Bitcoin Forum
December 09, 2016, 04:20:47 AM *
News: Latest stable version of Bitcoin Core: 0.13.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1] 2 »  All
  Print  
Author Topic: [Proposal] Accountability & Transparency in Mining Pools  (Read 2976 times)
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
May 09, 2011, 03:46:36 PM
 #1

One of the problems with joining a pool is trusting the operator, so he/she doesn't "skim" your hard earned coins. Bitcoinpool tries to solve this problem by making statistics of every user public. While that's better than other pools, it's not enough. The operator can still make fake users, and inflate their share count.

A solution to this problem would be to publicly show EVERY share that is submitted by a user, and its corresponding getwork. This way, if someone wants to inflate his/her share count, they will actually need to do work.

Comments? Problems with this proposal? Hopefully, we can get all the major pool owners to implement in this, unless there are any problems.

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
1481257247
Hero Member
*
Offline Offline

Posts: 1481257247

View Profile Personal Message (Offline)

Ignore
1481257247
Reply with quote  #2

1481257247
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Ulysses
Jr. Member
*
Offline Offline

Activity: 32


View Profile
May 09, 2011, 04:07:43 PM
 #2

The idea is good, but it allows to inflate the shares amount by 0.3%-1.5% (depending on the number of long polling clients) with stale shares.
Another way to defeat this system is to declare the block invalid or do not show the block (pretend, that it wasn't solved).
Grinder
Legendary
*
Offline Offline

Activity: 1269


View Profile
May 09, 2011, 04:14:30 PM
 #3

It's easy for the user to see and compare how many stale shares they get on different pools, and it should always be included in the decision when you're choosing a pool. It doesn't really matter to the user why it is what it is, it reduces the income by the same amount.
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
May 09, 2011, 10:26:12 PM
 #4

The idea is good, but it allows to inflate the shares amount by 0.3%-1.5% (depending on the number of long polling clients) with stale shares.
Another way to defeat this system is to declare the block invalid or do not show the block (pretend, that it wasn't solved).
at least this way, users can clearly see they're getting ripped off. Normally, a cheating pool operator can blame the low income on "bad luck".

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
gmaxwell
Moderator
Legendary
*
Offline Offline

Activity: 2030



View Profile
May 09, 2011, 10:32:42 PM
 #5

Another way to defeat this system is to declare the block invalid or do not show the block (pretend, that it wasn't solved).

Easily detectable.  Obviously the pool must send the miners the block hashes that they're working on.   If your client remembered this data then you could easily check to see if any blocks you've previously worked on showed up in the chain.

Obviously few people would actually check, but it only takes one.   The situation could be made better by getting the common clients to make a permanent log of all the blocks their system actually solved, alone with a blockexplorer URL.  Few people would pay attention to all the blocks, but I think many people would pay attention to the few blocks where their node was the actual solver.

grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
May 12, 2011, 12:34:15 AM
 #6

Obviously few people would actually check, but it only takes one.   The situation could be made better by getting the common clients to make a permanent log of all the blocks their system actually solved, alone with a blockexplorer URL.  Few people would pay attention to all the blocks, but I think many people would pay attention to the few blocks where their node was the actual solver.

that's also a good idea.

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
May 24, 2011, 12:37:22 AM
 #7

anyone?

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
grndzero
Sr. Member
****
Offline Offline

Activity: 392


View Profile
May 24, 2011, 01:03:05 AM
 #8

anyone?

Do you also demand a list of every transaction that ever happened from any banking, credit, or insurance companies that you use?

Ubuntu Desktop x64 -  HD5850 Reference - 400Mh/s w/ cgminer  @ 975C/325M/1.175V - 11.6/2.1 SDK
Donate if you find this helpful: 1NimouHg2acbXNfMt5waJ7ohKs2TtYHePy
lizthegrey
Jr. Member
*
Offline Offline

Activity: 56


View Profile
May 24, 2011, 01:20:41 AM
 #9

A draft design document that may address some of these. https://docs.google.com/document/d/1ciKH3M8WYS49ywz08beXtvpCm2wVGdzU7waKwcn_uaU/edit?hl=en_US&authkey=CJTqyOMF#
grue
Global Moderator
Legendary
*
Offline Offline

Activity: 1932



View Profile
May 24, 2011, 02:08:47 AM
 #10

Do you also demand a list of every transaction that ever happened from any banking, credit, or insurance companies that you use?
I would at least demand a receipt

It is pitch black. You are likely to be eaten by a grue.

Tired of annoying signature ads? Ad block for signatures
grndzero
Sr. Member
****
Offline Offline

Activity: 392


View Profile
May 24, 2011, 02:14:38 AM
 #11

Do you also demand a list of every transaction that ever happened from any banking, credit, or insurance companies that you use?
I would at least demand a receipt
You're not buying anything. It's a very bad analogy. It's more like you are an independent consultant to the pool. You send it proof of work and it sends you payment in BTC.

Every pool I've seen keeps a history of your work. What you're asking for is access to everyone else's work/account.

Ubuntu Desktop x64 -  HD5850 Reference - 400Mh/s w/ cgminer  @ 975C/325M/1.175V - 11.6/2.1 SDK
Donate if you find this helpful: 1NimouHg2acbXNfMt5waJ7ohKs2TtYHePy
lizthegrey
Jr. Member
*
Offline Offline

Activity: 56


View Profile
May 24, 2011, 02:34:16 AM
 #12

Every pool I've seen keeps a history of your work. What you're asking for is access to everyone else's work/account.
Yes. This is necessary, because otherwise a dishonest pool could inflate the number of shares submitted in a round and nobody would be the wiser.
grndzero
Sr. Member
****
Offline Offline

Activity: 392


View Profile
May 24, 2011, 02:38:16 AM
 #13

Every pool I've seen keeps a history of your work. What you're asking for is access to everyone else's work/account.
Yes. This is necessary, because otherwise a dishonest pool could inflate the number of shares submitted in a round and nobody would be the wiser.
Just like it is absolutely necessary for all financial institutions because they could screw you over too.

Ubuntu Desktop x64 -  HD5850 Reference - 400Mh/s w/ cgminer  @ 975C/325M/1.175V - 11.6/2.1 SDK
Donate if you find this helpful: 1NimouHg2acbXNfMt5waJ7ohKs2TtYHePy
BitterTea
Sr. Member
****
Offline Offline

Activity: 294



View Profile
May 24, 2011, 02:42:56 AM
 #14


This seems like a fantastic idea. I look forward to seeing how this project pans out. I'll be more than willing to test the software when that time comes.

You're not buying anything. It's a very bad analogy. It's more like you are an independent consultant to the pool. You send it proof of work and it sends you payment in BTC.

Every pool I've seen keeps a history of your work. What you're asking for is access to everyone else's work/account.

Does it really matter? Every participant is pseudonymous anyway, there's no identifying information. Even if there was, is there anything private about the number of shares submitted? I mean, you can see every transaction made in the Bitcoin block chain, is that an issue?

Nobody would be forced to use this system if they didn't want to share their shares for whatever reason.
grndzero
Sr. Member
****
Offline Offline

Activity: 392


View Profile
May 24, 2011, 02:54:57 AM
 #15


This seems like a fantastic idea. I look forward to seeing how this project pans out. I'll be more than willing to test the software when that time comes.

You're not buying anything. It's a very bad analogy. It's more like you are an independent consultant to the pool. You send it proof of work and it sends you payment in BTC.

Every pool I've seen keeps a history of your work. What you're asking for is access to everyone else's work/account.

Does it really matter? Every participant is pseudonymous anyway, there's no identifying information. Even if there was, is there anything private about the number of shares submitted? I mean, you can see every transaction made in the Bitcoin block chain, is that an issue?

Nobody would be forced to use this system if they didn't want to share their shares for whatever reason.

Yeah it does because the double standard is sickening. No one is forcing you to use a pool that doesn't show everyone's work either.

Ubuntu Desktop x64 -  HD5850 Reference - 400Mh/s w/ cgminer  @ 975C/325M/1.175V - 11.6/2.1 SDK
Donate if you find this helpful: 1NimouHg2acbXNfMt5waJ7ohKs2TtYHePy
lizthegrey
Jr. Member
*
Offline Offline

Activity: 56


View Profile
May 24, 2011, 03:03:13 AM
 #16

Does it really matter? Every participant is pseudonymous anyway, there's no identifying information. Even if there was, is there anything private about the number of shares submitted? I mean, you can see every transaction made in the Bitcoin block chain, is that an issue?

Nobody would be forced to use this system if they didn't want to share their shares for whatever reason.
Yeah it does because the double standard is sickening. No one is forcing you to use a pool that doesn't show everyone's work either.
Correct, which is why Eligius is a good first step along this path, because you *can* verify that at least the number of shares present in the mysql db were generated for given round, even if you can't prove that no shares from clients were incorrectly rejected. But it's possible to do better than this *and* have increased reliability.

You could even anonymize the shares by not associating them with a specific worker, just dumping all the shares out so people could verify the share totals are correct.
Basiley
Jr. Member
*
Offline Offline

Activity: 42


View Profile
May 24, 2011, 03:07:40 AM
 #17

RFC for p2p overall pools stats may be nice, but how about security ?
but thats not fix pools problem with offense/exploitation vulnerability and danger to p2p BTC flow then.
and make miners depend on "human error" -factor too, btw.
grndzero
Sr. Member
****
Offline Offline

Activity: 392


View Profile
May 24, 2011, 03:16:53 AM
 #18

Does it really matter? Every participant is pseudonymous anyway, there's no identifying information. Even if there was, is there anything private about the number of shares submitted? I mean, you can see every transaction made in the Bitcoin block chain, is that an issue?

Nobody would be forced to use this system if they didn't want to share their shares for whatever reason.
Yeah it does because the double standard is sickening. No one is forcing you to use a pool that doesn't show everyone's work either.
Correct, which is why Eligius is a good first step along this path, because you *can* verify that at least the number of shares present in the mysql db were generated for given round, even if you can't prove that no shares from clients were incorrectly rejected. But it's possible to do better than this *and* have increased reliability.

You could even anonymize the shares by not associating them with a specific worker, just dumping all the shares out so people could verify the share totals are correct.

And that's great if that's what you want. The proposal is to try to impose it on every pool operator rather just using a pool that does what they want.

Ubuntu Desktop x64 -  HD5850 Reference - 400Mh/s w/ cgminer  @ 975C/325M/1.175V - 11.6/2.1 SDK
Donate if you find this helpful: 1NimouHg2acbXNfMt5waJ7ohKs2TtYHePy
lizthegrey
Jr. Member
*
Offline Offline

Activity: 56


View Profile
May 24, 2011, 03:57:03 AM
 #19

And that's great if that's what you want. The proposal is to try to impose it on every pool operator rather just using a pool that does what they want.
Nowhere have I said that I have any desire to impose it upon every pool operator. I'm sorry if I was unclear and there was a misunderstanding.

I am saying that personally, I prefer to use pools with greater levels of transparency, and I'm creating software to increase transparency past the current limits of ultimately trusting a single operator. This does nothing to affect existing pools, but would provide a family of alternatives for those looking for a low-overhead method of starting their own distributed pools or joining someone's transparent distributed pool.
BitterTea
Sr. Member
****
Offline Offline

Activity: 294



View Profile
May 24, 2011, 04:10:03 AM
 #20

And that's great if that's what you want. The proposal is to try to impose it on every pool operator rather just using a pool that does what they want.

Nobody suggested this. The only way this could happen is if pool operators voluntarily adopted the new protocol, or new pools using it were created and became popular.

Why do you seem so angry?
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!