These are excerpts from the youtube video, I feel like they are relevant here
MSMWCorrect me if I'm wrong, but is there a concern that most verifiers are hosted on centralized cloud providers (like Amazon)?
SanfordThey can be moved at any time once in mesh. Sentinels protect them. Also the centralization argument goes nowhere. Electricity is pretty centralized. Bitcoin mining is pretty centralized at this point. Internet use at all is pretty centralized. It’s a real world issue that might be a “weak” point but it applies to almost all projects proclaiming decentralization 100%
Refortuna AnalyticsThis is a valid concern, I encourage everyone to spread their nodes across the IP landscape. Linode login screens were defaced and logins were jacked by hackers back in 2011/2012 targeting users who had bitcoin nodes running over there. So that shows the extent people will go to. The current top supporters of the network are AWS, vultr and hetzner. This could be better but can not be enforced. It is recommended to spread your nodes and sentinels across a variety of providers or even to run them locally in case of any outages/maintenace/hacks/.. This is part of the risk analysis.
Austin GilbertIt seems to me an attacker would likely use cloud providers or bot-nets for their nodes. In the case of hosting on cloud providers, the attacker's nodes would be masks because they'd be coming from the same IP ranges as known good nodes. In the case of bot-net zombies, the IP addresses would be basically random...
I'm wondering how you could possibly distinguish between cloud providers/bot-net/valid participants? Doesn't seem possible.
Refortuna Analytics@Austin Gilbert No, that is indeed not possible. The time constraint which is present is not present for PoW projects, this means that it would take a very long time to carry out such an attack and it would be a costly endeavor. Essentially the mathematical equations which PoW rests on have been substituted for time. This is ecologically more efficient and while an attack is still possible in the case of a persistent attacker which has a lot of funds and time available the likelihood of such an attack taking place is smaller than with a PoW system. The reason for this is that your verifier behaviour is individually extinguishable from other verifiers in the cycle, if you cast a vote to approve a malicious double spend with your 51% cluster everyone in the cycle knows you did so and they are able to act upon that. While the chain may suffer temporarily as the malicious nodes are excluded (which is the same for PoW to be honest) - the interval in which such an attack can take place afterwards is reset back to zero. This means that the attack has to spend a lot of time all over again to redo the attack. As also said both with PoW and PoD, if you abide by the consensus rules you actually get rewarded Nyzo and you make a profit. The consensus mechanism and its incentives ensure proper network conformity. Meanwhile the time progresses, nodes drop out due to unforeseen circumstances, VPS maintenance take place, networks go down, bills don't get paid or new nodes get added to the queue leading to a changed status quo for the attacker and less probability to get in the expected amount over a set period of time. Altogether this is as strong, if not stronger than PoW (atleast from a 51% perspective) and is at the same time ecologically responsible.
Austin Gilbert@Refortuna Analytics I wasn't disputing the fact it will take "longer" to infiltrate the network. I understand the attack would not be instantaneous as it would be on a pure PoW chain. I was disputing the claim that you would be able to detect infiltration happening, you can't.
And since I'm an attacker and I know you can't detect infiltration, I can send many more nodes at a time than you suggested. Perhaps the first month I send 100 nodes, then 200 the month after, then 400, then 800, until I have the 51% majority. To the network participants, my nodes would just look like a positive trend in uptake. And I wouldn't stop sending infiltrators when I hit 51%, I would just keep sending them. Why? Because they're cheap and I need/want to.
You see, it would not cost an attacker $1 or $2 per node as you suggest. I could get many nodes for free by joining Planet Lab (
https://www.planet-lab.org/) for the cost of dedicating a cloud host or two to their project. And bot nodes actually only cost between $0.02 and $0.10 per node, an order of magnitude cheaper than your estimated cost per node (see
https://threatpost.com/how-much-does-botnet-cost-022813/77573/).
In your example, to gain 51%, it would only take me around 7 months at a cost of around $630. And as you point out the infiltrators would be earning tokens while waiting for critical mass, so the attack might even be cheaper since the cost per node is offset by what they've been earning.
Austin GilbertI would also point out, while approving double spends is the most obvious thing a 51% majority could do, it isn't the only thing. Approving double spends would be a glaring red flag something was wrong, but there are more subtle 51% attacks. To name a few:
- censoring network transactions; meaning ignoring a subset of transactions and never adding them to a block created by my attacking majority (though they will likely still be included eventually if there was a cycle I didn't have a majority in)
- minting token more quickly than it should happen. why wait for the regular block interval when I can mint a block now and collect rewards faster?
Refortuna Analytics@Austin Gilbert These are interesting takes. I also never said that it is detectable, as I mentioned the drip feed example in the video.
Now considering the current price of an IPv4 block and the price of low tier VPSes and individual IPv4 proxies, I can not understand where you get the 0.10$ metric from.
Besides, the mere existence of a bot is not sufficient for it to have any eligibility to join the cycle, the node ought to regularly interact with the network to keep its position in the timetable and to stay up to sync.
You could certainly, slowly, ramp up the amount of nodes you are adding to the queue. They will all have to sustain a solid connection for 30 days and keep their blockchain in sync to become eligible to join at all. The incentive to sustain the attackers' operation by selling Nyzo is correct, however, keeping them running in a conform manner and securing the network yields more future gains, whereas the malicious use of your nodes would jeopardize this income source.
Then there is the example of not including TXs which you are right about, you can however achieve that with any number of nodes. The not-included-TX can be included by the next node in line. There is the seed account which's transactions are pregenerated, no coinbase is present. But yes, in the case of a malicious 51% attack you do, in fact control many possible directions of the network, I can not deny that.
There have been talks in the discord about actively analyzing node behaviour to see if it corresponds 1:1 with the version they are broadcasting, something which could come of use in that case.
All in all you bring up very solid arguments and I am sure the development team would love to hear them / talk about it with you in the discord or by email.
Austin Gilbert@Refortuna Analytics did you follow the link to Threat Post? Actually, it seems YouTube has broken the link somehow. If you go to Threat Post and search for "botnet cost" it will pull up the article titled "How Much Does A Botnet Cost?". It might be a bit dated, but in 2013 you could buy 10,000 nodes in the US for $1000 - or $0.10 per node. Certainly, the quality of the nodes would likely vary greatly, so you'd probably have to over purchase due to loss of connectivity.
https://threatpost.com/how-much-does-botnet-cost-022813/77573/ 
