Bitcoin Forum
November 08, 2024, 03:49:19 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Warning: One or more bitcointalk.org users have reported that they strongly believe that the creator of this topic is a scammer. (Login to see the detailed trust ratings.) While the bitcointalk.org administration does not verify such claims, you should proceed with extreme caution.
Pages: [1]
  Print  
Author Topic: Do unforgeable p2p random numbers rely on max difficulty POW?  (Read 523 times)
monsterer (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1007


View Profile
September 10, 2015, 08:07:17 AM
 #1

I've been musing about various different (non POW) consensus design mechanisms and have come across the need to use random numbers in order to select the winner of a block reward.

However, it strikes me that using something like the block hash or any other combination of things any given node could generate when attempting to submit a block would be subject to forgery - the node picks a particular hash, or combination of hashes which produce a winner for the random number generator.

Then I thought about including a small POW to make forging harder, but it then struck me that unless the POW is at maximum difficulty, this would only reduce the forgeability (since you could sybil attack it with many results if the POW was easy enough) not prevent it.

So, the question is: do unforgeable, node side random numbers rely on POW at maximum network difficulty? How do POS chains deal with this?
spartacusrex
Hero Member
*****
Offline Offline

Activity: 718
Merit: 545



View Profile
September 10, 2015, 01:30:51 PM
 #2

Just to be clear, is the question, How do I get a random number from a POS chain ?

If so.. I would go with,

You take the last 64 blocks, and take 1 bit from each block, the first bit of the header hash, stick all of these together and come up with one 64 bit number.

Even if you controlled the last 8 blocks, that would only be 256 different permutations you could try, to find one that favoured you.

Then, you could spread this out to use 64x64 blocks instead, by hashing each 64 blocks to get 1 hash, and then 1 bit from each of those.. Surely that would be pretty hard to game ?




 

Life is Code.
monsterer (OP)
Legendary
*
Offline Offline

Activity: 1008
Merit: 1007


View Profile
September 10, 2015, 01:33:43 PM
 #3

Just to be clear, is the question, How do I get a random number from a POS chain ?

The ultimate question is whether the only truly ungameable random numbers in a p2p network come from POW at network difficulty?

Your proposal sounds like an improvement from just picking the hash of the last block.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!