Bitcoin Forum
March 23, 2017, 12:27:27 PM *
News: Latest stable version of Bitcoin Core: 0.14.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 ... 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 [85] 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 ... 169 »
  Print  
Author Topic: [ANN][YAC] YACoin ongoing development  (Read 322820 times)
Thirtybird
Hero Member
*****
Offline Offline

Activity: 693



View Profile
January 07, 2014, 02:07:08 PM
 #1681


No, it's all because of absence of the correct chaintrust calculation.


So YAC needs correct chaintrust calculation.


Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps.  


If I understand correctly, this seems to be a key part to the problem.

Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?

It has more than 25% of ALL YAC!

Can it be the Scam or is it normal?

It does seem a bit odd...

Balance: 3,734,100 YAC
Transactions in: 6,781
Received: 3,763,601 YAC
Transactions out: 23
Sent: 29,501 YAC

First Transaction: 2014-01-03 02:22:02

Any of our big hoarders decide to move all of their coins to a single address?  Most of the transactions are for the same amount; 3,000  5,000  or 10,000 YAC.  That makes me (hope) that someone is just moving all of their coins to a single address for future minting.  It looks like the wallet address was only created ~96 hours ago.

I posted about this in the Yacointalk forum to try and keep the development talk on track - http://yacointalk.com/index.php/topic,559.0.html
It appears that someone is taking all their large inputs and sending them to this one address pretty much in every block.  We've been talking about a POS attack requiring vast amounts of the coin, well, here's one address with exactly that

YACMiner: https://github.com/Thirtybird/YACMiner  N-Factor information : https://docs.google.com/spreadsheet/ccc?key=0Aj3vcsuY-JFNdC1ITWJrSG9VeWp6QXppbVgxcm0tbGc&usp=drive_web#gid=0
BTC: 183eSsaxG9y6m2ZhrDhHueoKnZWmbm6jfC  YAC: Y4FKiwKKYGQzcqn3M3u6mJoded6ri1UWHa
1490272047
Hero Member
*
Offline Offline

Posts: 1490272047

View Profile Personal Message (Offline)

Ignore
1490272047
Reply with quote  #2

1490272047
Report to moderator
1490272047
Hero Member
*
Offline Offline

Posts: 1490272047

View Profile Personal Message (Offline)

Ignore
1490272047
Reply with quote  #2

1490272047
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1490272047
Hero Member
*
Offline Offline

Posts: 1490272047

View Profile Personal Message (Offline)

Ignore
1490272047
Reply with quote  #2

1490272047
Report to moderator
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
January 07, 2014, 02:12:07 PM
 #1682


No, it's all because of absence of the correct chaintrust calculation.


So YAC needs correct chaintrust calculation.


Proposed timestamps are without merit if a malicious miner is mining a longer low difficulty private chain with fake time stamps.  


If I understand correctly, this seems to be a key part to the problem.
Yup.

Guys, have you seen that address YPGNWtN4gHFDQUvU9eC8Xzss5JCyT1ozmv with huge bunch of YACs?

It has more than 25% of ALL YAC!

Can it be the Scam or is it normal?

It does seem a bit odd...

Balance: 3,734,100 YAC
Transactions in: 6,781
Received: 3,763,601 YAC
Transactions out: 23
Sent: 29,501 YAC

First Transaction: 2014-01-03 02:22:02

Any of our big hoarders decide to move all of their coins to a single address?  Most of the transactions are for the same amount; 3,000  5,000  or 10,000 YAC.  That makes me (hope) that someone is just moving all of their coins to a single address for future minting.  It looks like the wallet address was only created ~96 hours ago.

I posted about this in the Yacointalk forum to try and keep the development talk on track - http://yacointalk.com/index.php/topic,559.0.html
It appears that someone is taking all their large inputs and sending them to this one address pretty much in every block.  We've been talking about a POS attack requiring vast amounts of the coin, well, here's one address with exactly that
Anybody investigated where the coins came from? Still haven't finished blockparser for YAC and I'm too lazy to do it manually. Cheesy

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
bitdwarf
Sr. Member
****
Offline Offline

Activity: 378


The cryptocoin watcher


View Profile WWW
January 07, 2014, 03:04:51 PM
 #1683

Those coins have reset age now, so there's a month to post a fix.

https://twitter.com/bitdwarf · 𝖄𝖆𝖈: YF3feU4PNLHrjwa1zV63BcCdWVk5z6DAh5 · 𝕭𝖙𝖈: 12F78M4oaNmyGE5C25ZixarG2Nk6UBEqme
Ɏ: "the altcoin for the everyman, where the sweat on one's brow can be used to cool one's overheating CPU" -- theprofileth
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
January 07, 2014, 03:07:18 PM
 #1684

Could be an exchange, maybe.

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
aso118
Legendary
*
Offline Offline

Activity: 1372



View Profile
January 07, 2014, 10:23:22 PM
 #1685

Could be an exchange, maybe.

That was my first thought too - It might be bter or crypsty. 

If it is, we should see coins coming and going from the wallet as well.

 

██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
█████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
██████████████████████████████████████████████████████████████
 
Get Free Bitcoin Now!
¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦    ¦¯¦¦¯¦
0.8%-1% House Edge
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
January 07, 2014, 11:02:03 PM
 #1686

Could be an exchange, maybe.

That was my first thought too - It might be bter or crypsty.  

If it is, we should see coins coming and going from the wallet as well.
If it's cryptsy's cold storage with YAC trading still disabled and some people too lazy to withdraw, though...

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
Gorgoy
Member
**
Offline Offline

Activity: 115


View Profile
January 07, 2014, 11:57:23 PM
 #1687

One question I still have is : what is to prevent a user from forcing the generation of a POS block (which is just a flag when starting the wallet now, correct?), jumping offline before the generation is complete and coming back on 6 hours later.  Does it attach to the end of the blockchain? or does it insert where the blockchain was when the block was generated (not submitted), potentially orphaning 360 blocks?  

He can generate a PoS block wherever in the chain he likes, however with trust reduced to 1 it's useless to do so. And the "no consecutive PoS" rule prevents him from doing any damage even if he has millions of PoS-eligible inputs.

So, it appears that the genesis for the hash on a POS block is based on the coin age of the input.  If POS isn't successful (due to the most recent block being POS), then the coin age is not destroyed, and can be attempted later, which can be as soon as a minute (in an ideal model) as a miner finds a POW block to sit on top of the minter's POS block.

I just wasn't certain if the whole orphaning was being caused by the POS blocks having to be inserted into the blockchain at the point it was generated as opposed to when the minter was connected to the network.

Is cementing an option, or would that be really bad with our current distribution of hashpower (mostly centralized)?  https://en.bitcoin.it/wiki/Proof_of_Stake#Cementing

IMO cementing is a bad idea as it requires us to trust PoS (which we don't as of now).
Also there could be some race-conditions and other nasty issues that could easily result in network fragmentation.

I can't seem to wrap my mind around it, why is POS untrustworthy and POW trustworthy? So I have to trust a miner who has millions and millions of hashing power that he will not generate dozens of blocks in a series? That happens now, everyday and no one seems to care.

Ɏ : YEojPD2QxFVaSUypTLYhwJgmVekqoAtdE3
฿ : 1946hwLbBdLNSA1FFUY3ZvRx6j6dqvbzcE
Ł : LczTrStBZ8b1Y4DJU59CjtYRtjKufbTXPE
Ғ : 6i4S4BfHfC9LLmTBhjYDVKe7g8XfPz9uj8
Ψ : AGpoWwc6N59PPqKbzRTAiFG5WmDEQU7Ydp
ζ : ZLYFK2KNrFDDGVbEJPKnTdWuGk3iA3CNY2
G : GQbjHcGPgUwRBKZcdoMCpuf24QSXY5t5bf
Gorgoy
Member
**
Offline Offline

Activity: 115


View Profile
January 08, 2014, 12:05:39 AM
 #1688

Would you mind elaborating a bit?
1) You have to maximize an active weight. It doesn't matter how you do so, but you have to do it for any price (even for constant trolling from ignorant kids), because that's necessary to survive.

2) You have to make attack energy expensive, in order to prevent free attack attempts. Otherwise user will be able to use OpenVZ and 10000+ wallet copies to make 10000+ attempts without any problem.

NovaCoin maximizes active weight using a variable RoI and limited block reward. It also implements a variable trust idea, the consequtive PoS or PoW blocks has lower trust in comparison with a hybrid chain. Attacker have to generate a hybrid chain to make success.

Since YACoin is a fork of NovaCoin, who it not have this feature already it it? I mean YACoin comes from Novacoin.

Ɏ : YEojPD2QxFVaSUypTLYhwJgmVekqoAtdE3
฿ : 1946hwLbBdLNSA1FFUY3ZvRx6j6dqvbzcE
Ł : LczTrStBZ8b1Y4DJU59CjtYRtjKufbTXPE
Ғ : 6i4S4BfHfC9LLmTBhjYDVKe7g8XfPz9uj8
Ψ : AGpoWwc6N59PPqKbzRTAiFG5WmDEQU7Ydp
ζ : ZLYFK2KNrFDDGVbEJPKnTdWuGk3iA3CNY2
G : GQbjHcGPgUwRBKZcdoMCpuf24QSXY5t5bf
Joe_Bauers
Hero Member
*****
Offline Offline

Activity: 782


GCVMMWH


View Profile
January 08, 2014, 01:09:59 AM
 #1689

Would you mind elaborating a bit?
1) You have to maximize an active weight. It doesn't matter how you do so, but you have to do it for any price (even for constant trolling from ignorant kids), because that's necessary to survive.

2) You have to make attack energy expensive, in order to prevent free attack attempts. Otherwise user will be able to use OpenVZ and 10000+ wallet copies to make 10000+ attempts without any problem.

NovaCoin maximizes active weight using a variable RoI and limited block reward. It also implements a variable trust idea, the consequtive PoS or PoW blocks has lower trust in comparison with a hybrid chain. Attacker have to generate a hybrid chain to make success.

Since YACoin is a fork of NovaCoin, who it not have this feature already it it? I mean YACoin comes from Novacoin.

It's forked from an older version of Novacoin.
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
January 08, 2014, 11:09:47 AM
 #1690

I can't seem to wrap my mind around it, why is POS untrustworthy and POW trustworthy? So I have to trust a miner who has millions and millions of hashing power that he will not generate dozens of blocks in a series? That happens now, everyday and no one seems to care.
You can generate PoS blocks without even trying and as it is now, they can "overwrite history", which is bad.
For PoW, however, you must spend a lot of electricity so it actually costs you something (quite a lot) trying to change history.

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
senj
Member
**
Offline Offline

Activity: 116


View Profile
January 08, 2014, 02:42:29 PM
 #1691

I think I have a solution (not centralized) for comparing different blockchain forks.
However I need some more information.

How do yacoin clients fetch data from other peers - do they ask for latest block and then get them one by one by previous block link or do they go in other direction and ask peers for next block from the time of their most recent block on disk?

YAC: YGZRDNuey8MnN6GHVR1x7D3UY5TjDz2HCL
senj
Member
**
Offline Offline

Activity: 116


View Profile
January 09, 2014, 12:37:48 AM
 #1692

1.
Private mining needs wider timespans between PoW blocks in order to keep difficulty low.

t1t2t3t4t5
◔  ▉    ▉    ▉    ▉

Average of PoW block intervals ( t[ i+1 ]-t[ i ] ) should be therefore longer with fake chains. And that can be used for chaintrust calculation.


2.
Window for one PoS block opens randomly

Prevents miners to exclude PoS blocks and replace it with more profitable PoW. I think it also makes it a bit harder to prepare for network takeover with private PoW mining on lower difficulty after PoS is found. With shortening intervals on each Nfactor change it also enables gradual PoS mechanism takeover.

Example formula: mod(last1440blocks.getTransactionCount(), x) ==  0
X could range from 500 ( approx. 1-3 times a day ) down to 10 (every ten minutes).


3.
No two consecutive PoS blocks allowed (prevents PoW block orphaning)


What would be an possible attack scenario or significant shortcoming if this is implemented?

YAC: YGZRDNuey8MnN6GHVR1x7D3UY5TjDz2HCL
ilostcoins
Sr. Member
****
Offline Offline

Activity: 274



View Profile
January 09, 2014, 09:19:32 AM
 #1693

Is it ok to set the trust score for a POW block to be the difficulty? For a POS block, if the previous block is POW, assign the same trust score as that POW block; if the previous block is POS, divide that POS block score by 2 (or a similar factor)? The propagation of a POW block score through the following POS blocks would then die down quickly. The score for any chain is just the sum of scores from individual blocks. I'm not sure whether N factor need to be accounted for here.

The basic issue seems to be that there is no obvious way to compare the trustworthiness of a POW and a POS block. POW blocks can be compared with difficulty, which is tied to how costly it is to generate them on average. POS block doesn't have any obvious cost of generation that can be compared. If I'm not mistaken, YACoin is currently using coin-age for this comparison in a way that greatly favours POS, hence the potential for a POS block to be selected over a long sequence of POW blocks. However, coin-age isn't a cost at all because there is no alternative use for it. The money you use in POW mining is a cost because there are some other nice things you can use the money on, and you sacrificed that opportunity. In the above suggestion, I'm just trying to rate a POS block similarly as a POW block at the time, unless it's following another POS block. The part about getting lower trust score if the previous block is POS, is not because I want to put POS on a lesser footing. It's just because I don't want the influence of an individual POW block to propagate far.

In any case, regarding some kind of criteria for keeping POS:POW blocks ratio near an expected/optimum value, the following need to be considered. Let's say you increase or decrease the score of a chain based on how close the POS:POW ratio is to 1:10. Denote POS block by S and POW by W. A short sequence like WWW may then be chosen over a sequence like SWS at some point in time. However, that could then quite easily be followed by 20 W's. Considered as a 23 blocks chain together with the 20 W's, the previously rejected SWS segment could then have a very favourable role to play in the score. The point is if trust score depends on some larger scale features of the blockchain which span many blocks, the score contribution of an individual block can change over time, from unfavourable to favourable in this example. The very same criteria that leads to rejection of some blocks, could turn around and value those highly at a later point. Having a score assignment criteria that looks farther into the past should also provide more opportunities for this effect to show.

Another question I think we should think about now is whether the block target for POS should be decreased. For example, changing it from 10min to 5min could make it more helpful in case POW is generating too few blocks, but the average block numbers per 10 minutes is only changing from 11 to 12.

LTC: LSyqwk4YbhBRtkrUy8NRdKXFoUcgVpu8Qb   NVC: 4HtynfYVyRYo6yM8BTAqyNYwqiucfoPqFW   TAG id: 4313
CMC: CAHrzqveVm9UxGm7PZtT4uj6su4suxKzZv   YAC: Y9m5S7M24sdkjdwxnA9GZpPez6k6EqUjUt
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
January 09, 2014, 09:53:30 AM
 #1694

I had a similar idea a while ago (with no-consecutive-PoS rule, though): http://pastebin.com/L8THNBZ4
Not sure if lowering the PoS interval would help us much.

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
alenevaa
Sr. Member
****
Offline Offline

Activity: 287



View Profile WWW
January 09, 2014, 01:09:54 PM
 #1695

Can we define the criteria that no one POS-block can orphan more than N POW-blocks? Where N for example = 7.

██████████████████████
████████████████████████
████████████████████████
████████████████████████
███████████████████████
█████████████████████
████████████████████████
████████████████████████
██████████████████████
██████████████████████
███████████████████████
████████████████████████
████████████████████████
████████████████████████
███████████████████████
██████████████████████
|
WINGS           
Where DAO Unicorns are born
|
.
1st Bitcoin & Ethereum DAO for DAOs
1st Decentralized Chatbot to Smart Contracts Interaction System

|
.
Wings Bounties Earn Eggs
X-Blockchain DAO

sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
January 09, 2014, 01:14:47 PM
 #1696

Can we define the criteria that no one POS-block can orphan more than N POW-blocks? Where N for example = 7.
What we need is a proper way to calculate the chain trust.

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
senj
Member
**
Offline Offline

Activity: 116


View Profile
January 09, 2014, 01:59:41 PM
 #1697

Another thing regarding chaintrust calculation:

Since reward considers difficulty and get's lowered with higher difficulty, private miners would produce higher supply in equal timeframe.
EDIT: presuming PoS block count is equal or similar (but that can be enforced)

YAC: YGZRDNuey8MnN6GHVR1x7D3UY5TjDz2HCL
sairon
Sr. Member
****
Offline Offline

Activity: 406


One does not simply mine Bitcoins


View Profile
January 09, 2014, 02:03:01 PM
 #1698

Another thing regarding chaintrust calculation:

Since reward considers difficulty and get's lowered with higher difficulty, private miners would produce higher supply in equal timeframe.
Not neccessarily true with eg. 50% PoS blocks in the attacker's chain.
Relying of PoW difficulty itself might be ok, though - see the pastebin a few posts higher.

GPG key ID: 5E4F108A || BTC: 1hoardyponb9AMWhyA28DZb5n5g2bRY8v
senj
Member
**
Offline Offline

Activity: 116


View Profile
January 09, 2014, 03:14:13 PM
 #1699

As mentioned before: PoS block spacing and thus occurrence can be controlled.

Difficulty alone is most useful for block to block comparrisson (but not only that).
I am trying to point out that PoW currency supply can be used as additional input for calculating chaintrust. It can be looked at as a historical difficulty average.

Even if you leave the attacker control over number of PoS blocks, you can still average the sum of PoW rewards over number of PoW blocks and use that as factor.

YAC: YGZRDNuey8MnN6GHVR1x7D3UY5TjDz2HCL
ilostcoins
Sr. Member
****
Offline Offline

Activity: 274



View Profile
January 09, 2014, 03:22:49 PM
 #1700

I had a similar idea a while ago (with no-consecutive-PoS rule, though): http://pastebin.com/L8THNBZ4
Not sure if lowering the PoS interval would help us much.

I mentioned the PoS interval not as something directly related to chain trust calculation. Just that since we're going to have a hard fork anyway, may as well think broader about what else we may want to put in and change things in one go.

LTC: LSyqwk4YbhBRtkrUy8NRdKXFoUcgVpu8Qb   NVC: 4HtynfYVyRYo6yM8BTAqyNYwqiucfoPqFW   TAG id: 4313
CMC: CAHrzqveVm9UxGm7PZtT4uj6su4suxKzZv   YAC: Y9m5S7M24sdkjdwxnA9GZpPez6k6EqUjUt
Pages: « 1 ... 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 [85] 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 ... 169 »
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!