Pages:
Author

Topic: Qubic - Quorum-Based Coin - page 4. (Read 25286 times)

legendary
Activity: 2142
Merit: 1010
Newbie
October 05, 2012, 03:57:19 AM
#47
Good points. I work hard to complete the code and test my idea in practice, so then we'll see how my "proof-of-bandwidth" works.
legendary
Activity: 1022
Merit: 1033
October 05, 2012, 03:41:04 AM
#46
I wouldn't say it's weird. We used to use CPU-bound proof-of-work, so network-bound one is just not so familiar.

Not just "not so familiar", it has completely different properties.

Your hashing power depends only on what you do. I.e. you need to buy certain hashing device, then pay  for electricity. Costs are well understood, and you get stable hash rate if your hardware works.

But network bandwidth's nature is very different: it, by definition, depends on your interactions with whole network.

Quote
It's impossible to receive and transmit data at faster rate than allowed by a channel throughput.

It isn't enough to buy channel to some peer, as peer might not want to relay your traffic at full channel bandwidth.

Costs depend greatly on who you are:
  • For tier 1 networks bandwidth is usually free, they don't pay for peering. So for them it is about costs of creating channels, after that traffic is essentially free
  • Smaller networks might need to pay for peering, but they can get some free traffic on traffic exchanges and whatnot.
  • Commercial users often pay a lot for bandwidth they use. Unless they can find some wholesale deal. Wholesale bandwidth is much cheaper than regular price you can get from ISP, but you have to commit to some minimum. This is how things like imgur.com and sendbigfiles.com are possible. Just one shitty image on imgur can easily generate 100 GB traffic, but apparently they have fat pipes...
  • Residential user often pay a tiny sum for considerable bandwidth, but it depends on where you live. Essentially, ISPs think that even if you have 50 Mbit/s connection, you'll be using a tiny fraction of it on average. Some ISPs throttle heavy users...

So traffic price might change 1000-fold depending on who you are, where you are and how you're going to use it.

Thus it IS possible to simulate 1000 nodes for costs of just 1 node if you have some sweet deal.

Quote
Just like any computer center/cluster can attempt to attack Bitcoin.

Not really the same: attacking Bitcoin has opportunity/electricity costs. While spare bandwidth is essentially free.

Quote
ISPs have to cooperate each with other, coz in Qubic nodes r supposed to be distributed randomly around the globe.

Have you ever heard about packet spoofing? Your ISP can pretend to be around the globe.  Smiley
You cannot really check where packets come from geographically.

Quote
Attack on Qubic might cost just a couple of bucks. Or billions. It depends on an implementation.

As I said, fundamental cost structure is different.

I think it would be cool to see a protocol where PoW will be augmented with some network-level checks. Essentially, we could isolate asshole miners who block legit transactions, or perform double-spends. I have designed a basic sketch of such implementation, BTW...

But using only "proof-of-bandwidth" seems to be a recipe for disaster: it waste resources just like Bitcoin, but does not provide same security.
legendary
Activity: 2142
Merit: 1010
Newbie
October 05, 2012, 12:24:17 AM
#45
Why not take an approach where every kind of resource is rewarded in it's own way?

There are:
Computing Power (CPUs, FPGAs, GPUs)
Storage Capacity (Harddisks, SSDs, DRAM)
Memory Bandwidth (SRAM, DRAM, SSDs)
Network Capacity (Upload/Download Capacity)
Routing Resources (IPs, Infrastructure)

Currently only Computing Power is rewarded by Bitcoin, although it needs all of those tescources to function. Litecoin for example rewards Memory Bandwidth a litte bit more.
I propse to extend this to every resource which contributes to a functioning network.

Qubic rewards Network but it's just a side-effect of the sybil attack defense.
legendary
Activity: 2142
Merit: 1010
Newbie
October 05, 2012, 12:21:33 AM
#44
should probably repost your conspiracy theory thread on your forum since it got deleted here.

I'm kinda surprised whoever did that did it, it only fuels the fire imo

Aye. I'll do it and send the link to different bitcoin bloggers.
legendary
Activity: 1666
Merit: 1057
Marketing manager - GO MP
October 04, 2012, 05:32:08 PM
#43
Why not take an approach where every kind of resource is rewarded in it's own way?

There are:
Computing Power (CPUs, FPGAs, GPUs)
Storage Capacity (Harddisks, SSDs, DRAM)
Memory Bandwidth (SRAM, DRAM, SSDs)
Network Capacity (Upload/Download Capacity)
Routing Resources (IPs, Infrastructure)

Currently only Computing Power is rewarded by Bitcoin, although it needs all of those tescources to function. Litecoin for example rewards Memory Bandwidth a litte bit more.
I propse to extend this to every resource which contributes to a functioning network.
hero member
Activity: 798
Merit: 1000
October 04, 2012, 04:41:07 PM
#42
should probably repost your conspiracy theory thread on your forum since it got deleted here.

I'm kinda surprised whoever did that did it, it only fuels the fire imo
legendary
Activity: 2142
Merit: 1010
Newbie
October 04, 2012, 07:42:32 AM
#41
"Bringing ancient traditions back" - Brief description why Qubic doesn't require a person to be a tech savvy one to influence on the whole system - http://qubic.boards.net/index.cgi?action=display&board=theconcept&thread=5.
legendary
Activity: 2142
Merit: 1010
Newbie
September 29, 2012, 04:40:59 PM
#40
Very important info about freedom-centric nature of Qubic that could be interesting for true libertarians - http://qubic.boards.net/index.cgi?action=display&board=theconcept&thread=4.
legendary
Activity: 2142
Merit: 1010
Newbie
September 28, 2012, 11:02:30 AM
#39
I posted more info related to defense against sybil attack.

http://qubic.boards.net/index.cgi?action=display&board=theconcept&thread=3
legendary
Activity: 2142
Merit: 1010
Newbie
September 27, 2012, 01:40:56 PM
#38
Replying to 1000 queries per second won't be a problem even for a cheapo box. So I'll emulate 1000 nodes for some time to get reputation and then will attack you.
Right. 1000 queries per second won't be a problem. For legit providers also. Calculate what fraction of reputation will u earn in the network of 1000 nodes that process 1'000'000 queries per second. Can ur node process 1 million queries per second? Yes? Then legit nodes can do it too, so u have to overcome 1'000'000'000 queries per second. Qubic is designed a way that doesn't allow to have 1 provider doing work of 1000 legit providers, u need 1000 computers for that. Is it cheap? Multiply this on weeks u have to remain online, coz if u went offline for long period of time then u'll lose all ur reputation. Btw, that's why u can't use botnets for Sybil attack.
I followed the path of the Great Satoshi. U must have 51% of all resources to hack Qubic. The only noticed difference in defenses of Bitcoin and Qubic is CPU-bound VS network-bound proof-of-work.

As markm said, you just have a weird form of proof-of-work which requires CPU power, network bandwidth and IP addresses. But it doesn't make it stronger, it makes it harder to analyze.

With Bitcoin proof-of-work, miners are incentivized to do hashing as fast as possible, so you get no unexpected hacks.

With your proof-of-work an attacker might find some cheaper way to process queries, get some cheap bandwidth and IP addresses. (For example, he might be an ISP himself.) Other nodes do not have an incentive to do things in an optimal way, so you don't know how much attack costs.
I wouldn't say it's weird. We used to use CPU-bound proof-of-work, so network-bound one is just not so familiar.

It's impossible to receive and transmit data at faster rate than allowed by a channel throughput.

ISP can attempt an attack. If they have spare bandwidth. Just like any computer center/cluster can attempt to attack Bitcoin. ISPs have to cooperate each with other, coz in Qubic nodes r supposed to be distributed randomly around the globe.

Attack on bitcoin is estimate to cost millions of dollars. Attack on qubics might cost thousands of bucks. Or perhaps it would be essentially free for organizations who have access to resources. (Providers always have some spare capacity which isn't used for anything else.)
Attack on Qubic might cost just a couple of bucks. Or billions. It depends on an implementation.
legendary
Activity: 1022
Merit: 1033
September 27, 2012, 01:11:24 PM
#37
To earn reputation u have to respond with actual data (what qubics r valid, what transactions r processed). Qubic has a built-in mechanism that doesn't let the network to sleep when there are no transactions from users of the system. Every second every provider has to receive, process and transmit data at 99+% rate of available resources.

Replying to 1000 queries per second won't be a problem even for a cheapo box. So I'll emulate 1000 nodes for some time to get reputation and then will attack you.

As markm said, you just have a weird form of proof-of-work which requires CPU power, network bandwidth and IP addresses. But it doesn't make it stronger, it makes it harder to analyze.

With Bitcoin proof-of-work, miners are incentivized to do hashing as fast as possible, so you get no unexpected hacks.

With your proof-of-work an attacker might find some cheaper way to process queries, get some cheap bandwidth and IP addresses. (For example, he might be an ISP himself.) Other nodes do not have an incentive to do things in an optimal way, so you don't know how much attack costs.

Attack on bitcoin is estimate to cost millions of dollars. Attack on qubics might cost thousands of bucks. Or perhaps it would be essentially free for organizations who have access to resources. (Providers always have some spare capacity which isn't used for anything else.)
legendary
Activity: 2142
Merit: 1010
Newbie
September 27, 2012, 12:00:41 PM
#36
Will others hear of mine through those and credit me accordingly?
No. If I2P doesn't allow to access inner nodes from outside then this technology can't be used to "mint" qubics. I thought I2P was something like Port Mapping and allowed to connect to computers behind firewall.
legendary
Activity: 2142
Merit: 1010
Newbie
September 27, 2012, 11:56:14 AM
#35
Perhaps I have missed something... What traffic?
To earn reputation u have to respond with actual data (what qubics r valid, what transactions r processed). Qubic has a built-in mechanism that doesn't let the network to sleep when there are no transactions from users of the system. Every second every provider has to receive, process and transmit data at 99+% rate of available resources.
legendary
Activity: 2940
Merit: 1090
September 27, 2012, 11:55:03 AM
#34
Okay, so something like https://provider.knotwork.i2p could be a URI for a provider I run in I2P.

Then only others who run I2P and have set up some kind of system at their end to make .i2p addresses work would be able to connect to my node.

Will others hear of mine through those and credit me accordingly?

(https is kind of redundant over i2p but whatever...)

-MarkM-
legendary
Activity: 2142
Merit: 1010
Newbie
September 27, 2012, 11:51:48 AM
#33
So how will you identify each site? A keypair, like the way I2P sites and Freenet stuff and Tor services etc are identified?

ALso seems like you are pretty close to being back to proof of work, since your only defense it seems is to throw more CPU power and IP addresses (or identities) and bandwidth than any attacker.

That being so, it seems like a very complicated way of blowing just as much energy/expense as bitcoin much less elegantly and very likely much more prone to errors problems bugs etc simply due to all the extraneous complexity.

(How much more cost-effective is bandwidth than CPU? Is a big datacentre more cost-effective than a distributed botnet? Etc etc etc...)

-MarkM-


Each provider is identified by its URI. Right now only "https://" scheme is supported.

Yes, I'm very close to network-bound proof-of-work as bandwidth is intensively used. CPU is used also but not those enormous GHash/s as in Bitcoin, Qubic needs only to check a nonce, not to find it.

Big datacentre is much more cost-effective than a botnet which, likely, unable to earn much reputation or reward.
legendary
Activity: 1022
Merit: 1033
September 27, 2012, 11:42:37 AM
#32
I do not want to base security on IP addresses. I want to base it on a reputation system. And this reputation can't be easily earned during staying online for, like, a month. All these 10^6 nodes have to process and transmit a lot of traffic. This does cost much, very much. Not only traffic, but CPU power as well, coz u can't just set up 1 computer and use 10^6 aliases.

Perhaps I have missed something... What traffic?
legendary
Activity: 2940
Merit: 1090
September 27, 2012, 11:39:40 AM
#31
So how will you identify each site? A keypair, like the way I2P sites and Freenet stuff and Tor services etc are identified?

Also seems like you are pretty close to being back to proof of work, since your only defence it seems is to throw more CPU power and IP addresses (or identities) and bandwidth into it than any attacker.

That being so, it seems like a very complicated way of blowing just as much energy/expense as bitcoin much less elegantly and very likely much more prone to errors problems bugs etc simply due to all the extraneous complexity.

(How much more cost-effective is bandwidth than CPU? Is a big datacentre more cost-effective than a distributed botnet? Etc etc etc...)

-MarkM-
legendary
Activity: 2142
Merit: 1010
Newbie
September 27, 2012, 11:22:32 AM
#30
If you want to base security on IP addresses, it seriously is not going to work. A serious attacker can impersonate practically unlimited number of nodes.

You have a reputation system based on time? Attacker can impersonate, say, 10^6 nodes for, like, a month. And then he will pwn you. It won't cost him much, a couple hundred bucks, maybe.

Yours, however, seem to be based on idea that IP addresses are scarce and costly. Which simply isn't true.

I do not want to base security on IP addresses. I want to base it on a reputation system. And this reputation can't be easily earned during staying online for, like, a month. All these 10^6 nodes have to process and transmit a lot of traffic. This does cost much, very much. Not only traffic, but CPU power as well, coz u can't just set up 1 computer and use 10^6 aliases.
legendary
Activity: 1022
Merit: 1033
September 27, 2012, 11:10:34 AM
#29
Ben Laurie described a quorum system...
I've seen a lot of similar papers on the Internet and have not met any mathematically strong proof that such a system can't work. There is a way to find the solution by proving its in practice. I can fail, but I can succeed.

Mathematically, IPv6 has 2^128 address space. Standard size of subnet is 2^64. You can register /56 net for free from Freenet6: http://www.gogo6.com/freenet6/tunnelbroker

It has 2^(128-56) = 2^72 addresses.

If you want to base security on IP addresses, it seriously is not going to work. A serious attacker can impersonate practically unlimited number of nodes.

You have a reputation system based on time? Attacker can impersonate, say, 10^6 nodes for, like, a month. And then he will pwn you. It won't cost him much, a couple hundred bucks, maybe.

Ben Laurie's design is based on explicit trust: providers are organizations, officially registered by government, and they'll check each other's existence and trustworthiness. Sybil attacks are practically impossible in this way.

Fully decentralized alternative to that is Ripple-like designs. They are based on explicit trust (i.e. among people who know each other), but global trust is not required since you route payments among trusted individuals.

So there are designs which are theoretically sound.

Yours, however, seem to be based on idea that IP addresses are scarce and costly. Which simply isn't true.
legendary
Activity: 2142
Merit: 1010
Newbie
September 27, 2012, 11:03:10 AM
#28
As its a jetty app will people be able to put it into their I2P "eepsite" so it runs over I2P? This saves them all the problems of having a known IP address, opening a port in their router and so on, plus of course provides anonymity...

-MarkM-

Yes. It should work via I2P "eepsite". Never tryed this technology but according to its description everything should be ok.
Pages:
Jump to: