.  

Now Bitcoin is POW and this is POS, so the exact security connection / implication is not straight forward, but there is certainly a correlation between the strength of BTC the POW currency and the POS systems built on top of it.

It's still a POS chain with all that _that_ entails - but backed by BTC.

I realized this is not going to work. re-org on sidechain is also needed. Which essentially it may obsolete merge mine in first place.
The reason is that one can create a block and don't publish the content of it. Then sidechain is dead.

I don't know about two-way-pegs. I've not thought about it.

1. The 51% attack (re-org) is already solved at main chain. My point being it should not be solved again for sidechain (merge mined).
And conflicts are solved with other means. Which i did discuss in my earlier post.

2. There should an incentive to mine blocks. Like inflation, moving BTC or other means. At the end there should be competition at inserting the new block. Still if the block is invalid it won't be added to UTXO set of sidechain. But still is added to chain of block headers.

I hope i did described it well.

If I understand you correctly, then this is a sidechain model where the sidechain nodes follow the main chain closely and only produce blocks when the main chain produces blocks, and re-orgs when the main chain re-orgs.

The big advantage is, obviously, that cross-chain transaction management (important for 2-way-pegs) is much easier. But a couple of questions come up:

1) How do you prevent conflicts between sidechain nodes? If you use some sort of mining (e.g. merged mining) then there can be 51% attacks, by definition, because conflicts are solved with the "longer chain/more PoW rule". If you don't use mining, then which chain is correct if a part of the network is on a different "tip" than the rest?

2) What is the incentive to add blocks to the sidechain and to add all transactions correctly?

Regarding Ardor and similar models where the main chain secures the child/sidechains, in Ardor you preserve part of the scalability advantage, but sidechain structure is tied to the main chain protocol, so you can't "experiment" with child chains. That child chains are currently not easily added without action of the main chain devs (Jelurida, in Ardor's case) is not mandatory, that can be changed. Another disadvantage of this model is that the main chain protocol must support it explicitly, so you can't create a Bitcoin child-chain currently.

I don't think I can answer any of those 2 questions, they all depend on the type of project you want to launch. For the last question, merge mining just needs for your coin to have the same algorithm as the 2nd coin. There is some work involved in making the miners try to find a solution for both your pow problem and the 2nd coin's, but you don't necessarily need to peg your coin's value to it.

Do you (or anyone else) think that that would be a good solution? I thought of ways to do that but would it be easier just to clone our own, completely independent chain and then just figure out great incentives for nodes? Also does merge mining require a 2 way peg?

To sum it up, it depends 100% on the main chain technology, and if it can implement this.

You can create a side chain of ANY coin, if you plan to provide the nodes & hashing power to maintain it.

If you want to transfer that burden to the main chain, there needs to be some way for you to tell the main chain nodes to validate your sidechain transactions, and mine the blocks that contain these transactions for you.
Not every coin has the technology for this, and if it does, you need to figure out how to achieve it (like ardors centralised way to broadcast your child chain to the nodes).

I don’t want to use or clone Ardor, I was just showing them as an example that it’s possible to secure a side chain from the main chain. I actually want to side chain Stellar.

I looked up ardor, searched around for a few minutes.

1. How are you going to make this child chain? I only found information which says "Contact Jerulida, and file an application."
That sounds hilariously centralised, but it makes sense because :

2. Your child chain is only some sort of partially mirrored chain on the main chain. When a transaction happens in your child chain, it's technically validated by main chain nodes. Your blocks are blocks created on the main chain, and so on.
You can even transact coins between different child chains.

You can read : https://www.jelurida.com/child-chains-and-side-chains

So to sum it up, if you only want your own blockchain, to be able to create your own transactions, peg the coin value to another one, and not worry about node security, sure, you can make a child chain of this ardor. From what I read, your child chain is secure because ardor nodes keep the utxo and the blockchain of your child chain, but it gets pruned by default after n blocka, unless the node wants to keep the full history of your child chain on purpose.

51% attacks are reduced because your child chain blocks belong to the main chain. All the nodes are not technically just holding txes for you, but for every child chain.

The weird concept is how centralised this is.. you can't create a child chain unless you ask jerulida, and they create the sidechain for you, and have the nodes start storing your txes. I couldnt find anything about the "how" that works. But thats as far as I'm willing to go.

I suppose it can be done in any blockchain. The security given by that blockchain will apply to the sidechain. My view is the only sensible scheme is proof-of-work. proof-of-stake does already exists. It's the traditional banking.

Would this work with the main chain such as Stellar? Also could this be controlled to the point in which you could gradually move away from the main chain once you gain enough securing power to secure your own network? Like, say design the smart contracts on your front-end platform so that the transactions that go through them are validated with the main chain?

Updated Original Post

I want to point out that sidechain 51% attack is not a problem at the first place. Because it shouldn't be in the consensus of it.
I don't know how Rootstock works. I've just studied truthcoin. It did describe how re-org can happen in sidechain without doing re-org on main chain.

This is how sidechain should work.

1. pow is verified from main chain and re-org is possible if main chain had one
2. There should some pre-defined genesis fingerprint, This is block zero with no transaction in it
3. From there on if next block of main chain contains hash of sidechain block with hash of prevblock, Then verify the validity of block. And accept only if its valid.
4. After that any attempt to attach another block to a that prevblock would fail. even though the created block is invalid.
5. If there exist a main chain block with multiple block of the same sidechain. Accept the one with greater or less than all the others. (hash of it)

That's almost all is needed to not have re-org of sidechain and still all nodes will reach consensus.
Is there any issue in it?


Edit: This is not going to work. And here's the reason.


I realized this is not going to work. re-org on sidechain is also needed. Which essentially it may obsolete merge mine in first place.
The reason is that one can create a block and don't publish the content of it. Then sidechain is dead.

It's crucial to first know what you want to achieve with your sidechain. But most of the time you would like to create a sidechain mainly to preserve some protocol independence from the main chain (e.g. Rootstock, which offers some enhancements to Bitcoin's scripting abilities) and obviously because of the scalability advantage. Otherwise, you could simply use a coloured coin.

If you want both advantages, then you need a mechanism to counter sidechain 51% attacks, like KingZee already wrote.

I'm however not sure if - apart from merged mining - a mechanism like Komodo's "Delayed Proof of Work" could not work with sidechains, too. However, this requires a semi-centralized design with specialized "notary nodes", which may have the same problems and drawbacks of all masternode/DPoS-based systems.

What you could also do is to let the main chain nodes validate the newest blocks of the sidechain without requiring to store or validate them entirely. But in this case you sacrifice some of the scalability and independence advantages. And, obviously, this can only be done if the feature is supported by the main chain protocol.

That's beyond my depth of understanding unfortunately. My own experience with mining (POW anyway, I've done plenty of POS staking which didn't take a single effort other than opening the wallet) is with already dead chains. At any rate, it's more than 2 years since that's proposed. My guess is by now something's been done already similar to it... or with Lightning well in midst of rollout, the motivation behind the post (scaling) is no longer primary?

btw, you're an old hand...

Correct. What i was talking about is re-org within a the sidechain's merge mine without the need to re-org the main chain. Which was described in here.
http://www.truthcoin.info/blog/blind-merged-mining/

Not at all certain about non-Bitcoin sidechains, and not even 100% certain about Bitcoin ones, especially because I'm only "familiar" with Bitcoin sidechains because of Rootstock (and maybe if you consider Counterparty a sidechain?) but KingZee probably summarised it in his first line, you absolutely need to secure it on its own. As a general incentive to do so, normally miners are given option to merge mine the sidechain with Bitcoin.

Oh I see, interesting.

So there really is no way to use the main chain that a side chain would be linked to secure it's transactions? Not at all?

I'm saying re-org structure made by @truthcoin at twitter is not a necessity.

Edit: I'm wrong here