EvilDave


April 06, 2015, 10:22:55 PM 

Just taken a look at Vitalik Buterins latest paper, which contains a couple of pages devoted to NXT and its algo: Notes on Scalable Blockchain Protocols (v 0.0.2) Pages 10 and 11 are interesting for NXT: Example 3.0.2. The cryptoeconomically secure entropy source used in NXT[16] is defined recursively as follows: E(G) = 0
Lemma 3.0.3. The NXT algorithm described above satisfies the conditions for being a cryptoeconomically secure entropy source. Proof. To prove unpredictability, we note that the NXT blockchain pro duces a block every minute, and so the update
I must admit that most of this paper (and all of its math) go straight over my head, but VB does seem to regard Nxt as being 'cryptoeconomically secure' which sounds like a good thing to me.... anyone got any more expert input on this paper and it's implications for NXT ?






Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.


Daedelus


April 06, 2015, 10:39:46 PM 

None techies, just read the last line for explanation Lemma 3.0.3. The NXT algorithm described above satisfies the conditions for being a cryptoeconomically secure entropy source.
Proof. To prove unpredictability, we note that the NXT blockchain produces a block every minute, and so the update v ← sha256(v, V (β)) takes place once a minute. During each round of updating, there is a probability 1 − po(60) that the primary signer will be online, and po(60) that the signer will be offline and thus a secondary signer will need to produce the block. Hence, after 1 −log(po(60)) blocks, there is a probability p ≈ 1 2 that the resulting value will be the “default value” obtained from updating v with the primary signers’ public keys at each block, and a p ≈ 1 2 probability that the resulting value will be different. We model 512 iterations of this process as a tree, with all leaves being probability distributions over sequences of 512 public keys of signers, where all probability distributions are disjoint (ie. no sequence appears with probability greater than zero in multiple leaves). By randomoracle assumption of sha256, we thus know that we have a set of 2512 independently randomly sampled probability distributions from {0, 1} 256, and so each value will be selected an expected {0, 1} 256 times, with standard deviation 2128. Hence, the probability distribution is statistically indistinguishable from a random distribution. To show that the first uninfluenceability criterion holds true, note that the only way to manipulate the result is for the block proposer to disappear, leading to another proposer taking over. However, this action is costly for the proposer as the proposer loses a block reward. The optimal strategy is to disappear with probability 0 < q <= 1 only when the predicate will be unsatisfied with the proposer participating but will be satisfied with the next proposer partipating; if a predicate has probability p this entails disappearing p ∗ (1 − p) ∗ q of the time, meaning that the predicate will be satisfied p + p ∗ (1 − p) ∗ q of the time instead of p of the time, a probability increment of p∗(1−p)∗q will have a cost of p∗(1−p)∗q∗R if R is the signing reward (whose real value is proportional to the quantity of transaction fees, a reasonable metric of economic activity). Hence, the desired condition holds true with b = 1. To show that the second uninfluenceability criterion holds true, note that when one is not the signer, one has no influence on the entropy, and when one is the signer one has the ability to not sign and instead defer to the next signer. Hence, an attacker controlling 1 k of all signing slots will be able to defer to the second signer 1 k of the time, to the third signer 1 k 2 of the time (by being in the first two slots simultaneously), etc, so in total such an attacker will on average be able to choose between 1 + 1 k−1 values and thus multiply the probability of a desired predicate by a factor of 1 + 1 k−1 . If the attacker controls 1 3 of all signing slots, the result will thus be increasing the probablity by a factor of 3 2 .
*********** it seems vitalik made a proof about NXT algo




tokeweed
Legendary
Offline
Activity: 1834
Merit: 1025
Life, Love and Laughter...


April 07, 2015, 02:40:03 AM 

I wonder what J.Garzik has to say.




boomboom


April 07, 2015, 02:42:57 AM 

I must admit that most of this paper (and all of its math) go straight over my head, but VB does seem to regard Nxt as being 'cryptoeconomically secure' which sounds like a good thing to me.... anyone got any more expert input on this paper and it's implications for NXT ?
Someone buy VB a VB! Worth celebrating




cloudboy


April 07, 2015, 04:06:06 AM 

I wonder what J.Garzik has to say. Hashes don't match.




LeChatNoir


April 07, 2015, 07:04:06 AM 

WOW, this is huge people!




From Above


April 07, 2015, 07:19:30 AM 

I wonder what J.Garzik has to say. actually it would be pretty cool if dem garizk dude could say anything other then just spit out utter BS as usual LOL!!




bitme


April 07, 2015, 08:04:39 AM 

what a relief... Now all we need to do is gather all the folks in the world and start to use the damned thing.

NXT makes the Difference My nxtforum account : bitme



GTO911


April 07, 2015, 08:47:51 AM 

WOW, this is huge people!
What is so huge in that? Often developers talk about other projects. He even said Monero technology is cool, so what?




Daedelus


April 07, 2015, 09:03:04 AM 

WOW, this is huge people!
What is so huge in that? Often developers talk about other projects. He even said Monero technology is cool, so what? You don't see a difference between "cool" and "cryptoeconomically secure"?




ShroomsKit_Disgrace
Legendary
Offline
Activity: 952
Merit: 1000
Yeah! I hate ShroomsKit!


April 07, 2015, 10:02:07 AM 

Recognition from 3rd parties are not usual in cryptoworld. This is BIG NEWS for NXT.




Daedelus


April 07, 2015, 10:09:16 AM 

ComefromBeyond seems satisfied too In the paper  https://raw.githubusercontent.com/vbuterin/scalability_paper/master/scalability.pdf, the authors used Nxt algo as an example. It seems a confirmation of Nxt security (But I am not a expert) Example 3.0.2. The cryptoeconomically secure entropy source used in NXT[16] is dened recursively as follows: E(G) = 0 E( +) = sha256(E()+V ()) where V () is the block proposer of . Assumption 3.1. For any time internal I, there exists some xed probability po(I) such that a node randomly selected according to the weight functionused to measure a cryptoeconomic state machine's Byzantine fault tolerancecan be expected to be oine for at least the next I seconds starting from anyparticular point in time with at least probability po.Note. We can derive the above assumption from an altruism assumption bysimply stating in the protocol that nodes \should" randomly drop oinewith low probability; however, in practice it is simpler and cleaner to relyonly on natural faults.Note. Combining the two uninuenceability criteria into one (\it is impos sible to increase the probability of P from p to p (1+k) without expendingat least b L k resources") is likely very dicult; it is hard to avoid having ways to cheaply multiply the probability of lowprobability predicates byonly acting when you are sure that your action will have an inuence on theresult. ......
Lemma 3.0.3. The NXT algorithm described above satises the conditionsfor being a cryptoeconomically secure entropy source.Proof. To prove unpredictability, we note that the NXT blockchain produces a block every minute, and so the update v sha256(v; V ()) takesplace once a minute. During each round of updating, there is a probability 1 ...........
BCNext's idea not to provide the whitepaper to force an independent analysis has finally worked. Good, now this page can be turned.




allwelder
Legendary
Offline
Activity: 1330
Merit: 1000


April 07, 2015, 10:25:21 AM 

haha,POS of Nxt is future.





HCLivess
Legendary
Offline
Activity: 1498
Merit: 1062
[[[],[]],[[],[]]]


April 07, 2015, 12:17:53 PM 

Nice, especially when taking into consideration Vitalik's generic (earlier) skepticism towards NXT




vlad12
Member
Offline
Activity: 75
Merit: 10


April 07, 2015, 02:34:09 PM 

Wait for peer review (at least in the community). There's this weird reverence towards certain individuals in this community from people who don't understand shit. Let the experts evaluate and criticize and withhold your opinion until something reaches some sort of expert consensus.
Everyone nowdays in crypto see a fucking PDF paper in academic format and treat it like a fucking bible. Speaking from a scientific background I've seen plenty of beautiful looking papers which 'look' like they got a lot of good stuff to say only to be complete and utter bullshit. Too bad this isn't my field of expertise.




Daedelus


April 07, 2015, 02:48:47 PM 

Let the experts evaluate and criticize and withhold your opinion until something reaches some sort of expert consensus.
Isn't this thread a step towards this?




ComefromBeyond
Legendary
Offline
Activity: 2016
Merit: 1007
Newbie


April 07, 2015, 03:43:30 PM 

Let the experts evaluate and criticize and withhold your opinion until something reaches some sort of expert consensus.
Jeff "HashesDoNotMatch" Garzik is the only expert I know. And he already evaluated Nxt. Do you know any other experts?




From Above


April 07, 2015, 03:49:15 PM 

Let the experts evaluate and criticize and withhold your opinion until something reaches some sort of expert consensus.
Jeff "HashesDoNotMatch" Garzik is the only expert I know. And he already evaluated Nxt. Do you know any other experts? maybe David Latapie of Munero is a good match




aurtur215
Jr. Member
Offline
Activity: 49
Merit: 0


April 07, 2015, 04:26:30 PM 

Wait for peer review (at least in the community). There's this weird reverence towards certain individuals in this community from people who don't understand shit. Let the experts evaluate and criticize and withhold your opinion until something reaches some sort of expert consensus.
Everyone nowdays in crypto see a fucking PDF paper in academic format and treat it like a fucking bible. Speaking from a scientific background I've seen plenty of beautiful looking papers which 'look' like they got a lot of good stuff to say only to be complete and utter bullshit. Too bad this isn't my field of expertise.
No scientist's paper is worth shit unless its been "peer reviewed", which means a big gang of experts all need to have checked it out and agreed with it before it gets published. Most scientific journals are peer reviewed and all the papers in them have been checked by a gang of experts beforehand. We need more experts to check out NXT.




