ThePurplePlanet (OP)
|
|
June 08, 2014, 03:40:54 AM Last edit: June 08, 2014, 05:42:26 PM by ThePurplePlanet |
|
tl;dr higher number of rewards per day might reduce reward variance and increase pool decentralization I have read arguments (from bitcoin devs) that lower block intervals lead to centralization because of block propagation time which makes sense at first look. However, Nnetworking tech improves and this might be a non issue long term On the contrary are there any arguments in favor of lower block time for decentralization of pools because there more blocks per day? (150 blocks per day are simply too few to expect a large pool market) More rewards per day will lead to lower reward variance and thus people are ok to use smaller pools. Litecoin seems to have more active pools than bitcoin. Doge looks even better with 1 minute https://pools.rapidhash.net (pool decentralization to be jealous of) and more transactions than litecoin despite the small market with ASICS already deployed. can bitcoin learn and adapt? Is it too risky and unproven?
|
|
|
|
Willisius
Sr. Member
Offline
Activity: 364
Merit: 250
I'm really quite sane!
|
|
June 08, 2014, 03:53:59 AM |
|
I started a similar thread entitled Block Spacing And Security a while back, as I'm very interested in this as well. Specifically, whether 10 minute block intervals are necessary. (Of course, a hard fork like lowering block spacing will likely never occur with Bitcoin, which creates an interesting case of path dependence.)
|
|
|
|
ThePurplePlanet (OP)
|
|
June 08, 2014, 05:43:02 AM Last edit: June 08, 2014, 05:43:02 PM by ThePurplePlanet |
|
I started a similar thread entitled Block Spacing And Security a while back, as I'm very interested in this as well. Specifically, whether 10 minute block intervals are necessary. (Of course, a hard fork like lowering block spacing will likely never occur with Bitcoin, which creates an interesting case of path dependence.) tl;dr Security is different than decentralization. Security does not depend on block spacing. Security is total amount of work done to secure a transaction from blockchain reorganization. Say a bitcoin block has X amount of work. For someone who receives a transaction and waits 2 blocks you can say his funds are secured by 2X amount. If the receiver waits 20 blocks he can say that the received amount is secured by 20X amount. Now since litecoin has 30 less value and 4 times more blocks to secure the received transaction that is equivalent to 1 bitcoin block you have to wait 120 litecoin blocks. So bitcoin is much more secure. (Note that proof of stake has precicely 0 security because one or more past stakeholders can use their stake and reorganize the chain from the point before selling at 0 cost) What I am asking here is different and refers to decentralization. (Even now that ghash controls a lot of hash they are contributing to the security as long as they don't use to create a parallel chain and thus stop solving main chain blocks) What I am speculating is if spacing helps pool decentralization and does not harm the decentralization as claimed by some devs (I think gmaxwell made such claim in the past). Just wanted to ask why this might wrong or has some premise. Definitely popular alts like doge make a good study case
|
|
|
|
jl2012
Legendary
Offline
Activity: 1792
Merit: 1111
|
|
June 09, 2014, 04:33:02 AM |
|
Now since litecoin has 30 less value and 4 times more blocks to secure the received transaction that is equivalent to 1 bitcoin block you have to wait 120 litecoin blocks. So bitcoin is much more secure. (Note that proof of stake has precicely 0 security because one or more past stakeholders can use their stake and reorganize the chain from the point before selling at 0 cost)
This is completely wrong. Assuming the same orphan rate and the same hashrate share among honest and evil miners, one Litecoin block is as secure as one Bitcoin block. The mean block interval is irrelevant. There has been lots of discussion on this topic. Please search.
|
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY) LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC) PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
ThePurplePlanet (OP)
|
|
June 09, 2014, 06:23:56 AM |
|
Now since litecoin has 30 less value and 4 times more blocks to secure the received transaction that is equivalent to 1 bitcoin block you have to wait 120 litecoin blocks. So bitcoin is much more secure. (Note that proof of stake has precicely 0 security because one or more past stakeholders can use their stake and reorganize the chain from the point before selling at 0 cost)
This is completely wrong. Assuming the same orphan rate and the same hashrate share among honest and evil miners, one Litecoin block is as secure as one Bitcoin block. The mean block interval is irrelevant. There has been lots of discussion on this topic. Please search. No that's simply not true and discussed a lot of times. Based on your logic 1 bitcoin block is as secure as 1 litecoin block which is as secure 1 block of feather coin (which has been attacked multiple times) etc.. There are no evil and honest miners. There are those seeking to profit from honest mining and those seeking to profit from double spending. If you receive 10000$ and wait 1 block to credit the senders account with bitcoin you will be more secure compared to the other two since it will cost more to reverse the transaction (at current market valuation). Anyway as I said in my previous post this thread is about block intervals and decentralization and not block intervals and security. Please don't troll the thread.
|
|
|
|
jl2012
Legendary
Offline
Activity: 1792
Merit: 1111
|
|
June 09, 2014, 08:50:22 AM |
|
Now since litecoin has 30 less value and 4 times more blocks to secure the received transaction that is equivalent to 1 bitcoin block you have to wait 120 litecoin blocks. So bitcoin is much more secure. (Note that proof of stake has precicely 0 security because one or more past stakeholders can use their stake and reorganize the chain from the point before selling at 0 cost)
This is completely wrong. Assuming the same orphan rate and the same hashrate share among honest and evil miners, one Litecoin block is as secure as one Bitcoin block. The mean block interval is irrelevant. There has been lots of discussion on this topic. Please search. No that's simply not true and discussed a lot of times. Based on your logic 1 bitcoin block is as secure as 1 litecoin block which is as secure 1 block of feather coin (which has been attacked multiple times) etc.. Feather coin is not secure because it's total hashrate is too low Please read Satoshi's paper, section 11: https://bitcoin.org/bitcoin.pdfThe probability of an attacker to success (q z) is just a function of p (% hashrate of honest miners) and q (% hashrate of the attacker). The block interval is NOT part of the equation. Anyway as I said in my previous post this thread is about block intervals and decentralization and not block intervals and security. Please don't troll the thread.
Please at least have a correct understanding of block interval, before further discussion.
|
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY) LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC) PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
jl2012
Legendary
Offline
Activity: 1792
Merit: 1111
|
|
June 09, 2014, 09:07:07 AM |
|
Back to the topic: small Bitcoin pools may use p2pool to decrease the variance. We may have many small pools that people could join, and these small pools are actually running under p2pool. We also have other mechanism to make pooled mining decentralized, such as getblocktemplate https://en.bitcoin.it/wiki/GetblocktemplateAnyway, I don't think decreasing block interval would make us more decentralized. There are already solutions. People are just too lazy, or they are just not economically optimal.
|
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY) LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC) PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
XertroV
Member
Offline
Activity: 88
Merit: 12
Max Kaye
|
|
June 09, 2014, 12:21:52 PM |
|
Please read Satoshi's paper, section 11: https://bitcoin.org/bitcoin.pdfThe probability of an attacker to success (q z) is just a function of p (% hashrate of honest miners) and q (% hashrate of the attacker). The block interval is NOT part of the equation. This is correct. However, this presumes an attack is already happening, and does not speak directly to the security of the chain. By modifying our behaviour to be dependant on the cost of an attack over some period we can directly measure this security and compare chains. You actually acknowledge the solution when you point out Feathercoin's low hashrate. The original statement: Now since litecoin has 30 less value and 4 times more blocks to secure the received transaction that is equivalent to 1 bitcoin block you have to wait 120 litecoin blocks. So bitcoin is much more secure.
This is true if we measure security as 'chance of a transaction of size X being reversed'. The cost of an attack in some unit ($ for convenience) on some network (N) is dependent upon market_cap_in_$ and transaction_size_in_$ (normalising out conversion between units). It is also dependent on the supply_rate_in_$. The main competition is the supply rate, so for a transaction of size X_in_$ we need to use supply_rate_in_$ to calculate some t.. If we set t high enough we can ensure it's never profitable to attack provided we wait out that duration. If I made transactions of equal value on both the Bitcoin and Litecoin network, the incentive for someone to attack the network is far greater on the Litecoin side, since the cost of an attack is far less for the same X. This presumes a perfect market where the profitability of mining is the same on both networks and competitive hardware is accessible. If we want to measure t in blocks we have to convert using the block interval. Going back to blockchain decentralisation: The security of the network measured against the above strategy is determined by the hashrate and not directly by number of blocks. Mining pools were invented to decrease variance in reward. Since this variance is somewhat dependent on the size of the reward blocks (constant stream = no variance, target time of 1yr = lots of variance) by increasing frequency of blocks (and decreasing variance) we increase mining decentralisation as long as some miners are okay moving to smaller pools or going solo (or moving to P2Pool). This is actually essentially what P2Pool does, and is immune to the orphan problem since a) it effects the whole network equally (though there is potential for a greedy miner attack) and b) any valid Bitcoin block is immediately distributed. Sadly without using GHOST there is a strong practical limit due to orphans produced by propagation time.
|
|
|
|
ThePurplePlanet (OP)
|
|
June 09, 2014, 07:48:13 PM |
|
Thanks for the responses. I still don't understand how people cannot cheat p2p pool or getblocktemplate . One can't just simply participate to get shared profit but once finds the block submits it seperately by itself to get the full block.
Also what is GHOST? Only thing I can find is a movie
|
|
|
|
XertroV
Member
Offline
Activity: 88
Merit: 12
Max Kaye
|
|
June 09, 2014, 11:09:04 PM |
|
Thanks for the responses. I still don't understand how people cannot cheat p2p pool or getblocktemplate . One can't just simply participate to get shared profit but once finds the block submits it seperately by itself to get the full block.
Also what is GHOST? Only thing I can find is a movie
getblocktemplate just provides detailed information which can be used to create a block. It hides less relevant details (like transactions) but allows the miner to alter other things that matter, like the coinbase sigscript, the nonce, etc. This doesn't stop anyone changing parts of the block, but getblocktemplate doesn't give them all the information they'd need, and then they'd be solo mining anyway. When you submit shares to a pool, you're actually submitting the information used to create a valid block of a lower target. By validating where the coinbase spends to, the pool can check if you're mining for yourself or them. If you're mining for yourself they don't credit you with any shares, but if you mine according to their rules you are attributed shares. Occasionally someone submits a solution that also happens to be a valid block on mainnet, and then it is distributed. P2Pool works in a similar manner. Instead of providing your solution to the centralised pool, you provide your solution to the whole P2Pool network. The P2Pool network is mined against a much smaller target than the mainnet, like centralised pools, and each potential block is valid on the Bitcoin network and P2Pool network, provided the PoW validates. You distribute your potential solutions to the rest of the network and show you're rewarding them according to the rules agreed upon. They then include you in their calculations, and when you receive their shares, you include them in your calculations. In this way, anyone who attempts to cheat is not able to convince others to reward them for their efforts, since their blocks don't validate against the pool's rule-set. It's a little more complex than that in reality, since the blocks produced for P2Pool also form a share-chain and they have a low target time (seconds). This chain is used to calculate rewards, and a valid P2Pool block is added to the share chain (though could potentially be orphaned). Each of those blocks would be a valid Bitcoin block if they happened to validate against Bitcoin-mainnet's target (but they don't). There's more information about that on the wiki. GHOST stands for Greedy Heaviest-Observed Sub-Tree, which basically says the chain with the most PoW behind it. It's a theoretical modification to blockchain design that would protect against some attacks and also allow us to produce blocks much faster as all valid PoW can be incorporated into the chain. The paper can be found here: https://eprint.iacr.org/2013/881.pdf
|
|
|
|
ThePurplePlanet (OP)
|
|
June 09, 2014, 11:36:34 PM |
|
Thanks for the responses. I still don't understand how people cannot cheat p2p pool or getblocktemplate . One can't just simply participate to get shared profit but once finds the block submits it seperately by itself to get the full block.
Also what is GHOST? Only thing I can find is a movie
getblocktemplate just provides detailed information which can be used to create a block. It hides less relevant details (like transactions) but allows the miner to alter other things that matter, like the coinbase sigscript, the nonce, etc. This doesn't stop anyone changing parts of the block, but getblocktemplate doesn't give them all the information they'd need, and then they'd be solo mining anyway. When you submit shares to a pool, you're actually submitting the information used to create a valid block of a lower target. By validating where the coinbase spends to, the pool can check if you're mining for yourself or them. If you're mining for yourself they don't credit you with any shares, but if you mine according to their rules you are attributed shares. Occasionally someone submits a solution that also happens to be a valid block on mainnet, and then it is distributed. P2Pool works in a similar manner. Instead of providing your solution to the centralised pool, you provide your solution to the whole P2Pool network. The P2Pool network is mined against a much smaller target than the mainnet, like centralised pools, and each potential block is valid on the Bitcoin network and P2Pool network, provided the PoW validates. You distribute your potential solutions to the rest of the network and show you're rewarding them according to the rules agreed upon. They then include you in their calculations, and when you receive their shares, you include them in your calculations. In this way, anyone who attempts to cheat is not able to convince others to reward them for their efforts, since their blocks don't validate against the pool's rule-set. It's a little more complex than that in reality, since the blocks produced for P2Pool also form a share-chain and they have a low target time (seconds). This chain is used to calculate rewards, and a valid P2Pool block is added to the share chain (though could potentially be orphaned). Each of those blocks would be a valid Bitcoin block if they happened to validate against Bitcoin-mainnet's target (but they don't). There's more information about that on the wiki. GHOST stands for Greedy Heaviest-Observed Sub-Tree, which basically says the chain with the most PoW behind it. It's a theoretical modification to blockchain design that would protect against some attacks and also allow us to produce blocks much faster as all valid PoW can be incorporated into the chain. The paper can be found here: https://eprint.iacr.org/2013/881.pdfStill don't understand everything but I will read more. If all miners were working on p2p pool could payment processors leverage the shared shared chain for instant transactions with lower chance of double spend?
|
|
|
|
XertroV
Member
Offline
Activity: 88
Merit: 12
Max Kaye
|
|
June 09, 2014, 11:54:12 PM |
|
Still don't understand everything but I will read more.
If all miners were working on p2p pool could payment processors leverage the shared shared chain for instant transactions with lower chance of double spend?
I don't believe so. P2Pool doesn't synchronise individual transactions between peers; and only the coinbase has restrictions. This means peers organise their own transactions (from their own node). Remember that chance-of-doublespend is probabilistic with time, not blocks, so simply producing more blocks doesn't provide more security, and if orphans can't be integrated into the chain then that PoW is wasted. This means that lower block time (and hence higher orphan rate) may actually decrease security of the chain if the orphan rate is significant enough. Bitcoin Wiki P2Pool pageGHOST explanation from Ethereum Whitepaper
|
|
|
|
ThePurplePlanet (OP)
|
|
June 10, 2014, 01:25:32 AM |
|
Thanks,
Are pools implementing getblocktemplate considered equivalent to p2ppool?
|
|
|
|
XertroV
Member
Offline
Activity: 88
Merit: 12
Max Kaye
|
|
June 12, 2014, 04:55:48 AM |
|
Thanks,
Are pools implementing getblocktemplate considered equivalent to p2ppool?
Absolutely not.
|
|
|
|
|
jl2012
Legendary
Offline
Activity: 1792
Merit: 1111
|
|
June 13, 2014, 04:24:09 AM |
|
You have to reduce the block intervals to a ridiculously low level to make variance acceptable to small solo miners. So I don't think it would work.
|
Donation address: 374iXxS4BuqFHsEwwxUuH3nvJ69Y7Hqur3 (Bitcoin ONLY) LRDGENPLYrcTRssGoZrsCT1hngaH3BVkM4 (LTC) PGP: D3CC 1772 8600 5BB8 FF67 3294 C524 2A1A B393 6517
|
|
|
ThePurplePlanet (OP)
|
|
June 13, 2014, 04:29:16 AM Last edit: June 13, 2014, 05:02:48 AM by ThePurplePlanet |
|
You have to reduce the block intervals to a ridiculously low level to make variance acceptable to small solo miners. So I don't think it would work. I understand.. There is a tradeoff. Reduced block intervals give more oprhans but increase centralization due to variance. It must be tuned to a better number than 10 minutes. Even 5 minutes has better variance than 10 minutes. There must be a sweet spot. If someone implements this software for all miners http://www.reddit.com/r/Bitcoin/comments/280gln/bounty_01_btc_for_a_bitcoin_mining_client_capable/ it will force people to solo mine. with 10 minutes we can have 5k solo miners? with 2.5 we can have 20k with 1 minute 50k and so on. It is something to think about and question at least. At which point it centralizes the miners due to orphans I dont know but there should be further analysis of that with respect to current networking technology (which in 10 years the current networking speed might seem like snail mail) and transactions (which is kind of unknown but some analysis with respect to certain upper bounds is an approach to analyse the transactions effect).
|
|
|
|
|