Topic: Cleanup: I'll attack some coins - I owned APEXcoin for 90 blocks (Read 17227 times)

Any result?

Looks like Argon18 has taken his outraged sense of justice somewhere else.

Anyone else worrying about cynicSOBs reward for his work.....don't.
NXT has always been happy to pay up for solid information on exploits, and we're giving cynicSOB a free run on NXT Testnet, which is identical to Mainnet, but a much smaller sandbox environment...and TestNXT instead of the real thing.

Like most NXT projects, we'll talk/argue a lot and finally agree something after a vote or three, and if cynicSOBs work checks out, he'll get bountied.  

WTF apex has to do with Nxt? After Apex attack,  nxt users asked him to demonstrate the attack on Nxt. He has not yet demonstrated the attack, not even on testnet, that has fewer nodes. It's been a month.

so cool! I love it! I will try to find more time to read the topic, but I wish you fun... I hope those under attacks will be able to develop some counter measures, it will make the "game" more interesting... pow next?

Is this any different from the stuff outlined in Kushti's paper? Or is this different?

Anyway, my approach does not rely on heavy computation, and it also has the potential of more than a 200% increase: no asymptotes here.


Regarding the double spend every 30hs, I have given all the technical details (which were never a secret, that's just how POW and POS work), so you'll have to admit it's possible: the only problem is acquiring the forging weight (be it leasing or buying/scamming/stealing/whatever).

edit: well, not the ONLY problem, you have to be able to forge a private chain, calculate the probability of actually double spending and have the ability to make the transaction that you want to reverse, still, it's possible.

All this stuff is not systematized and I, unfortunatelly, don't have links ready.

No, my approach does not require much extra computation.
Could you please point me to some literature on the well-known trade-off? I've read some things about that, but they seemed unpractical. I'd like to know if we're talking about the same thing.

Is there a clear definition of how will "Economic clustering" be implemented? if you have a new consensus algorithm, there will be new strengths and new flaws. I'd rather not go into deeper discussion of something that is still not defined.

So, no incentive to perform this attack at all, other than temporarily centralizing it for the cost of power, or potential motivated destruction?

I suppose the solution toward removing it as a MAD attack vector, would be to introduce a subsidy.

No subsidy in NXT, only fees. So it's not as big of a problem as it would be if there were block rewards that inflated the supply.

They just forge blocks 2 times more often.

Hm, do they obtain 200% of their own stake relative to the network, or is the result a higher net subsidy created overall?

If multiple stakers compete for 200% then the quotient is lowered from 200% to, say, 180%. If all the stakers compete then it's back to 100%.

By its very definition activated "Economic clustering" can't open new attack vectors in technical domain. Socioengineering attacks - yes, political attacks - maybe, but technical ones - unbelievable.

Curious, is the number of computations capped in the network, or potentially infinite as well? Can multiple stakers compete for this 200%?

This is a well-known stake vs computations trade-off. Effective stake asymptotically approaches 200% if burned electricity approaches infinity.

This thread is an example of someone who thinks they understand something a lot more than they actually do

Not (0.2)^10. Look at bitcoin's original paper: if I mine my own private chain the chances are much higher.
20% with 11 confirms gives a probability of 0.1%
So, 1 in 1000.
1000 NXT blocks is about 10hs one double spend every 10 hs
EDIT: 1000 NXT blocks is about 30hs, one double spend every 30 hs

I'm not asking to be paid in advance: we haven't discussed the terms yet (escrow or not? show code to everyone or just devs? etc), I just want to know how much would I get so I can decide if it's worth the effort or not.

There are two different attacks, that might or might not be combined.

1) Double spending with only small % of the supply

This is a private chain attack. This is by design and it applies to all POS implementations.
I've read some people say that NXTs are like simulated POW mining rigs. The analogy works for many situations so think of it like this: coins that are not forging are like mining rigs that are not powered on - useless. So the total network hashrate that I need to beat it not the total supply: it's only the total amount of coins that is actively forging at the specific time of the attack.
Now if NXT coins work like simulated POW miners you can read Satoshi's original Bitcoin paper and see how to calculate the probability of a double spend with only a few % of the network's hashrate. That % of the network's hashrate translates to a % of the actively forging coins (NOT THE TOTAL SUPPLY).
Good news is this can be mitigated by waiting for more confirmations. Bad news is it cannot be really completely fixed. Some say "transparent forging" or "economic clustering" can fix this, but I say they can't because they would open new attack vectors.

I can demonstrate this With 2M testnet (can be leased) or 50M mainnet (can be leased too), but I need to modify the client first.

2) Staking weight inflation

I can exploit how NXT works so I will forge more often than I should. I could make 1M NXT forge as often as 2M should. This might allow a 51% attack with only 25%.
I can demonstrate this against others in testnet: make an account with 206K and have it forge. My 206K account with my secret sauce will forge more blocks in the same time (we should let it run for a few days to make sure there is an edge and it's not just luck). I still need to modify the client first and until I test it in practice I don't know exactly how much will the advantage be. Estimations are that I can double my weight.
This can be fixed, and I would give the code used to attack and the idea on how to fix it.

The desperation is palpable...  

Come on Cynic, prove your theories and let us pay you for them 

Yes!

Welcher = someone who refuses to pay his or her debts after a bet