Pages:
Author

Topic: Satoshi didn't solve the Byzantine generals problem - page 3. (Read 13700 times)

legendary
Activity: 1008
Merit: 1007
Orphaned chains (not sustained forks!) are a natural and can't be proven to be an attack.

Irrelevant. BGP does not distinguish between attacks and natural faults due to latency

Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation.

See above.

Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.

Fuck man, you can't even keep all the concepts in your head from the past discussions!

I finally see the core of your mistake. You expect the system itself to catalog and prove faults and automatically use this information somehow to give a warning that the byzantine tolerance has been exceeded. However, this is not a requirement in the least - the system will work up until the point it fails, the failure mode is undefined.

The link you reference is concerned with evidence of historical forks in a system with a completely different consensus rule than LCR.
legendary
Activity: 2968
Merit: 1198
Well they are indication, just not conclusive evidence, since they can be natural or faked (at a cost)

smooth in Bill Clinton mode.

They can also be an indication of deception to confuse when there are actually attacks ongoing, which was CfB's correct point.

Good thing we do not have any such confusion then!

It seems no one is interested in spending money to create confusion about attacks they aren't performing.

But lack of ephemeral forks is conclusive evidence of lack of an attack, subject to the (reasonable) conditions I stated above.

Wrong again. Example, Finney attack. Example, a double-spend that falls within the expected number of confirmations of normal orphan rate.

A Finley "attack" does not exist in the system as defined by the white paper, where PoW defines ordering (as opposed to mint timestamps as described in section 2). If people want to be dumb and rely on zero conf in Bitcoin, they are attacking themselves.
sr. member
Activity: 420
Merit: 262
Well they are indication, just not conclusive evidence, since they can be natural or faked (at a cost)

smooth in Bill Clinton mode.

They can also be an indication of deception to confuse when there are actually attacks ongoing, which was CfB's correct point.

But lack of ephemeral forks is conclusive evidence of lack of an attack, subject to the (reasonable) conditions I stated above.

Wrong again. Example, Finney attack. Example, a double-spend that falls within the expected number of confirmations of normal orphan rate.

And censored transactions with ongoing 51% attack where there are no forks other than normal ones with the expected number of confirmations of normal orphan rate.
legendary
Activity: 2968
Merit: 1198
Well they are indication, just not conclusive evidence, since they can be natural or faked (at a cost)

But lack of ephemeral forks is conclusive evidence of lack of an attack, subject to the (reasonable) conditions I stated above.

sr. member
Activity: 420
Merit: 262
Why can't you read?

Mempools only prove nothing if nodes are also conspiring

Are you still blind?

Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...

Are you blind?

Orphaned chains (not sustained forks!) are a natural and can't be proven to be an attack. Even those longer-con chains which orphan another chain which do not fall within the expected variance due to natural orphan rate can't be distinguished from natural (non-attack) network connectivity issues. Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.

How many times do I have to say that ephemeral forks are not an indication of an attack. And proving correctness of block chain state between ephemeral forks is impossible. The longest chain rule wins. Period! Damn it!
legendary
Activity: 2968
Merit: 1198
Mempools only prove nothing if nodes are also conspiring

Are you still blind?

Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...

You are still getting the logic backwards. No one is trying to prove a minority chain did anything. They can't because they don't exist (with significant frequency).

As a necessary condition for someone to be 51% attacking to censor transactions is that those minority chains exist at all. If those minority chains don't exist at all, then no one is attacking.

If someone creates fake minority chains (at significant cost), then it could be inconclusive evidence of an attack. We would have to look closer to try to determine if an attack is taking place, which could include keeping a node online, even if you didn't do so normally.

Possibly, you could be fooled (and be unable to determine otherwise) into thinking an attack took place when one really did not. But you can't be fooled into thinking an attack did not take place when one actually did take place, unless someone hides all evidence of the minority chain. That is implausible.

I therefore conclude at present, there is no attack taking place.

sr. member
Activity: 420
Merit: 262
Mempools only prove nothing if nodes are also conspiring

Are you still blind?

Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...

Are you blind?

Orphaned chains (not sustained forks!) are a natural and can't be proven to be an attack. Even those longer-con chains which orphan another chain which do not fall within the expected variance due to natural orphan rate can't be distinguished from natural (non-attack) network connectivity issues. Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.

How many times do I have to say that ephemeral forks are not an indication of an attack. And proving correctness of block chain state between ephemeral forks is impossible. The longest chain rule wins. Period! Damn it!
legendary
Activity: 2968
Merit: 1198
To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

Unless you believe that all miners are colluding. I don't believe that. Even then, censorship would leave the censored transactions in the mempool.

@TPTB you are falling into the same logic trap as CfB. Proving an attack is not the same as proving the lack of an attack.

But...we certainly can't know there won't be an attack tomorrow, or the day after, or any other time. That is not only true, but clearly implied by the wording of the white paper.

People need to decide whether they can live with that risk or not.

Sorry smooth. You are going to be embarrassed this time. Get ready.

Hint: mempools prove nothing.

You should have read my Decentralization thread. Obviously you did not.

Mempools only prove nothing if nodes are also conspiring. Someday when (maybe) there are only mining nodes, that might be plausible. Today it is not.

It comes down to

Where's the fork

Show me the fork

If we don't see forks, then there is no majority of CPU power colluding to censor transactions. It doesn't exist. (Unless all miners are part of the collusion, which they are not.)

Also, if there are no forks, then there is no question about "which chain is the 'honest' one" because there is only one chain.

Deviations from this are (at present) easily explainable by propagation.
sr. member
Activity: 420
Merit: 262
Here is what I taught monsterer before.

Here was some other discussion that linked back to that:

As I explained to monsterer upthread, it is not possible to objectively prove (with cryptography and math) which chain is the honest one and which one is the dishonest one when there are censored transactions.

[...]

Note however that this minority chain is unprovable to a full node that wasn't online as it was occurring (which was my point to monsterer)...
sr. member
Activity: 420
Merit: 262
To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

Unless you believe that all miners are colluding. I don't believe that. Even then, censorship would leave the censored transactions in the mempool.

@TPTB you are falling into the same logic trap as CfB. Proving an attack is not the same as proving the lack of an attack.

But...we certainly can't know there won't be an attack tomorrow, or the day after, or any other time. That is not only true, but clearly implied by the wording of the white paper.

People need to decide whether they can live with that risk or not.

Sorry smooth. You are going to be embarrassed this time. Get ready.

Hint: mempools prove nothing.

You should have read my Decentralization thread. Obviously you did not.
legendary
Activity: 2142
Merit: 1010
Newbie
Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

You are right, sorry, I'm coding at this moment and my brain resources are not enough for taking part in your discussion at the same time. See you some other day.
legendary
Activity: 2968
Merit: 1198
To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

Wow, such horrible logic.

You can not know an attack did take place, because the forks could be a ruse, yes.

But you can know that an attack did not take place because there is no such fork anywhere in existence.

Unless you believe that all miners are colluding. I don't believe that. Even then, censorship would leave the censored transactions in the mempool.

@TPTB you are falling into the same logic trap as CfB. Proving an attack is not the same as proving the lack of an attack.

But...we certainly can't know there won't be an attack tomorrow, or the day after, or any other time. That is not only true, but clearly implied by the wording of the white paper.

People need to decide whether they can live with that risk or not.
sr. member
Activity: 420
Merit: 262

I didn't read that but the point is that you can't engage in an attack without creating forks, as monsterer said. The forks are visible. They would exceed those explainable by propagation delays, and would be selective against miners who include the banned transactions.

Are you blind?

Orphaned chains (not sustained forks!) are a natural and can't be proven to be an attack. Even those longer-con chains which orphan another chain which do not fall within the expected variance due to natural orphan rate can't be distinguished from natural (non-attack) network connectivity issues. Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.
legendary
Activity: 2968
Merit: 1198

I didn't read that but the point is that you can't engage in an attack without creating forks, as monsterer said. The forks are visible. They would exceed those explainable by propagation delays, and would be selective against miners who include the banned transactions.

Collusion, in fact, doesn't even matter. It could be one large miner or a collusion. Either way it will be visible unless the collusion is total (maybe that is what your link states).

You would also, even in the case of total collusion, see transactions staying in the mempool forever despite having higher fees than transactions being mined. We don't see that either. There is no attack taking place. For the moment.

legendary
Activity: 2142
Merit: 1010
Newbie
To censor, he has to orphan other miners' blocks that do include the transactions. That is visible.

This requires to assume that we all see and believe this. Right now chinese speculators can bribe a small pool to generate 10 consecutive orphaned blocks and start spreading FUD that someone tried to attack Bitcoin. With intention to buy cheap coins.

EDIT: Forgot the obvious resume. https://en.wikipedia.org/wiki/Plausible_deniability guarantees that a real attack will likely be not noticed, people will just spread the idea that it's a fake attack.
sr. member
Activity: 420
Merit: 262
You can collude to attack, but that would be visible.

Nope.

Please re-read my prior post.

Quote
Attacker only needs 51% of hashrate to censor transactions perpetually (and less % to delay transactions).

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible. Delaying is possible without creating forks. Censorship is not.

I had to teach monsterer that your assumption is incorrect. Why don't you ask him about our prior discussion in the Decentralization thread on this topic:

Also I already explained upthread that an emphemeral fork (which orphans another chain) can't be blamed for a double-spend or censored transaction, because there is no provable correlation. Seems you've forgotten where I had to teach you in my Decentralized thread why it is impossible for a minority chain to prove anything (because the state of the chain is never absolute w.r.t. to any external chain/clock and is always moving forward). Which is the same analogous mistake enet made upthread.
legendary
Activity: 2142
Merit: 1010
Newbie
legendary
Activity: 2968
Merit: 1198
You can collude to attack, but that would be visible.

Nope.

Please re-read my prior post.

Quote
Attacker only needs 51% of hashrate to censor transactions perpetually (and less % to delay transactions).

To censor, he has to orphan other miners' blocks that do include the transactions. That is visible. Delaying is possible without creating forks. Censorship is not.
sr. member
Activity: 420
Merit: 262
You can collude to attack, but that would be visible.

Nope.

Please re-read my prior post.
legendary
Activity: 2968
Merit: 1198
Besides collusion is unknowable due to Sybil attacks.

Collusion to do what?

You can collude to attack, but that would be visible.

If you collude with a bunch of other miners to pick each other's noses, okay, maybe we can't see that, but I don't care. That isn't an attack.

Quote
Attacker only needs 51% of hashrate to censor transactions perpetually (and less % to delay transactions).

To censor, he has to orphan other miner's blocks that do include the transactions. That is visible.




Pages:
Jump to: