Topic: Network Redundancy (Read 2985 times)

A full node just verifies and shovels blocks.  We have a few thousand full nodes (and need more!).  The whole point of bitcoin's Proof-Of-Work scheme is that data is cheap to verify, but expensive to produce.

A miner is different from a full node.

I was thinking about the ways of reducing the cost of running a full node. The only solutions I could think of also reduced the hashing power.

For example, if we could split the network into two clusters and each of those clusters had 50% of the hashing power, would they have enough to remain safe?

At what point should the clusters be split or merged?

I see your point. As I said above, the incentive to disrupt the network depends on how disruptive the network is to the establishment. At the same time, network security (in terms of total mining investment) also increases as the Bitcoin economy grows, and presumably becomes more disruptive for potential attackers. Historically, smart people - those in the establishment included - are more likely to embrace disruptive yet promising technologies than to try to supress them.
Therefore, I don't think we should try to spend time quantifying the factors you brought up. If Bitcoin is truly useful, it will continue to grow strong. Another important question is - what would you do with the "network security index" (or whatever we call it), even if we managed to define it and calculate it? What if you felt it was too low? 

@niko. So how much money does a potential attacker have available to them? How many times stronger is the network than it needs to be?

To get an idea about what it takes to build a house, I don't need to compare it to building a yacht. I'd say a useful metric is money in that case, and doubly so in case of Bitcoin. Ten to fifty million USD to outcompete honest miners. One of great things about Bitcoin is that the price of a "51%" disruption is directly related to the size of Bitcoin economy, which in turn is related to the level,  of disruption it causes to old-school banks and governments.

Therefore, I am only concerned as much as these old-school entities are forward-thinking. Even then, 51% attack would really not be that big of a deal. While payments may be temporarilly disrupted, coins would remain safe.

I'm not going to respond to this right now because (a) I don't think it is really a problem (b) it has been discussed extensively elsewhere and most importantly (c) Gmaxwell is being deliberately dishonest. Gmaxwell claims that "none of my proposals have addressed this". Of course, this is false. This is not the first time he has spread such false claims. He cannot support his false claims and he knows this.

I made one other proposal. It was on the wiki until a couple days ago when I replaced it. It had been there, unedited, since I created the wiki.

Recall the rule I proposed:

To make this more secure against periodic double-spends, you can have two block types, A and B, each with their own difficulty target. For A, p=0.2. For B, p=0.8.
The blocks are mined in a deterministic sequence: ABABABAB.... [note: this is an elaboration I introduced later]

Okay Gmaxwell. Explain how your issue occurs in the above system. Otherwise, admit to being a shameless liar. If you want to have a real discussion, don't start off with a shameless lie.

If someone else is interested in this issue, then feel free to post in the thread on my proposal: https://bitcointalksearch.org/topic/new-posproof-of-activity-proposal-127314
If you don't start off with slander, then I will respond in detail.

I agree that the best estimate of expected future price is current price, but I think BTC price will go up in the case it doesn't go to zero (or very low) because the project fails for some reason.  So the current price takes into account the possibility of failure. Absence of failure over a prolonged period provides reassurance, and should have positive impact on price.



That would be completely true if the objective was to steal BTC value, but in case of rival companies, the expected gain is the retention of current profits, so it would not have a linear correlation with BTC value.

The market's best estimate of expected future price is current price. Exchange rates could go up or down. However, the effects of exchange rate movements on attack probability are ambiguous.
There are two elements: 1) How much does it cost to attack? 2) What is the expected gain from attacking?
The exchange rate would increase both simultaneously.

as per Garvin tought, I think a 51% attack is not that treatening to bitcoin.. Some legislation against BTC could be more damaging IMO !

If those numbers are a good estimate, then that is disturbing....
Why do you think these costs would fall over time?  Because of the block halving?  I would think you have to take exchange rates into account as well. If BTCs go up in value, then difficulty will rise as well.

How can I become someone running a full node that accepts incoming connections ?

Any info about the bandwith used (average) for running a full node accepting incoming would also be appreciated

I've the satoshi client running 24/7, I guess it is not enought !

Thanks in advance for help !

If paypal or visa fees threatened by bitcoin, then they can purchase BFL. They can then 1) Sell BFL equipment to recoup the company's purchase price and then 2) Conduct a 51% attack expropriating mining rights from their customers. Realistic attack costs are currently less than US$500,000. These costs will fall over time.

It might be harder to determine, but it is more informative than comparing to a certain supercomputer I think.  With sufficient funds, a bigger supercomputer can allways be built, so it makes more sense to start from the money. 

The question then becomes, for whom would it be profitable to attack the bitcoin system (so who is hurt by bitcoin, by how much, and how does this compare to the costs for attacking bitcoin, and this for various timepoints as bitcoin grows).

It doesn't mater if you want to measure it in dollars or terraFLOPS. To get the relative strength you still need to compare it to something. In this case we would have to ask, what is the maximum amount of money a single entity is prepared to spend in order to attack the network. This might be a harder value to determine.

I think you ask an important question Yogi, but I agree with Niko's approach.  Looking at it in dollar terms makes more sense and will remain correct in the future.

Thanks for the calculations, Niko, I was looking for something similar.
10-50 million is a lot of money for small-timers, but if paypal or visa or... would feel really threatened by bitcoin, it seems to me that they could quite easily spend this kind of money.
Not sure just how devastating a 51% attack would be to the bitcoin project though.  Would it be lights out, or just a (big) bump in the road?

Also, how easy would it be to perform a 51% attack anonymously?  Would it be possible to pinpoint the origin of the attack, and follow the money to the culprit?  I have absolutely no idea about these things .  

The point I am trying to make here is that we can't say anything about the relative computational strength of the bitcoin network unless we have something to compare it to.

If you know a better value to key off, then please tell me.

That page is pretty embarrassing.   There is absolutely no mention of the fundamental flaw in PoS consensus which none of your proposals have addressed:  As of yet none of the proof of stake proposals are workable because there is nothing at stake!   If someone is PoS mining it is in their best interest to attempt to concurrently build an honest chain as well as all possible attack forks just in case one of them happens to win.  Under most schemes this is the profit maximizing move, in all I've seen so far its at least neutral.  Mining an attack under PoW actually involves _spending_ something and taking the risk other miners will extend it. PoW works because your work is at stake so even a very small amount of honest miners make mercenary rational miners behave honestly too.

Moreover, I don't see why you argue here that it better aligns incentives. Parties can't mine PoW without having a validating node (or face the extreme risk other miners will toss them off on forks).  All it does is redistribute control, which might be useful— if not for the fact that it makes attacking more attractive for selfish participants.   I was hopeful of these techniques but as of yet I don't see how any can be workable.

As I explained above, your concept of redundancy is based on an arbitrarily chosen value of "external power". Therefore, it is not a a particularly useful measure of anything.

I am not suggesting a 51% attack is the greatest threat to bitcoin, quite the opposite in fact. A redundancy of 29 is overly redundant a wasteful. I would sleep well at night if it only had a redundancy of 8.

What do you think a good level of redundancy would be?

What redundancy give us is a means of judging relative computational capacity. You could use redundancy to judge the relative growth or contraction of computation strength over time without having to cancel out the effect of Moors Law.

How close are we to a low level network attack, and how are you calculating that?


@hazek. Why have you moved this post to mining? It's about judging bitcoins relative computational strength not mining.

I have been running a full node, and will continue to do so. I don't need any monetary incentive, and obviously I am not alone.

Oh, why not introduce some incentives to encourage running a full node then? If not, then won't the number of full nodes just continue to decrease as the blockchain grows?

Could you comment on the incentives to maintain full nodes described here: https://en.bitcoin.it/wiki/Proof_of_Stake

I would appreciate more feedback.

You should worry about BFL, not about some supercomputer somewhere. No we are not safe from BFL (unless their claims are complete scams).

this * 1000

No need to speculate about "external capacity" of the attacker. Assuming most of miners are somewhat rational, they have some reasonable expectations for their ROI period. Let's be optimistic and say two years. This amounts to 105,192 blocks mined. With the reward of BTC25 per block, mining investment would not be more than BTC2.6M - currently worth just over USD 31M.

Alternatively, today's typical price of mining power is about 1 USD per Mhash/s. The network total is 25 Thash/s, meaning total investment of at least USD 25M. Add to this the cost of power, and we are even closer to the estimate above. It is safe to say that the total mining investment is somewhere between 10 and 50 million USD. This is the real measure of the security that miners provide, and this is what it takes to stage a >50% disruption.  It is irrelevant if CPUs, GPUs, FPGAs, or ASICs are involved - whatever the best available technology is, it is available to both honest miners and (imaginary) attackers. If bitcoin value goes up, mining investment will increase, and vice versa - it has been shown many times that difficulty follows price (especially when corrected for the technological leaps in terms efficiency). Mining power should be measured in dollars, not hashes per second.

The real question is - what would be the incentive for anyone to spend tens of millions of dollars to temporarily disrupt the network? They could just mine and make money.

The peer-to-peer network is more vulnerable to low level network attack, than the ever-discussed 51% hashing attack.

You can help, by running a full node that accepts incoming connections.

It's pretty much impossible to know what the smallest we could be without an attack being attempted is, but bigger does make coins more valuable all else equal since an attack is less likely. Also there is the other purpose of mining which is to get coins distributed initially, total power doesn't really tell you that but I would think that high power correlates with more miners to some extent.

Is the bitcoin network dangerously under powered and on the verge of being subjected to a 51% attack?

Or is it overly redundant and could afford to have the hash rate drop to a fraction of it current value and still be secure?

My instincts tell me we are safe, but where are the numbers?

Hash rate alone doesn't help us because we do not know the potential hash rate of an attacker to compare it to. The problem is determining the greatest amount of processing power that is in the hands of one single external entity.

Currently, although I may be wrong, the most powerful computational machine external to bitcoin and controlled by a single entity is the Livermore’s Sequoia supercomputer at Lawrence Livermore National Laboratory which puts out 10.5 petaFLOPS.

According to BitcoinWatch, the equivalent rate of petaFLOPS for the bitcoin network is 307.94. Now I know your going to moan about comparing flops and hashes but we have no choice here.
 
If we stipulate that the computational power wielded by the largest know potential attacker is always equal to a redundancy of 1, then we can say the bitcoin network currently has redundancy of just over 29.

redundancy = bitcoin capacity / max know external capacity
29.32 = 307.94 / 10.5

Or to put it another way, an attacker would require more than 29 times the processing power than that know to be controlled by a single external entity in order to have more than 50% of the network processing power.

Although this gauge is not perfect, as it ignores unknown entity's and pools, it does at lest provide a benchmark.

Thoughts?