Bitcoin Forum
June 21, 2021, 12:28:49 PM *
News: Latest Bitcoin Core release: 0.21.1 [Torrent]
 
  Home Help Search Login Register More  
  Show Posts
Pages: « 1 2 3 4 5 6 7 [8] 9 10 11 12 »
141  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 21, 2013, 10:26:17 AM
No.  Transactions do not affect the signature.

Someone may attempt an "attack" by sending their generated blocks with different transaction sets to different peers.  This will just increase the rate of orphaned blocks.  A few blocks later the network will decide which branch to follow.
142  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 21, 2013, 09:50:30 AM
comtents == content?

Nth block generation signature = Ed25519.Sign([N-1]th block generation signature).

Edit:  The generator signs two messages each block, generation signature of the previous block and the header of this block which contains payload hash.
143  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 21, 2013, 08:25:45 AM
Tomorrow I will lock the poll, as I can see the majority chose colored coins.
144  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 21, 2013, 06:44:09 AM
Where does a block's generation signature parameter come from?

It's the generation signature of a previous block signed by the generator of a current block.
145  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 20, 2013, 08:54:45 PM
I see no problem if someone sends multiple transactions with the same hash and total amount not greater than the cap.  My parsing script handles this correctly.
146  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 20, 2013, 07:37:25 PM
Although one can still send 1BTC 100 times instead of 100 BTC once, but the hassles and complications of sending 100 times makes the first option less probable and harder keeping the track of, for the sender.

Let's set the cap to 1 BTC.
147  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 20, 2013, 07:35:30 PM
Obviously, this is not acceptable. Attackers should have to hold more than a few satoshis in order to mount a successful attack.

If I increase maturity period to 1440 blocks and add a rule that the blockchain can't be rolled for more than 720 blocks back?  Can you attack it now if you have less than 50% of coins?
148  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 20, 2013, 07:33:17 PM
Comments?

We can't rely on assumption that 1000 billion is a big enough number.
149  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 20, 2013, 08:20:01 AM
Suppose I have 0.001% of stake and vast computing power. All I have to do to attack is construct a 60 block private chain and then I can use my computing power to extend this chain to an arbitrary length.

Let's suppose you have 10% of stake and an alien's computer stolen from Area 51.  Odds to generate 60 block long chain at the rate of 1 block a minute are very small (something like 1/10000000000000...)  Cumulative difficulty of your branch will be much lower than difficulty of the main chain and it won't be accepted by other peers (you can generate your chain very fast with timestamps far in the future).  You continue and now begin searching for private keys that can give you public keys with hits very close to zero (let's call them attacking accounts).  You have to do a lot of Ed25519 computations (requires much more CPU power than SHA256) but you have an alien's computer and you complete the task within 2 minutes.  Now you have to go to Area 51 again and stole a time machine or wait for a few months (otherwise blocks of your chain won't be accepted due to incorrect timestamps).

Let's think how to counteract the attack.

The first thing that has come to my mind is to extend maturity period from 60 (1 hour) to 1440 blocks (1 day).  This will force you to wait for years and even after that you will not be able to complete the attack because of checkpointing.  I don't really like to wait for 1 day before I start generating blocks, I will think more and may come to another solution.


The 60 block hurdle might be enough to prevent atack if it took years to construct. However, it doesn't. In practice, an attack chain will be just marginally slower than a legit chain. This will remain true even if the attacker has only say 0.001% of stake.

Recall that the target halves every second. If 99.999% of stake can conetruct a block in 60 seconds on average, then 0.001% of stake will be able to construct a block in 77 seconds on average. So it will only take about an hour and 15 minutes to execute an PoW based attack with a 60 block delay.

The target falls so quickly that you are relying very heavily on synchronous time in the process.
In your system:
 target = difficulty constant * exp (-0.7t) where t is measured in seconds
A very slight misrrporting of the timestamp offers a tremendous advantage.

I suggest the following modification
target = difficulty constant * exp (-0.7 ln (t))

Under this adjustment, our 0.001% attacker would needs 173 days per attack block instead of 77 seconds.
This is still not enough though.
If we are dealing with a 10% attacker then he would need about 25 minutes per attack block, so with a 60 block delay, he could execute a PoW based attack in a couple of days.

To solve the problem, you also need to prevent users from controlling the seed used to generate the hit entirely.
I think you should assign each satoshi a permanent color. Say the color is indexed by an integer from 1 to 1 billion (1 billion satoshis, right?).
Then the miner generates a unique hit for each satoshi under his control. The hit for each satoshi should be determined by
Hash (satoshi color,  block height)
So over the long run all satoshis are equal in terms of mining power.

I also think you should implement the modified rule for target descent shown above. The target drops much to quickly with time in your current design. Under my modified rule, the target halves with every doubling in waiting time. So it halves between ..., 15 and 30 seconds,30 and 60 seconds, and then halves again between 60 and 120 seconds, and so on

I'm sorry that I misinformed you.  It's true that the target on the 2-second mark is 2 times bigger than on the 1-second mark, but it's only because each second the target grows by 1/60 of the base target.  On the 3-second mark it will be 3 times bigger than on mark 1, and 1.5 times bigger than on mark 2.

Code:
Target = BaseTarget * TimeSincePreviousBlock / 60


Finally, you need to enforce synchronicity more stringrently than bitcoin. Blocks that are timestamped ahead of user time should be rejected (at least until user time catches up with them). Comparing chains of equivalent length and differing only in the current block, you should have the client choose whichever current block has an earlier timestamp as the correct chain.

It is already implemented, all new blocks must be within +/- 15 seconds.


The last issue is the lack of any resource cost associated with a failed attack attempt. I'm willing to believe that this is just a theoretical concern (and ignore it). It is very complicated to solve under a pure POS system. You should be prepared, however, for a lot of criticism on this aspect.

Is there any other attack except Cunicula attack described above?  That one requires a lot of resources.


BTW are you planning to use centralized checkpoints for each block as in PPC? Please don't. This is a good way of ruining your credibility. If you don't use checkpoints, then you will have a very clear point of differentiation from PPC.

Nxt uses accounts, not inputs/outputs (payment privacy is supposed to be provided via mixing feature).  Each 525949th block (1 year) the blockchain will be shrunk (and checkpointed).
150  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 20, 2013, 06:54:57 AM
Hey, I have a server that could help in bootstrapping the network and some coins. Need my help? :>

Of course, pm me with its IP address or domain name, please.
151  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 19, 2013, 02:34:46 PM
Agree. Without at least 100 users on start the whole currency is pointless. I would spend collected bitcoins for advertising instead of development of advanced features.

I may follow your advice.
152  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 19, 2013, 02:33:53 PM
This is starting to look really promising, I might invest some more.  You only asked for small amounts, but are slightly larger amounts welcome too such as 1-2BTC?

Thank you.  But we don't really need a lot of funds right now.  All services were promised to be developed free of charge.  The transfer address is for initial stake distribution, not for investment.

The main issue I see is distributing the coins to enough people.

I hope after I publish a beta-test version of the client we will get more users.
153  Alternate cryptocurrencies / Altcoin Discussion / Re: [Nxt] What advanced feature to add in the first place? on: October 19, 2013, 02:29:24 PM
The other features will be implemented later.
154  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 19, 2013, 12:46:26 PM
Please, vote on the first advanced feature at https://bitcointalk.org/index.php?topic=314008.0

You should choose between

Messaging
Storing messages in the blockchain.  The amount will be determined by the length of a message, this money will be destroyed increasing value of all other coins.  Such messages can be used as digital contracts because they will be signed with the account key.

Two-phase payment
A payment that must be commited.  This should stimulate sellers not to cheat their customers.  A payment can't be rolled back and the sender can't get the funds back in any case.

Voting system
A tool that lets to vote on anything.  Number of voices is determined by the stake of coins.

Colored coins
A system that tracks ownership of any digital property.  More information at http://bitcoin.stackexchange.com/questions/5695/what-are-colored-coins.
155  Alternate cryptocurrencies / Altcoin Discussion / [Nxt] What advanced feature to add in the first place? on: October 19, 2013, 12:45:02 PM
The development of Nxt basic features is almost done.  Now it's time to decide what an advanced feature will be developed in the first place.  Please, vote and comment.  A thread about Nxt can be found at https://bitcointalk.org/index.php?topic=303898.0

Messaging
Storing messages in the blockchain.  The amount will be determined by the length of a message, this money will be destroyed increasing value of all other coins.  Such messages can be used as digital contracts because they will be signed with the account key.

Two-phase payment
A payment that must be commited.  This should stimulate sellers not to cheat their customers.  A payment can't be rolled back and the sender can't get the funds back in any case.

Voting system
A tool that lets to vote on anything.  Number of voices is determined by the stake of coins.

Colored coins
A system that tracks ownership of any digital property.  More information at http://bitcoin.stackexchange.com/questions/5695/what-are-colored-coins.

Other (in comments)
Add anything that you think is more important.
156  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 19, 2013, 09:29:31 AM
Valid point.  Will adding a generation delay for novel keys solve this problem?  60 blocks (~1 hour) to wait until someone is able to generate blocks, what do you think?
157  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 19, 2013, 06:41:39 AM
We must collect critical mass of users.  The bonus should help with it.
158  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 18, 2013, 06:59:46 PM
UPDATE

New blocks are distributed over the network now.
Added KEY button (top left corner) to log into third-party sites using Nxt account.
Implemented API calls listed in the corresponding thread (like http://88.198.210.245:7876/?request=getBlock&block=15420240104732740931)
Number of transactions per block limited to 255.  The client chooses transactions with higher fees on first place.
159  Alternate cryptocurrencies / Altcoin Discussion / Re: [Nxt] API of Nxt on: October 18, 2013, 05:41:40 PM
API bot shouldn't connect to a remote server.  You can tunnel it through TLS if you wish.
160  Alternate cryptocurrencies / Announcements (Altcoins) / Re: [ANN] Nxt :: descendant of Bitcoin on: October 18, 2013, 05:08:24 PM
It will be tripled.
Pages: « 1 2 3 4 5 6 7 [8] 9 10 11 12 »
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!