Bitcoin Forum
May 23, 2019, 08:22:51 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Are there some natural random events that could serve as a source of consensus?  (Read 137 times)
kfx2
Newbie
*
Offline Offline

Activity: 3
Merit: 1


View Profile
October 29, 2018, 09:55:50 PM
Merited by LoyceV (1)
 #1

The simplest Proof-of-Stake protocol is one where the participants lock down their stakes, after which the system randomly assigns the block reward to one of them. However, this random selection of the next awardee must be done in a way that is independently verifiable by someone who does not trust the system. The obvious way is to use a pseudorandom number generator in a known state. If I'm not wrong, this is how some of the initial PoS coins actually did things. However, this approach makes the random selection not only verifiable, but also predictable, which in turn incentivizes the participants to game the system.

There are of course counters to such gaming, and there are far more complex PoS and dPoS protocols. However, if I'm not mistaken, none of them at the moment are generally accepted as superior to bitcoin's PoW.

So, I was wondering if instead of building more complicated protocols we could just find a natural source of random numbers that would be suitable for cryptocurrency mining? What I mean by that is: something that would not be predictable, but could serve as a source of consensus between multiple participants that do not trust each another.

The random events suitable for task should have the following properties:

  • be observable by multiple independent observers, not restricted to a single location;
  • be impossible to predict in practice;
  • be convertible to a discrete value.

Ideally, they also should:

  • either happen with a reasonably high frequency, or be measurable with a reasonably high frequency (on the order of seconds or minutes, not months or years);
  • be measurable with today's technology.

Such as source could be simple a binary event, as long as everyone can agree on the outcome with a high degree of certainty. In contrast, a categorical value that depends on vague definitions is a bad choice.

The best I could come up with is some kind of astronomical measurement. In particular, I was thinking of the number of supernovae in the Milky Way (or in multiple nearby galaxies). It seems to be a discrete number, something that almost everyone could agree on, and unpredictable for all practical purposes. The drawbacks are that the frequency of new supernovae is low, and that we cannot reliably determine this number with the current technology. What do you think?
1558642971
Hero Member
*
Offline Offline

Posts: 1558642971

View Profile Personal Message (Offline)

Ignore
1558642971
Reply with quote  #2

1558642971
Report to moderator
PLAY OVER 3000 GAMES
LIGHTNING FAST WITHDRAWALS
PLAY NOW
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1558642971
Hero Member
*
Offline Offline

Posts: 1558642971

View Profile Personal Message (Offline)

Ignore
1558642971
Reply with quote  #2

1558642971
Report to moderator
1558642971
Hero Member
*
Offline Offline

Posts: 1558642971

View Profile Personal Message (Offline)

Ignore
1558642971
Reply with quote  #2

1558642971
Report to moderator
joniboini
Hero Member
*****
Offline Offline

Activity: 574
Merit: 1033



View Profile WWW
October 30, 2018, 05:58:50 AM
 #2

What about ocean waves?

There are at least 4 kinds of waves[1] which can serve the same purpose as 6 numbers on a dice. Not really sure if this is feasible to do or if the benefits outweigh the cost. Still, ocean waves are not entirely "free" from manipulation.



[1] https://www.sciencelearn.org.nz/resources/121-behaviour-of-waves

███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
#1
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
BTC 
  ●
   BTC
  BTC  
.
    ▄▄▄▀▀▀▀
 ▄██▀
███        ▄▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄▄▄
▀███▄▄▄▄▀▀▀                 ▀▀▄▄
  ▀▀▀██████████████████████████▀
   ▄█▄     ▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
    ▀▀██▄▄█▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀▀
      ▄  ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
      ▀██▄  ▄▀▀▀▀▀▀▀▀▀▀▀▀▄
        ▀█▀██████████████▀▀
         ▀█▄▄ ▄▄▄▄▄▄▄▄▄▄
            █▀▄▄▄▄▄▄▄▄▄▄▀
             ▀▀▄▄▄▄▄▄▄
.
     BTC
  BTC   
  ●
  BTC  
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
███████████
██
██
██
██
██
██
██
██
██
██
██
███████████
HeRetiK
Legendary
*
Online Online

Activity: 1120
Merit: 1049


the forkings will continue until morale improves


View Profile
October 30, 2018, 03:10:58 PM
Merited by bones261 (2)
 #3

So, I was wondering if instead of building more complicated protocols we could just find a natural source of random numbers that would be suitable for cryptocurrency mining? What I mean by that is: something that would not be predictable, but could serve as a source of consensus between multiple participants that do not trust each another.

I don't think provable non-partisan randomness alone can make a consensus algorithm.

For PoW it's irrelevant, as there is no problem with the randomness of how blocks are found (apart from the issue of variance, which is a different matter). That is, the results of cryptographic hashes as used by PoW are already both unpredictable and easily verifiable.

The way I understand PoS and its derivatives it also seems to be more a question of variance, rather than unpredictability vs verifiability. However I'm not too familiar with PoS so that's all I dare say.

As far as globally witnessable sources of randomness are concerned -- How about solar activity?

ETFbitcoin
Legendary
*
Offline Offline

Activity: 1652
Merit: 1767

Use SegWit and enjoy lower fees.


View Profile WWW
October 30, 2018, 03:43:51 PM
 #4

I doubt randomness that comes from real world which can't be verified without human involvement/input is practical for any decentralized consensus method. But i have 2 thought about this problem (in PoS coins) :
1. Assuming randomness source comes from blockchain/network data. If anyone can know who will selected as the one who create next block or/and get the reward, then many individuals/party will try to abuse the system by add necessary data to make them as winner and that would make each other calculation/prediction become incorrect and thus no one can manipulate it.
2. How about each nodes have same list of coins stake address, but the source of randomness of data randomly selected from upcoming n blocks and only address from list before n blocks could be selected as winner?
No one could know/predict transaction which will be created on future and it should be able to resist winner manipulation.

kfx2
Newbie
*
Offline Offline

Activity: 3
Merit: 1


View Profile
October 30, 2018, 08:00:53 PM
 #5

HeRetiK: yes, this idea as described above only applies to PoS.

There is a variation of the idea for PoW that allows to "duty-cycle" PoW (the motivation being a "greener" PoW or one suitable for energy-limited IoT devices). Imagine this protocol:
- everyone is in standby mode, waiting for a global random event to happen
- random events happens, producing the outcome "5".
- everyone starts searching for the nonce of the next block. The trick is that instead of finding the "normal" nonce such that
Code:
hash(nonce, block)
starts with enough zeros, they look for a nonce that  such that
Code:
hash(nonce + 5, block)
has the right property - with "5" being the number from previous step.
- someone finds the right nonce
- information about the winner is distributed in the network and everyone stops mining until the next random event

(To be clear, this is an academical / theoretical proposal, I don't actually want to say that any real coins should use this.)


ETFbitcoin

1. That sounds like another FOMO3D  Tongue
2. Not sure I understand this idea?

d5000
Legendary
*
Offline Offline

Activity: 2100
Merit: 1468


Decentralization Maximalist


View Profile
October 30, 2018, 08:04:09 PM
Merited by ETFbitcoin (1), HeRetiK (1)
 #6

I doubt randomness that comes from real world which can't be verified without human involvement/input is practical for any decentralized consensus method. But i have 2 thought about this problem (in PoS coins) :
1. Assuming randomness source comes from blockchain/network data. If anyone can know who will selected as the one who create next block or/and get the reward, then many individuals/party will try to abuse the system by add necessary data to make them as winner and that would make each other calculation/prediction become incorrect and thus no one can manipulate it.
As far as I know, this is the way Peercoin-based coins select the "winner" from Peercoin 0.3 on. Thus, it has become extremely difficult to perform "stake grinding" (which is was the OP is wanting to combat).

Also I read opinions from other forum users with some knowledge in the area that Cardano's algorithm (short description) is pretty good, only that it's not suitable for low block intervals.

But there are much tougher problems with Proof of stake than the selection of randomness. The big problem is that there is no "objective" way to determine the longest chain if you were offline for a time. Thus all PoS coins depend on a relatively stable validator set which is always online. There are solutions for these problems making attacks unpractical in most cases, but PoW continues to be superior in terms of "objectivity".

kfx2
Newbie
*
Offline Offline

Activity: 3
Merit: 1


View Profile
October 30, 2018, 08:28:54 PM
 #7

The big problem is that there is no "objective" way to determine the longest chain if you were offline for a time.
Why not use the chain with the most coins at stake? In PoW, one would use the chain with most amount of work.
d5000
Legendary
*
Offline Offline

Activity: 2100
Merit: 1468


Decentralization Maximalist


View Profile
October 30, 2018, 09:17:52 PM
 #8

The big problem is that there is no "objective" way to determine the longest chain if you were offline for a time.
Why not use the chain with the most coins at stake? In PoW, one would use the chain with most amount of work.
Because due to possible double spends, in the case of an attack, there could be several competing chains claiming to be the ones with "most coins at stake". Transaction and block timestamps can be faked, so there's no way to determine which chain is "legit" (i.e. which one has the "first" transaction in an double spend event).

So the only way to solve this is to establish a kind of "convention", where the legit chain is the chain where most transactions take place "de facto". TaPoS is a way to achieve this convention, another one are "decentralized checkpoints" (re-org limits). And there are BFT-based models, which typically require two thirds of the stake to "approve" blocks.

However, it is very difficult to exploit this problem without a large proportion of the stake. You can search the "bribe attack", the "long range attack" and the "history attack" for some ideas, but they are expensive and/or require social engineering.


ETFbitcoin
Legendary
*
Offline Offline

Activity: 1652
Merit: 1767

Use SegWit and enjoy lower fees.


View Profile WWW
October 31, 2018, 04:21:40 AM
 #9

(To be clear, this is an academical / theoretical proposal, I don't actually want to say that any real coins should use this.)

No wonder i feel your idea isn't suitable with PoW/PoS

ETFbitcoin

1. That sounds like another FOMO3D  Tongue
2. Not sure I understand this idea?

1. Except the winner is random which can't be predicted because everyone attempt to manipulate the system and the cost is far lower. This is assuming random data selected based on transaction/blocks that already confirmed.

2. Basically :
  • Each nodes block with height n create list of winner for blocks with height m
  • Random data chosen based on block/transaction from block weight between n and m

This is just my random thought

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!