Pages:
Author

Topic: MC2: A cryptocurrency based on a hybrid PoW/PoS system - page 39. (Read 195184 times)

newbie
Activity: 54
Merit: 0
When it comes around time to finally release this, I would like, for once, for there to be a 48 hour announcement period BEFORE the clients are released.

Same here. I want some notice so that I can get my miner set up before the action commences. This coin looks like it could be around for the long haul, and I'd love for my early-adopter investment to pay off.

Client (along with a CPU and GPU miner) will be encrypted by scrypt and packaged with a program to decrypt it long before the actual release.  A time will then be given for mining to begin.  At this time, you get the password, and everyone gets to mine at the same time.  Depending on the interest expressed, the starting difficulty will be set at around 2000-6000 7970's worth of power for 2 minute/block target time.  Multiple pools are also planned to be available at launch.

If you could do one more thing, get this coin ready on an exchange site before launch, I think that would help the coin tremendously because it prevents people from getting scammed.

Just my two cents.
full member
Activity: 224
Merit: 100
So the software can have a wide release without the first-10-people-to-download-profit-handsomely drama. If the code was available in advance, people would start mining right away. Although this raises the potential threat level that tacotime is fooling everyone and putting in a wallet stealer for every *coin out there for everyone greedy enough to just run the binaries at launch. I'd say that probability is pretty low, but it would be hilarious.



Hahahaha - I can HEAR his voice saying "Ah ah ah!"
member
Activity: 69
Merit: 10
Not sure I understand the utility of encrypting the miner/client, but that overall plan sounds great. Very fair release. I can assume Windows users will be included; someone else was asking about this, so I just wanted to clarify.

So the software can have a wide release without the first-10-people-to-download-profit-handsomely drama. If the code was available in advance, people would start mining right away. Although this raises the potential threat level that tacotime is fooling everyone and putting in a wallet stealer for every *coin out there for everyone greedy enough to just run the binaries at launch. I'd say that probability is pretty low, but it would be hilarious.

Yeah, I know why it's being encrypted, I just I forgot you can mine solo, I'm so used to mining through a pool. I was thinking that unless he gave out the password for a mining pool, no one could mine Netcoin. It's been a long day, apparently... Roll Eyes
member
Activity: 92
Merit: 10
Client (along with a CPU and GPU miner) will be encrypted by scrypt and packaged with a program to decrypt it long before the actual release.  A time will then be given for mining to begin.  At this time, you get the password, and everyone gets to mine at the same time.  Depending on the interest expressed, the starting difficulty will be set at around 2000-6000 7970's worth of power for 2 minute/block target time.  Multiple pools are also planned to be available at launch.

This in itself would make for a very novel approach and launch on a level playing field. It would be interesting to see the counter and keep up with how many people had downloaded the client before mining launch. Mining is a competitive sphere of Crypto and I think this would be well received.
legendary
Activity: 1484
Merit: 1005
So the software can have a wide release without the first-10-people-to-download-profit-handsomely drama. If the code was available in advance, people would start mining right away. Although this raises the potential threat level that tacotime is fooling everyone and putting in a wallet stealer for every *coin out there for everyone greedy enough to just run the binaries at launch. I'd say that probability is pretty low, but it would be hilarious.

hero member
Activity: 798
Merit: 1000
Not sure I understand the utility of encrypting the miner/client, but that overall plan sounds great. Very fair release. I can assume Windows users will be included; someone else was asking about this, so I just wanted to clarify.

So the software can have a wide release without the first-10-people-to-download-profit-handsomely drama. If the code was available in advance, people would start mining right away. Although this raises the potential threat level that tacotime is fooling everyone and putting in a wallet stealer for every *coin out there for everyone greedy enough to just run the binaries at launch. I'd say that probability is pretty low, but it would be hilarious.
member
Activity: 69
Merit: 10
When it comes around time to finally release this, I would like, for once, for there to be a 48 hour announcement period BEFORE the clients are released.

Same here. I want some notice so that I can get my miner set up before the action commences. This coin looks like it could be around for the long haul, and I'd love for my early-adopter investment to pay off.

Client (along with a CPU and GPU miner) will be encrypted by scrypt and packaged with a program to decrypt it long before the actual release.  A time will then be given for mining to begin.  At this time, you get the password, and everyone gets to mine at the same time.  Depending on the interest expressed, the starting difficulty will be set at around 2000-6000 7970's worth of power for 2 minute/block target time.  Multiple pools are also planned to be available at launch.

Not sure I understand the utility of encrypting the miner/client, but that overall plan sounds great. Very fair release. I can assume Windows users will be included; someone else was asking about this, so I just wanted to clarify.
legendary
Activity: 1484
Merit: 1005
Mayhaps, we have two good options :

1) Don't use PoW in cryptocoin at all.
2) Use PoW scheme maximally ASIC-friendly,
   with cheapest ASIC we can build for
  in our garages.
-------------------
All other options will lead to
 future disaster(s). Huh

You can also always just merge mine with say, LiteCoin.  Then you have all the security of the Litecoin network with no extra hash power being expended.
hero member
Activity: 768
Merit: 1000
When it comes around time to finally release this, I would like, for once, for there to be a 48 hour announcement period BEFORE the clients are released.

Same here. I want some notice so that I can get my miner set up before the action commences. This coin looks like it could be around for the long haul, and I'd love for my early-adopter investment to pay off.

Client (along with a CPU and GPU miner) will be encrypted by scrypt and packaged with a program to decrypt it long before the actual release.  A time will then be given for mining to begin.  At this time, you get the password, and everyone gets to mine at the same time.  Depending on the interest expressed, the starting difficulty will be set at around 2000-6000 7970's worth of power for 2 minute/block target time.  Multiple pools are also planned to be available at launch.

Please take in people who use windows too, having the option of get binaries. I've been trying constantly to compile by myself on windows with the guides and i have no luck doing it.
legendary
Activity: 1484
Merit: 1005
When it comes around time to finally release this, I would like, for once, for there to be a 48 hour announcement period BEFORE the clients are released.

Same here. I want some notice so that I can get my miner set up before the action commences. This coin looks like it could be around for the long haul, and I'd love for my early-adopter investment to pay off.

Client (along with a CPU and GPU miner) will be encrypted by scrypt and packaged with a program to decrypt it long before the actual release.  A time will then be given for mining to begin.  At this time, you get the password, and everyone gets to mine at the same time.  Depending on the interest expressed, the starting difficulty will be set at around 2000-6000 7970's worth of power for 2 minute/block target time.  Multiple pools are also planned to be available at launch.
member
Activity: 69
Merit: 10
When it comes around time to finally release this, I would like, for once, for there to be a 48 hour announcement period BEFORE the clients are released.

Same here. I want some notice so that I can get my miner set up before the action commences. This coin looks like it could be around for the long haul, and I'd love for my early-adopter investment to pay off.
hero member
Activity: 798
Merit: 1000
‘Try to be nice’
ASICs are always possible. What matters is their cost.
But if you want your currency to succeed, you should take into account that eventually ASICs will be viable.
And at that point they will so expensive that the mining power will become really centralized.

Now though bitcoin asics are more expensive than GPUs they are not very costly to produce and eventually they will flood the market bringing back the balance. But the more coin is ASIC-resistant, the less likely is the fair distribution of ASICs.

That's my point.

then i think you are missing a point - Can sally make an ASIC at home?

no she can not - but ATI can make very high speed Ram , mass produce it manufacture it and ship it at increasingly cheaper prices.

and that's them not trying , not focusing on a specific aspect, or market , say , oh , like Cryptocurrency.

let say it's not ATI lets say it's another start up - that makes a gpu specific device  increasing the efficiency lowering thier cost and shipping at or around the same price or lower than GPU systems.

whats that if it's not a virtual "ASIC" type system for the consumer ?

Bitcoin was premined, totally ASIC happy , its a party so the equilibrium "all CIA conspiracy aside" of motive is to hold ASICS and mine with them , also I'd say small sovereigns are in on the act by now. , that's hardly a "free Market"  i think we all agree BTC is doomed.  as soon as i start seeing it on the "TV" that will lock it in for me.

having said that full respect to the creator its the ultimate experiment and its started all this so in that respect everyone deserves the reward.  but it won't last.
legendary
Activity: 1050
Merit: 1003
But the way to mitigate the attack is similar to what you described (I'm not sure why you described it as the square root of the difficulties?), but just assign a blockchain score of:
block=1{summation}block=n of  (PoW Difficulty in Block 1 * (PoS Difficulty in Block 1)^-1) + ... + (PoW Difficulty in Block n * (PoS Difficulty in Block n)^-1)
Huh I don't get this. This is the weight for the total blockchain right?

PoS difficulty is the price of a ticket in terms of % of total coins available. The price is adjusted to sell a constant # of tickets. If the PoS Difficulty is low (tickets are cheap), then only a small fraction of total coins are participating in the lottery. The chain should be penalized for this. Your formula rewards the attacker for lowering PoS Difficulty, making the problem worse not better.

Again I suggest you use:
  
block=1{summation}block=n of  (PoW Difficulty in Block 1)^0.5 * (PoS Difficulty in Block 1)^0.5 + ... + (PoW Difficulty in Block n)^0.5 * (PoS Difficulty in Block n)^0.5

Quote
The only time you can get absolute certainty that a double spend can succeed is with 51% PoW and 51% PoS.  But you suspect there is a flaw in this logic...
Nothing to lose sleep over. Even though your logic is flawed, it does not reflect a fundamental flaw in your design. One chain will always be either better, equal to, or worse than another chain. The algorithm evaluates proof chains to decide this.

One group's chain controls a fraction x PoW and a fraction y PoS. The other group then has corresponding fractions 1-x PoW and 1-y PoS. The groups use their resources to construct long proof chains. Let f be a function evaluating the proof in a chain constructed using a PoW and PoS pair over a long time span. Of course PoW outcomes are random, but let's just ignore that to keep things simple.

We must have f (x, y) > f (1-x, 1-y) or f (x, y) = f (1-x, 1-y) or f (x, y) < f (1-x, 1-y). That is the first group wins, it is a tie, or the first group loses. The winning group gets complete control over which txns enter PoW blocks. The losing group becomes completely irrelevant.

f (x, y) = f (1-x, 1-y) describes a boundary on 0 <=x <=1 and 0 <=y <=1. If one group (good or bad) is on this boundary and adds on just a little bit of hashing power or a little bit of stake, then this group wins.

Bitcoin uses the boundary x = 0.5
My ideal boundary is y = 0.5   (that's what you approach as the number of signatories per block increases)

Your boundary needs to simulated because of the two difficulties.

But if we ignore that (only matters over long intervals anyway) and make an additional assumption, we can calculate it.

Here's the assumption:

You are including invalidated empty blocks in the block chain. If these empty blocks contribute to proof just like normal blocks, a 51% PoW attacker can select the winning chain, even with 0% stake. This makes PoS close to pointless. To avoid this, I'm going to assume that the empty blocks do not contribute to proof at all.

Then:

A PoW block contributes to proof iff it has at least 3 stake votes.
Proof Creation Rate = (Rate at Which Group Creates PoW Blocks) * (Probability Group Controls 3, 4, or 5 Stake Votes)

Probability Group Controls 3, 4, or 5 Stake Votes is a binomial distribution with Pr (X>=3) for a binomial distribution with parameters n=5 and p=y for group 1 and p=1-y for group 2. http://en.wikipedia.org/wiki/Binomial_distribution

Pr (X>=3) = Pr (X=3)+Pr(X=4)+Pr(X=5)= 10y³(1-y)²+5y⁴(1-y)+y⁵ for group 1

Rate at which Group 1 creates PoW blocks is x*(total hash rate of both groups / PoW difficulty).
So we have,
Group 1 Proof Creation Rate = f(x,y) = (10y³(1-y)²+5y⁴(1-y)+y⁵) * (x) * (total hash rate of both groups / PoW difficulty)
Group 2 Proof Creation Rate = f(1-x,1-y) = (10(1-y)³(y)²+5(1-y)⁴(y)+(1-y)⁵) * (1-x) * (total hash rate of both groups / PoW difficulty)
The two groups are tied if
(10y³(1-y)²+5y⁴(1-y)+y⁵) * (x) * (total hash rate of both groups / PoW difficulty) = (10(1-y)³(y)²+5(1-y)⁴(y)+(1-y)⁵) * (1-x) * (total hash rate of both groups / PoW difficulty)

Solving for x gives us the boundary

x = -6y⁵+15y⁴-10y³+1 on 0<=y<=1  

In table form:

x                y

1           0
0.99144   0.1
0.94208   0.2
0.83692   0.3
0.68256   0.4
0.5           0.5
0.31744   0.6
0.16308   0.7
0.05792   0.8
0.00856   0.9
0           1

So yes, you probably weren't aware that you could win with 90% stake and 0.9% work. But why is that a problem?
sr. member
Activity: 266
Merit: 251
When it comes around time to finally release this, I would like, for once, for there to be a 48 hour announcement period BEFORE the clients are released.
hero member
Activity: 798
Merit: 1000
If you absolutely must do proof of work, for example to control the currency price like in Eltase's design, then a simple scheme for which ASICs are easy to make or already exists (like bitcoin PoW) is much better from an economic standpoint.

Hey now, my coin proposes to avoid proof of work as much as possible, that's not exactly the same thing as "absolutely must do proof of work." It is ASIC-resistant because there is little profit to be had from mining, and the sunk cost of a GPU will have far more opportunity than resources completely wasted on developing an ASIC. Of course it opens up the possibility of coin creation difficulty being attacked more easily by ASICs when the network is small which would encourage one not to use a hashing algorithm that already has ASICs made for it.
legendary
Activity: 1386
Merit: 1009
ASICs are always possible. What matters is their cost.
But if you want your currency to succeed, you should take into account that eventually ASICs will be viable.
And at that point they will so expensive that the mining power will become really centralized.

Now though bitcoin asics are more expensive than GPUs they are not very costly to produce and eventually they will flood the market bringing back the balance. But the more coin is ASIC-resistant, the less likely is the fair distribution of ASICs.

That's my point.
newbie
Activity: 56
Merit: 0
But maybe one can come up to chaotic hash,
which will be provably impossible to
implement in ASIC/FPGA !?



If you don't use them all with maximum efficiency, then a stripped down CPU or GPU optimized for the specific features you use will have a better performance at the same density/power/price point. In practice it's unlikely you hit even less than one order of magnitude gap between a software version on a generic CPU and custom software on a custom ASIC.

So I'm not sure I understand the appeal of ASIC resistance. The most you can achieve is to make the ASIC design very expensive. This will hold ASICs at bay for a few years, but if the currency is successful and the mining market is large then an ASIC will eventually be designed. When someone does it, it's game over, he controls the mining market. A huge entry barrier will dissuade other competitors to do the same because the potential benefit is lower.



wait a minute i might have it completely fuck arse backwards but i don't think that you are thinking outside the box here, (or forest and trees etc etc) .

yes there is a point , becasue if  X user has access to the same or = devices at the same cost as MR ASIC , then that is a general equalization effect.
 
So what I'm saying is -  the problem with an ASIC is its exclusiveness , centralized and not distributed.

if for example , someone could mash together a bunch of PC CPU's and get a better result then that would still be a 100% improvement on where the current situation is RE SHA-256.

becasue if MR "for sale at market RRP price" John can go into business selling X accessible mashed together CPU design, but Silly Sally Long legs can equally go and buy similar product as a similar price and do the same thing then that's still a market.

ASIC' S are a Monopoly all markets will destroy all monopolies in the end. Bitcoin's love will be short lived in fact remember these word from myself

- as the "great rotation" occurs if ASIC's don't start shipping hard and fast ,soon BTC is totally doomed. finished.


**
if i have what you said completely wrong just slap me,  because i see there you said that the gap would not be closed? if  you could expand on that it might be clearer .

You are so absolutely correct.
hero member
Activity: 798
Merit: 1000
‘Try to be nice’
But maybe one can come up to chaotic hash,
which will be provably impossible to
implement in ASIC/FPGA !?



If you don't use them all with maximum efficiency, then a stripped down CPU or GPU optimized for the specific features you use will have a better performance at the same density/power/price point. In practice it's unlikely you hit even less than one order of magnitude gap between a software version on a generic CPU and custom software on a custom ASIC.

So I'm not sure I understand the appeal of ASIC resistance. The most you can achieve is to make the ASIC design very expensive. This will hold ASICs at bay for a few years, but if the currency is successful and the mining market is large then an ASIC will eventually be designed. When someone does it, it's game over, he controls the mining market. A huge entry barrier will dissuade other competitors to do the same because the potential benefit is lower.



wait a minute i might have it completely fuck arse backwards but i don't think that you are thinking outside the box here, (or forest and trees etc etc) .

yes there is a point , becasue if  X user has access to the same or = devices at the same cost as MR ASIC , then that is a general equalization effect.
 
So what I'm saying is -  the problem with an ASIC is its exclusiveness , centralized and not distributed.

if for example , someone could mash together a bunch of PC CPU's and get a better result then that would still be a 100% improvement on where the current situation is RE SHA-256.

becasue if MR "for sale at market RRP price" John can go into business selling X accessible mashed together CPU design, but Silly Sally Long legs can equally go and buy similar product as a similar price and do the same thing then that's still a market.

ASIC' S are a Monopoly all markets will destroy all monopolies in the end. Bitcoin's love will be short lived in fact remember these word from myself

- as the "great rotation" occurs if ASIC's don't start shipping hard and fast ,soon BTC is totally doomed. finished.


**
if i have what you said completely wrong just slap me,  because i see there you said that the gap would not be closed? if  you could expand on that it might be clearer .
newbie
Activity: 12
Merit: 0
But maybe one can come up to chaotic hash,
which will be provably impossible to
implement in ASIC/FPGA !?

So I'm not sure I understand the appeal of ASIC resistance. The most you can achieve is to make the ASIC design very expensive.

The greater the ASIC resistance the more expensive the production of the ASIC will be. What can be at least tried is to make it as expensive as possible to produce the ASICs, while taking care that the code can still maintain network performance. Maintaining network performance and making it as hard as possible for attackers to try and take control of the network, even as the market capitalization reaches the greatest heights, is the objective.
newbie
Activity: 56
Merit: 0
But maybe one can come up to chaotic hash,
which will be provably impossible to
implement in ASIC/FPGA !?

This goal is provably impossible in itself. The CPU/GPU is an ASIC. The best you can hope for is that your hash schedule explores ALL the features of the CPU at MAXIMUM efficiency, making an identical CPU the only possible ASIC design. All the features: FPU, MMX/SSE2, memory segmentation and virtualization, all of the cache, branch predictors, debug and JTAG registers and the myriad other tiny atavisms that make a modern CPU work.

If you don't use them all with maximum efficiency, then a stripped down CPU or GPU optimized for the specific features you use will have a better performance at the same density/power/price point. In practice it's unlikely you hit even less than one order of magnitude gap between a software version on a generic CPU and custom software on a custom ASIC.

So I'm not sure I understand the appeal of ASIC resistance. The best you can hope for is to make the ASIC design very expensive. This will hold ASICs at bay for a few years, but if the currency is successful and the mining market is large then an ASIC will eventually be designed. When someone does it, it's game over, he controls the mining market. A huge entry barrier will dissuade other competitors to do the same because the potential benefit is lower.

If you absolutely must do proof of work, for example to control the currency price like in Eltase's design, then a simple scheme for which ASICs are easy to make or already exists (like bitcoin PoW) is much better from an economic standpoint.


Dear God in heaven, someone who has a damn clue.
Pages:
Jump to: