Pages:
Author

Topic: [PPC] [PROPOSAL] PPCoin Online Stake Safety (Read 10043 times)

legendary
Activity: 2632
Merit: 1023
if I get this right you are formulating a way to aggregate individual person coins, into a large amount (on one address?/location) but each person can pull their coins at any time without hindrance, and thus maximize security and minting?

Also is there a good thread about minting?
legendary
Activity: 1050
Merit: 1003
Sunny, I like the idea a lot.

Cold-locking could help prevent theft unrelated to PoS mining as well. I describe one approach in the link.

http://www.netcoin.io/wiki/Theft_Protection_through_Reversibility_and_Failsafe_Accounts

legendary
Activity: 1064
Merit: 1002
Great idea. You continue to amaze me Smiley
sr. member
Activity: 354
Merit: 250
Quote from: calian link=topic=194054.msg2373861#msg2373861
However if the economic incentive exists (people wanting to get the last marginal scrap of interest without having to keep their program up to date all the time) then I think it can be assumed PoS pools will develop in some form or other.

In todays PPC version you would have to trust a PoS pool with all you coins. This might not be a big barrier when crypto reaches wide adoption and trustworthy companies are established. Still I don't see why PPC protocol should ease pooling.

In today's PPC you put your own coins at risk to generate stake on your own machine (private keys are unlocked on an online machine for significant stretches of time). Sunny's proposal in this thread is about allow stake minting without taking that risk by using separate high and low risk keys. Once low risk keys exist it isn't much of a stretch to see handing them off to a trusted third party to manage on one's behalf. Were you watching bitcoin when the recent fork (and successful double spend happened?). It was 3am here but if I had been mining through a pool my machine would have been directed at the correct chain within 11 blocks of the fork. This may or may not have happened if I were asleep and mining solo. There are advantages to "professional" pool ops provided we can figure out how to avoid the security downsides.
member
Activity: 113
Merit: 10
Quote from: calian link=topic=194054.msg2373861#msg2373861
However if the economic incentive exists (people wanting to get the last marginal scrap of interest without having to keep their program up to date all the time) then I think it can be assumed PoS pools will develop in some form or other.

In todays PPC version you would have to trust a PoS pool with all you coins. This might not be a big barrier when crypto reaches wide adoption and trustworthy companies are established. Still I don't see why PPC protocol should ease pooling.
sr. member
Activity: 354
Merit: 250
And even worse: A pool could perform a 51% attack without risking own money ( a key argument for PoS in the first place)

Could it though? It seems like it would have to be both a PoS and PoW pool to be able to get away with that. Since PoW is already pooled perhaps we should be careful about making PoS pools doable. However if the economic incentive exists (people wanting to get the last marginal scrap of interest without having to keep their program up to date all the time) then I think it can be assumed PoS pools will develop in some form or other.
member
Activity: 113
Merit: 10
This is a key piece of the puzzle. There needs to be provision for the outsourcing of this to third-party "stake miners" who will pay you a certain portion of your stake rewards in exchange for being custodians of your stake generation capability without actually having access to your offline cold storage keys. Obviously if you transfer your coins they wouldn't be able to generate stake with them anymore. The fact is that while plenty of geeks don't mind keeping a computer online all the time some of us aren't into running server farms.

That wouldn't be a good idea, because it would allow that third party to have a huge amount of control over the network. They could basically do a 51% proof of stake mining attack. The key point of all of this is to keep things decentralized.

We should really discuss PPC's strategy towards PoS pooling. I'm convinced that pooling should NOT be encouraged. So please do not include features that allow outsourcing PoS minting.
It would just end in a centralized banking system shared by very few PoS pools (AKA banks).
If people do not want to run a (low performance) machine 24/7, then - well - just don't do it. PoS reward is meant for those that want to contribute to network security. A PoS pool is not good at that because of centralization. And even worse: A pool could perform a 51% attack without risking own money ( a key argument for PoS in the first place)
donator
Activity: 994
Merit: 1000
What happens when people lose access to the mining key, but not the cold key? Should there be a time-out, after which the cold key can be used as mining/spending key?

It seems like the cold key should be able to generate the mining key, just like a private key can generate an address.
You may not want to do this, because then you cannot reliably transfer the stake generation power, because the original holder of the cold key can also perform stake mining, without telling the holder of the cold-locked transaction, thus defrauding the stake mining operator.
legendary
Activity: 1205
Merit: 1010

If I understood it correctly, the current proposal assumes that the holder of the cold-locked transaction and the owner of the cold wallet are the same entity. In that case the cold key resides within a cold wallet and the mining key resides on the validation node. What happens when people lose access to the mining key, but not the cold key? Should there be a time-out, after which the cold key can be used as mining/spending key?


You shouldn't lose either the cold wallet or the minting wallet, otherwise the balance is lost, as you need the minting key to move the balance to your cold address for spending. But you can share the minting private key with the service provider.

Yes a cold-locked transaction is assumed to be solely controlled by one cold address, which is specified in its first output. You can think of the cold key as a savings account, when you receive coins you can move some of your balance to the savings account, this transaction (moving coins to your savings account) would be a cold-locked transaction. If the cold key directly receive some balance from other people that is not via cold-locked transaction, then those coins are not cold-locked despite of belonging to the cold key, and cannot participate in online stake generation if the key stays in cold wallet.
sr. member
Activity: 354
Merit: 250
What happens when people lose access to the mining key, but not the cold key? Should there be a time-out, after which the cold key can be used as mining/spending key?

It seems like the cold key should be able to generate the mining key, just like a private key can generate an address.
donator
Activity: 994
Merit: 1000
On the other hand, since there is no risk of losing your balance with the service provider in the cold-locked scenario (providing you can easily verify that your balance is cold-locked properly) then maybe there will be lower barrier of entry to compete as a service provider as it doesn't need to earn users trust at first.
I think this is the main innovation point. This allows you to monetize stake generation power, since you don't need to sell the coins in order to transfer stake generation power. However, you may want to elaborate on how to determine the maturity of stake. Logic would suggest that it should be the time at which the original stake was created - not the cold-locked transaction.

For the purpose of clarity let me define:
1) cold key: gives access to the actual coins, for arbitrary usage
2) mining/spending key: used to spend the cold-locked transaction

If I understood it correctly, the current proposal assumes that the holder of the cold-locked transaction and the owner of the cold wallet are the same entity. In that case the cold key resides within a cold wallet and the mining key resides on the validation node. What happens when people lose access to the mining key, but not the cold key? Should there be a time-out, after which the cold key can be used as mining/spending key?

Also, the issue is more pronounced if the holder of the cold-locked transaction and the cold key are not the same entity. What happens if the holder of the cold-locked transaction decides not to spend the transaction?
sr. member
Activity: 354
Merit: 250
The size of such service provider needs to be under control otherwise it does pose risk to the network, albeit not permanently as users can withdraw from it once the attack is understood.

Yeah, I think plenty of Bitcoin miners check http://blockchain.info/pools before deciding which pool to mine with to avoid anyone getting over 51%. Is it as easy to recognize who has mined a stake block though?
legendary
Activity: 1205
Merit: 1010
The question is whether the underlying incentive structure promotes the formation of stake mining pools. Is there a formula for how much % of the money supply has to be stake and what the minimum ppc amount of a stake has to be, in order for it to be executed within e.g. 3 months? Dependent on that equation there may or may not be a need for stake mining pools....

I think some incentive is there if people don't want to run computer 24x7 and would like to earn stake as fast as possible. It doesn't matter whether you mint yourself 24x7 or with a service provider, the rate of generation would stay the same. The size of such service provider needs to be under control otherwise it does pose risk to the network, albeit not permanently as users can withdraw from it once the attack is understood.

On the other hand, since there is no risk of losing your balance with the service provider in the cold-locked scenario (providing you can easily verify that your balance is cold-locked properly) then maybe there will be lower barrier of entry to compete as a service provider as it doesn't need to earn users trust at first.
donator
Activity: 994
Merit: 1000
This is a key piece of the puzzle. There needs to be provision for the outsourcing of this to third-party "stake miners" who will pay you a certain portion of your stake rewards in exchange for being custodians of your stake generation capability without actually having access to your offline cold storage keys. Obviously if you transfer your coins they wouldn't be able to generate stake with them anymore. The fact is that while plenty of geeks don't mind keeping a computer online all the time some of us aren't into running server farms.

There is probably some misunderstanding here. Minting stake is not supposed to be computing intensive and all you need is a typical computer online, no server farm required.
The question is whether the underlying incentive structure promotes the formation of stake mining pools. Is there a formula for how much % of the money supply has to be stake and what the minimum ppc amount of a stake has to be, in order for it to be executed within e.g. 3 months? Dependent on that equation there may or may not be a need for stake mining pools....
legendary
Activity: 1205
Merit: 1010
This is a key piece of the puzzle. There needs to be provision for the outsourcing of this to third-party "stake miners" who will pay you a certain portion of your stake rewards in exchange for being custodians of your stake generation capability without actually having access to your offline cold storage keys. Obviously if you transfer your coins they wouldn't be able to generate stake with them anymore. The fact is that while plenty of geeks don't mind keeping a computer online all the time some of us aren't into running server farms.

There is probably some misunderstanding here. Minting stake is not supposed to be computing intensive and all you need is a typical computer online, no server farm required.
sr. member
Activity: 354
Merit: 250
I would simply propose an Android Client with PoS Mining feature.

I agree this is an elegant solution given the original proposal of this thread is achieved.
newbie
Activity: 20
Merit: 0
Sounds nice so far for me.

As a solution for the staying online problem I would simply propose an Android Client with PoS Mining feature. I mean smartphones are running all day and are connected to the Internet most of the time, and modern smartphone hardware can handle PoS mining without problems and without quick battery drainage.
hero member
Activity: 504
Merit: 500
FPGA Mining LLC
This is a key piece of the puzzle. There needs to be provision for the outsourcing of this to third-party "stake miners" who will pay you a certain portion of your stake rewards in exchange for being custodians of your stake generation capability without actually having access to your offline cold storage keys. Obviously if you transfer your coins they wouldn't be able to generate stake with them anymore. The fact is that while plenty of geeks don't mind keeping a computer online all the time some of us aren't into running server farms.

That wouldn't be a good idea, because it would allow that third party to have a huge amount of control over the network. They could basically do a 51% proof of stake mining attack. The key point of all of this is to keep things decentralized.
hero member
Activity: 504
Merit: 500
FPGA Mining LLC
Interesting approach. Seems like a clever solution for the PoS mining problem.
However, while we're at it, we should also somehow get rid of the (IMHO totally useless) block signing for PoW blocks.

IIUC implementing your proposal requires a chain fork? If so, can you, at the same time, stop requiring PoW blocks to be signed, and instead only require that for PoS blocks? And of course also allow all output script types in the coinbase. That would finally allow for p2pool to be used with ppcoin...
legendary
Activity: 1358
Merit: 1003
Ron Gross
Good stuff.
Pages:
Jump to: