Pages:
Author

Topic: MC2: A cryptocurrency based on a hybrid PoW/PoS system - page 59. (Read 195188 times)

legendary
Activity: 1484
Merit: 1005
chriswen brought up a problem too with whitepaper as written; I neglected to specify that network time for difficulty adjustment and reward adjustment is based solely on the PoW block height.  I will be sure to add this in in the next draft.
legendary
Activity: 1484
Merit: 1005
A GPU miner will probably be out sooner than later after implementation and release of this (scrypt parameters are tuned for GPU optimization over CPU optimization).
sr. member
Activity: 391
Merit: 250
The one issue I have with focusing on a hashing algo that only requires CPUs is that its open to a lot of abuse my malicious actors. GPU mining discourages CPU botnets from being built, which I think is a major problem.

GPUs allow that nice median, as everyone has access to them, but are unlikely to be targeted by botnets, since some GPUs are insufficient for mining.

That's just my 2 cents. I do mine with GPUs, so I'm biased, but I see them as the nice middle ground between everyone-can-do-it and a coin being ruled by a very small group of people that invest incredible amounts of money into custom hardware.
legendary
Activity: 1484
Merit: 1005
Added a little of potential devs and donation addresses.  If anyone may want to work on this with me, let me know.

TODO: Work out basic skeletons for additional functions that need to be implemented and create bounties for their implementation in a list in the original post.

I will not be around much for the next couple of weeks, but I will try to keep an eye on this thread and answer any questions you may have related to this chain.
legendary
Activity: 1484
Merit: 1005
Naming cryptocurrency 'coins' has bothered me - at least since the alts had a chance of fixing this.

It's the type of http://en.wikipedia.org/wiki/Skeuomorphism that may not make much sense a few years from now. And Skeumorphs are bad in general. Smiley

We should come up with a better suffix than -coin if this is an alt. Perhaps something deriving from "credits", which seems to be what most SciFi authors call future money.

Also, I like the idea here regarding reducing the massive profits of early adopters:
https://bitcointalksearch.org/topic/faircoin-ideas-for-the-fairest-coin-possible-169623

Metacredit sounds kind of neat, I guess.
legendary
Activity: 1484
Merit: 1005
Why not create a tier system that benefits those who have little Hashing power?
With byte coin individuals ave already mined thousands of coins.
Where people with a single GPU and a hash rate of a hundred or so, suffer as they have  under 100 coins even after mining for days.

My idea is that for every additional GPU, your hashing power is reduced more and more with a tax.
What is reduced is actually sent to a community faucet. As time goes on, that tax is reduced more and more as the difficulty increases.
This tax rate is linked to your ip address,in order to stop tax evaders.

This tax also prevents the price of this new coin from imploding on day one, within hours when it first goes to market.

We also need to prevent ASIC bombing some how.
If you have an ASIC,why should we allow you to blow up the difficulty to that of Bit coin, almost over night and ruin this alt-coin?

The problem is there's no real way to determine what someone's hashing power is on the network -- they can just run 10 instances of the miner on a GPU to make it looks like their overall hashrate is lower and that they are 8 miners on a pool.  Solo mining, it's impossible.
legendary
Activity: 1484
Merit: 1005
I really don't understand the rationale behind these hybrid PoS/PoW systems. You can either solve the Byzantine consensus problem with proof of stake, or you can't. In the first case there's no need for wasteful proof of work. In the second case it makes no sense to complicate the design with something that does not add security. It's as if the designers want PoS, haven't quite figure it out how to achieve it, and add PoW for good measure just in case their PoS scheme turns out to be vacuous.

The same can be said about the baroque "polymorphic" hash. If your goal is memory hardness and a small performance opportunity for custom hardware, you should design a scheme specifically tuned for CPU implementation - if such a thing is indeed possible. A hodgepodge of all hashes under the sun while hoping the ASIC designers won't bother to implement them all is security through "copypasting lots of code".
I was really hoping there would be at least one major naysayer in this thread to think about things to improve the chain, but I'm not sure I'm following your argument.

Any solution to the byzantine consensus problem with a hybrid PoW-PoW stake system that further introduces fault-tolerance and enhances network security with no real net increase in computation power should be a better solution, not a worse one (main tradeoff is chain bloat, but I'm sure people find this acceptable).  In MC2 there are two new mechanisms of fault tolerance: (1) Multiple secure hash algorithms (2) The requirement of at least some coins (very large amounts as the chain matures) that are 90 days old in addition to 51% of the network hash rate.  The first addresses any potential failure of SHA2-256, while the second addresses double-spend attacks created by short forks of the chain.  In this way the hybrid PoW-PoS system is a better solution to the byzantine consensus problem as far as I can tell.

There's too much on the CPU that will never be used for encryption schemes for obvious reasons, such as the FPUs.  The same goes for GPUs.  Encryption algorithms need to be totally invertible, so they are forced onto the ALUs.  I'm not going to write my own secure hash algorithm when we already have several viable ones that have been poured over for years by extremely intelligent people -- it's unlikely I'm going to make one that's more secure than the ones already available.

I'm not sure I follow the "copy-pasting" argument either.  Yes, I'm adding more hash algorithms -- but there is no simple way to implement them all together with an ASIC or FPGA without using a massive number of logic units.  You're looking at maybe 35k gates with a scrypt ASIC while this would easily require 100k+ to hit all encryption algorithms.  You can tune one for just one or two of the algos, eg Chacha20-BLAKE512 and Salsa20-BLAKE512, but even attacking with a vector like that gives you 25% of the network if you had some insane amount of them; this is not enough to attack the network with a 51% attack.  Further, you have the design hassle of having to optimize for random values of N within a range of 512-2560, and you also have to do the hard hashes to determine the order and quantities for N-values for the upcoming blocks (requiring a CPU or GPU at some level in the easiest implementation).
sr. member
Activity: 504
Merit: 250
Example: in 2009 in the US debtors (e.g. homeowners) would have outvoted creditors (e.g. bank owners and bondholders) and voted for inflation, transferring wealth from creditors to debtors by reducing the value of debt (being able to pay it back in less-valuable money). Maybe there would be no creditors in the first place since they realized this risk.

Yes, but do they have the stake to influence the vote ? Debitors, by definition, lack money and have little voting power. Banks, unintuitively, only have limited power because it does not make business sense to hold large reserves idle - reserves are obtained from depositors and interest must be paid. Bank depositors don't have the power either since they lost control of the base money by depositing them in a bank, and now hold a piece of paper, a  certificate of deposit that claims the bank will reimburse them with basemoney on demand. The people who have most the power to vote in such a scheme are the ones holding basemoney, coins in cold storage, current accounts, business working with allot of coins cash etc. These people have very little incentive to demand inflation, if anything the voting is pro-cyclical and will choke the money supply exactly when expansion is most necessary, during a recessionary bout.

An acceptable compromise would be a minimal expansion of 3-4% a year (the Friedman k% rule), and if a higher expansion is necessary it can be voted upon. This will insure in the worstcase a moderate stagflation.
member
Activity: 62
Merit: 10
Democracy is the original 51% attack

As you can tell, I'm not a big fan of Tyranny of the Majority. One of the advantages of bitcoin is that it reduces the ability of government/the majority to force its will on others. I don't think we should bring that back to cryptocurrencies.

Example: in 2009 in the US debtors (e.g. homeowners) would have outvoted creditors (e.g. bank owners and bondholders) and voted for inflation, transferring wealth from creditors to debtors by reducing the value of debt (being able to pay it back in less-valuable money). Maybe there would be no creditors in the first place since they realized this risk.
hero member
Activity: 756
Merit: 500
I just skimmed the whitepaper since I don't understand much of it, but I am interested in the inflation and democracy parts of it. Can you explain the inflation part to me in layman's terms?

...the chain should approach a daily amortized inflation rate of approximate 1% (Figure 1; see below) as it reaches coin year 27 or block 6,998,400. At this point, the interest rate stemming for both PoW and PoS rewards become locked in for one coin year and is then controlled by the userbase rather than being hardcoded into the chain itself. Yea or nay votes are given with each block obtained in the block header; at the end of each coin year from block 6,998,400 onwards, the sum of all votes for both PoW and PoS are tallied as yea (1) or nay (-1), summed, and divided by the total number of votes (blocks for this coin year) to yield a elected fraction v. This fraction is then the difference in inflation applied to each work system for the following coin year, with a maximum difference of 1% total.

Is that a 1% annual currency inflation rate? 1% daily would be about 3700%.

Do I understand correctly that the inflation rate can go up or down by one percentage point a year? E.g. from 1% to 2% would be the maximum change in a year?

They're's a graph in the whitepaper showing inflation rates.

Each year the inflation rate decreases by ~8%.  After 27 years the inflation rate will be 1% per year.  After year 27 voting is used to allow you to increase the inflation by up to ±1%.
member
Activity: 62
Merit: 10
I just skimmed the whitepaper since I don't understand much of it, but I am interested in the inflation and democracy parts of it. Can you explain the inflation part to me in layman's terms?

...the chain should approach a daily amortized inflation rate of approximate 1% (Figure 1; see below) as it reaches coin year 27 or block 6,998,400. At this point, the interest rate stemming for both PoW and PoS rewards become locked in for one coin year and is then controlled by the userbase rather than being hardcoded into the chain itself. Yea or nay votes are given with each block obtained in the block header; at the end of each coin year from block 6,998,400 onwards, the sum of all votes for both PoW and PoS are tallied as yea (1) or nay (-1), summed, and divided by the total number of votes (blocks for this coin year) to yield a elected fraction v. This fraction is then the difference in inflation applied to each work system for the following coin year, with a maximum difference of 1% total.

Is that a 1% annual currency inflation rate? 1% daily would be about 3700%.

Do I understand correctly that the inflation rate can go up or down by one percentage point a year? E.g. from 1% to 2% would be the maximum change in a year?
hero member
Activity: 609
Merit: 506
I really don't understand the rationale behind these hybrid PoS/PoW systems. You can either solve the Byzantine consensus problem with proof of stake, or you can't. In the first case there's no need for wasteful proof of work. In the second case it makes no sense to complicate the design with something that does not add security. It's as if the designers want PoS, haven't quite figure it out how to achieve it, and add PoW for good measure just in case their PoS scheme turns out to be vacuous.

The same can be said about the baroque "polymorphic" hash. If your goal is memory hardness and a small performance opportunity for custom hardware, you should design a scheme specifically tuned for CPU implementation - if such a thing is indeed possible. A hodgepodge of all hashes under the sun while hoping the ASIC designers won't bother to implement them all is security through "copypasting lots of code".

This is a great point. I would like to see a 100% PoS system, launched with an IPO instead of through mining. We might learn a bit from this experiment.
full member
Activity: 126
Merit: 100
I quite like 'coin', think of them as digital coins. Each BTC made up of millions of small satoshi digi coins.

I also think the rewards to early adopters are required, else there may be no early adopters
member
Activity: 91
Merit: 10
Naming cryptocurrency 'coins' has bothered me - at least since the alts had a chance of fixing this.

It's the type of http://en.wikipedia.org/wiki/Skeuomorphism that may not make much sense a few years from now. And Skeumorphs are bad in general. Smiley

We should come up with a better suffix than -coin if this is an alt. Perhaps something deriving from "credits", which seems to be what most SciFi authors call future money.

Also, I like the idea here regarding reducing the massive profits of early adopters:
https://bitcointalksearch.org/topic/faircoin-ideas-for-the-fairest-coin-possible-169623
sr. member
Activity: 1344
Merit: 335
#SWGT PRE-SALE IS LIVE
Why not create a tier system that benefits those who have little Hashing power?
With byte coin individuals ave already mined thousands of coins.
Where people with a single GPU and a hash rate of a hundred or so, suffer as they have  under 100 coins even after mining for days.

My idea is that for every additional GPU, your hashing power is reduced more and more with a tax.
What is reduced is actually sent to a community faucet. As time goes on, that tax is reduced more and more as the difficulty increases.
This tax rate is linked to your ip address,in order to stop tax evaders.

This tax also prevents the price of this new coin from imploding on day one, within hours when it first goes to market.


We also need to prevent ASIC bombing some how.
If you have an ASIC,why should we allow you to blow up the difficulty to that of Bit coin, almost over night and ruin this alt-coin?
sr. member
Activity: 504
Merit: 250
I really don't understand the rationale behind these hybrid PoS/PoW systems. You can either solve the Byzantine consensus problem with proof of stake, or you can't. In the first case there's no need for wasteful proof of work. In the second case it makes no sense to complicate the design with something that does not add security. It's as if the designers want PoS, haven't quite figure it out how to achieve it, and add PoW for good measure just in case their PoS scheme turns out to be vacuous.

The same can be said about the baroque "polymorphic" hash. If your goal is memory hardness and a small performance opportunity for custom hardware, you should design a scheme specifically tuned for CPU implementation - if such a thing is indeed possible. A hodgepodge of all hashes under the sun while hoping the ASIC designers won't bother to implement them all is security through "copypasting lots of code".
hero member
Activity: 756
Merit: 500
Okay, so that the first PoS blocks will be mined in 180 days!
full member
Activity: 164
Merit: 100
Great conceptualization and really like the democratization aspect especially! 
legendary
Activity: 1484
Merit: 1005
Just to confirm, the PoS inital block reward is 12.5 would be for block 1.  But since there are no block one stake blocks.  The first PoS block is at...

Okay now I run into another problem.  90 days is 32400 blocks (360 blocks per day).  But, no PoS blocks are generated for the first 90 'days'.  That means that the first PoS blocks won't be generated till 180 days later.  And PoW blocks will have a reward adjustment every 18 earth days.

This is correct.  The first PoS blocks will be less than 12.5 coins and PoW will have a head start.  During this time PoW also disinflates though, so they will both maintain a 50:50 ratio to one another.
hero member
Activity: 756
Merit: 500
Just to confirm, the PoS inital block reward is 12.5 would be for block 1.  But since there are no block one stake blocks.  The first PoS block is at...

Okay now I run into another problem.  90 days is 32400 blocks (360 blocks per day).  But, no PoS blocks are generated for the first 90 'days'.  That means that the first PoS blocks won't be generated till 180 days later.  And PoW blocks will have a reward adjustment every 18 earth days.
Pages:
Jump to: