Satoshi didn't solve the Byzantine generals problem - page 3.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Quote from: smooth on February 09, 2016, 08:20:55 AM

Well they are indication, just not conclusive evidence, since they can be natural or faked (at a cost)

smooth in Bill Clinton mode.

They can also be an indication of deception to confuse when there are actually attacks ongoing, which was CfB's correct point.

Quote from: smooth on February 09, 2016, 08:20:55 AM

But lack of ephemeral forks is conclusive evidence of lack of an attack, subject to the (reasonable) conditions I stated above.

Wrong again. Example, Finney attack. Example, a double-spend that falls within the expected number of confirmations of normal orphan rate.

And censored transactions with ongoing 51% attack where there are no forks other than normal ones with the expected number of confirmations of normal orphan rate.

smooth

legendary

Activity: 2968

Merit: 1198

Well they are indication, just not conclusive evidence, since they can be natural or faked (at a cost)

But lack of ephemeral forks is conclusive evidence of lack of an attack, subject to the (reasonable) conditions I stated above.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Why can't you read?

Quote from: TPTB_need_war on February 09, 2016, 08:09:35 AM

Quote from: smooth on February 09, 2016, 08:07:56 AM

Mempools only prove nothing if nodes are also conspiring

Are you still blind?

Quote from: TPTB_need_war on February 09, 2016, 08:05:46 AM

Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

Quote from: TPTB_need_war on January 20, 2016, 09:01:11 PM

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...

Quote from: TPTB_need_war on February 09, 2016, 07:52:54 AM

Are you blind?

Quote from: TPTB_need_war on February 09, 2016, 07:32:04 AM

Orphaned chains (not sustained forks!) are a natural and can't be proven to be an attack. Even those longer-con chains which orphan another chain which do not fall within the expected variance due to natural orphan rate can't be distinguished from natural (non-attack) network connectivity issues. Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.

How many times do I have to say that ephemeral forks are not an indication of an attack. And proving correctness of block chain state between ephemeral forks is impossible. The longest chain rule wins. Period! Damn it!

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: TPTB_need_war on February 09, 2016, 08:09:35 AM

Quote from: smooth on February 09, 2016, 08:07:56 AM

Mempools only prove nothing if nodes are also conspiring

Are you still blind?

Quote from: TPTB_need_war on February 09, 2016, 08:05:46 AM

Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

Quote from: TPTB_need_war on January 20, 2016, 09:01:11 PM

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...

You are still getting the logic backwards. No one is trying to prove a minority chain did anything. They can't because they don't exist (with significant frequency).

As a necessary condition for someone to be 51% attacking to censor transactions is that those minority chains exist at all. If those minority chains don't exist at all, then no one is attacking.

If someone creates fake minority chains (at significant cost), then it could be inconclusive evidence of an attack. We would have to look closer to try to determine if an attack is taking place, which could include keeping a node online, even if you didn't do so normally.

Possibly, you could be fooled (and be unable to determine otherwise) into thinking an attack took place when one really did not. But you can't be fooled into thinking an attack did not take place when one actually did take place, unless someone hides all evidence of the minority chain. That is implausible.

I therefore conclude at present, there is no attack taking place.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Quote from: smooth on February 09, 2016, 08:07:56 AM

Mempools only prove nothing if nodes are also conspiring

Are you still blind?

Quote from: TPTB_need_war on February 09, 2016, 08:05:46 AM

Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

Quote from: TPTB_need_war on January 20, 2016, 09:01:11 PM

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...

Quote from: TPTB_need_war on February 09, 2016, 07:52:54 AM

Are you blind?

Quote from: TPTB_need_war on February 09, 2016, 07:32:04 AM

Orphaned chains (not sustained forks!) are a natural and can't be proven to be an attack. Even those longer-con chains which orphan another chain which do not fall within the expected variance due to natural orphan rate can't be distinguished from natural (non-attack) network connectivity issues. Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.

How many times do I have to say that ephemeral forks are not an indication of an attack. And proving correctness of block chain state between ephemeral forks is impossible. The longest chain rule wins. Period! Damn it!

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: TPTB_need_war on February 09, 2016, 07:57:58 AM

Quote from: smooth on February 09, 2016, 07:53:07 AM

Quote from: Come-from-Beyond on February 09, 2016, 07:50:21 AM

Quote from: smooth on February 09, 2016, 07:42:52 AM

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

Unless you believe that all miners are colluding. I don't believe that. Even then, censorship would leave the censored transactions in the mempool.

@TPTB you are falling into the same logic trap as CfB. Proving an attack is not the same as proving the lack of an attack.

But...we certainly can't know there won't be an attack tomorrow, or the day after, or any other time. That is not only true, but clearly implied by the wording of the white paper.

People need to decide whether they can live with that risk or not.

Sorry smooth. You are going to be embarrassed this time. Get ready.

Hint: mempools prove nothing.

You should have read my Decentralization thread. Obviously you did not.

Mempools only prove nothing if nodes are also conspiring. Someday when (maybe) there are only mining nodes, that might be plausible. Today it is not.

It comes down to

Where's the fork

Show me the fork

If we don't see forks, then there is no majority of CPU power colluding to censor transactions. It doesn't exist. (Unless all miners are part of the collusion, which they are not.)

Also, if there are no forks, then there is no question about "which chain is the 'honest' one" because there is only one chain.

Deviations from this are (at present) easily explainable by propagation.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

Quote from: TPTB_need_war on January 20, 2016, 09:01:11 PM

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Quote from: smooth on February 09, 2016, 07:53:07 AM

Quote from: Come-from-Beyond on February 09, 2016, 07:50:21 AM

Quote from: smooth on February 09, 2016, 07:42:52 AM

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

Unless you believe that all miners are colluding. I don't believe that. Even then, censorship would leave the censored transactions in the mempool.

@TPTB you are falling into the same logic trap as CfB. Proving an attack is not the same as proving the lack of an attack.

But...we certainly can't know there won't be an attack tomorrow, or the day after, or any other time. That is not only true, but clearly implied by the wording of the white paper.

People need to decide whether they can live with that risk or not.

Sorry smooth. You are going to be embarrassed this time. Get ready.

Hint: mempools prove nothing.

You should have read my Decentralization thread. Obviously you did not.

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: smooth on February 09, 2016, 07:53:07 AM

Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

You are right, sorry, I'm coding at this moment and my brain resources are not enough for taking part in your discussion at the same time. See you some other day.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: Come-from-Beyond on February 09, 2016, 07:50:21 AM

Quote from: smooth on February 09, 2016, 07:42:52 AM

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

Unless you believe that all miners are colluding. I don't believe that. Even then, censorship would leave the censored transactions in the mempool.

@TPTB you are falling into the same logic trap as CfB. Proving an attack is not the same as proving the lack of an attack.

But...we certainly can't know there won't be an attack tomorrow, or the day after, or any other time. That is not only true, but clearly implied by the wording of the white paper.

People need to decide whether they can live with that risk or not.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Quote from: smooth on February 09, 2016, 07:50:56 AM

Quote from: Come-from-Beyond on February 09, 2016, 07:45:16 AM

Quote from: smooth on February 09, 2016, 07:40:22 AM

You can collude to attack, but that would be visible.

It depends on number of colluding entities.

I didn't read that but the point is that you can't engage in an attack without creating forks, as monsterer said. The forks are visible. They would exceed those explainable by propagation delays, and would be selective against miners who include the banned transactions.

Are you blind?

Quote from: TPTB_need_war on February 09, 2016, 07:32:04 AM

Orphaned chains (not sustained forks!) are a natural and can't be proven to be an attack. Even those longer-con chains which orphan another chain which do not fall within the expected variance due to natural orphan rate can't be distinguished from natural (non-attack) network connectivity issues. Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: Come-from-Beyond on February 09, 2016, 07:45:16 AM

Quote from: smooth on February 09, 2016, 07:40:22 AM

You can collude to attack, but that would be visible.

It depends on number of colluding entities.

I didn't read that but the point is that you can't engage in an attack without creating forks, as monsterer said. The forks are visible. They would exceed those explainable by propagation delays, and would be selective against miners who include the banned transactions.

Collusion, in fact, doesn't even matter. It could be one large miner or a collusion. Either way it will be visible unless the collusion is total (maybe that is what your link states).

You would also, even in the case of total collusion, see transactions staying in the mempool forever despite having higher fees than transactions being mined. We don't see that either. There is no attack taking place. For the moment.

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: smooth on February 09, 2016, 07:42:52 AM

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

EDIT: Forgot the obvious resume. https://en.wikipedia.org/wiki/Plausible_deniability guarantees that a real attack will likely be not noticed, people will just spread the idea that it's a fake attack.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Quote from: smooth on February 09, 2016, 07:42:52 AM

Quote from: TPTB_need_war on February 09, 2016, 07:41:17 AM

Quote from: smooth on February 09, 2016, 07:40:22 AM

You can collude to attack, but that would be visible.

Nope.

Please re-read my prior post.

Quote

Attacker only needs 51% of hashrate to censor transactions perpetually (and less % to delay transactions).

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible. Delaying is possible without creating forks. Censorship is not.

I had to teach monsterer that your assumption is incorrect. Why don't you ask him about our prior discussion in the Decentralization thread on this topic:

Quote from: TPTB_need_war on February 09, 2016, 07:32:04 AM

Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.

Come-from-Beyond

legendary

Activity: 2142

Merit: 1010

Newbie

Quote from: smooth on February 09, 2016, 07:40:22 AM

You can collude to attack, but that would be visible.

It depends on number of colluding entities.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: TPTB_need_war on February 09, 2016, 07:41:17 AM

Quote from: smooth on February 09, 2016, 07:40:22 AM

You can collude to attack, but that would be visible.

Nope.

Please re-read my prior post.

Quote

Attacker only needs 51% of hashrate to censor transactions perpetually (and less % to delay transactions).

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible. Delaying is possible without creating forks. Censorship is not.

TPTB_need_war

sr. member

Activity: 420

Merit: 262

Quote from: smooth on February 09, 2016, 07:40:22 AM

You can collude to attack, but that would be visible.

Nope.

Please re-read my prior post.

smooth

legendary

Activity: 2968

Merit: 1198

Quote from: TPTB_need_war on February 09, 2016, 07:32:04 AM

Besides collusion is unknowable due to Sybil attacks.

Collusion to do what?

You can collude to attack, but that would be visible.

If you collude with a bunch of other miners to pick each other's noses, okay, maybe we can't see that, but I don't care. That isn't an attack.

Quote

Attacker only needs 51% of hashrate to censor transactions perpetually (and less % to delay transactions).

To censor, he has to orphan other miner's blocks that do include the transactions. That is visible.

Topic: Satoshi didn't solve the Byzantine generals problem - page 3. (Read 13675 times)