Topic: [DEAD] Coiledcoin - yet another cryptocurrency, but with OP_EVAL! - page 6. (Read 68090 times)

This idea of considering short forks as valid to prevent "freezing attacks" is interesting. I opened a topic about it, with some elaboration already done, but certainly a lot missing. Here it is: https://bitcointalksearch.org/topic/unfreezable-blockchain-57647

Yeah, that's the problem. It only works so long as whoever's attacking the chain doesn't attempt a double spend. We can still cope with sub-50% double spend attempts by essentially picking the side of the double-spend with the most confirmations (though there's a lot of subtlty in how this must be calculated) and throwing away the other double-spend block and its descendants, but greater-than-51% ones are a huge problem.

How exactly do you deal w/ conflicts.

Chain A says coins transferred from address 123 to address 456.
Chain B says coins transferred from address 123 to address 789.

Where do the coins go?

Forget 51%.  Double spending is as easy as making a duplicate block w/ different transaction.

Interestingly, it looks like there is actually a way of making coins immune from this particular attack that doesn't require any kind of trusted central authorities and can't be used to fork the blockchain. Unfortunately it'd be a huge pain to implement correctly and wouldn't be able to deal with 51% double-spending attacks.

The trick is that there's no inherent reason why the Bitcoin blockchain actually had to be in the form of a chain. Simply add a rule that blocks can merge multiple non-conflicting forks of the blockchain by having multiple parents, calculating its total work as the sum of its work and work done for all its ancestor blocks. That way, it doesn't matter that Eligius is mining faster than the rest of the network because we can use the attacker's work against him - our non-attack versions of the best chain are counted as having the strength of all his work plus all ours, and the only way he can benefit from this effect is if he includes other's blocks and transactions which is what we wanted in the first place!

There's almost certainly some subtle flaw in this and it'd be a nightmare to implement correctly and in a way that couldn't be exploited, but on paper it seems like a clever idea. Don't think I'm going to go through with it though. (There are a whole bunch of subtle details that have to be taken care of. For example, we need to cap how far back a fork that's being merged can come from to block spam, but this limits the power of this scheme against denial-of-service.)

I'm sympathetic to your frustration, but let's please not equate this to violence.

You seem to keep ignoring what I write. I highlighted it again. Before this recent event, I wouldn't imagine that a large portion of miners would be OK with their computing power being used to commit crimes. Now I'm "baffled", indeed.


For the Nth time, this is not one or a few individuals commiting crimes alone. This is one individual commiting crimes with the support of many others. Many random people, since there's no reason to believe pooled mining attracts more criminals than honest people. And lots of this random people simply don't care to be accomplices in crime. That's the true baffling part.


You're shortsighted there. Learn with Fréderic Bastiat, and pay attention to "what we don't see".
What's the direct economic harm of a big armed group declaring "from now on, everybody wanting to provide banking services will have to acquire license X". (which just happens to be an almost impossible to obtain license, unless you're very dear to politicians). Nobody immediately loses anything, just like what happened here. But the lost in opportunity is there, as many new business that could eventually innovate and improve people's life just won't ever be born.
The same situation happens here. A criminal and powerful individual declares: "cryptocurrecies with merged mining simply cannot happen (unless of course you're dear to some pool operator)." A whole branch of possibly innovative solutions will never born. And the saddest part is that such aggression only takes place because lots of random people prefer to do nothing about it.

 Funny, given your over-zealous religious beliefs, I find it hysterically ironic that you decided to play god with your pool's users and stick your fist up their asses to do your illicit bidding.
 
 You are pathetic. Glad I pulled my hashing power off your pool months ago.

The psychological and emotional harm that occurred was the following:
The creater of an altcoin is sad that his altcoin as initially defined was not viable.
Some people who misunderstand what took place and/or are not in possession of the facts are angry.

The first is a fact of life for the altcoin community, I expect it will continue to be so for the foreseeable future.
The second is unavoidable on the internet.

Either add to the list of emotional/psychological harm, or explain why I should be upset by either of it's current entries.

Economic, capital, material harm. If the only harm you can valuate is monetary or physical then we've lost the game already.

:/

You gave me a sad.

The fact that you don't consider merged mining on day zero a flaw, especially in light of recent events is baffling. You really think that you can assume there are no people in the world with large computing resources at their disposal for use in a nefarious manner? Welcome to the internet, I hope you enjoy your stay.

Then again, lots of people have trouble with the concept of what merged mining is. They conflate hashing power with the resultant hashes. They don't understand contract law. They have no idea what is, and what is not valid cryptography. They have no idea what the criminal side of the internet engages in, or what sort of resources are at their disposal. So I guess I shouldn't be surprised that people get the ethics wrong.

Somehow, an act that caused no economic harm to anyone has everyone in a tremendous uproar. We need a picture of a cat and a car analogy to go with it.

That's... non-trivial, and most of the proposed suggestions either require centralization, cause more problems, or both

It's important that different nodes' view of the blockchain converges in a reasonable time, and this is hard - probably even impossible - to guarantee if every node is following different rules about which blockchain they prefer.

They're detectable, even automatically detectable in theory, there's just not an easy way to prevent them.

1) I am suggestion we try a defense other than just have more hashing power.
2) Can't we do something similar but not have it centralized.  Solidcoin chooses his own trusted nodes.  Why can't I choose?
3) Really bad idea, I say.
4) This is avoiding the problem that I suggest we fix.  (It does avoid the other problem, namely, having a pool operator getting coins that should go to the miners.)

Are these attacks detectable?  Are these attacks correctable if detected?  Can it be done semi-autonomously?

Well that assumes it hurt his reputation much which based on his pool's hashing power it didn't.

It also assumes the attacker is going to make the attack public (which Luke didn't have to do).

In the case of botnet or private farm attack nobody would ever know who executed the attack.

I guess I should say direct economic incentive.  It is unlikely a single entity would gain more economic value than they get from destroying Bitcoin.  For example if a single bank decided to kill Bitcoin then all banks would benefit but the bank spending the significant sum is unlikely to benefit by the amount it costs to launch the attack (plus any potential costs if caught).

This doesn't make Bitcoin "immune" but it does significantly raise the bar as an entity would need to be willing to destroy Bitcoin at significant cost and they may never personally reap the benefits of that cost.

For example a bank today likely could kill Bitcoin for $20M investment.  However if BofA spent $20M to kill bitcoin do you think that will produce a gain in revenue for BofA >$20M?  Unlikely.   In the future when Bitcoin is 100x more popular the benefit to BofA might be greater but so is the cost.

There was ABSOLUTELY NO COST to kill CoiledCoin.  If something has no cost to attack it will be attacked.

There is no economic incentive to do so so long as you're primarily invested in Bitcoins. For example, suppose someone really wealthy concluded that Bitcoins were potentially harmful to their wealth elsewhere; it might make economic sense for them to spend a few million dollars destroying Bitcoin.

Since Eligius' miners will freely attack a new chain, I say someone should attempt to include some intelligence in the clients so that this sort of thing can be prevented.  There must be some sort of defense.

It was not based on "everyone being nice", it was based on "not most people being crooks". If a sensible percentage of Eligius miners did not agree in being accomplices of such attack on innocent people, then he would probably have dropped it already. And if at least one other pool operator decided to counter his attack, honest miners could migrate from Eligius to this other pool and even if Luke-Jr decided to attack "no matter what", he would be outnumbered.

Anyway... it was definitely not "everyone has to be nice for it to work".

I was not thinking about economic incentives when I wrote that, it was just a comparison about people personal moral values. You have to be a great scumbag to do one thing or another. Before such event I used to think most people would not be such assholes, but apparently, if Eligius remains with that many miners, I was plain wrong on such assumption. We live indeed in a society of criminals.

If there was an economic incentive to do so pool already would have but no economic incentive exists.

There are roughly 50,000 nodes.  A pool represents one of those.  Thus pools ability to limit data to rest of the nodes is non-existent.  All "satoshi" clients forward transactions to all peers of which they will have at least 8 thus even if a pool could limit what they forward they are only receiving copies.

Potentially you could see pools in the future which offered discounted rates if transactions were sent only to them (i.e. hashing as a service).  

The reality is people do bad things in this world.  If there is an economic incentive you increase the likelihood something bad will happen.  An economic disincentive reduces the likelihood.  51% attack is an economic disincentive however merged mining changes that and developers should keep that in mind.

Ding ding ding. 

51% provides an economic disincentive to use hashing power for "bad".  That doesn't mean someone who doesn't mind destroying millions of dollars can't try but there is no ECONOMIC INCENTIVE to do so.

Starting a crypto-currency w/ merged mining WITHOUT large commitments from miners and pools (i.e. hundreds of GHs) is stupid.
Rushing a launch is stupid (from first post to genesis block was <24 hours).

Combined they created a situation where there was absolutely no economic disincentive.  It was "free" to attack the chain.  Essentially the blockchain's survivial was based on "everyone in the whole world being nice".