Pages:
Author

Topic: MC2: A cryptocurrency based on a hybrid PoW/PoS system - page 44. (Read 195188 times)

member
Activity: 92
Merit: 10
This has the additional advantage of letting the user base gradually become accustomed to the change rather then just instantly turning it on one day out of the blue.

...

I'd also recommend you aim for something like 3 years to reach that wide open band, not a generation hence.

The idea of some scaling in, starting small, of the more complex innovations of NTC, so users can learn about it, make a decision if they want to participate in that, discuss it, weigh it ... a very good idea. And then those that choose to invest in it, and support it, they then know what they are getting into, and can observe more rapidly if it is going to work. I agree.

sr. member
Activity: 826
Merit: 250
CryptoTalk.Org - Get Paid for every Post!
My main suggestion of inflation rate voting is to not wait for some ungodly number of years before it goes into effect.  All cryto-currency is an experiment and a good experiment should yield results as quickly as possible so the findings can used and iterated upon.  Naturally you do not want to immediately open that rate up to volatility during your bootstrapping phase, so instead go with a gradually widening 'band', at first it will be something tiny like 7.99-8.01 so your practically give no flexibility at all, then the band opens wider and wider up to any level you want.  This has the additional advantage of letting the user base gradually become accustomed to the change rather then just instantly turning it on one day out of the blue.

I'd also recommend you aim for something like 3 years to reach that wide open band, not a generation hence.  That's the time-frame we adopted in Freicoin for reaching full monetary base as it will allow us to know if the coin actually works under those conditions, as opposed to BTC which pushes back that date to a day when we are as Keynes said "In the long run all dead".  Don't repeat the mistake of putting major features of the system far into the future ware no one will ever see them, given the rapid pace of software development it's unlikely any coin can survive that long before being supplanted.
member
Activity: 92
Merit: 10
There's should be a formal contest, rather than peppering the thread with random logo ideas.

The logo drafts I'm posting are based upon intense reading of Tacotime's whitepapers, they are so far from being random ... only somebody who has only random knowledge of NTC and it's development might say this. The development of the logo as I am proceeding is based upon my understanding of the logic behind Tacotime's whitepaper. And I do agree, a formal thread for logo ideas should be launched, but we run the risk at this time of diluting a focused approach to the development of the logo, based upon the mechanics of the coin itself.
sr. member
Activity: 406
Merit: 250
The cryptocoin watcher
There's should be a formal contest, rather than peppering the thread with random logo ideas.
member
Activity: 109
Merit: 10
Wow, I was working on a similar design, with the only real difference, was using a SHA3.512-UMAP-blake2b stack on confirmations over 32.  But I scrapped it, when I realized I was way in over my head.  This does look promising, if you can get the miner software to cooperate, as theorized.
member
Activity: 92
Merit: 10


- blue "n" and "c", the color of the ocean which ties all together, global, and blue is a fatherly type of trust color, blue is solid.
- The green "T", a dragonfly doji, an energetic chart component which implies great interest and bullish sentiment.
- the little dots inside the "C" "colour coins" being produced by NTC.
- the copper enclosure, easily seen in the system tray but not too dark, copper, an important coinage metal.
- silver background in interior of coin, litecoin, silver precious metal.
- the "sun" atop the dragonfly doji, the color of the bitcoin logo.

This is a ROUGH DRAFT, and would in a more polished, time consuming task, produce something that looks much more like a "coin".
legendary
Activity: 1484
Merit: 1005
What's going on now?

New PoS system proposed along with a few other modifications; see new whitepaper

I'm going to sleep
legendary
Activity: 1484
Merit: 1005
Quote
Fault tolerance (it's not guaranteed that you will find exactly the same hash) and because if you reject blocks with only one Nay vote you may not invalidate any block you'd like to with only 20%.  10% stake means half the blocks, etc.  You also don't want to invalidate blocks based one one or two MIA signatories, as with 3 signatories the chain still works fine.

You also add a very easy attack vector by unanimous voting requirement, as you only need to DDoS one node per block to control the chain.
No. If you have 20% of tickets, then you will have one or more votes on 1-0.8^5 = 67% of blocks. You can make 2/3 of blocks empty, but the other 1/3 will go through. That is money burning fail, not a credible DDOS. Perhaps you meant something else?

Invalidation of draws that lack unanimity increases PoW attack resistance. By a lot. I will show you the math if it helps. As a comprimise, how about 4 yay's or more, instead of 3 or more? That would still help.

Alternatively, You can also strengthen the system by increasing the number of voters. Say 6 out of 10 instead of 3 out of 5. Again, I will show you the math if this helps. This would not be my first choice, but I think it would be fine.

Anyways, these are still parameter choices. Easily  forked. It is still the core algorithm that matters.  

I'm super sleepy and will risk sounding stupid, but I'm considering that you require unanimous voting to be 5/5 signatories signing, and that 4/5 Yea signatories and 1/5 Nay signatories means a rejection of the previous block.
If you own 20% of the stake tickets, the probability for you getting a stake ticket drawn by the lottery is 1 in 5 (0.20).
All stake ticket lottery selections are independent events,
thus the probability of repealing the previous block is 1.00 (100%) given that a minimum of 1 in 5 signatories signing Nay is required to invalidate the previous block and that the attacker has an average of 1 in 5 tickets per block.

But I welcome elaboration of your formula above, as it's very possible I'm wrong.

Increasing the number of signatories per block increases block bloating of the entire chain by multiplication by a constant, so ideally it should be left as low as possible.  I'm not averse to 7 per block, though

edit: Sorry, I'm confusing expected value with probability
Say 1 is for the malicious attacker M
probability of rolling a 5 sided die five times and never getting 1 (M never included into block) is (4/5)^5 = 0.32768
therefore the probability of rolling a 5 sided die five times and getting at least one 1 (M is included in the block at least once) = 1 - 0.32768 = 0.67232
member
Activity: 98
Merit: 10
Link to the draft version (0.03) of the whitepaper: Download

Notable things about this chain:
- Uses a new approach to secure hashing algorithms for the hash tree of a given block that should increase FPGA/ASIC resistance
- After 27 coin years it employs a system of voting to manipulate the interest rate of the block chain (users act as the central bank and regulate the rate of inflation)
- Difficulty is based on the linear weighted average of the block times for the past 18 days for PoW blocks
- New block reward adjustment algorithm is given that yields an 8% decrease in block reward per year
- Simple PoS design (tried to strip it of as many complexities as possible)
- PoW and PoS systems are designed to happily coexist, with favour slightly given to the PoW system
- PoS system also intended to prevent 51% attacks

Feel free to peer-review/tear it apart.  I will be the first to say that I'm pretty terrible at math, so please correct any mistakes I've made.  I'd love to hear why you think it's a great/terrible idea, though.  Obviously I anticipate there are a lot of problems with it that I couldn't foresee, so please help me out!

Figure 2 also doesn't want to display with the Y-axis title correct, not sure why that is/too tired to fix this (been working on this/thinking about it for almost 11 hours now).

DONATIONS (will be refunded to the address from which they were sent if this doesn't pan out):
BTC: 12HWFAsv1ojTuw5FzoP9T3SnyjZew5hFDL
LTC: Lb8ESE4NW6kcQVb8uqYS3oRumWSj1gGuza

Join us at netcoindev on CryptoCat!

As client names are unverifiable, be sure to never trade currency or items over CryptoCat.

Lead developer
Tacotime
Potential developer list:
TheBigYak
RauBan
CryptoJunky
Nathaniel B
dolfcao
Cheshyr
Luckybit (python)
Daegalus
bnogal
achillez


What's going on now?
newbie
Activity: 28
Merit: 0
As much as i appreciate the back and forth, this is quickly becoming an academic exercise instead of the future of the cryptocoin scene. I suggest a feature freeze is put in place and only major issues be debated.
legendary
Activity: 1050
Merit: 1003
Quote
Fault tolerance (it's not guaranteed that you will find exactly the same hash) and because if you reject blocks with only one Nay vote you may not invalidate any block you'd like to with only 20%.  10% stake means half the blocks, etc.  You also don't want to invalidate blocks based one one or two MIA signatories, as with 3 signatories the chain still works fine.

You also add a very easy attack vector by unanimous voting requirement, as you only need to DDoS one node per block to control the chain.
No. If you have 20% of tickets, then you will have one or more votes on 1-0.8^5 = 67% of blocks. You can make 2/3 of blocks empty, but the other 1/3 will go through. That is money burning fail, not a credible DDOS. Perhaps you meant something else?

Invalidation of draws that lack unanimity increases PoW attack resistance. By a lot. I will show you the math if it helps. As a comprimise, how about 4 yay's or more, instead of 3 or more? That would still help.

Alternatively, You can also strengthen the system by increasing the number of voters. Say 6 out of 10 instead of 3 out of 5. Again, I will show you the math if this helps. This would not be my first choice, but I think it would be fine.

Anyways, these are still parameter choices. Easily  forked. It is still the core algorithm that matters. 
 
Quote
Well, it's equally easy to destroy unclaimed tickets right after the lottery block if you wanted to, for instance if you thought people were hoarding them for a malicious attack.  I guess, really this is the easiest way to do so and may add it into the next draft.

Good idea. This works if you are not requiring unanimity. it accomplishes the same thing. I think you should incorporate it.

Quote
Require more input from economists
I couldn't agree more. I am an economics professor. Please seek out multiple opinions on voting from other economists.
legendary
Activity: 1484
Merit: 1005
- After 27 coin years it employs a system of voting to manipulate the interest rate of the block chain (users act as the central bank and regulate the rate of inflation)
You're assuming that the users of your currency know best what is good for them.
(1) I think this is not true, because complex systems are not easy to understand. Even scientists are struggling when it comes to economics.
(2) Even if you find a fair voting procedure you will suffer from a very democratic dilemma: Why would a majority vote for the interests of a minority, even if the interests of the minority are more existential and deserve protection than those of the majority.

Some people will vote for value stability and adjust inflation to achieve it.
Others would prefer the value of the coin going up and get rich.

I think this should better be decided by design. There is a market for both, so most probably there will be at least two major cryptocurrencies in the future:
One with fixed supply, eventually implementing a minor inflation. This would be cyber-gold. A commodity
One with stabilized value. Optimal for day to day usage. A currency
Well, if you freeze the supply increase at 0% (as with bitcoin) you can problem ensure that the currency will continuously go up in value over time in comparison to inflationary fiat.  I think there needs to be some mechanism for the regulation of long term supply increases, and the easiest way it to allow people to vote based on the PoW or PoS pool that they join.  There will be a lot of politics for such a chain, and I don't necessarily think it's a bad thing.

One thing I'd been considering was allowing for the easy creation of other chains than the main chain, then being able to join and mine these chains too by selecting them from a list in the client, e.g., as you would select a channel in an IRC client.  This could let people play with the parameters as they saw fit.

- New block reward adjustment algorithm is given that yields an 8% decrease in block reward per year
Does that mean that miners will successively live from transaction fees, like in bitcoin? This is important for my next remark.
They will live from both fees and block reward.
I plan to sell about half of the network fees to kickstarter investors for the first five years (I don't think I can get >$50k for development otherwise), but at this time PoW block reward >> fee amounts, if Bitcoin is any indicator.

- PoW and PoS systems are designed to happily coexist, with favour slightly given to the PoW system
If you favour PoW, you sacrifice an achievement of PPC being energy efficiency. Your coin will suffer from a scaling problem due to energy consumption.

Have you thought about using PoB?

As others have stated, PoB still seems like science fiction to me and needs further work.  I don't really think energy efficiency is a massive issue either; for instance, we waste about somewhere less than 137 mW/(cm^2 s) of photons every day when they collide with the earth's surface and do nothing except heat it via atomic absorption and excitation.  Just by making more of the network run on solar energy by increasing investment in solar energy because of increasing demand for energy itself we can increase global energy efficiency, which is something people often fail to consider (the impact of energy demand on finding new, cleaner, less expensive, and more abundant sources of electrons to power things).  Every couple years major breakthroughs are made in solar panel array technology that further increases yield while driving down the price of the panels.
legendary
Activity: 1484
Merit: 1005
New version of the whitepaper is out.  Download from the front page.

Changes:
- New consensus-model PoS system added, old PoS system removed
- Section on Coloured Coins added
- Section on lightweight client added
- Lots of typos fixed

I have not had a chance to read over it yet and fixed typos in the last couple of sections, so forgive me if you find a bunch (they are probably present).

My brain is toast from working on this for almost 10 hours straight, so I'm going to go relax.

BILLIONS OF PEOPLE MESSAGING ME VIA PM -- I HAVE NOT HAD TIME TO REPLY TO MESSAGES BUT WILL GET BACK TO YOU ASAP.  THANKS.

Hello, had to stop posting in these forums to ration my time and brainpower. However, I'm impressed and excited by your paper. I'm believe you can accomplish something here.


COMMENTS:

The ticketing system seems basically solid. I like it.  But ...

1) Let's Review Yay/Nay voting?

If I vote Nay and the block is accepted, then my stake gets used and the reward is confiscated. If I vote Yea and the block is accepted, I get a stake reward.
If I vote Nay and the block is rejected, then my stake gets used and the reward is confiscated. If I vote Yea and the block is rejected, then my stake gets used and the reward is confiscated.

Voting Yay is the dominant strategy. Therefore, why have Yay/Nay voting at all? Why not just require unanimous Yay's or reject the block?
Fault tolerance (it's not guaranteed that you will find exactly the same hash) and because if you reject blocks with only one Nay vote you may not invalidate any block you'd like to with only 20%.  10% stake means half the blocks, etc.  You also don't want to invalidate blocks based one one or two MIA signatories, as with 3 signatories the chain still works fine.

You also add a very easy attack vector by unanimous voting requirement, as you only need to DDoS one node per block to control the chain.

This brings up another important point, though.  As described in the paper the system of ledger hashes only works well if transaction volume is relatively small.  Ideally, you need a system which records the time of all incoming transactions then compares it to the list of transactions in the block, and decides what the probability is that the PoW miner saw precisely those transactions.  For instance, if it saw only one new stake transactions but you saw five, and you saw these all five seconds from each other right after the previous block had been solved, the probability that the PoW miner is manipulating the chain by excluding PoS submission transactions is very high.

Quote
2) Have you have specified what happens when winning ticket holder(s) abstain?

Does this mean no block is mined? That's what should happen I think.
Unredeemed tickets are ignored.  If 3/5 ticket holders vote Yea on the block, the block is considered secure.  If 2/5 ticket holders vote Yea on the block and the others abstain, the block is kept but should not be considered a hard confirmation. Tickets expire after 2^16 blocks unless the ticket is never called upon by the lottery, in which case a brief extension is allowed until the ticket comes up.  However, if the ticket comes up in the lottery and the stakeholder is MIA, the ticket expires after 2^16 blocks.

Quote
3) Ticket extensions

You also do not want afk tickets to accumulate, so the extension thing worries me a bit. Accumulation of afk tickets eventually converges to a breakdown of the blockchain. To avoid this you need to purge afk ticket holders from the voting rolls. Perhaps you plan to have predictable auditing of afk ticket holders via the extension process? That's a good start, but random auditing provides stronger incentives and saves blockchain space. My suggestion is to add one optional signature to each valid block. If you provide it, then the subsequent block gets a PoW difficulty subsidy. If you fail to provide it, the block is still valid, but the afk ticket gets invalidated.  (The difficulty subsidy provides an incentive for PoW miners to recognize his signature if it appears.)
Well, it's equally easy to destroy unclaimed tickets right after the lottery block if you wanted to, for instance if you thought people were hoarding them for a malicious attack.  I guess, really this is the easiest way to do so and may add it into the next draft.

Quote
4) Inflation voting for the distant future
 
PoW voting does not have a precedent and worries me. Why wouldn't PoW voters continuously vote to up the PoW rewards, redistributing all the wealth to themselves. This could be a huge problem.

PoS voting has a precedent in corporations and I am comfortable with it. PoS voters benefit by voting down PoW issuance below the optimal level (market cap maximizing). You are not letting them mess with the PoW/PoS issuance ratio much, so they will do this by voting against inflation. This a very minor issue. PoS voters wouldn't do anything that threatens the currency. Therefore, I think PoS voting will work well even if the incentives are not quite perfect.  

If you mix the two voting types, let PoS voters have a majority of votes (say two-thirds or more).

This is the most controversial aspect of the blockchain and will probably require more input from economists.
I think the assumption that PoS workers wouldn't do anything to threaten the currency is naive; for instance, if a 51% PoS minter doesn't like a pool on the network, they can simply invalidate all the blocks it solves on the network and destroy it without massively affecting the function of the blockchain.

Quote
5) Lightweight blockchain.

http://www.bitfreak.info/files/pp2p-ccmbc-rev1.pdf seemed like a good, well-organized idea. Maybe this could influence your lightweight client in some way. Have no expertise here.

I need to look over that paper some more before I can give some more feedback as to the system it proposes.  The method I proposed should be very fast for both the accession of values and the manipulation of values for the lightweight client.
legendary
Activity: 1050
Merit: 1003

Where is the major difference to PPC then?


With appropriate parameter choices, the propsed design would be much more secure than PPC (even if PoW were given a very low weighting).
member
Activity: 113
Merit: 10
don't sweat the small stuff. The whole thing can be forked with a) very low PoW weighting b) no transition to voting at all c) a different long term inflation target. These are parameters. If this system works you will see copycat forks with other parameter choices.
Where is the major difference to PPC then? (apart from being developed by somebody else, maybe a little more transparent)

The most important issues are the security of the protocol AND the currency's feature set. I'm not saying PoB can't work, but it is a) not as well fleshed out as this idea b) doesn't offer benefits beyond what is obtainable via parameter tweaks.
to a): You're right. But I really would like to see this concept worked out and being implemented
to b): Well, wasting virtual resources (coins) instead of real ones to me is a BIG advantage.
sr. member
Activity: 686
Merit: 250
Vorksholk Coin
https://bitcointalksearch.org/topic/m.2012189
Quote
The coin itself will have a block reward that increases with hashing power. While this doesn't benefit early miners as much as current alt coins, it makes the coin have a more foreseeable e future. While the details are still sketchy, I plan to program the coin to award the square root of the current difficulty times some convenient constant. For example (subject to change a TON), a block when the total network hashrate is 1MH/s would be worth one coin, however a block when the network hashrate is 2MH/s would be worth around 1.41, and a block when the network hashrate is 10MH/s would be right around 3.3. When hash rate gets to 100MH/s, the block reward is 10 coins per block.

The idea is to make coins have some hope of keeping up with increased adoption. A one-to-one ratio of hash power would cause trouble with pump-n-dump, or hyperinflation of the coin. However, increasing block reward as difficulty increases in a non-linear fashion allows the coin to not be so hard for latecomers to adopt, while still giving early adopters their fair share of earnings.

Completely off the current scheme being implemented, just posted it here for a comparison with the current Netcoin approach. Can anybody chart the two models for comparison, in any way?

newbie
Activity: 32
Merit: 0
Looking for a logo design?
How about something like this?

Just throwing ideas out there.

http://anonymouse.org/cgi-bin/anon-www.cgi/http://img19.imageshack.us/img19/3351/netcoins.png

Nice. I like it. I would make the "N" bigger or somehow stand out more. Good job!
When the time comes i will accept netcoin on my shop (DirectVoltage.com)

Bright
legendary
Activity: 1050
Merit: 1003
@brenzi

don't sweat the small stuff. The whole thing can be forked with a) very low PoW weighting b) no transition to voting at all c) a different long term inflation target. These are parameters. If this system works you will see copycat forks with other parameter choices.

The most important issues are the security of the protocol AND the currency's feature set. I'm not saying PoB can't work, but it is a) not as well fleshed out as this idea b) doesn't offer benefits beyond what is obtainable via parameter tweaks.
member
Activity: 113
Merit: 10
- After 27 coin years it employs a system of voting to manipulate the interest rate of the block chain (users act as the central bank and regulate the rate of inflation)
You're assuming that the users of your currency know best what is good for them.
(1) I think this is not true, because complex systems are not easy to understand. Even scientists are struggling when it comes to economics.
(2) Even if you find a fair voting procedure you will suffer from a very democratic dilemma: Why would a majority vote for the interests of a minority, even if the interests of the minority are more existential and deserve protection than those of the majority.

Some people will vote for value stability and adjust inflation to achieve it.
Others would prefer the value of the coin going up and get rich.

I think this should better be decided by design. There is a market for both, so most probably there will be at least two major cryptocurrencies in the future:
One with fixed supply, eventually implementing a minor inflation. This would be cyber-gold. A commodity
One with stabilized value. Optimal for day to day usage. A currency

- New block reward adjustment algorithm is given that yields an 8% decrease in block reward per year
Does that mean that miners will successively live from transaction fees, like in bitcoin? This is important for my next remark.

- PoW and PoS systems are designed to happily coexist, with favour slightly given to the PoW system
If you favour PoW, you sacrifice an achievement of PPC being energy efficiency. Your coin will suffer from a scaling problem due to energy consumption.

Have you thought about using PoB?

Pages:
Jump to: