Balthazar
Legendary
Offline
Activity: 3108
Merit: 1359
|
|
January 06, 2014, 02:14:57 AM Last edit: January 06, 2014, 04:01:20 AM by Balthazar |
|
NVC's solution gives huge inflation and I think this would hurt YAC significantly more that it hurts NVC so be shouldn't go there.
It looks like somebody prefers to ignore a basic math for ideological purposes rather than do some research. I seen this many times during the years of USSR. OK, let's do some research... 1) The maximum proof-of-stake reward is 1 coin per coin*year, so even if reward and difficulty will be constant values, proof-of-stake is unable to introduce more than 100% increase of supply. 2) There are more than 650000 NVC generated, this means ~ 325% increase of supply for 8 months or ~ 487% for a year. 3) WHAAAT THE HELL IS THAT???! How is it possible? An answer is quite simple, proof-of-work generation is much more powerful inflation source even with NVC block rewards. And it's significantly more powerful in YAC, just compare proof-of-work rewards and do some extrapolation before trying to deny that. And remember that difficulty is growing while the reward is dropping...
|
|
|
|
ilostcoins
|
|
January 06, 2014, 02:34:47 AM |
|
This discussion has been a good lesson for me and I'm still trying to digest more of it. Too bad I don't have anything useful to offer. Thank you Balthazar for offering your expertise on the matter. If I understand correctly function of PoW mining is coin distribution and PoS was ment to later with enough honest nodes takes over coin production and other functions (but not distribution at least not directly).
Now the two (PoS&PoW) obviously do not go along too well in this form.
Would it be possible to implement alterations of blockchain sequences according to timestamp like this: only POW blocks would be accepted by clients every day except on saturday when one hour would be allowed for only PoS blocks sequence. That one hour would be extended by another hour or similar every week, so gradually PoS would replace PoW along with coin being distributed to increasing number of people.
If people would like to collect PoS revenue they would have to open their wallets all at once and "flood" the net. As yacoin gets distributed to more people this flooding time would get extended until it happens all the time and takes it's proper function.
I said 1 hour on saturday - but it could be any day and duration determined upfront, for example 15 minutes every day or every third day or when N increments...
I think Nfactor change should get used for any incremental phasing out of functionality not needed anymore - be it dynamic active weight calculation or something else temporarily needed.
Scheduling a time period for POS and POW sound strange at first, but from the perspective of coin distribution with less waste in energy, shortening the time mining machines need to run is a good thing and a similar amount of coins can be handed out by adjusting the block reward. N changes are indeed obvious signposts that can help orchestrate any major shifts. I don't know about the security aspect though. ... second question - regarding bitcoin knowing the difference between a diff1 and diff2 block but YAC does not - could you elaborate on this Balthazar? What is YAC missing?
I think he means the recent proposed changes of YACoin but I could easily be wrong.
|
LTC: LSyqwk4YbhBRtkrUy8NRdKXFoUcgVpu8Qb NVC: 4HtynfYVyRYo6yM8BTAqyNYwqiucfoPqFW TAG id: 4313 CMC: CAHrzqveVm9UxGm7PZtT4uj6su4suxKzZv YAC: Y9m5S7M24sdkjdwxnA9GZpPez6k6EqUjUt
|
|
|
Balthazar
Legendary
Offline
Activity: 3108
Merit: 1359
|
|
January 06, 2014, 02:41:56 AM Last edit: January 06, 2014, 03:21:17 AM by Balthazar |
|
Would there be ramifications to changing the code to reject a newly published chain if the lowest height block is 24 hours older than the highest published block?
Nope. This modification changes actually nothing, because attacker won't publish his chain during the generation time. It would affect you only if you are honest user with the wrong clock settings. That's much worse than checkpoints, because it provides a false sense of security. but it strikes me as just another form of checkpoints, which is what NVC and PPC are using.
Again... Don't listen to checkpointism adepts ever. The main purpose of checkpoints is not a chain control, a block chain must be able to control itself. The main checkpoints purpose is to protect users against the compromised ISPs and enable some low-level signature checking optimizations. Checkpoints could be disabled or removed entirely and chain has to be able to continue working as usual. second question - regarding bitcoin knowing the difference between a diff1 and diff2 block but YAC does not - could you elaborate on this Balthazar? What is YAC missing?
YAC is missing the block trust calculation. BTC calculates chain work as a function of difficulty and chain length; PPC calculates chain trust as a function of PoS difficulty and chain length; NVC calculates chain trust as a function of PoW and PoS difficulties and chain length; YAC doesn't perform any calculations, all blocks has the same trust and chain trust depends only on chain length. But actual reason of the problem and all those "fixes" is that YAC tries to use PoS:PoW ratio which wasn't foreseen in the original design.
|
|
|
|
senj
Member
Offline
Activity: 118
Merit: 10
|
|
January 06, 2014, 09:42:35 AM |
|
If I understand correctly function of PoW mining is coin distribution and PoS was ment to later with enough honest nodes takes over coin production and other functions (but not distribution at least not directly).
Now the two (PoS&PoW) obviously do not go along too well in this form.
Would it be possible to implement alterations of blockchain sequences according to timestamp like this: only POW blocks would be accepted by clients every day except on saturday when one hour would be allowed for only PoS blocks sequence. That one hour would be extended by another hour or similar every week, so gradually PoS would replace PoW along with coin being distributed to increasing number of people.
If people would like to collect PoS revenue they would have to open their wallets all at once and "flood" the net. As yacoin gets distributed to more people this flooding time would get extended until it happens all the time and takes it's proper function.
I said 1 hour on saturday - but it could be any day and duration determined upfront, for example 15 minutes every day or every third day or when N increments...
I think Nfactor change should get used for any incremental phasing out of functionality not needed anymore - be it dynamic active weight calculation or something else temporarily needed.
Scheduling a time period for POS and POW sound strange at first, but from the perspective of coin distribution with less waste in energy, shortening the time mining machines need to run is a good thing and a similar amount of coins can be handed out by adjusting the block reward. N changes are indeed obvious signposts that can help orchestrate any major shifts. I don't know about the security aspect though. I will expand a concept a little bit so there are no fixed times: Clients would utilize some function that would dynamically open PoS block acceptance windows, for example "when (mod(last1000blocks.getTransactionCount(), 15) = 0)". This makes PoS acceptance time hard to predict but easy to calculate on the fly. Client software would offer an option so the user would enter password on demand and wallet would get unlocked during that period it there are any coins eligible for PoS minting. Or notification would be raised and users could unlock the wallet manually (notification in system tray icon during PoS windows?). Software could also adjust PoS window duration according to currency amount generated during previous window (or average of last n PoS window periods). Or something else that would automatically adjust PoS block generation / PoS mechanism takeover. Yet I do not know if any of this can be done at all. Feedback from other developers would be much appreciated.
|
|
|
|
ilostcoins
|
|
January 06, 2014, 09:58:49 AM |
|
I will expand a concept a little bit so there are no fixed times: Clients would utilize some function that would dynamically open PoS block acceptance windows, for example "when (mod(last1000blocks.getTransactionCount(), 15) = 0)". This makes PoS acceptance time hard to predict but easy to calculate on the fly. Client software would offer an option so the user would enter password on demand and wallet would get unlocked during that period it there are any coins eligible for PoS minting. Or notification would be raised and users could unlock the wallet manually (notification in system tray icon during PoS windows?). Software could also adjust PoS window duration according to currency amount generated during previous window (or average of last n PoS window periods). Or something else that would automatically adjust PoS block generation / PoS mechanism takeover.
Yet I do not know if any of this can be done at all. Feedback from other developers would be much appreciated.
What would be the benefit of making this POS window hard to predict? Wouldn't it be easier to have more people participate in POS if people know when they can collect their interest?
|
LTC: LSyqwk4YbhBRtkrUy8NRdKXFoUcgVpu8Qb NVC: 4HtynfYVyRYo6yM8BTAqyNYwqiucfoPqFW TAG id: 4313 CMC: CAHrzqveVm9UxGm7PZtT4uj6su4suxKzZv YAC: Y9m5S7M24sdkjdwxnA9GZpPez6k6EqUjUt
|
|
|
senj
Member
Offline
Activity: 118
Merit: 10
|
|
January 06, 2014, 10:26:27 AM |
|
I will expand a concept a little bit so there are no fixed times: Clients would utilize some function that would dynamically open PoS block acceptance windows, for example "when (mod(last1000blocks.getTransactionCount(), 15) = 0)". This makes PoS acceptance time hard to predict but easy to calculate on the fly. Client software would offer an option so the user would enter password on demand and wallet would get unlocked during that period it there are any coins eligible for PoS minting. Or notification would be raised and users could unlock the wallet manually (notification in system tray icon during PoS windows?). Software could also adjust PoS window duration according to currency amount generated during previous window (or average of last n PoS window periods). Or something else that would automatically adjust PoS block generation / PoS mechanism takeover.
Yet I do not know if any of this can be done at all. Feedback from other developers would be much appreciated.
What would be the benefit of making this POS window hard to predict? Wouldn't it be easier to have more people participate in POS if people know when they can collect their interest? I thought it might complicate things for anyone planning scheduled attack with his own premined chain. Also fixed times would affect people differently depending on where on Earth they dwell. If it would be time (exact hour) based that would have to drift anyway so that folks on some continents would not have to wake at 4am to collect interest. Plus it might be preferred to have greater number of small PoS windows than ever expanding one.
|
|
|
|
Joe_Bauers
|
|
January 06, 2014, 06:06:47 PM |
|
I will expand a concept a little bit so there are no fixed times: Clients would utilize some function that would dynamically open PoS block acceptance windows, for example "when (mod(last1000blocks.getTransactionCount(), 15) = 0)". This makes PoS acceptance time hard to predict but easy to calculate on the fly. Client software would offer an option so the user would enter password on demand and wallet would get unlocked during that period it there are any coins eligible for PoS minting. Or notification would be raised and users could unlock the wallet manually (notification in system tray icon during PoS windows?). Software could also adjust PoS window duration according to currency amount generated during previous window (or average of last n PoS window periods). Or something else that would automatically adjust PoS block generation / PoS mechanism takeover.
Yet I do not know if any of this can be done at all. Feedback from other developers would be much appreciated.
What would be the benefit of making this POS window hard to predict? Wouldn't it be easier to have more people participate in POS if people know when they can collect their interest? I thought it might complicate things for anyone planning scheduled attack with his own premined chain. Also fixed times would affect people differently depending on where on Earth they dwell. If it would be time (exact hour) based that would have to drift anyway so that folks on some continents would not have to wake at 4am to collect interest. Plus it might be preferred to have greater number of small PoS windows than ever expanding one. It might make sense to have a window set for every day - basically like a company's batch file sent to a bank. For those in inconvenient time zones, they could just set their client up for POS mining before they go to bed. Balthazar, obviously this would be a big change from what is already happening for NVC/PPC/YAC. Do you think something like this is even viable?
|
|
|
|
Balthazar
Legendary
Offline
Activity: 3108
Merit: 1359
|
|
January 07, 2014, 01:49:45 AM |
|
Maybe it has a sense in terms of coins distribution, but not in the terms of security. Because attacker can fake timestamps and there is no way to make a difference between incorrect/correct timestamps if the both timestamps are from the past or present. You can't check it without the help from trusted parties (e.g. https://en.wikipedia.org/wiki/Trusted_timestamping).
|
|
|
|
Beave162
|
|
January 07, 2014, 03:19:16 AM |
|
Creation of coins to depend on timestamps as well? I think nonconsecutive PoS blocks looks even better now. It now seems relatively very simple and innovative--and simple. I think NXT is going to show how ineffective PoS is compared to PoW in terms of long-term stability. Just secure PoS role as providing security while also stabilizing prices through inflation--my vote as if it matters.
|
YaCoin: YL5kf54wPPXKsXd5T18xCaNkyUsS1DgY7z BitCoin: 14PFbLyUdTyxZg3V8hnvj5VXkx3dhthmDj
|
|
|
Balthazar
Legendary
Offline
Activity: 3108
Merit: 1359
|
|
January 07, 2014, 03:28:35 AM Last edit: January 07, 2014, 04:09:20 AM by Balthazar |
|
It now seems relatively very simple and innovative--and simple.
And buggy as well. I think nonconsecutive PoS blocks looks even better now.
There is no difference between control through checkpoints or trusted timestamps... This "solution" requires checkpointing control to work properly, so by choosing such design you are choosing a centralization. Maybe it's time to stop kidding yourself and switch to paypal? That's really much simpler than establishment of another centralized system instead of fixing a real source of the problem. There is no problem with proof-of-stake system in terms of stability or efficiency, all we see here are just an issues of particular project. This issues are caused by incorrect chain settings and it's easy to fix it in the right way. But it seems that majority could prefer to use ugly workarounds due to ideological purposes. 2 allIt's not too late, a fate of the project is still in your hands. Just read my messages here carefully and make the your own decision. Anybody including myself can make the mistakes, that's natural. So don't accept flawed solutions so silently from anybody, despite of his authority. Check everything twice before saying "yep, that's acceptable"
|
|
|
|
senj
Member
Offline
Activity: 118
Merit: 10
|
|
January 07, 2014, 03:48:12 AM Last edit: January 07, 2014, 04:08:44 AM by senj |
|
Can someone please explain what can the attacker do if Sairon's fix (no two consecutive PoS blocks) would be merged with criteria for dynamic PoS block window opening a couple of times a week (and later per day or hour)?
EDIT: I've read the previous page again and my understanding is that somewhere in the future attacker generates a chain that replaces original chain with clients that are not on latest chain. Is that correct? And that is all because of one (to keep it simple) PoS block inserted?
|
|
|
|
Balthazar
Legendary
Offline
Activity: 3108
Merit: 1359
|
|
January 07, 2014, 04:21:39 AM |
|
I've read the previous page again and my understanding is that somewhere in the future attacker generates a chain that replaces original chain with clients that are not on latest chain.
Attacker can generate chain now and publish it a week/month/year later. His chain will be able to overwrite the main chain if it has a suitable length. Of course, if there is no checkpoints... A proposed solution (cutting the window of allowed timestamps) can't help here. This checking isn't purposed to use for protection against double-spend attacks, it's just a sanity checking and nothing more. And that is all because of one (to keep it simple) PoS block inserted?
No, it's all because of absence of the correct chaintrust calculation.
|
|
|
|
senj
Member
Offline
Activity: 118
Merit: 10
|
|
January 07, 2014, 07:08:34 AM Last edit: January 07, 2014, 09:36:53 AM by senj |
|
Thanks a lot for explanation and your valuable insight, Balthazar. This is really complex stuff and I have read it again and though I do not get it all (and probably not right either), I do have some thoughts. ... I've also been thinking abount the issue Balthazar found (generating lower-difficulty fork from last checkpoint). The only way it can be achieved (the lower diff) is by faking the timestamps in the blocks (to keep diff low) and generating a longer chain than the current main chain. By faking the timestamps to be more distant from each other the difficulty is kept low. ..
EDIT-new paragraph: If this quote from Sairon is correct, PoS window periods mentioned on previous page could be used as checkpoints. Software should calculate the difference between timestamps of PoW blocks between PoS blocks and the result could serve as a chaintrust value. Blockchain fork with lowest time difference should be considered most valid one. EDIT-old paragraph ( I don't understand anything written ) If this quote from Sairon is correct, before mentioned PoS window and the next one could be used as checkpoints. If software would be set to calculate distance to next PoS block to be 59 PoW blocks ahead, the difference between timestamps of PoW blocks on both edges between PoS blocks could serve as a chaintrust value - or is it active weight?
Blockchain fork with lowest time difference should be considered most valid one. And actual equation would probably be more complicated (considering many segments).
Perhaps we could also use PoS timestamp in calculation...
|
|
|
|
bitfish
Full Member
Offline
Activity: 174
Merit: 100
A Coin A Day Keeps The Cold Away.
|
|
January 07, 2014, 09:13:52 AM |
|
No, it's all because of absence of the correct chaintrust calculation.
So YAC needs correct chaintrust calculation.Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps.
|
|
|
|
alenevaa
|
|
January 07, 2014, 09:22:08 AM |
|
Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
|
|
|
|
aso118
Legendary
Offline
Activity: 1918
Merit: 1012
★Nitrogensports.eu★
|
|
January 07, 2014, 12:30:22 PM |
|
Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It does seem a bit odd... Balance: 3,734,100 YACTransactions in: 6,781Received: 3,763,601 YAC Transactions out: 23 Sent: 29,501 YAC First Transaction: 2014-01-03 02:22:02Any of our big hoarders decide to move all of their coins to a single address? Most of the transactions are for the same amount; 3,000 5,000 or 10,000 YAC. That makes me (hope) that someone is just moving all of their coins to a single address for future minting. It looks like the wallet address was only created ~96 hours ago.
|
|
|
|
Thirtybird
|
|
January 07, 2014, 02:07:08 PM |
|
No, it's all because of absence of the correct chaintrust calculation.
So YAC needs correct chaintrust calculation.Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps. If I understand correctly, this seems to be a key part to the problem. Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It does seem a bit odd... Balance: 3,734,100 YACTransactions in: 6,781Received: 3,763,601 YAC Transactions out: 23 Sent: 29,501 YAC First Transaction: 2014-01-03 02:22:02Any of our big hoarders decide to move all of their coins to a single address? Most of the transactions are for the same amount; 3,000 5,000 or 10,000 YAC. That makes me (hope) that someone is just moving all of their coins to a single address for future minting. It looks like the wallet address was only created ~96 hours ago. I posted about this in the Yacointalk forum to try and keep the development talk on track - http://yacointalk.com/index.php/topic,559.0.htmlIt appears that someone is taking all their large inputs and sending them to this one address pretty much in every block. We've been talking about a POS attack requiring vast amounts of the coin, well, here's one address with exactly that
|
|
|
|
sairon
Sr. Member
Offline
Activity: 406
Merit: 250
One does not simply mine Bitcoins
|
|
January 07, 2014, 02:12:07 PM |
|
No, it's all because of absence of the correct chaintrust calculation.
So YAC needs correct chaintrust calculation.Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps. If I understand correctly, this seems to be a key part to the problem. Yup. Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?
It has more than 25% of ALL YAC!
Can it be the Scam or is it normal?
It does seem a bit odd... Balance: 3,734,100 YACTransactions in: 6,781Received: 3,763,601 YAC Transactions out: 23 Sent: 29,501 YAC First Transaction: 2014-01-03 02:22:02Any of our big hoarders decide to move all of their coins to a single address? Most of the transactions are for the same amount; 3,000 5,000 or 10,000 YAC. That makes me (hope) that someone is just moving all of their coins to a single address for future minting. It looks like the wallet address was only created ~96 hours ago. I posted about this in the Yacointalk forum to try and keep the development talk on track - http://yacointalk.com/index.php/topic,559.0.htmlIt appears that someone is taking all their large inputs and sending them to this one address pretty much in every block. We've been talking about a POS attack requiring vast amounts of the coin, well, here's one address with exactly that Anybody investigated where the coins came from? Still haven't finished blockparser for YAC and I'm too lazy to do it manually.
|
GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
|
|
|
bitdwarf
Sr. Member
Offline
Activity: 406
Merit: 250
The cryptocoin watcher
|
|
January 07, 2014, 03:04:51 PM |
|
Those coins have reset age now, so there's a month to post a fix.
|
𝖄𝖆𝖈: YF3feU4PNLHrjwa1zV63BcCdWVk5z6DAh5 · 𝕭𝖙𝖈: 12F78M4oaNmyGE5C25ZixarG2Nk6UBEqme Ɏ: "the altcoin for the everyman, where the sweat on one's brow can be used to cool one's overheating CPU" -- theprofileth
|
|
|
sairon
Sr. Member
Offline
Activity: 406
Merit: 250
One does not simply mine Bitcoins
|
|
January 07, 2014, 03:07:18 PM |
|
Could be an exchange, maybe.
|
GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
|
|
|
|