Topic: Security analysis of PoW/PoS hybrids with low PoW reward - page 2. (Read 13216 times)

Hi Tacotime, thanks for the information! I notice you have an ad in your signature that describes a PoS/PoW hybrid.

Have you been able to resolve the issue with that coin?

Maybe ask the MINT devs to fix this?

I already said I regretted how I originally addressed rat4, it was rude, why not include that? Not to mention this is an entirely different problem, so everything I said up until now was concerning "attack 1". Thank you for finding the bug, rat4. But, as far as I can see he has not provided a fix for the issue. He has publicly displayed a security flaw thereby allowing anybody to now take advantage of it, and allowing the entire BC community to use this to defame Mint thread and others. So I still doubt his motives were in the right place, I won't be thanking him for that.

ha ha the price is exactly the same as it was when this thread was posted

I have some mintcoin and I say do the double spend attack, if you can. I want to see if I am going to put more money into this or not.

um the original post by the blackcoin developer lists the blocks which were successfully attacked. Those blocks were forced to proof of work only and proof of work only blocks have close to 0 difficulty. Only thing which protects from a 51% attack is high difficulty.

I would be shitting my pants if I held mintcoin right now hence why the price is crashing

i agree. well done.

+1

Why should anyone take the claims of sock puppet accounts seriously?

You guys seem pretty knowledgeable about this stuff for a bunch of newbies lol

What the hell are you talking about?

You have to prove you can double spend or it's FUD and that's all there is to that.

An attack has been demonstrated against Mintcoin that disabled pos mining and only allowed pow mining, leaving it wide open to a 51% attack. The first stage of this was demonstrated. The second stage only wasn't executed out of manners (51% attacking a coin with 0.1 difficulty is easy).

No such attack has been demonstrated against Blackcoin. In fact the above attack by definition isn't possible since there isn't any pow mining.

See, they don't even care if it is attacked, in fact they urge an attack, insist jupon an attack as the only way they will even admit that they are running a scam.

They don't care if it gets attacked because they can clone hundreds more identical scams with different names and images and other similar minor details changed and claim oh this one is different, until someone actually pulls off an attack this one is not a scam...

Oops missed prior post.

I guess they also don't care if there is an attack because they will just claim that the attack does not matter, so what we are a scam uh I mean were demonstrably successfully attacked, we are making money, suckers are falling for the scam, so fooey on you you FUDster, suckers are gonna get suckered no matter what you do, so hahaha I win.

-MarkM-

There was an actual attack, the proof if it is in the blockchain. Watch from 203198 and up. Look at the timestamps. Look at the type of blocks.
We have no reason to break mintcoin's chain. We have merely proofed it takes about 5 minutes to turn mintcoin into PoW only for 1 hour+.

Well, I guess there needs to be an actual attack to prove it.

Until then it's FUD

The big problem is simply that none of the scamcoin devs care, because if one scam fails it is so easy to simply launch another.

So bullshitting and bluffing and yelling "FUD!" and so on ensues until someone actually does trash the value of the scam's coins enough to make pasting another announce of another launch seem more worthwhile than posting claims of FUD.

Sunny is simply the first of many such scam "devs", notice he never did even bother to try to justify in what way his fix was a fix, he just went like oh yeah ok its true my idea was utterly broken butv thats okay I fixed it now. With nothing explaining how exactly the supposedly fix actualyl fixed anything.

Also tore a leaf from the solidcoin book, putting in a centralised privileged node.

It is more centralised that solidcoin as it uses just one privileged node it seems at least realsolid had a token decentralisation in the form of having more than one privileged node. But nonetheless solidcoin was laughed out of town so to speak, but nowadays the pronzi-players want a constant stream of new scams to get in on the bottom of and promote, so don't care anymore that all the coins coming out are scams because they are themselves scammers looking for scams to promote to scam money out of people so all these scams are just fine for their purposes.

Except for all the facts, which they decry as "FUD", because they think that if the people they are promoting the scams to knew for a fact they were scams less suckers might fall for them. Knowing it is a scam causes people to fear being a victim of the scam, be uncertain whether they can profit from the scam fast enough instead of being one of the victims, and doubt whether they can suck in enough new victims to ensure their own profit. Hence, "FUD".

-MarkM-

They both are vulnerable.  PeerCoin is what is (sort of) functional.

No, so long as the PoW difficulty is high enough to actually secure the network.  This requires subsidy (block reward) to be high enough to justify lots of people mining the chain.  Hence why PeerCoin works.

OK, but can they doublespend if some miners are already only doing PoW only mining for a hybrid PoS coin?

so Tacotime,

for a newbie which coin Mintcoin/Blackcoin is more vulnerable to attack, with Blackcoin being Pure POS and Mintcoin being a POW/POS hybrid?

As soon as someone doublespends successfully on the network using the current PoS protocol, any node that is even modestly intelligent is going to switch to a more belligerent protocol that better defends the value of their coins.  Then you run into this problem.

This is the means to generating hashes for PoS for PPC (paraphrased a little):

You can game this in a bunch of ways.  If you're building your own chain of blocks, you can manipulate the timestamp; BlackCoin uses 10 minute intervals, so there's another 600 chances right there (+ 10 min).  If you want to build lots of blocks, you need coinstake distributed in lots of places (nTimeBlockFrom << nTxPrevOffset << txPrev.nTime << prevout.n).

Now you can bruteforce a chain of length whatever privately so long as you have a bunch of coinstake at different addresses, and then doublespend using that.  Unless everyone is trying to do this, you don't need 51% stake to do this -- just the hoarding of a bunch of stake and some bruteforcing at an exacting time and you can doublespend.  This is why PoS in PPC and friends defaults to PoW; you're just manipulating a bunch of different factors in search of golden "nonces" (manipulations of non-nonce parameters) in a chain of blocks instead of simply increasing the nonce.

Using PoW blocks to make stake modifiers can also help prevent you from being able to game this a bit from the "if (!GetKernelStakeModifier(blockFrom.GetHash(), nStakeModifier, nStakeModifierHeight, nStakeModifierTime, fPrintProofOfStake)) return false;" portion, but I don't think it completely eliminates the risk.

Sunny King at some point mentioned changing confirmation rules from number of blocks that have passed to the amount of coinage that has been included in blocks since a transaction has taken place ("trust score").  But this still doesn't solve the "nothing at stake" forking problem, and you can still likely doublespend in that case with <51% stake.

What if everyone else IS NOT mining both?