StanLarimer
|
|
January 13, 2015, 09:18:08 PM |
|
This part is not clear to me: The total decentralized population of the all owners participate in selecting the most reliable machines to run the network. Those 101 parts have no power over the owners. 101 dispersed redundant parts is a decentralization red herring! That’s not where control lies. Those 101 chosen nodes can be completely reconfigured or replaced by the fully decentralized participating owners in 10 seconds. How the system of nodes can do it in a coordinated manner if the only reliable comunication channel is controlled by the delegates (and some of them are rogue ones)? A very similar problem is explained here - http://www.links.org/files/decentralised-currencies.pdf (second half of part 3). Thanks for this reference. Indeed it concludes that the ultimate consensus mechanism lies outside Bitcoin and yet Bitcoin still works! It is this realization that allows practical designs to be achieved that accomplish the true objective of "sufficiently trustless" systems that are immune from the abuses of opaque central control. I particularly liked the exquisitely pragmatic concluding paragraph: 8 Conclusion Of course, it is far more likely that Bitcoin has not solved the core problem and is therefore not a decentralised currency. But if it has, I have shown that we could instead save a lot of energy by using an efficient protocol. Alternatively, we could conclude that whilst Bitcoin is not strictly decentralised, it is as good an approximation as we can get. However, we must appreciate that this approximation relies on a certain level of honest behaviour from certain parties, and trust in those parties. If we have such behaviour and trust, why not leverage them in an efficient protocol, instead of burning CPU on proof-ofwork? This is the ultimate point we have been making. It is possible to design systems that work well enough without achieving a theoretically pure solution. We chose to simply explicitly manage where residual trust is being placed. This is why engineer's always achieve what mathematician's cannot. Mathematicians are stopped from reaching their goals by asymptotes. Engineers know how to get close enough for practical purposes.
|
|
|
|
achimsmile
Legendary
Offline
Activity: 1225
Merit: 1000
|
|
January 13, 2015, 09:19:32 PM |
|
mining pools and leased forging will tend to cluster around fewer than 101 entities which could be compromised. Why? Financial incentive is much lower in leased forging. Are you saying that less than 101 entities is bad (easier for the network to be compromised), and more than 101 is not possible in the long run? 101 seems arbitrary to me, if noone would say otherwise, you try to make 101 look like the magical number where all is fine and decentralized.
|
|
|
|
StanLarimer
|
|
January 13, 2015, 09:46:49 PM Last edit: January 14, 2015, 01:55:44 AM by StanLarimer |
|
mining pools and leased forging will tend to cluster around fewer than 101 entities which could be compromised. Why? Financial incentive is much lower in leased forging. Are you saying that less than 101 entities is bad (easier for the network to be compromised), and more than 101 is not possible in the long run? 101 seems arbitrary to me, if noone would say otherwise, you try to make 101 look like the magical number where all is fine and decentralized. 101 is indeed an arbitrary number. We could have chosen 51 or 151. 101 was chosen simply by an argument about diminishing returns. Going from 1 to 2 signers doubles the redundancy. Going from 100 to 101 increases the redundancy by less than 1%. The important thing to recognize is that the axis being analyzed here was how much redundancy, not how much decentralization. We felt that dispersing the processing uniformly among 101 nodes would mean the loss of any one node would impact the system performance by less than 1% until it could heal by dynamic reconfiguration to insert a "hot spare" standby node. Adding more nodes increases costs linearly, while improving performance robustness negligibly. Decentralization of control in BitShares is a completely different design axis. Every shareholder gets to choose which 101 of the available nodes they want to perform this fault tolerant processing function. They are free to vote for their own processor or any other processors they feel will suit their interests. If they do pick their own, and enough of their peers agree, their node will be used. So, in BitShares, all nodes participate in building a consensus about what is the most trustworthy cost-effective fault tolerant configuration of available processors to run the system. All stakeholders participate in this consensus according to the amount of stake they have at stake, so to speak. So, all people have a chance to sign blocks. Instead of having their chances determined by the size of their stake, it is determined by the size of their reputation. Once you realize how the BitShares architecture has partitioned the design problem, it suddenly makes complete sense. (At least to those who want to use and own the system.) If there are enough of those people, that's all that matters.
|
|
|
|
bytemaster
|
|
January 13, 2015, 09:47:29 PM |
|
mining pools and leased forging will tend to cluster around fewer than 101 entities which could be compromised. Why? Financial incentive is much lower in leased forging. Are you saying that less than 101 entities is bad (easier for the network to be compromised), and more than 101 is not possible in the long run? 101 seems arbitrary to me, if noone would say otherwise, you try to make 101 look like the magical number where all is fine and decentralized. 101 is just a point of comparison with BitShares. As I have discussed on my blog: 1) We assume that free market competition drives margins toward 0 2) We assume that to avoid subsidizing by stakeholders, transaction fees equal cost of block production 3) We assume that the market will drive transaction fees as low as possible via competition among chains 4) We assume that for a given number of transactions, the fewer block producers that must share the fees, the lower the fees may be. 5) We assume that no sustainable system should depend upon actors operating at a loss. 6) We assume marginal utility decreases for each additional block producer 7) We conclude there exists a number where fees / # producers == marginal utility of an additional producer. We conclude that the lowest fees will be a system with one block producer 9) We conclude that no system will profitably operate significantly outside the same # producers 10) When measured on a log2 scale we submit that all systems will converge on statistically the same amount of decentralization *OR* fail their users. 11) When all systems converge on the same number of nodes, we submit that delegated voting creates a more TRUSTED and FLEXIBLE set. 12) We project that 101 nodes is greater than the # the market will naturally converge upon as being a sufficient between robustness and cost. If you really want to increase the effective decentralization then you must double the fees for each additional level of decentralization when measured on log2 scale. Given two chains with equal features, it would require a hell of a network effect to sustain 2x fees.
|
|
|
|
DecentralizeEconomics
Legendary
Offline
Activity: 1162
Merit: 1042
White Male Libertarian Bro
|
|
January 14, 2015, 04:55:12 AM Last edit: January 14, 2015, 05:17:22 AM by DecentralizeEconomics |
|
This is a fair assessment and I have updated the blog post to reflect accounts vs. people. I chose to be generous by calling them people because I didn't want to bring up the potential for sybil attacks to skew the apparent decentralization of Nxt. For all intents and purposes an account is a single private key controlled by some individual. Nxt may be more centralized, but not less than the accounts indicate.
It's really hilarious that you imply that NXT is susceptible to Sybil attacks when with NXT you actually have to purchase the currency to stake but with Bitshares you just have to be voted in. If an individual in NXT does own multiple accounts and forges with them, that's not a "Sybil attack". If they own the NXT, they have the right to divide it up into as many accounts as they want and forge with it. Purchasing NXT validates their stakepower. I don't even have to own Bitshares to obtain a delegate position. Your father, Stan, even acknowledges that it is acceptable for an individual to occupy multiple delegate positions. If that's not a "Sybil attack", I don't know what is. It doesn't matter if you collect delegates' SSNs, driver's licenses, birth certificates and thumbprints, Bitshares' DPoS mechanism will always be susceptible to manipulation. You have introduced a "social construct" (aka voting) which turns Bitshares' delegates into a "government of the wealthy". No one will ever know what type of "behind-the-scenes" politics is going on which results in which delegates are selected. Because you have instituted this ridiculous charade into chain security, all your figures on "decentralization" and "speed of decentralization" are speculative and assume that all 101 delegates are unique, non-colluding individuals. The fact is all these delegates are not going to compete against each other for a position. Who will become a delegate and control the delegate selection process are the wealthiest stakeholders. This will be accomplished in a quid pro quo manner. This means that really Bitshares is less decentralized than NXT because they will be able to form political/business coalitions which imo will result in them dominating the delegate selection process. The wealthiest stakeholders in Bitshares can do this very easily because it is an "Approval Voting" process. This allows stakeholders to put the entire weight of their stake behind each and every delegate they approve. The Bitshares' devs will deny this to the very end because they are part of this "ruling elite".
|
"Give me the liberty to know, to utter, and to argue freely according to conscience, above all liberties." - Areopagitica
|
|
|
DecentralizeEconomics
Legendary
Offline
Activity: 1162
Merit: 1042
White Male Libertarian Bro
|
|
January 14, 2015, 05:15:13 AM |
|
They actually warn about colluding delegates on their wiki. The problem is... How do you know who is colluding? Do you really think that they are going to stand up and admit it?
|
"Give me the liberty to know, to utter, and to argue freely according to conscience, above all liberties." - Areopagitica
|
|
|
StanLarimer
|
|
January 14, 2015, 05:55:36 AM Last edit: January 14, 2015, 06:38:43 AM by StanLarimer |
|
If that's not a "Sybil attack", I don't know what is.
Agreed. So lets define it. I stopped by Wikipedia and snagged this: In a Sybil attack the attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous identities, using them to gain a disproportionately large influence. A reputation system's vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity, and whether the reputation system treats all entities identically. BitShares delegates are known to the community and produce services or products of value. They work with others in the community who know them. They publish original thinking where it can be reviewed under their own name. They reveal their own public identities. "Vulnerability to a Sybil attack depends on how cheaply identities can be generated" There is nothing cheap about earning the trust of the BitShares community. Even the number one delegate, Toast, took many days to get voted in. Thus, over time, the reputations of the Top 101 will become uncounterfeitable. Before long, most slots will be held by small businesses who have established business level reputations. Not that we trust opaque businesses any further than we can drop kick one of their executives, but the role of a delegate is so extremely limited and transparent that it is not possible to deviate from proper behavior without detection. There is no dark place where a delegate can hide bad behavior. Yet we can hold them accountable because of the size of their footprint in the real world. Reputations are anchored to real world footprints. You cannot hold an anonymous sock puppet accountable. You cannot fire one that is easy to recreate. But you can fire one that took a long time to create and fight its way into the top 101. And that makes all the difference.
|
|
|
|
DecentralizeEconomics
Legendary
Offline
Activity: 1162
Merit: 1042
White Male Libertarian Bro
|
|
January 14, 2015, 06:21:05 AM |
|
If that's not a "Sybil attack", I don't know what is.
Agreed. So to help you with that regrettable shortcoming, I stopped by Wikipedia and snagged this: In a Sybil attack the attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous identities, using them to gain a disproportionately large influence. A reputation system's vulnerability to a Sybil attack depends on how cheaply identities can be generated, the degree to which the reputation system accepts inputs from entities that do not have a chain of trust linking them to a trusted entity, and whether the reputation system treats all entities identically. BitShares delegates are known to the community and produce services or products of value. They work with others in the community who know them. They publish original thinking where it can be reviewed under their own name. They reveal their own public identities. "Vulnerability to a Sybil attack depends on how cheaply identities can be generated" There is nothing cheap about earning the trust of the BitShares community. Even the number one delegate, Toast, took many days to get voted in. Thus, over time, the reputations of the Top 101 will become uncounterfeitable. Before long, most slots will be held by small businesses who have established business level reputations. Not that we trust opaque businesses any further than we can drop kick one of their executives, but the role of a delegate is so extremely limited and transparent that it is not possible to deviate from proper behavior without detection. There is no dark place where a delegate can hide bad behavior. Yet we can hold them accountable because of the size of their footprint in the real world. You cannot hold an anonymous sock puppet accountable. You cannot fire one that is easy to recreate. But you can fire one that took a long time to create and fight its way into the top 101. And that makes all the difference. I think I could make a pretty good argument that delegates' "real world" identities being known by the community doesn't really matter or prevent a "Sybil attack". Imo, what would constitute a "Sybil attack" is the collusion of delegates' motives. I'm also pretty positive that the colluding delegates wouldn't "harm" the Bitshares' ecosystem, but instead use their power to manipulate delegate elections to capitalize on the delegate positions. Everybody can know everyones' name, but it's impossible to know their true intentions.
|
"Give me the liberty to know, to utter, and to argue freely according to conscience, above all liberties." - Areopagitica
|
|
|
StanLarimer
|
|
January 14, 2015, 06:48:00 AM |
|
I think I could make a pretty good argument that delegates' "real world" identities being known by the community doesn't really matter or prevent a "Sybil attack". Imo, what would constitute a "Sybil attack" is the collusion of delegates' motives. I'm also pretty positive that the colluding delegates wouldn't "harm" the Bitshares' ecosystem, but instead use their power to manipulate delegate elections to capitalize on the delegate positions. Everybody can know everyones' name, but it's impossible to know their true intentions.
Any block chain has the problem that a few big players can collude, whether they are large stakeholders or large hashpoolers. We dilute that down to under one percent influence per delegate, max. Then there's the question of what they can collude about. We can all observe whether they are performing their very limited block signing job to spec or not. We can look at their published price feeds. They have no other power.
|
|
|
|
DecentralizeEconomics
Legendary
Offline
Activity: 1162
Merit: 1042
White Male Libertarian Bro
|
|
January 14, 2015, 07:51:57 AM |
|
I think I could make a pretty good argument that delegates' "real world" identities being known by the community doesn't really matter or prevent a "Sybil attack". Imo, what would constitute a "Sybil attack" is the collusion of delegates' motives. I'm also pretty positive that the colluding delegates wouldn't "harm" the Bitshares' ecosystem, but instead use their power to manipulate delegate elections to capitalize on the delegate positions. Everybody can know everyones' name, but it's impossible to know their true intentions.
Any block chain has the problem that a few big players can collude, whether they are large stakeholders or large hashpoolers. We dilute that down to under one percent influence per delegate, max. Then there's the question of what they can collude about. We can all observe whether they are performing their very limited block signing job to spec or not. We can look at their published price feeds. They have no other power. That's true that in all blockchains stakeholders/hashpower can collude, but they can only collude in a one-to-one proportion to their stake/hash. Since approval voting is used in delegate elections, I maintain that large stakeholders can effectively collude to a multiple proportion of their stake. Whereby, for example, 20% of colluding stake can disproportionately influence the elections of more than 20% of the delegates. This leads to a coalition of a few wealthy stakeholders being able to determine the outcomes of the mass majority of the delegate elections. This is especially true considering that voter turnout of smaller stakeholders will be lower than the voter turnout of larger stakeholders. As I said previously, it would be the intention of the colluding wealthy stakeholders to not harm Bitshares, but to elect delegates from which they would derive monetary gain in excess to their proportion of stake in the system at the expense of all other stakeholders.
|
"Give me the liberty to know, to utter, and to argue freely according to conscience, above all liberties." - Areopagitica
|
|
|
StanLarimer
|
|
January 14, 2015, 03:03:54 PM |
|
I guess one man's consensus is another man's collusion. People are merely agreeing on who they trust, proportional to the stake they have at risk.
|
|
|
|
Este Nuno
Legendary
Offline
Activity: 826
Merit: 1002
amarha
|
|
January 14, 2015, 04:42:14 PM |
|
If you don't believe me or don't get it, I don't have time to try to convince you, sorry.
|
|
|
|
testz
Legendary
Offline
Activity: 1764
Merit: 1018
|
|
January 14, 2015, 04:55:10 PM |
|
If you don't believe me or don't get it, I don't have time to try to convince you, sorry. Please give us the link where you trying to convince someone about questions of this topic. Or you prefer to copy/paste that Satoshi says and run away?
|
|
|
|
Este Nuno
Legendary
Offline
Activity: 826
Merit: 1002
amarha
|
|
January 14, 2015, 05:05:47 PM |
|
If you don't believe me or don't get it, I don't have time to try to convince you, sorry. Please give us the link where you trying to convince someone about questions of this topic. Or you prefer to copy/paste that Satoshi says and run away? I've been waiting years to use that line on bytemaster and I figured this might be one of the last chances to do so. He's a part of Bitcoin history: https://bitcointalk.org/index.php?topic=532.msg6306#msg6306 Probably the most famous Satoshi quote there is.
|
|
|
|
StanLarimer
|
|
January 14, 2015, 05:36:46 PM |
|
If you don't believe me or don't get it, I don't have time to try to convince you, sorry. ... I've been waiting years to use that line on bytemaster and I figured this might be one of the last chances to do so. He's a part of Bitcoin history: https://bitcointalk.org/index.php?topic=532.msg6306#msg6306 Probably the most famous Satoshi quote there is. Well played.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 14, 2015, 06:34:57 PM |
|
Well for starters, there are 101 to make it odd, so it can never be evenly split...
I see that you chose 101 because it's 50 + 51. To be able to decide which group to join if the network splits... Well, I don't get why you think that at least one group will include at least 51 delegates, what if we get 34 + 34 + 33? Also, take a look at this (from http://research.microsoft.com/en-us/um/people/lamport/pubs/byz.pdf): Reliable computer systems must handle malfunctioning components that give conflicting information to different parts of the system. This situation can be expressed abstractly in terms of a group of generals of the Byzantine army camped with their troops around an enemy city. Communicating only by messenger, the generals must agree upon a common battle plan. However, one or more of them may be traitors who will try to confuse the others. The problem is to find an algorithm to ensure that the loyal generals will reach agreement. It is shown that, using only oral messages, this problem is solvable if and only if more than two-thirds of the generals are loyal; so a single traitor can confound two loyal generals. With unforgeable written messages, the problem is solvable for any number of generals and possible traitors. Applications of the solutions to reliable computer systems are then discussed. If BitShares can be modelled in terms of Byzantine generals problem then 51 is an overkill (because even 1 would be enough) or 51 is not enough (you need at least 67). Or maybe you see a 3rd option? Before this thread goes to total off-topic I'd like to remind about my question.
|
|
|
|
StanLarimer
|
|
January 14, 2015, 09:52:17 PM |
|
If BitShares can be modelled in terms of Byzantine generals problem then 51 is an overkill (because even 1 would be enough) or 51 is not enough (you need at least 67). Or maybe you see a 3rd option? ... Before this thread goes to total off-topic I'd like to remind about my question.
I called your question to Bytemaster's attention, so it's in his queue. Keep in mind that the reasons for the number 101 also include the fault tolerance aspect. As a design rule of thumb, loss of one node for any reason should not drop average block production rate per 1010-second rotation by more than 1% . Now that BitShares also uses most-reputable-node delegate slots as a way to pay support providers we like having 101 such slots available for flexibility in stakeholder allocation of authorized equity funding streams. When you fold in the fact that the 101 generals have public reputations to protect and that treasonous acts are detectable and correctable by the stakeholders, then even if you max out at only 33 allowable traitors, you are probably doing fine. This is just a space holder answer from someone who claims no qualifications to respond at your level. I'll leave the more Byzantine parts of your question for Dan.
|
|
|
|
Come-from-Beyond
Legendary
Offline
Activity: 2142
Merit: 1010
Newbie
|
|
January 14, 2015, 10:16:27 PM |
|
This is just a space holder answer...
While we are waiting I'd like to add few words to the discussion above. The humankind knows several ways to counteract Sybil attack and all of them can be categorized into two distinct groups - centralized certification and resource testing. BitShares uses an interesting approach, it's an alloy of the both, people can do their own certification and trust becomes a resource here. Quite often alloys have better qualities than their separate components, you guys should spend more time on formalization and analysis of your method to get rid of big part of accusations voiced upthread. Perhaps you could borrow some stuff from http://www.math.cmu.edu/~adf/research/SybilGuard.pdf, that paper sounds similar to BitShares delegates without bells and whistles.
|
|
|
|
StanLarimer
|
|
January 14, 2015, 10:32:56 PM |
|
Much appreciated. Thanks!
|
|
|
|
fluxer555
Newbie
Offline
Activity: 40
Merit: 0
|
|
January 14, 2015, 10:48:44 PM |
|
Come-from-Beyond, your presence here is quite refreshing. Thank you.
|
|
|
|
|