Topic: EOS - Asynchronous Smart Contract Platform - (Dan Larimer of Bitshares/Steem) - page 158. (Read 189738 times)

Grrr (to myself). Remembering some post but I can’t find it. It’s a nerdy form of the dog eating the car keys.

Ditto now on a research paper about trading off safety for liveness which I wanted to add to our discussion. I know I wrote a link to it some where, but even my writings are so voluminous I doubt I can find it if I do not remember the title.


By disagreeing on the consensus. They could double-spend transactions or refuse to acknowledge blocks. Requires a vote (or some centralized power) to remove the faulty block producers, but there is even a threshold where the voters can not objectively determine which ones are at fault. This is Byzantine agreement.

The entire point is that in an asynchronous setting, there must be adherence to the liveness and consensus thresholds, else nothing at all is objectively observable.

Perhaps it would fork or stall in chaos or the strongest centralized power would take control (if there is one that is much stronger than the rest). Also afaik DPoS is not a formal Byzantine agreement protocol and there’s just an assumption of trust and correct synchronous ordering of block production, but afaik no actual protocol mechanism between the block producers to enforce it? I have never seen a formal specification of the DPoS protocol that block producers follow. IOHK’s provably correct Ouroboros’ PoS protocol can be delegated, so DPoS could be changed to that to get a more formal result and then from there we could analyse the dependencies that are just undeclared and adhoc in DPoS.

There is an Issues thread some where on Github where we delved into this last year and even Dan came in there. But I don’t remember where that thread is. Perhaps it was in Cosmos’ issue tracker.

The problem is that n00bs have no comprehension of this. They see Steemit and think “wow it works!”.

Have not deleted any comments. Don't remember whether it was PM of posted.


Fair enough, the comment earlier suggested that it was (at least initially).


I don't know how block producers can attack each other. They don't need to be directly connected to each other. Unlike Dash masternodes they don't need to have any fixed or public location or IP address, just some mechanism to deliver their signed blocks. As far as non-network means, I don't rule that out and in fact find it reasonably likely.


Token sale is ongoing daily for several more months. I don't know how much has been raised but I'd guess well over $200 million. Wasn't the first chunk alone $200 million? Maybe buying from themselves is a valid point too. Its all very non-transparent, but probably a lot.

Personally I hope it crashes and burns, so there are many pissed off investors complaining to securities regulators in their nations. To punish so perhaps our ecosystem might become more focused on real technological and business model innovation.

Unfortunately (or fortunately if you’re one of the bag holders) it probably will not. FOMO is a powerful psychological and economic phenomenon.

Had they raised $10 million, I would be much less vocal. Maybe said nothing in that case. Give the benefit of the doubt about what Dan might do with $10 million to make an important breakthrough. But $200 million is … not justifiable (if they did in fact raise that much, might just be buying from themselves).

Well a more open-minded viewpoint is that the free market destroys the capital of those who misallocate it. So perhaps it is all meant to be. It is the process. See ya…

Interesting point below about how it is not due to stupidity but rather selfishness/avarice that drives us away from valiant pack behavior towards self-destructive flock behavior:

My friend has some EOS, such a bad investment, just keeps going down and down. Luckily he didn't put much into it but still a waste.

You’re notorious (at least with me) for that pigeon comment which dates back to (2014?) discussions of offchain versus Cryptonote onchain anonymity. Recently I had tried to find your original comment but I could not. Did you delete it? Or was it in a private message only?

Now your upgrading the technology of your metaphorical pigeons.  


You’re still arguing the network access attack on block producers, which is not my point.

My economic point remains that the block producers will attack each other or be attacked by non-network-access means if ever a DPoS chain reaches $1 trillion mcap which I pointed out in my prior post. Actually @r0ach was the first person to make that prediction in 2015 or 2016 afair.



(Note I finished editing my prior comment.)


Somebody is upset that Dan has been combing his hair forward to cover up his receding hairline.

(I have nothing against Dan personally, just the $200 million token sale and the lack of focus on technology first)

I qualified it as "fast" pigeons. Genetic engineering will help.

The point being there just needs to be some means of communication and it is a lot harder for someone to cut off all of those than to, for example, go after the the web UI.

Clearly Vitalik is wrong about Steem not being worth attacking. There have been several attacks including the DDoS against the web layer, spam attacks (which revealed some flaws in the bandwidth allocation, which were fixed), the key-stealing vulnerability in the JavaScript and I think a few others.

Attackers will go after the most vulnerable portions first. Attacking the block producers is way down on the list, and I continue to believe that block producers have very strong defenses, such as changing apparent network location regularly.

@XbladeX I don't know why people are attacking it, but they are.

Such DDOS have cost - probably there is no sence for anyone to attack steem... there is no ads  revenue that they take from any bigger company like youtube.
Sure there is some trafic but this is not big deal that is why noone realy wants to attack it.
What will attacker gain ? hmm... Does steem have any competitrs ? I don't see anything in crypto there are some centralized platforms but steem is far away from thread to them.
EOS may be : ) if it will grow as platform attackes will have motivation to hit it and pump its coin to get at that lvl you need to be 1:1 with ETH market share then some people will
focus on EOS and try to attack that network.
Do you see that BTC / BCH attack with EDA ? You need competitor to hit and then you stirke here can be same but EOS need higer weight to deal with it.

Okay thanks for the clarification. Note I had been editing that part while you were writing, so it is good to see I was just misinterpreting your intent and we are on the roughly the same page w.r.t. to that narrow point (not all my comments).

I’m happy that I do not have to conclude that @smooth lost his objectivity, because now I know you did not. I was feeling queasy (as if I had entered The Twilight Zone) if you have gone to the darkside of money over truth.

EDIT: but as of yet no one has shown how to design a permissionless consensus system that does not end up necessarily centralized unless it remains highly inflationary (specifically this research link).

---

I did not write anything otherwise! I said the perimeter keeps the IP addresses of the block producers secret. You’re going in circles in your argumentation.

You seem to think I was implying the block producers/generators could be attacked directly but I never wrote that.

My point is that the (webserving portion of some portion of the) P2P perimeter went down. And it ostensibly did. I consider that part of the blockchain system, from the perspective of the “bringing it to the masses goal”.

I also made the separate point that the block producing nodes and the secrecy of their connections to the others (surely not pigeons if we want fast transactions) can be threatened as the economic value of the system grows.

Also there is the point that the delegate block producers operating independently (i.e. so they do not need to connect to many other nodes) is only possible because as Vitalik pointed out, there is no verifiable objectivity in the consensus. It is all trust based shit. Which means indistinguishable from attack when the block producers start fighting each other one day.

Really DPoS is all about obfuscating what it really is. We might as well just ask Visa to provide servers and be done with it. Why obfuscate it what it really is in the end game? (Oh so we can shill some FOMO bags to n00bs)

Permissionless, decentralized, scalable consensus algorithms are an extremely difficult problem to solve. Vitalik and separately myself (and others) have been working on this problem nonstop for the past years. DPoS is a very simplistic way to cut corners and not actually solve the problem at all.

DPoS was an expedient semi-centralized solution for scaling and proving a use case like Steem. For that reason, I supported it. But then when that same centralized ledger technology is repackaged and resold in a $200+ million “no rights token” sale, I realized there is no intention of actually solving the most difficult and fundamental technological problems. They presumably have enough money already and in my ethics they could have spent that first on research before entering the market to take more money from n00bs.

I wanted to see that money from Steem go to a solid technological research effort. It’s a shame that so much resources are being presumably squandered on who knows what. All I see is he realized there was all this n00b ETH for the taking. Speculation focus, not technology focus. Turns me off. And ditto on the user adoption marketing and business model development as well. Instead of focusing on that hard work, appears to me the focus is on selling FOMO bags.

You're overgeneralizing. I'm responding to your narrow point about the DPoS being down. That didn't happen, which isn't even to say that it can't happen, but it hasn't yet (except as I noted earlier by bugs in the first few months of deployment).

I'm pretty skeptical about Steem/it (or EOS) ever becoming a decentralized permissionless system. It's at best semi-centralized in practice certainly and by design to some extent too.


No, they do not have to be contactable. They only need to be connected in some manner to the p2p network. That can be through a combination of known and unknown nodes. It could be by passively listening to a broadcast signal and transmitting their signed blocks by (fast) carrier pigeon. The asymmetry favors the defender here because an attacker has to cut off all communication (and to effectively attack the  network has to do this to most of the block producers), the defender only needs to maintain some minimum communication. Even then if the node is completely cut off, the defender can switch to a completely different node. I don't see the resulting whack a mole as a serious threat, more of an annoyance.

Obviously not from the standard JS served from Steemit.com and Busy.org as evident by what happened today.

Maybe other UI does, I dunno.


They have to be public for users to access them. I am not thinking about my own private network which would be pointless.

We’re talking about scaling out to the masses, not how I can hide my own full nodes for my own private usage. You seem to be entirely missing the point.


No I am not. I clearly made the distinction between the block producing/generating nodes and the perimeter nodes around them.


If more than 50% are taken down then the consensus is ambiguous. But the entire trust model of DPoS is non-objectively verifiable as Vitalik explained.

Byzantine agreement has a liveness threshold and if it is not met, then the result is indistinguishable from an attack.

The liveness threshold is normally 33%, and a 50% threshold reduces either the safety and/or the fault tolerance, or introduce centralization trust.

The only other way to avoid liveness thresholds is eventual, probabilistic consistency (e.g. proof-of-work and my upcoming design which is something new):


Block producers have to take incoming data from the outside thus they must be contactable from the outside. The whale controlled perimeter keeps the IP addresses of the block producers secret.



The problem then is the web serving is not a sufficiently diversified P2P network as I stated. Indeed P2P networks are more resilient, but do note the footnote in my prior post. When IPv6 comes, the IP throttling that protects most P2P networks will be useless (not the long-term connection between themselves but the new connections from the outside from users).



You’re entirely missing the point. It is an economic point, not a traffic volume nor network-access-attack point. I already explained in my prior post about whale-dependency economics/vulnerabilities. Steem is what a $200 million market cap? If it became a $100 billion market cap, then the economic incentives to attack whales in numerous ways such as lawsuits, nation-state regulators, assassins, etc..

I’m very shocked that you as a former supporter of permissionless, proof-of-work, have apparently become hoodwinked and think that (necessarily permissioned) Byzantine agreement is adequate. Must be the lucrative sneakymine that changed your technological mind? Or am I just misinterpreting what you wrote?

They can. I'm pretty sure I've seen some of the UI that allowed the user to choose it or enter their own.


Well if you make a popular client that does that, then the attackers will simply attack those full nodes as well. As I said, the only distinction between nodes which are webservers and those which are not, is a matter of choice of the designers of Steemit, busy.org, etc...