 Show Posts
|
|
Pages: « 1 2 3 4 5 6 [7]
|
But my point is, community might agree to rollback blocks, even if it's not because 51% attack.
and this is my two cents, community might agree on a double-check data flow before block creation. not exactly double-check but I mean a concrete solution should involve before block creation - and I'm working hard on it. rollback is always costly and harmful to the trust. |
|
|
|
Vitalik Buterin is bullshitting too much recently. The 99% fault tolerance he is talking about is based on encrypted messaging which is neither new nor applicable in crypto ecosystem. He is just moving his pieces to make another attack against decentralized crypto ecosystem in favor of his agenda for making Ethereum Foundation some-shit like the central hub of world finance, such an idiot he is  Yes, we have discussed it before about avoiding software tricks while thinking about a solution - and that 99% thing was the most tricky topic that I have ever seen. and about the central hub of world finance I just can say: "Pooouuuufffff" |
|
|
|
there is also another version of these kinds of attempts against 51% attack in link bellow: https://vitalik.ca/general/2018/08/07/99_fault_tolerant.htmlin this approach the owner of proposal - by adding some special nodes that he calls them "Observer nodes" and also do not involve in mining process - tries to protect the network. based on lessons from system architecture, adding any special nodes into a decentralized network with voting power, somehow will push the entire of the network into a centralized version. |
|
|
|
It is unnecessary to use hashed timelock contracts if you can use simple a simple timelock value in transactions.
You shouldn't make things more complicated then they need to be.
simply, just in the case Alice has complicated scenarios for her will. -------------------- but there is one serious question here about "Transaction malleability": https://en.bitcoin.it/wiki/Transaction_malleabilitywhich of solutions above are not vulnerable to malleability? |
|
|
|
No, no. this should be 1-of-2. the 2-of-2 doesn't work here. we exactly need either of the keys unlock the funds. therefore we could track abuses.
When Alice is alive uses her primary account for transactions normally. but she also creates a secondary account linked (with OR logic gate) to her primary account, and gives its security values to her attorney/trusted_person with permission to use the keys of the secondary account when she is dead. if she share her primary account with others, she can't track any abuse of her account, but with 1-of-2, you could simply track the sign of your funds to see which sign get used for a particular transaction.
But again.. this approach requires trust. Yes, you could track the 'abuse' in terms of you'd know who spend these coins. But you wouldn't be able to 'revert' it or anything else. The coins would be gone in this scenario. The best approach is a trustless approach. And this does exclude the option of a 1of2 multisig with giving 1 key away. so, we have HASHED TIME LOCKED CONTRACTS (HTLC) in bitcoin that works with the concept of PROOF-of-Payment and even could provide *reversible* transactions to the payer or re-route it to 3rd address. this only needs to open payment channels. more info: https://en.bitcoin.it/wiki/Hashed_Timelock_Contracts** if there are no other technical considerations, now we have an ALICE1-ALICE2-CHARLIE relationship in a dead scenario. Alice owns two accounts, Alice1 and Alice 2. Alice will have her bitcoins accessible by submitting a random digital content with Alice1 which triggers a transaction to Alice2. if this digital content does not submit before a specified future time, then could automatically re-route to CHARLIE. |
|
|
|
use Multisignature Application in 1-of-2 method..
This is just as good as giving the other person your private key right now. Well, look at the responsibility of involved people in both solutions. in multisignature you could engage your attorney in the process and he/she never could spend your money with his/her secondary account without your permission on contract. if you give the other person your only private key, you will lose the advantages of non-repudiation that comes with asymmetric encryption. I think you are thinking of 2-of-2 multisig, not 1-of-2. 1-of-2 means that either of the keys can unlock the funds. 1-of-n multisig transactions are equivalent to sharing your private key with n people, as anyone can spend it. 2-of-2 multisig wouldn't work here though, unless you want to not be able to spend your coins without your attorney's permission. No, no. this should be 1-of-2. the 2-of-2 doesn't work here. we exactly need either of the keys unlock the funds. therefore we could track abuses. When Alice is alive uses her primary account for transactions normally. but she also creates a secondary account linked (with OR logic gate) to her primary account, and gives its security values to her attorney/trusted_person with permission to use the keys of the secondary account when she is dead. if she share her primary account with others, she can't track any abuse of her account, but with 1-of-2, you could simply track the sign of your funds to see which sign get used for a particular transaction. |
|
|
|
use Multisignature Application in 1-of-2 method..
This is just as good as giving the other person your private key right now. Well, look at the responsibility of involved people in both solutions. in multisignature you could engage your attorney in the process and he/she never could spend your money with his/her secondary account without your permission on contract. if you give the other person your only private key, you will lose the advantages of non-repudiation that comes with asymmetric encryption. |
|
|
|
I don't see a good reason to dive even deeper in TAU-Coin, there are a zillion of ideas and alternatives, unfortunately it is not possible to examine all of them in details but I personally have one measure to be impressed: elegance. I afraid, TAU-coin lacks any sign of elegance and neatness being a conglomeration of ideas used as PR material for scamming people in the worst case or another implementation attempt for a failed approach to cryptocurrency in the best scenario.
Generally, I'm against using protocol/software tricks to cover model breaches. As an example I don't recognize Vitalik Buterin infamous weak subjectivity and his slasher algorithm as something even close to a mitigation to nothing at stake flaw in PoS. Somehow I have a dogmatic approach to protocol/software design that prevents me of recognizing tweaks and tricks as a modelling practice.
As of TAU-COIN relevance to your ideas, I don't see such a relationship, you are in PoW campus, TAU is PoS. PoW produces money by hard work, PoS forges money from thin air, big difference.
True. What I see in TAU is a PoS model too. - This would be a good decision to call the coins of PoS *pre-defined* not pre-mined. Because “mining” comes from a work that creates value during the block creation. The phrase pre-mined also refers us to a work, but this time happens out of a block, and before the block creation. - True. No work, no value. When we need to do work, this means we need several tools to do that. Request for tools in real world creates real values that finally transform into virtual values and transfer back into virtual world. There is a kind of Supply Chain behind PoW that makes it valuable. And I agree in problems with TAU-COIN's centralized mechanism (mining club market) too, and I wrote about it for them. And about elegant work flows, there is a quote from Steve Jobs: “Design is not just what it looks like and feels like. Design is how it works”. We could extend this quote to elegant system design too. And about using protocol/software tricks, the fact behind a successful crypto-currency could better understand by Inverted Pendulum problem in control engineering: https://en.wikipedia.org/wiki/Inverted_pendulumThere is no “tricks” in engineering world that fit in automatic control theory to design systems. We need an exact monitoring list of all forces involved in our system and define proper reactions to finally create a system that is automatically stable. Activating proper reactions for unpredicted forces needs planed WORK, not TRICK – and you are right. By Shahin Go-Round (data structure) and its related PROOF model (that it seems I have to describe it in continue), what I am looking for, is to suggest a B-Plan for bitcoin data flow; whenever bitcoin network needs to improve its power consumption model, and make it more stable and valuable. Therefore to evaluate this B-Plan I may implement a crypto-currency to understand if the new PROOF model will work properly or not.. |
|
|
|
|
Any single idea that introduces a new PROOF protocol is valuable and enriches the whole ecosystem, especially when the new protocol tries to work in transaction level.
Also, there is a part in page 8 of the whitepaper entitled “Abusive Transactions” that says: “With new POT consensus, TAU can be susceptible to new types of attacks that are based on manipulation of transactions.” I think at least the control attacks (51%) will solve by the mining club market entity that TAU introduces in diagram 3, page 7 of the PDF – entitled “Economy in TAU” – which could also shift the whole network into a centralized topology, and this is what I have found discussable in document.
-- Shahin
|
|
|
|
Shahin, I understand your situation as a software developer/engineer (a good one as I see) new to cryptocurrency and I appreciate your ambitions and courage but you are wrong about a few things here: 1- No miner is needed in your schema as long as there is no nonce in block level and transactions are not assembled by miners they are generated by users wallets and it will be the responsibility of wallets to generate your so-called "bounce"s. Otherwise how is it possible to have a block with multiple miners? Who has assembled this block and why? Your idea regarding transactions and only transactions carrying work is good but IOTA and tangle is the way you should go not the classical blockchain. 2- Processing Merkle Path is not the bottleneck right now, fetching missed transactions from the peer is. So, given you are suggesting a more optimized data structure for processing transaction list ( which is not the case by the way, Merkle Path navigation is O(log n) and optimized already) it is not a good point to start from anyway. 3- If you are a fan of "people's trust", you better focus on PoS shits instead of a PoW legendary system like bitcoin. Analogically speaking, people do not "trust" in gold they appreciate its value and the amount of resources socially necessary to find, extract, refine, ... it. Just like gold, bitcoin's value is determined by the amount of resources (energy, human resource, rent, overhead, ...) consumable for its production. Price eventually follows the value. You can find my PoCW proposal here . P.S. I noticed you have officially announced yourself as being a researcher for a known payment processing company despite your latest statements here. I know these companies and how they make it to be authorized and trusted by Bank Markazi to have access to bank gateways, etc. I'm not a fan of politics too, but as an Iranian engineer, I have to be cautious about dis-transparency and corruption in my country, it is the most professional and least political approach possible for a software developer in Iran. I think what I do is something beyond ambition, Ali. This is a pure curiosity. This is more than 4 years that I follow the blockchain and crypto-currency in theory and modeling sample blockchains in my local servers. I also mine some coins by wide range of processors from cheap raspberry boards to an expensive rig in my lab and even designed a controller board for rigs that work in farms, just to better understand where these all are going to. And I’m learning very much from your comments and I do appreciate it too. 1- Wallet resources are not good options in this schema. Bounces really need energy to solve the puzzle that directly comes from end user. Nodes still build the blocks, but this time they will benefit from the verification and confirmation fees. I think IOTA (if speed up its network, despite of its downgrade to 34% for attacks) is good for micro-payment, but I am looking for a solution to handle decentralized digital-assets. So naturally this would be a good idea to have an upgrade plan for classic blockchains. 2- Fetching missed transactions is also an interesting problem. While miners tend to ignore transaction with lower fees, this problem will remain unsolved until a new PROOF model changes the work flows. In fact this new data structure that we are discussing here, is going to be the foundation of a new PROOF model. 3- based on my own analysis PoS is a loser solution. But PoW is valuable, however this needs urgent upgrades too. This is where I hope to introduce Proof-of-Integrity as a new consensus model and bounce values are going to play a key role here. With PoI energy will consume to provide exactly the requested amount of complexity for security reasons – not to join a gold rush. Wasting energy in a gold rush is bad, not using energy for a purpose. Also, thank you for the link. I should read your proposal in free time with enough attention, but as a quick review I see that you are going to omit the role of pools in this ecosystem, and this could make people think your proposal is not Pareto Efficient. Please let me address you to Pareto Efficiency: https://en.wikipedia.org/wiki/Pareto_efficiencyI think this would be a good idea that does not omit entities, but let end users select – based on their best practices. P.S.: Well, I am also an innovation advisor in managerial board of IranKish (one of 12 Payment Service Providers that work in a closed payment loop in Iran) and they support my private researches too. PSP companies are under regulation of cenral bank, not a part of that and as you know, central bank of Iran is going to generate its own crypto-currency by Hyperledger Project and as you know they never cooperate with private (you read independent) researchers that offer innovative ideas. I really hope using of blockchain becomes a regular thing everywhere (which brings transparency) but personally I would like to begin an ICO abroad, based on what we discussed above – the PoI. If you are familiar with Persian, you could also join my channel in telegram and follow my works: https://t.me/baranidea-- Shahin |
|
|
|
I barely understand your paper, but my thoughts are :
1. As aliashraf mentioned, merkle tree already very efficient. Besides, how about transaction verification by SPV wallet? from what i understand, SPV wallet need to get whole block to verify the transaction.
1. I don't see much advantage points of adding Bounce since it's value can be generated/modified with no cost.
2. While this idea could reduce "wasted" electricity since PoW based on winner-takes-all, total electricity used for mining is still same.
3. In part 5, it mentions that "and when there is no transaction in transactions pool, the system code could generate a rescue transaction for a new block and miners could still compete". I see there's conflict possibility due to transaction propagation, few nodes might generate rescue transaction just before receive a transaction.
Hello ETFbitcoin, hope all is well. 1- I need to refer you to the insertion sort and merge sort comparison part of answer to Ali. And about Simplified Payment Verification (SPV) - as I know too - SPVs just keep the header of blocks and download partial content of blocks whenever they are needed. There is also a paragraph in document that describes SPV. 1 again- The whole idea behind adding Bounce values in transaction level is great and is what I really like it. Bounces in transaction level just work as nonce values in block header. So you still need to find a proper bounce value to meet an individual difficulty for a transaction. But first of all, bounce values are different from one transaction to the others – so they are customizable. A user may order a difficulty target for her own transaction and pay for it. Nonce values are good for proof-of-work but bounce values are created for both proof-of-work and increasing the overall security of the network. This is how a bounce value works: Imagine we have a hash (SHA256) value like this: 6D58A06DC487C30E5309FAEF7764C5C6D8E63EB50E437C4D473CA3E19601313F With a custom difficulty level of 7 we need our miners find a bounce value that its output hash value begin with the first 7 characters of our input string: 6D58A06 And its bounce value should fit in a formula too. For example bounce values should be greater than the sum of digit parts of the input hash string too. Also, each zero may mean multiply the sum of digits in 10: From 65806487305309776456863504374473319601313 Sum of (658648735397764568635437447331961313) = 180 x (10^5) = 18000000 So the output hash may be something like this: 6D58A069F1645B816F40DA4B91BBF9C401BAA3074D1D93C395EBBB4D102A09AB With bounce value of 21734093 that is greater than 18000000. Forcing bounce values to fit in a formula makes their output hash values higher resistant against collision attacks. There are reports like link bellow that shows a pattern in nonce values of classic crypto-currencies, so bounce is going to change the rules of the game: https://bitcoin.stackexchange.com/questions/24650/looking-for-nonces-of-even-numbers2- Let discuss power consumption with simple calculations. Imagine we have 1000 miners in a classic blockchain and the target difficulty of 10 zeros which carries 100 transactions in its content. When 1000 miners begin to compete we know that finally 999 of them will lose the reward – and waste energy in fixed level of a high difficulty target – e.g. 1500 KWH. Now let remove the nonce value from block header and say to our miner army find their prize in 100 different transactions (note: this is not a transaction fee). If we don’t want to make things complicated, we could see we have 900 of miners that lose, but in different range of difficulty target (e.g. proceeding for 4 to 10 zeros) – so we have improvement in rewarded miners from 1 to 100 with less waste in power for both winners and losers. Now miners could define their strategy to compete in a race that may finally lose 10 KWH or 1500 KWH which could lead us to new segmentation model. What I really tried to design is about defining a group of pre-mined transactions as a block; so you as end user could rent a dedicated miner (CPU, GPU or ASIC) to pre-mine your transactions, which could put us in the most ideal power consumption situation and break down any kinds of gold rush in a crypto-currency network. This means end users will rule these kinds of networks, not those miners who own the most hash power. However Shahin Go-Round has its own method in transaction segmentation, but you could find some other new ideas here in this paper too: http://www.mixoftix.net/knowledge_base/blockchain/scaling_blockchain_to_human_commerce.pdf3- True, however I could accept this as a price that we pay for benefit from the advantages of a decentralized system. And we have two options here: one, we could ignore to pay reward for a block that contains no transaction. No activity, No Profit – this is fair. two, still follow the rule of longest chain is the valid one and accept unexpected rescue transaction as a natural event that sometimes happens in the network. -- Shahin |
|
|
|
Just checked your document: 1- I think, you don't need to invent a new data structure and label for every single improvement. For instance your proposal for embedding 'work' in transactions has a very good background in cryptocurrency (check IOTA) and i've included this in my PoCW proposal lately. 2- Merkle tree is a good and simple tool for hashing lists of data, you have just log 2n+n hashes to do which is super efficient. There is nothing to improve here! 3- There is no "green" work in the universe. Work is messy it increases anthropy and consumes energy. Bitcoin's consumption of energy is its source of value. Nobody could ever invent a way for bitcoin to consume less energy and keep its value at the same time, it is essentially paradoxical. 4- Transactions carrying "work" means wallets doing work and not miners, unlike what you think. In my own proposal, I'm suggesting a portion of work being projected to wallets (like 10-20 percents). P.S: good to hear from Iran  Things are getting so difficult for people in Iran and resisting against bullyism in monetary system is the right mission for cryptocurrency. I don't understand how and why US and Trump administration's brutal and rude behavior against people of Iran is overlooked by crypto advocates but obviously Iran government is evil too, they are mostly a bunch of corrupted hypocrites who have been busy systematically destroying this great nation for years. Checking your institutional relationship with a company that basically is another ordinary/opportunist player in the foggy business atmosphere of Iran is just worrying. Are you sure the dick heads running the company aren't planning for "their" coin or something?  Hi Ali, thanks for reply. 1- I know some good engineers that believe blockchain is just a linked list and Merkle tree is just a binary tree, mixed with hash algorithms. But we know well these all are about providing new Use Cases and we assess their importance by their outcomes. And about embedding work in transaction level, the IOTA is entirely another concept in this area. From iota.org : “The Tangle is a new data structure based on a Directed Acyclic Graph. As such it has no Blocks, no Chain and also no Miners. This radical new architecture enables things in IOTA work quite differently compared to Blockchains and other Distributed Ledger Technologies.” But Shahin Go-Round still needs Miners and Blocks and Chains (with same consensus model and level) to do things. 2- Well, it first happened in my lab that I found out if we decide to download and process several transactions of a block, we should pass a longer path with Merkle Tree than linear paths that I have mentioned in document with simple calculations. For limited amounts of transactions Merkle Tree is still the best option. These are something like differences among insertion sort (that takes time equal to C1 x N^2) and merge sort (that takes time equal to C2 x N x LOG[N]) algorithms to sort N items. Although insertion sort is usually faster than merge sort for small input size, once the input size N becomes large enough, merge sort’s advantage of LOG[N] vs. N will more than compensate for the difference in constant factors (C1, C2). C1 and C2 represent processing power of two different machine. By the way, Shahin Go-Round uses 2 x (log2n+n) hashes for a list of data. 3- But I really think people’s trust is the source of bitcoin’s value and energy consumption will destroy it in future. Entropy does not always satisfy by doing more work. Sometimes a simple change in work flows could improve performance too. This is why we sometimes fork a network to handle its new versions. 4- Shahin Go-Round doesn’t need clients to do anything than signing their transactions and orders. There are always transaction pools that a client could submit her job to it and wait for a miner to accept her transaction to process. And I really like to read your proposal too. Would you please let us read it too - if applicable? P.S. You know, governments are pretty different things from nations. And just because I am not good in politics, I personally try to do my researches for nations that all of them are respectable. BTW, I am just a private researcher that works in his own lab – no other relationships. -- Shahin |
|
|
|
Hello everybody.. By an innovative block structure that we call it Shahin Go-Round, we could bring arbitrary integrity/difficulty power into blockchain transactions level. More to the point and as you know better, Merkle-Tree is a drastic data structure for transaction verification but when we face huge amount of concurrent verification processes inside a block, we need to move on several parallel paths which is pretty bandwidth and time consuming. But in Shahin Go-Round we could follow linear shortcuts that save the time and processing power. However Shahin Go-Round is consuming more disk space, but also has good effect on energy consumption by bringing nonce from block header to block payload. There is a document that describes Shahin Go-Round in detail - available at: http://www.mixoftix.net/knowledge_base/blockchain/shahin_go-round.pdfThis may be a new approach to green blockchains so all feed-backs are welcome. -- Shahin Noursalehi UPDATED [November 26, 2018]: Proof-of-Consistency (PoCo) module included (pages 11-16) - available at: http://www.mixoftix.net/knowledge_base/blockchain/shahin_go-round_v_1_1.pdfUPDATED [December 26, 2018]: Power Point Presentation file / PoCo Workshop - available at: http://www.mixoftix.net/knowledge_base/blockchain/shahin_go-round_v_1_2.pptUPDATED [January 11, 2019]: All provided documents in this post are under MIT License and this will update in next editions of documents. |
|
|
|
|
