[ANN][DASH] Dash (dash.org) | First Self-Funding Self-Governing Crypto Currency

[toknormal]

I guess the point is that theoretically PoW could be attacked, but it would be vastly less expensive to attack PoS. In fact, the greater the attacker's credibility, the cheaper the attack would be.

Slight issue. With POS (at least in an implementation such as NXT), by the time you bought up enough of the coin supply to "attack" the network catastrophically, the only holder affected significantly by such an attack would be yourself  

Put another way, it would be like buying somebody's house off them so you could burgle it

[AlexGR]

So how did he 'acquire' the coins? Sure, PoS security includes distribution, but to say thats no risk, no cost attack is just false?

In the nothing-at-stake vector

You buy / mine  (depending the initial distribution) => you sell (at this point you are even) => you keep the "snapshot" of when you had the coins => you now begin an attack on the network with zero coins and nothing to lose.

[baddw]

I guess the point is that theoretically PoW could be attacked, but it would be vastly less expensive to attack PoS. In fact, the greater the attacker's credibility, the cheaper the attack would be.

Slight issue. With POS (at least in an implementation such as NXT), by the time you bought up enough of the coin supply to "attack" the network catastrophically, the only holder affected significantly by such an attack would be yourself  

Put another way, it would be like buying somebody's house off them so you could burgle it

But again, the interesting thing is that you can buy up 51% of a PoS coin, and then sell off your coins so that you no longer have 51%, but your history of having once owned 51% makes it possible to attack the network at any time, for free.

So if there is ever a PoS coin with >51% ownership at any point in its history (even in just the Genesis block) then it is vulnerable.

[toknormal]

But again, the interesting thing is that you can buy up 51% of a PoS coin, and then sell off your coins so that you no longer have 51%, but your history of having once owned 51% makes it possible to attack the network at any time, for free.

I doubt it.

[AlexGR]

But again, the interesting thing is that you can buy up 51% of a PoS coin, and then sell off your coins so that you no longer have 51%, but your history of having once owned 51% makes it possible to attack the network at any time, for free.

I doubt it.

=>

The other attacks you describe all derive from the fundamental reason I declared all non-proof-of-work systems to be insecure back in April.

My logic was mathematically fundamental. The input entropy set is quite deterministic and well known and thus can be preimaged. For example, accumulating a lot of coin-days-destroyed and then targeting them in clever ways to subvert the security.

The randomness (entropy) of each proof-of-work is fundamental and mathematical and it can not be preimaged. It can only be surely defeated with > 50% of the network hash rate.

[AlexGR]

Secure PoW needs decentralized hardware, while PoS needs decentralized distribution, both are theoretically insecure and both are practically secure except for low difficulty (or price) coins.

Thing is, all coins started @ low prices... so there is a history of ownership by bagholders when the price was near zero.

[slapper]

But again, the interesting thing is that you can buy up 51% of a PoS coin, and then sell off your coins so that you no longer have 51%, but your history of having once owned 51% makes it possible to attack the network at any time, for free.

I doubt it.

=>

The other attacks you describe all derive from the fundamental reason I declared all non-proof-of-work systems to be insecure back in April.

My logic was mathematically fundamental. The input entropy set is quite deterministic and well known and thus can be preimaged. For example, accumulating a lot of coin-days-destroyed and then targeting them in clever ways to subvert the security.

The randomness (entropy) of each proof-of-work is fundamental and mathematical and it can not be preimaged. It can only be surely defeated with > 50% of the network hash rate.

Anyone seen Anony Nakamoto lately ?

[ddink7]

That's true, but buying that much hashpower would require a non-trivial investment. Not only that, but it would be very difficult, if not impossible, to acquire that much hardware due to manufacturing time and relatively small product pipelines. Such an accumulation of hashpower would have to happen in secret, which is also unlikely, because if it became known, the network could easily embrace a hardfork to change the PoW algo.

I guess the point is that theoretically PoW could be attacked, but it would be vastly less expensive to attack PoS. In fact, the greater the attacker's credibility, the cheaper the attack would be.

Sure, but its the same with PoS, the higher the price, the more non-trivial the investment to ruin the coin. The price of PoS coins is the equivalent of PoW difficulty, so the same is true for low-difficulty PoW coins. Practically that means for high PoW coins and high PoS coins that PoW are harder to destroy because of the middle step of acquiring the hardware while in PoS you just buy the coins. Secure PoW needs decentralized hardware, while PoS needs decentralized distribution, both are theoretically insecure and both are practically secure except for low difficulty (or price) coins.

Actually that's not true at all--and that's the entire point. If the attacker is credible enough (i.e. he is likely to spend as much money as necessary to succeed), people will be willing to sell to him for a fraction of the value of the coin because of their assumption that the coin will soon be worth zero once the attack is successful.

[ddink7]

I guess the point is that theoretically PoW could be attacked, but it would be vastly less expensive to attack PoS. In fact, the greater the attacker's credibility, the cheaper the attack would be.

Slight issue. With POS (at least in an implementation such as NXT), by the time you bought up enough of the coin supply to "attack" the network catastrophically, the only holder affected significantly by such an attack would be yourself  

Put another way, it would be like buying somebody's house off them so you could burgle it

Not entirely true on two accounts: a credible attacker would be able to buy the coins cheaply from stakeholders based on his announcement that he intended to destroy the coin. Seeing that the attacker was credible and had a high chance of success, stakeholders would sell him their coins at a fraction of their "true" value. Thus the stakeholders would be harmed.

Such a bad actor would certainly have non-economic motives (at least with respect to crypto--perhaps he owns a bank or something which will benefit from destroying the "competition"), and in that case would not mind destroying the value of a currency which he holds 51% of (and which he acquired at dirt cheap prices from panicky sellers).

Your analogy is close, but slightly off. It would be like buying somebody's house and then bulldozing it. In fact, that happens all the time--for roads, malls, high rise buildings, parking lots, and the like.

[toknormal]

The other attacks you describe all derive from the fundamental reason I declared all non-proof-of-work systems to be insecure back in April.

My logic was mathematically fundamental. The input entropy set is quite deterministic and well known and thus can be preimaged. For example, accumulating a lot of coin-days-destroyed and then targeting them in clever ways to subvert the security.

The randomness (entropy) of each proof-of-work is fundamental and mathematical and it can not be preimaged. It can only be surely defeated with > 50% of the network hash rate.

Hypothetical waffle.

You're not going to kill a coin because you "once owned a lot of it".

[eduffield]

RC4 Development and Path Going Forward

https://darkcointalk.org/threads/rc4-development-and-path-going-forward.1604/

[crackfoo]

ADDED MY MINING POWER +18MHs TO THE DRK-MULTIPOOL (payouts in drkcoin)
Wondering how it will go on after some days of mining....
Spread some hash - xpool is updated too

thanks!

Wait, what ?! What did I miss? Which multipool is this?

www.xpool.ca

Please, if you have some spare hash, send it over. The pool will buy up more DRK and be better for everyone!

Cheers!

Make use of your old sha256 and scrypt ASIC's and earn DarkCoins!

[Ignition75]

RC4 Development and Path Going Forward

https://darkcointalk.org/threads/rc4-development-and-path-going-forward.1604/

Good news... 

[ddink7]

Actually that's not true at all--and that's the entire point. If the attacker is credible enough (i.e. he is likely to spend as much money as necessary to succeed), people will be willing to sell to him for a fraction of the value of the coin because of their assumption that the coin will soon be worth zero once the attack is successful.

Thats also true for PoW. Lets  say china or russia can buy up the farms of bitcoins. They announce that they are going to kill bitcoin, and watch how people sell them cheap coins.

I think that if there was such a credible attacker (I think he might be just theoretical), the prices would start falling as people hear the news and the prices would go as down as the attacker's news are credible, as it actually happened with all the china fud for bitcoin....


I think that basically this just means that nothing is safe as long as actors with large amount of centralized capital exist, but we all already knew that, hehe..

Once again, I agree that it's theoretically possible to destroy a POW coin. It's just more expensive since you have to buy hardware (expensive with long production lead-times and rapid technological development) as opposed to coins (potentially cheap if you can panic the market).

[tifozi]

RC4 Development and Path Going Forward

https://darkcointalk.org/threads/rc4-development-and-path-going-forward.1604/

With this launch, we introduced a new soft-fork method, which some users have affectionately dubbed the “spork”

Haha, whoever "coined" this term, bravo  

[baddw]

But again, the interesting thing is that you can buy up 51% of a PoS coin, and then sell off your coins so that you no longer have 51%, but your history of having once owned 51% makes it possible to attack the network at any time, for free.

I doubt it.

Doubt all you want, the math doesn't lie.

Of course I was somewhat wrong by stating "for free" -- there would be *some* computing resources involved (and thus electricity costs, etc.), but nothing close to what 51% attacking a PoW coin would require.  Several orders of magnitude difference.

If you once had a 51% stake, you can build a better blockchain than the other 49% can, starting from the point where you owned 51%.  You develop this blockchain in secret, after selling off your coins (and profiting from it); and then release your secret blockchain to the world, and nodes will pick it up because it carries more stake than the 49% blockchain.  Now not only do you have your profit from the original sales of the coin, you have your 51% back (to the extent that it's worth anything).  All coins would not have to be consolidated under one address; in fact, I believe that doing so would prevent the attack in most PoS implementations.

This is a fundamental problem with PoS, and is why Peercoin incorporates both PoW and centralized checkpointing.  Sunny King is not a stupid guy, he knows that PoS has a big flaw or else he would have implemented pure PoS for Peercoin.

[ddink7]

But again, the interesting thing is that you can buy up 51% of a PoS coin, and then sell off your coins so that you no longer have 51%, but your history of having once owned 51% makes it possible to attack the network at any time, for free.

I doubt it.

Doubt all you want, the math doesn't lie.

Of course I was somewhat wrong by stating "for free" -- there would be *some* computing resources involved (and thus electricity costs, etc.), but nothing close to what 51% attacking a PoW coin would require.  Several orders of magnitude difference.

If you once had a 51% stake, you can build a better blockchain than the other 49% can, starting from the point where you owned 51%.  You develop this blockchain in secret, after selling off your coins (and profiting from it); and then release your secret blockchain to the world, and nodes will pick it up because it carries more stake than the 49% blockchain.  Now not only do you have your profit from the original sales of the coin, you have your 51% back (to the extent that it's worth anything).  All coins would not have to be consolidated under one address; in fact, I believe that doing so would prevent the attack in most PoS implementations.

This is a fundamental problem with PoS, and is why Peercoin incorporates both PoW and centralized checkpointing.  Sunny King is not a stupid guy, he knows that PoS has a big flaw or else he would have implemented pure PoS for Peercoin.

You're absolutely correct. The client will look for and accept the longest blockchain. Period. It doesn't matter how it became longest or who controls it. All that matters is that the attacking chain is longer than the proper chain.

[TR8888]

RC4 Development and Path Going Forward

https://darkcointalk.org/threads/rc4-development-and-path-going-forward.1604/

Good stuff!

[GhostPlayer]

 Pool that HAVE NOT UPDATED !!  

 LTCRabbit
 Coinotron
 Coinmine.pl
 XHash.net
 Multipool.us
 Coinmine.pw
 

 Boooooooo!!!!    .. I dont mind about LTCRabbit and Multipool.us, as they pay in LTC and BTC respectively.

EDIT: This list may not be correct. My source is not 100% correct.

[crackfoo]

 Pool that HAVE NOT UPDATED !! 

 LTCRabbit
 Coinotron
 Coinmine.pl
 XHash.net
 Multipool.us
 Coinmine.pw
 

 Boooooooo!!!!    .. I dont mind about LTCRabbit and Multipool.us, as they pay in LTC and BTC respectively.

perhaps the OP can be updated with a proper list of pools? Adding my DRK paying multipool too of course www.xpool.ca

Cheers