DECENTRALIZED crypto currency (including Bitcoin) is a delusion (any solutions?) - page 27.

spartacusrex

hero member

Activity: 718

Merit: 545

Quote from: monsterer on February 26, 2016, 08:29:19 AM

Quote from: spartacusrex on February 26, 2016, 08:07:49 AM

The simplest check, ask someone who is connected to the network already.

If you have never connected before, and don't know anyone who is on the network, then it's more complicated.. Tongue

(although you could say that downloading the software is a risk in itself - is it legit or hacked, and any legit version would include some checkpoints)

And if I have a majority of fake nodes broadcasting my fake chain to those who wish to sync, the chances of asking my fake node is greater than 50%, isn't it?

Sure, but again, this only applies to someone who has never connected before and who doesn't know anyone on the network AND who has downloaded a version of the software that has no valid checkpoints in it.

Quote from: monsterer on February 26, 2016, 08:29:19 AM

The point about checkpoints is that when your protocol depends upon them for security purposes, you might as well just throw the whole thing in the bin and use a 100% centralised service, which will be exactly as secure and a lot faster, cheaper and easier to use.

Bit harsh.. There are many other benefits to a decentralised system, that 'needing-one-32-byte-checkpoint-at-first-logon' doesn't screw up.

monsterer

legendary

Activity: 1008

Merit: 1007

Quote from: spartacusrex on February 26, 2016, 08:07:49 AM

The simplest check, ask someone who is connected to the network already.

If you have never connected before, and don't know anyone who is on the network, then it's more complicated.. Tongue

(although you could say that downloading the software is a risk in itself - is it legit or hacked, and any legit version would include some checkpoints)

And if I have a majority of fake nodes broadcasting my fake chain to those who wish to sync, the chances of asking my fake node is greater than 50%, isn't it?

The point about checkpoints is that when your protocol depends upon them for security purposes, you might as well just throw the whole thing in the bin and use a 100% centralised service, which will be exactly as secure and a lot faster, cheaper and easier to use.

spartacusrex

hero member

Activity: 718

Merit: 545

Quote from: monsterer on February 26, 2016, 04:17:13 AM

You can arbitrarily re-write history in PoS with <50%; I can produce a valid candidate chain longer than the canonical chain for a constant cost, which I then present to nodes which are syncing with the network who are unable to distinguish this objectively from the canonical chain.

edit: Since the cost of providing such information is very small, I can dominate the network with peers containing instances of my fake chain such that any syncing node querying peers at random would find a majority of my fake nodes.

Can you elaborate on how you can do that ?

You can tell how much stake is used in creating a POS chain.

If you have less than 50% of the total coins, but more than 50% of the staking coins (the ones used for mining), ok. Rewrite away.

If you have less than 50% of the staking coins, then how is your chain going to show it is more valid than a chain that has more POS stake involved ?

Also, any node that has already connected to the network, can distinguish an attack chain, by checking for a block hash checkpoint, that it knows from previous connections to the network. Even if the attacker has more than 50% of the staking coins.

This attack would apply to those who have never connected before. And in that case, some checks would be required.

The simplest check, ask someone who is connected to the network already.

If you have never connected before, and don't know anyone who is on the network, then it's more complicated.. Tongue

(although you could say that downloading the software is a risk in itself - is it legit or hacked, and any legit version would include some checkpoints)

..

POS has it's pros and cons, for sure.

hv_

legendary

Activity: 2534

Merit: 1055

Clean Code and Scale

Quote from: monsterer on February 26, 2016, 04:17:13 AM

Quote from: hv_ on February 26, 2016, 04:10:51 AM

Quote from: monsterer on February 26, 2016, 03:40:24 AM

@TPTB_need_war another way to think about why PoS isn't as secure as PoW in general:

PoS does not reinforce historical consensus. Every subsequent block in a PoW chain makes the history below it more secure because the cost of reversing it is superlinear in the number of blocks built on top. In PoS, this is not the case, the cost of producing a block is a constant, therefore the cost of reversing history is a constant.

so with a 51% + selfish mining attack you would be able to unwind all hist tx in PoS? (with minor costs)

You can arbitrarily re-write history in PoS with <50%; I can produce a valid candidate chain longer than the canonical chain for a constant cost, whcih I then present to nodes which are syncing with the network who are unable to distinguish this objectively from the canonical chain.

edit: Since the cost of providing such information is very small, I can dominate the network with peers containing instances of my fake chain such that any syncing node querying peers at random would find a majority of my fake nodes.

Again - this is killing! Nobody wants to argue against ? - So PoS is PoS(hit) = high risk = don't trust ?

hv_

legendary

Activity: 2534

Merit: 1055

Clean Code and Scale

Quote from: Kettler on February 26, 2016, 05:33:30 AM

Quote from: monsterer on February 26, 2016, 04:35:11 AM

Quote from: hv_ on February 26, 2016, 04:32:30 AM

Thanks - in principle I knew - but I'd like to have a really rigid statment from others as well:

If big banks, corps and all those PWCs, Deloittes, R3s,.... would just do tiny risk Analysis (and I fear that's where they're strong) of that above, would they invest in PoS ( they do not control) ?

Conjecture: banks are only interested in blockchains to replace their internal, expensive, legacy settlement systems. They have no interest in anything public or risky - they want total control.

Will there be one block chain used by all the banks or several banks will share one block chain and incompatible to others?

Who knows ? I strongly believe that a first and much more simpler solution is in a (bank - wide-) shared DB / hyper ledger thingy.

Kettler

newbie

Activity: 31

Merit: 0

Quote from: monsterer on February 26, 2016, 04:35:11 AM

Quote from: hv_ on February 26, 2016, 04:32:30 AM

Thanks - in principle I knew - but I'd like to have a really rigid statment from others as well:

If big banks, corps and all those PWCs, Deloittes, R3s,.... would just do tiny risk Analysis (and I fear that's where they're strong) of that above, would they invest in PoS ( they do not control) ?

Conjecture: banks are only interested in blockchains to replace their internal, expensive, legacy settlement systems. They have no interest in anything public or risky - they want total control.

Will there be one block chain used by all the banks or several banks will share one block chain and incompatible to others?

hv_

legendary

Activity: 2534

Merit: 1055

Clean Code and Scale

Quote from: monsterer on February 26, 2016, 04:35:11 AM

Quote from: hv_ on February 26, 2016, 04:32:30 AM

Thanks - in principle I knew - but I'd like to have a really rigid statment from others as well:

If big banks, corps and all those PWCs, Deloittes, R3s,.... would just do tiny risk Analysis (and I fear that's where they're strong) of that above, would they invest in PoS ( they do not control) ?

Conjecture: banks are only interested in blockchains to replace their internal, expensive, legacy settlement systems. They have no interest in anything public or risky - they want total control.

Not quite. Banks would like to see e.g. all their OTCs build into smart contracts....

Further: Would you trust some Slockit-Hotel ? Some self-employed car ... ?

monsterer

legendary

Activity: 1008

Merit: 1007

Quote from: hv_ on February 26, 2016, 04:32:30 AM

Thanks - in principle I knew - but I'd like to have a really rigid statment from others as well:

If big banks, corps and all those PWCs, Deloittes, R3s,.... would just do tiny risk Analysis (and I fear that's where they're strong) of that above, would they invest in PoS ( they do not control) ?

Conjecture: banks are only interested in blockchains to replace their internal, expensive, legacy settlement systems. They have no interest in anything public or risky - they want total control.

hv_

legendary

Activity: 2534

Merit: 1055

Clean Code and Scale

Quote from: monsterer on February 26, 2016, 04:17:13 AM

Quote from: hv_ on February 26, 2016, 04:10:51 AM

Quote from: monsterer on February 26, 2016, 03:40:24 AM

@TPTB_need_war another way to think about why PoS isn't as secure as PoW in general:

PoS does not reinforce historical consensus. Every subsequent block in a PoW chain makes the history below it more secure because the cost of reversing it is superlinear in the number of blocks built on top. In PoS, this is not the case, the cost of producing a block is a constant, therefore the cost of reversing history is a constant.

so with a 51% + selfish mining attack you would be able to unwind all hist tx in PoS? (with minor costs)

You can arbitrarily re-write history in PoS with <50%; I can produce a valid candidate chain longer than the canonical chain for a constant cost, whcih I then present to nodes which are syncing with the network who are unable to distinguish this objectively from the canonical chain.

edit: Since the cost of providing such information is very small, I can dominate the network with peers containing instances of my fake chain such that any syncing node querying peers at random would find a majority of my fake nodes.

Thanks - in principle I knew - but I'd like to have a really rigid statment from others as well:

If big banks, corps and all those PWCs, Deloittes, R3s,.... would just do tiny risk Analysis (and I fear that's where they're strong) of that above, would they invest in PoS ( they do not control) ?

monsterer

legendary

Activity: 1008

Merit: 1007

Quote from: hv_ on February 26, 2016, 04:10:51 AM

Quote from: monsterer on February 26, 2016, 03:40:24 AM

@TPTB_need_war another way to think about why PoS isn't as secure as PoW in general:

PoS does not reinforce historical consensus. Every subsequent block in a PoW chain makes the history below it more secure because the cost of reversing it is superlinear in the number of blocks built on top. In PoS, this is not the case, the cost of producing a block is a constant, therefore the cost of reversing history is a constant.

so with a 51% + selfish mining attack you would be able to unwind all hist tx in PoS? (with minor costs)

You can arbitrarily re-write history in PoS with <50%; I can produce a valid candidate chain longer than the canonical chain for a constant cost, whcih I then present to nodes which are syncing with the network who are unable to distinguish this objectively from the canonical chain.

edit: Since the cost of providing such information is very small, I can dominate the network with peers containing instances of my fake chain such that any syncing node querying peers at random would find a majority of my fake nodes.

hv_

legendary

Activity: 2534

Merit: 1055

Clean Code and Scale

Quote from: monsterer on February 26, 2016, 03:40:24 AM

@TPTB_need_war another way to think about why PoS isn't as secure as PoW in general:

PoS does not reinforce historical consensus. Every subsequent block in a PoW chain makes the history below it more secure because the cost of reversing it is superlinear in the number of blocks built on top. In PoS, this is not the case, the cost of producing a block is a constant, therefore the cost of reversing history is a constant.

so with a 51% + selfish mining attack you would be able to unwind all hist tx in PoS? (with minor costs)

monsterer

legendary

Activity: 1008

Merit: 1007

Another way to think about why PoS isn't as secure as PoW in general:

PoS does not reinforce historical consensus. Every subsequent block in a PoW chain makes the history below it more secure because the cost of reversing it is superlinear in the number of blocks built on top. In PoS, this is not the case, the cost of producing a block is a constant, therefore the cost of reversing history is a constant.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

TPTB_need_war

sr. member

Activity: 420

Merit: 262

brekyrself, wrong thread. I answered you:

https://bitcointalksearch.org/topic/m.14012825

brekyrself

hero member

Activity: 547

Merit: 502

TPTB_need_war:

You mentioned a few times about obscuring your IP address for true anonymity with crypto blockchains. What are your thoughts on the latest direction for bitcoin core 0.12.0. Tor seems like such a mixed bag depending on what your trying to accomplish.

"Automatically use Tor hidden services

Starting with Tor version 0.2.7.1 it is possible, through Tor’s control socket API, to create and destroy ‘ephemeral’ hidden services programmatically. Bitcoin Core has been updated to make use of this.

This means that if Tor is running (and proper authorization is available), Bitcoin Core automatically creates a hidden service to listen on, without manual configuration. Bitcoin Core will also use Tor automatically to connect to other .onion nodes if the control socket can be successfully opened. This will positively affect the number of available .onion nodes and their usage.

This new feature is enabled by default if Bitcoin Core is listening, and a connection to Tor can be made. It can be configured with the -listenonion, -torcontrol and -torpassword settings. To show verbose debugging information, pass -debug=tor."

TPTB_need_war

sr. member

Activity: 420

Merit: 262

sidhujag

legendary

Activity: 2044

Merit: 1005

Quote from: TPTB_need_war on February 24, 2016, 06:46:07 PM

Quote from: sidhujag on February 24, 2016, 06:44:36 PM

Quote from: TPTB_need_war on February 24, 2016, 06:43:23 PM

Quote from: sidhujag on February 24, 2016, 06:42:43 PM

A blockchain with unbounded entropy? doesn't sound very deterministic to me.

You were talking about society. Roll Eyes

Sorry please pay attention to what I write so I don't have to repeat myself

I did. You wrote about society. I will not reply again to you. You are now on ignore idiot.

Nope, re-read. Not sure how you can mis-interpret "therefor you must act in benefit of the entire network (team) to have the most efficient and effective system" in this context, "idiot"

TPTB_need_war

sr. member

Activity: 420

Merit: 262