It's about time to turn off PoW mining

[inBitweTrust]

id like a question answered if you or anyone can.. name one technology with multiple generations where the 1st generation created is still the most widely used? i mean phones, tv's mp3's electronics or anyother face paced technology?  how many people still use basic phones that only call and txt which is what bitcoin would be if it was a mobile phone. and how many people use smart phones, which is what the 2.0 currencies would be if they were phones?

Bitcoin is a protocol which has hardware, software, firmware, and developers specifically designed to interact with it. So it is more akin to SMTP/HTML/IPv4 protocols where despite their many flaws remain around to this day and other technologies are simply scaffolded around them. Cellphones, TV's, and other electronics are consumable items that need to be replaced on a regular basis anyways, unlike the Bitcoin protocol or any other protocol or standard. Protocols and standards may be eventually phased out but that is a slow and gradual process(20+ years) and often never happens. (Blueray players still read dvd discs and CD disks despite being over 30+ years old). Another aspect that matters is familiarity and training. The Dvorak Keyboard is superior to the Qwerty Keyboard but the qwerty keyboard has dominated for over 140 years because it has had first mover advantage. You keep mentioning how vested interests are a bad thing and fail to mention the positive aspects. Examples have been already manifested by all the Nxt PoS clone failures. Vested interests of originally stake holders is a good thing as well as they create a solid support base and developer base because you need to incentivize these early supporters.

All of this being said I do believe that DPoS/PoS could slowly be phased into bitcoin over time without to many transitional problems. The problem with doing this is it does disrupts large industries which support the bitcoin ecosystem and you are still not acknowledging the inherent flaws within DPoS and PoS. Some of us understand the flaws within PoW and have clear plans on how to correct them as previously mentioned without introducing a whole new different set of flaws.

[ChuckOne]

I think you could think of it this way. If it cost $1B to attack/cause huge trouble to a country like say Slovenia with no repercussion, no country in the world would do it, because it's not worth it. But now if I tell you if you spend $1B, and you could attack/cause huge trouble and loss for the United States of America (and still with no repercussion), I would bet at least several dozen countries in this world will do it in a heart beat. My point is, as you become large and powerful, then the cost to attack you MUST also rise, it can not be cheap. Otherwise, someone WILL attack Bitcoin, just so he could say I did it, and if Bitcoin does get that big, I think the existing established banks/creditcard/governments have PLENTY of incentive to do just that.

Now the advantage of a PoS system, is that it's naturally resistant against a 51% attack. To attack a PoS eco-system, you must have resources several times the value of the eco-system, otherwise, you WILL fail. On the other hand, to attack a PoW system, you just have to buy enough hardware to overwhelm the current miners, which currently cost about only 10% of Bitcoin eco-system value. This is why there has been exact ZERO successful 51% attack on any PoS alt coin, while plenty of PoW alt coin has been attacked to death.

Interesting.

[krach]

This is why there has been exact ZERO successful 51% attack on any PoS alt coin

Vericoin forked because someone stole 20-30% (dont remember the exact ammount) of the coin supply from mintpal, after staking the coins they would be able do attacks.


This could easily happen, even PoS coins are horded at exchanges and NOT staked because people are trading them, not staking them.

[inBitweTrust]

Now the advantage of a PoS system, is that it's naturally resistant against a 51% attack. To attack a PoS eco-system, you must have resources several times the value of the eco-system, otherwise, you WILL fail. On the other hand, to attack a PoW system, you just have to buy enough hardware to overwhelm the current miners, which currently cost about only 10% of Bitcoin eco-system value. This is why there has been exact ZERO successful 51% attack on any PoS alt coin, while plenty of PoW alt coin has been attacked to death.

This is false, as you are simply internalizing the risks with PoS instead of externalizing them. You would simply need to hack 8 to 12 peoples computers(Nxt  as the example since you mention PoS- http://charts.nxtcrypto.org/cDistribution.aspx) or they would have to decide to attack the system themselves if they are coerced to or have some reason.

I am not suggesting that PoS doesn't have any advantages over PoW , merely suggesting that your claims are fallacious. If we make PoW more distributed and people adopted p2p pools Bitcoin would be far more secure than any PoS coin.

[CoinHoarder]

DPoS suffers from a crucial problem which invalidates the whole system. There is no proof of stake, therefore there is no way to conclusively ascertain which chain is the longest and thus which spending is not a double spend. Meaning that DPoS does not prevent double spending.

It seems you don't know what you're talking about. Without 51% of the money supply so you can vote in your own attacking delegates, this is not possible. There are only two attacks that are known for DPoS.. a 51% attack and DDOS of the delegates. DPoS is further protected against a DDOS attack because the delegates are only known to the public through their account names, and no one knows the IPs of all (or even some) delegate nodes.

More about DPoS: http://bitshares.org/delegated-proof-of-stake/
Even more about DPoS: http://wiki.bitshares.org/index.php/DPOS
Old discussions on DPoS: https://bitsharestalk.org/index.php?topic=4009.0
Discussions regarding "nothing at stake" attacks: https://bitsharestalk.org/index.php?topic=6584.0
More discussion about NaS attack: https://bitsharestalk.org/index.php?topic=6638.0

[inBitweTrust]

and no one knows the IPs of all (or even some) delegate nodes.

This isn't just misleading, but false. It is trivial for any hacker to gain access to the IP's of many of the delegates. 

The best you could say is DPoS is designed where script kiddies cannot easily take an off the shelf ICMP tool to attack a delegate.

Where are you getting your security "facts" from? Think critically about any claims, especially if they are coming from a biased sources.

[CoinHoarder]

and no one knows the IPs of all (or even some) delegate nodes.

This isn't just misleading, but false. It is trivial for any hacker to gain access to the IP's of many of the delegates.  

The best you could say is DPoS is designed where script kiddies cannot easily take an off the shelf ICMP tool to attack a delegate.

Where are you getting your security "facts" from? Think critically about any claims, especially if they are coming from a biased sources.

I'd say a DDOS attack is less likely with DPOS than it is with Bitcoin's PoW. It is harder for a hacker to find out delegates IP addresses than Ghash or discus fish IP addresses, as there are many delegates and delegates don't have public facing web sites and pool information. All delegate's identities are not publicly known.

I admit my wording of that statement was poor.

[inBitweTrust]

I'd say a DDOS attack is less likely with DPOS than it is with Bitcoin's PoW. It is harder for a hacker to find out delegates IP addresses than Ghash or discus fish IP addresses, as there are many delegates and delegates don't have public facing web sites and pool information. All delegate's identities are not publicly known.

You are ignoring many other variables like CDN's, Firewalls, available bandwidth, network security specialists, quality of the server configuration, and the fact that miners have fallback pools that they instantly mine on if their primary pool gets hit with a DDOS attack.

The delegates likely have none of these benefits and thus could easily be knocked down with a small botnet.  

Yes, many of the delegates are publicly known with a degree of probability.... I can produce a list of names that I can DOX with a likely 80-90% probability that they are a delegate. I don't need to have 100% confidence to what delegate username matches with the actual delegate to attack them. In the future I would also suspect delegates that are publicly recognized would tend to garner more support and more votes so this makes them even more vulnerable to being manipulated.

I believe you are good intentioned with trying to help people but you really are unfamiliar with network security as evidenced in this thread. People that understand good security are humble, as everything is vulnerable. Notice how I repeatedly mention how and why bitcoin is vulnerable?

FYI.... I like DPOS in reality and think there is a very important function for the coin. I am just trying to help people see through the propaganda.

[CoinHoarder]

I'd say a DDOS attack is less likely with DPOS than it is with Bitcoin's PoW. It is harder for a hacker to find out delegates IP addresses than Ghash or discus fish IP addresses, as there are many delegates and delegates don't have public facing web sites and pool information. All delegate's identities are not publicly known.

You are ignoring many other variables like CDN's, Firewalls, available bandwidth, network security specialists, quality of the server configuration, and the fact that miners have fallback pools that they instantly mine on if their primary pool gets hit with a DDOS attack.

The delegates likely have none of these benefits and thus could easily be knocked down with a small botnet.  

Yes, many of the delegates are publicly known with a degree of probability.... I can produce a list of names that I can DOX with a likely 80-90% probability that they are a delegate. I don't need to have 100% confidence to what delegate username matches with the actual delegate to attack them. In the future I would also suspect delegates that are publicly recognized would tend to garner more support and more votes so this makes them even more vulnerable to being manipulated.

I believe you are good intentioned with trying to help people but you really are unfamiliar with network security as evidenced in this thread. People that understand good security are humble, as everything is vulnerable. Notice how I repeatedly mention how and why bitcoin is vulnerable?

FYI.... I like DPOS in reality and think there is a very important function for the coin. I am just trying to help people see through the propaganda.

You can produce a list of names, not IP addresses. You would then need to compromise those people's computers to get the IP address of their delegate server, no? There is an added layer of security there, whereas I can get the IP addresses for all Bitcoin pools with 10 minutes worth of work as pool addresses are much easier attainable. I think you are making it out to be easier than it actually is.

Even if you were able to figure out the IPs of 80% to 90% of the delegate servers and DDOS them, all it would do is slow down the network.. It wouldn't make it vulnerable to attack. When one delegate misses a block, the next delegate includes their block and the previous missed block into the block chain. I believe in the unlikely event that 80 or 90 consecutive (likely it would be less because it is extremely unlikely that the delegates turns for that specific round were in exactly that order) blocks were missed, they would be recorded by the 81st or 91st delegate into the block chain.

It seems like a lot of work to only inconvenience the chain (slow it down.) Whereas a DDOS on the pools of a PoW coin can have security implications because then less hash power is needed to mount a possible attack.

[inBitweTrust]

It seems like a lot of work to only inconvenience the chain (slow it down.)

Well sure, if they are compromised they may as well steal their coins or attack the network directly rather than mount a DDoS attack. I wasn't discussing best strategy for a hacker with you but merely pointing out there are many more variables into being DDOS resistant than simply having a harder to find dynamic IP.

To attack a PoW pool you would need a very large botnet and it would essentially temporarily hurt the pool operators and not effect the miners unless they cloud mine because they have their asics configured with fallback pools.

[kokojie]

This is why there has been exact ZERO successful 51% attack on any PoS alt coin

Vericoin forked because someone stole 20-30% (dont remember the exact ammount) of the coin supply from mintpal, after staking the coins they would be able do attacks.


This could easily happen, even PoS coins are horded at exchanges and NOT staked because people are trading them, not staking them.

uh that is still not an example of successful 51% attack.

If someone stole 30% of total Bitcoin from an exchange, I would think Bitcoin will hardfork and block the thief's address too. Otherwise the eco-system will probably fail.

[CoinHoarder]

It seems like a lot of work to only inconvenience the chain (slow it down.)

Well sure, if they are compromised they may as well steal their coins or attack the network directly rather than mount a DDoS attack. I wasn't discussing best strategy for a hacker with you but merely pointing out there are many more variables into being DDOS resistant than simply having a harder to find dynamic IP.

Well, there being more variables to being DDOS resistant I can agree with, which you mentioned in you last post. Admittedly I am not an expert in network security, but I am not a complete idiot and am trying to rationalize the pros and cons and offer my opinion as best I can. If I am wrong on something feel free to point it out to me as I am still learning exactly how DPOS works. You bringing up that if the delegates were compromised, then they might as well steal funds and attack (not produce a block in a timely manner, sign a bad block, or not include valid transactions.) That is true.. a DDoS at that point would be silly, so let's go over that.

Suppose 51% of the delegates happened to be compromised and attacked the network, they could then be voted out and replaced with new delegates. Also.. It is not implemented right now, but there is also the possibility to program it into the client where if a delegate was to sign two blocks (double spend), that the client could automatically vote them out.

If the attacker gains a 51% stake then we can't vote out the attacker and it is similar to a 51% attack on a PoW coin, except it results in the non nefarious owners doubling their stake in the DPoS coin! If someone gets 51% stake, we could then take a snapshot of the attacked chain by identifying the unspent transaction outputs which were voting for the corrupt delegates at the time of the attack, and create a new genesis block from that snapshot with those particular unspent transaction outputs made void. A chain identical to the previous failed one is created using this new genesis block, which takes stake control away from the attacker leaving the other innocent 49% of stake holders with 100% of the stake of the new chain. Those who sold to the attacker should be happy because they made a voluntary exchange and got out before the attack. And those who did not sell to the attacker are also happy because they doubled their stake in the honest chain that will quickly regain its old value, which should hopefully compensate them for the brief outage of the chain.

[krach]

I think CoinHoarder is a delgate.


from another forum:

Please vote for delegate.coinhoarder

[CoinHoarder]

I think CoinHoarder is a delgate.


from another forum:

Please vote for delegate.coinhoarder

Congrats, now hack my computer to find my delegate node and you are 1/51 of the way there.

Then you must do the same for 50 more delegates, and you code an attack script.

Then we notice your attack and vote the attacking delegates out of power, and roll back the block chain to just before the attack started.

Then life moves on and we laugh and tell stories about it for years to come.  

[wasserman99]

This is why there has been exact ZERO successful 51% attack on any PoS alt coin

Vericoin forked because someone stole 20-30% (dont remember the exact ammount) of the coin supply from mintpal, after staking the coins they would be able do attacks.


This could easily happen, even PoS coins are horded at exchanges and NOT staked because people are trading them, not staking them.

uh that is still not an example of successful 51% attack.

If someone stole 30% of total Bitcoin from an exchange, I would think Bitcoin will hardfork and block the thief's address too. Otherwise the eco-system will probably fail.

I would doubt this. If fungibility of bitcoin is ever put into question then bitcoin would be all but guaranteed to fail. Not only would it be near impossible to prove that the bitcoin was actually stolen, an attacker would likely move the stolen bitcoin through a mixer quickly enough so that it would be near impossible to tell exactly what addresses are "his".

That is an example of why PoS coins are so vulnerable to attacks. If Vericoin was something that was actually used in commerce then it would have been impossible to determine which coins belonged to the hacker

[CoinHoarder]

This is why there has been exact ZERO successful 51% attack on any PoS alt coin

Vericoin forked because someone stole 20-30% (dont remember the exact ammount) of the coin supply from mintpal, after staking the coins they would be able do attacks.


This could easily happen, even PoS coins are horded at exchanges and NOT staked because people are trading them, not staking them.

uh that is still not an example of successful 51% attack.

If someone stole 30% of total Bitcoin from an exchange, I would think Bitcoin will hardfork and block the thief's address too. Otherwise the eco-system will probably fail.

I would doubt this. If fungibility of bitcoin is ever put into question then bitcoin would be all but guaranteed to fail. Not only would it be near impossible to prove that the bitcoin was actually stolen, an attacker would likely move the stolen bitcoin through a mixer quickly enough so that it would be near impossible to tell exactly what addresses are "his".

That is an example of why PoS coins are so vulnerable to attacks. If Vericoin was something that was actually used in commerce then it would have been impossible to determine which coins belonged to the hacker

With DPoS, 30% wouldn't matter. You would need 51% of the money supply. Even an attacker obtained 51% of the money supply would not matter.. see the third paragraph of my last post.

[wasserman99]

I think CoinHoarder is a delgate.


from another forum:

Please vote for delegate.coinhoarder

Congrats, now hack my computer to find my delegate node and you are 1/51 of the way there.

Then you must do the same for 50 more delegates, and you code an attack script.

Then we notice your attack and vote the attacking delegates out of power, and roll back the block chain to just before the attack started.

Then life moves on and we laugh and tell stories about it for years to come.  

BINGO

This is exactly why PoS coins will never succeed. If you are able to roll back transactions of what you think are an attack on the network then you can roll back transactions on people who are simply unpopular to the network. This will make it so people will be afraid to use/adopt the coin because they will be afraid what they are doing is unpopular enough so any payment to them would simply be unwound.

[CoinHoarder]

I think CoinHoarder is a delgate.


from another forum:

Please vote for delegate.coinhoarder

Congrats, now hack my computer to find my delegate node and you are 1/51 of the way there.

Then you must do the same for 50 more delegates, and you code an attack script.

Then we notice your attack and vote the attacking delegates out of power, and roll back the block chain to just before the attack started.

Then life moves on and we laugh and tell stories about it for years to come.  

BINGO

This is exactly why PoS coins will never succeed. If you are able to roll back transactions of what you think are an attack on the network then you can roll back transactions on people who are simply unpopular to the network. This will make it so people will be afraid to use/adopt the coin because they will be afraid what they are doing is unpopular enough so any payment to them would simply be unwound.

It is against stakeholders best interest to roll back the chain on people who are unpopular or doing unpopular things. Just as it is against Bitcoin's best interest to roll back the block chain. An attack on the other hand is easy to spot and you will have no problem convincing others to switch to a new chain, as the old one can be double spent on and valid transactions withheld.

[inBitweTrust]

It is against stakeholders best interest to roll back the chain on people who are unpopular or doing unpopular things.

Delegates can have all sorts of motivations or be coerced into having all sorts of motivations. I could easily imagine a scenario where 60% of stakeholders and over 80% of delegates preferred to implent changes that incorporated blacklisting to go mainstream , and you know for things like "think of the children!"

You think the same can't happen for Bitcoin if someone builds a farm big enough to control 51% ?

No , that's not how bitcoin works. A 51 % attack can only delay processing or fake 1-3 transactions before being stopped. Full Nodes or users control the direction of the protocol. What this means is Bitshares has 100 delegates and Bitcoin has 20k+ "delegates" with the possibility of quickly amassing millions of delegates(Bitcoin QT with port 8333 open = full node)

What this means is that if the 51% miners get co-opted by any nefarious agents or governments(apologize for repetition) than a hard fork would appear and Bitcoin would remain the same and a new coin would develop. Their vote is essentially picking the Bitcoin code implementation they preferred and by not acting or upgrading they would create the hard fork.

With bitcoin you need 100% consensus unlike DPoS. Breaking consensus means you have a hardfork.  Every user has a vote, and if even one user disagrees he is fine to continue to keep bitcoin as they intend it but with a very small difficulty of course...

[CoinHoarder]

You think the same can't happen for Bitcoin if someone builds a farm big enough to control 51% ?

No , that's not how bitcoin works. A 51 % attack can only delay processing or fake 1-3 transactions before being stopped. Full Nodes or users control the direction of the protocol. What this means is Bitshares has 100 delegates and Bitcoin has 20k+ "delegates" with the possibility of quickly amassing millions of delegates(Bitcoin QT with port 8333 open = full node)

What this means is that if the 51% miners get co-opted by any nefarious agents or governments(apologize for repetition) than a hard fork would appear and Bitcoin would remain the same and a new coin would develop. Their vote is essentially picking the Bitcoin code implementation they preferred and by not acting or upgrading they would create the hard fork.

Ok, my bad.. I am still learning.

What if an entity (a government, central bank, etc.) could maintain 51% of the hash power for an indefinite amount of time? Couldn't they repeatedly attack the chain? I find it hard to believe that sort of attack could be mitigated without switching algorithms and rolling back the block chain.