delete

[BitcoinEXpress]

delete

[1715002162]

1715002162

[1715002162]

1715002162

[1715002162]

1715002162

[1715002162]

1715002162

[passerby]

If your system is decentralized, you go where crowd goes.

In PoW-schemes available resources is synonymous with "crowd", so in decentralized PoW-driven schemes you go where the participant(s) with biggest pile of resources (hashrate) go.

If you don't like going where crowd goes (51-attack), you need centralization in some form or another (like here http://www.links.org/files/distributed-currency.pdf )

Trying to make a 51-proof fully-decentralized system is an exercise in futility since it would go against the very nature of "crowd-centric" design.
 

[k9quaint]

I want to keep this this thread strictly on topic, there are plenty of open threads to flame in. I encourage everyone to click report if this thread gets off topic.


Both goals of the "attack" were accomplished.

1) To focus you guys on central point to build hash rate to harden LTC against an obvious evolving 51% attack

2) To demonstrate that a hard coded solution is needed as hash rate alone is not enough.


Hard coding a 51% protection is simple really, but how do you engineer it so that it won't be abused?

Thoughts?

Actually, the code in question requires that people adopt the new client with the hard coded checkpoint. Otherwise, you have a network split. Once again, it is just voting via client. A cartel of LTC miners (including an exchange) with 51% of the hash power behind a different fork would not adopt this checkpoint. This scenario would leave two competing Litecoin chains in operation.

[passerby]

That's the paradox that needs to solved or a system to prevent abuse. Solidcoin's 51% attack schema worked, trust me I tried a dozen times from every angle I could. Unfortunately I think it was the wrong approach or better said, the wrong execution of the right idea.

I don't think you can "solve" it.

I think you can reach a certain set of design tradeoffs between radical decentralization (bitcoin) and radical centralization (paypal, soiledcoin).

To put it a bit metaphorically, both US government and North Korea government are, in a formal sense, centralized systems.
But one is significantly less centralized and generally more preferable.

I think that a less noxious (compared to soiledcoin) form of centralization can be found. One with some kind of publicly verifiable checks and balances.

[NASDAQEnema]

BCX, if you honestly were trying to just rattle ppl to come together you gotta work on your approach. Question is whether you were tho.

I think the fact that Coblee knew and has verified he knew a head of time supports that was my intention. maybe a little too dramatic, but it worked. Any ideas on the original topic?

Our working theory is that creating a fork by harrassing the network (as opposed to updating clients as a vote) is too dangerous for a blockchain.
So we're writing a cryptocoin model (old chains can be grandfathered in) where a 51% attack creates a new universe. A new chain with no fixed parameters, no history, and a separate address space.
The parameters are trained during a training period (like with voice recognition) where the users simulate or engage in the transactions that they like, want, need, or choose.
This allows new chains to skip the bullshit "paranoid warm up" stage and inventing the wheel and be sent to school instead.

[NASDAQEnema]

Single node training is pointless. The whole idea is to use the system for transactions and do as they say a burn in with real people sending mining at different levels then freeze the values that it creates. Anyways, "expect us" to put out a prototype soon.

[NASDAQEnema]

We're experimenting with putting together a few coders, making some code, giving it to the community, and disbanding.

Hive to operation and back to hive. More code less drama.

[coblee]

I want to keep this this thread strictly on topic, there are plenty of open threads to flame in. I encourage everyone to click report if this thread gets off topic.


Both goals of the "attack" were accomplished.

1) To focus you guys on central point to build hash rate to harden LTC against an obvious evolving 51% attack

2) To demonstrate that a hard coded solution is needed as hash rate alone is not enough.


Hard coding a 51% protection is simple really, but how do you engineer it so that it won't be abused?

Thoughts?

If this is a serious thread, let's try to keep it on topic. Trolls, please troll in one of the many troll threads. There are so many to choose from.

Ok, so here are my thoughts. I think SolidCoin had the right idea with trying to do something about the 51% attack but had the wrong solution and execution. 10 or more trusted nodes is not the right approach. But the idea to let people who have a million solidcoins become trusted nodes is an interesting idea. Basically, people who have a lot of coins invested are less likely to attack the chain. I think this idea is worth exploring.

What if we can make it such that people with the most coins decide which transactions are to be included in each block? I know there are lots of problems with this idea. But let's brainstorm and see if we can come up with something better.

[NASDAQEnema]

If this is a serious thread, let's try to keep it on topic. Trolls, please troll in one of the many troll threads. There are so many to choose from.

Ok, so here are my thoughts. I think SolidCoin had the right idea with trying to do something about the 51% attack but had the wrong solution and execution. 10 or more trusted nodes is not the right approach. But the idea to let people who have a million solidcoins become trusted nodes is an interesting idea. Basically, people who have a lot of coins invested are less likely to attack the chain. I think this idea is worth exploring.

What if we can make it such that people with the most coins decide which transactions are to be included in each block? I know there are lots of problems with this idea. But let's brainstorm and see if we can come up with something better.

Nah. The people with the most coins are also the ones who are most against alt chains, any emergency features (not that they are necessary), any ideas that would challenge their position.
The people with the most coins are not building nor investing.
They have no interest in serving the needs of people who need to acquire and spend coins much more frequently.
Hell no. All they care about is "GET OFF MY LAWN!" and their bunkers.

If you really want trusted nodes, they may not be as necessary as ppl think:
1. half the problem can be solved by the network having a warning system regarding suddenly high difficulty, suddenly low hashrates, suddenly high invalids/rejects, suddenly low completed miner to pool interactions.
2. there can be a rotating set of trusted nodes that have a limited time to fight off a threat.
3. the trusted nodes would convene during a disaster and disband when no longer necessary.
4. defining one's node as a supernode (rather than trusted) would be a better way.

What you would do is have pools or groups of nodes come together and put collateral in an address that cannot be reorganized as long as any super nodes are live. Then when the threat is over, that address releases the coins. This way any people can be super nodes including the peasants. Also this means unbalanced power is never permanent.

Look at the way the United States was organized under the Articles of Confederation versus the later Federalist model which has become corrupt and fights wars at our expense. A digital version of the same thing would self-destruct much faster.

Specifically to #2, the United States has behaved as if it under threat of immediate attack for 80 years. We cannot go down that road.

An even better idea is not having one massive blob of a network always ready to combust.

Operation Reactor is exploring crytocoin cities or something like virtual cantons: http://freenation.org/a/f23l3.html

[NASDAQEnema]

Even better:

During a 51% attack (after alarms are triggered) you would have a battle for people to try to grab the chain.
In other words multiple nodes or teams trying to fork the chain or the original chain trying to reassert control.

So the solution is to have partial blocks which would allow competition between the two or three attackers.
And only the longest block with the consistently longest partial blocks will overtake the main one.

Now it becomes a 75% attack.

[Litecoin]

I want to keep this this thread strictly on topic, there are plenty of open threads to flame in. I encourage everyone to click report if this thread gets off topic.


Both goals of the "attack" were accomplished.

1) To focus you guys on central point to build hash rate to harden LTC against an obvious evolving 51% attack

2) To demonstrate that a hard coded solution is needed as hash rate alone is not enough.


Hard coding a 51% protection is simple really, but how do you engineer it so that it won't be abused?

Thoughts?

If this is a serious thread, let's try to keep it on topic. Trolls, please troll in one of the many troll threads. There are so many to choose from.

Ok, so here are my thoughts. I think SolidCoin had the right idea with trying to do something about the 51% attack but had the wrong solution and execution. 10 or more trusted nodes is not the right approach. But the idea to let people who have a million solidcoins become trusted nodes is an interesting idea. Basically, people who have a lot of coins invested are less likely to attack the chain. I think this idea is worth exploring.

What if we can make it such that people with the most coins decide which transactions are to be included in each block? I know there are lots of problems with this idea. But let's brainstorm and see if we can come up with something better.

I like the idea to let people who have lots of coins become trusted nodes. Of course those people could get rid of their coins and become corrupt but if we had ~25 trusted nodes it's hard to believe that they would screw the coin they invested in.

[NASDAQEnema]

They would just screw the peasants with fewer coins and even gang up on them.
Economics is never separated completely from politics because the economics is designed to serbe some political creature a person, an institution, a dogma, or a corporation like a business or a bank (or a govt).

Anyways, I'll keep brainstorming in this thread, but I have updated the 51% killer (75% one) here:
https://bitcointalk.org/index.php?topic=96365.0

[NASDAQEnema]

They would just screw the peasants with fewer coins and even gang up on them.
Economics is never separated completely from politics because the economics is designed to serbe some political creature a person, an institution, a dogma, or a corporation like a business or a bank (or a govt).

Anyways, I'll keep brainstorming in this thread, but I have updated the 51% killer (75% one) here:
https://bitcointalk.org/index.php?topic=96365.0

You realize you're just attempting to create an alternate SWIFT system, right? You are simply replacing the assigned BIC with “trusted nodes.” Why don’t you just go get a Visa card and trust the ACH system? It’s worked pretty well so far.

1. The trusted node bit is further toward the beginning of the thread.
2. I replaced trusted nodes with supernodes.
3. Then I threw that out for partial blocks where you allow attackers to race and as such cancel out their power.
4. Fiat (VISA) is controlled by people who think we're all extra baggage (much like Bitcoin zealots hate altchains).

[Bitcoin Oz]

What if you had a trust chain that needed to sign blocks on the main chain. Say the 25 "richest" nodes at any one time are allowed to mine this trust chain and the one that wins a trust block gets to sign the main chain block ?

So you not only need lots of coins on the trust chain you also need to contribute through proof of work. The attacker would need both lots of coin and lots of mining power.

[tgsrge]

i dont think we should be trading 51% attacks for centralization/supernodes/trusted nodes/shifts in the trust model.

this goes against everything bitcoin (the only succesful cryptocurrency ever so far) was designed for.

if "fixing" the 51% attacks means the above, i would rather it not be fixed.

also:
hard coding things in instead of relying on the blockchain/the cryptography/math/algorithms will only bring a false sense of security and more potential counter intuitive attacks in. because of this, hard coding things in is NOT the fix we are looking for.

[VelvetLeaf]

i dont think we should be trading 51% attacks for centralization/supernodes/trusted nodes/shifts in the trust model.

this goes against everything bitcoin (the only succesful cryptocurrency ever so far) was designed for.

if "fixing" the 51% attacks means the above, i would rather it not be fixed.

This "trusted" node can be undone after Litecoin has enough hash rate any time.

[tgsrge]

i dont think we should be trading 51% attacks for centralization/supernodes/trusted nodes/shifts in the trust model.

this goes against everything bitcoin (the only succesful cryptocurrency ever so far) was designed for.

if "fixing" the 51% attacks means the above, i would rather it not be fixed.

This "trusted" node can be undone after Litecoin has enough hash rate any time.

power corrupts. would the trusted nodes want to give away their power after they see the benefits?i dont think so.

IMO everything propposed here so far goes against everything a cryptocurrency stands for, i am all ears for a decent trade off that doesnt break the principles cryptocurrencies stand for though.

[VelvetLeaf]

power corrupts. would the trusted nodes want to give away their power after they see the benefits?i dont think so.

Everyone update their litecoind / litecoin-Qt and the trusted node will lose all its power, it's as simple as that.

[markm]

Part of the problem is that security costs, and your whole objective seems to be to make mining not cost anything.

As long as you make mining so easy anyone can do it, it will be so easy anyone with as much computer power (or money, whatever your powerbase is) as all those cheap old obsolete machines your miners use can attack it.

To stop attackers you need mining to be so hard that even for the professional miners mining legitimately it is very hard just to keep up with the state of the art.

-MarkM-

[tgsrge]

Is the point to move closer to centralization and put the power in the hands of the wealthy? We already have that system. It’s global.

this

[markm]

No, the point is anyone can buy a dirt cheap mass-mass-mass-produced ASIC coffeewarmer but its special purpose hardware so an attacker would not just happen to have tons of them lying around left over from cracking some CIA private communique or whatever.

Admittedly putting power in the hands of the masses does tend to mean putting it in the hands of the botnets... But you plan that anyway it seems.

-MarkM-

[NASDAQEnema]

Supernodes allow even the peasants to mine the trust chain. And besides it's unnecessary if you just allow potentiall attackers to fuck up each others' forks by using partial blocks.

I cannot believe you guys think the peasants should be second class especially regarding trust nodes.

Fuck this.

It's a good thing my friends are working on something compatible with most chains cuz it seems each community does not know how to say no to power trips.

[tgsrge]

i am not saying anyone here is mal intentioned - i want to believe everyone here honestly wants to fix the issue.

i am just pointing out that that the fixes proposed thus far have some severe flaws...but i cant come up with anything better myself.

IMO people should accept 51% attacks as part of the risk of dealing with nascent alternate cryptocurrencies, one which there is no fix besides throwing in extra hash power yourself to protect your investment, and that is that

[passerby]

Is the point to move closer to centralization and put the power in the hands of the wealthy? We already have that system. It’s global.

At this point, cryptocoins are best seen as investment vehicles. People who have invested a lot into an investment vehicle tend to work towards ensuring that it does not devalue.

The logic for giving people with the biggest investment in the chain "superpowers" is sound.

Solidcoin merely gave too much superpowers and in a technologically inferior manner. I'm sure there is a less noxious way that would allow to retain some accountability and feedback from "peasants".

Now, there is another sound approach - you see, unless there is an AI catering to the chain, there already is no less than one implicit "trust node", the developer.
And you trust the developer absolutely.
You trust him not to put a well-disguised "accidental" remote exploit into the code to pwn your box and take your money .

So you may as well allow yourself to occasionally accept "this blockchain is canon, the other one is heresy" kind of "decrees" signed by dev-node...

[NASDAQEnema]

If you allow partial blocks to be written say every X% transactions then it's not enough to have the longest blocks, you also need to maintain that speed and during an attack speed varies even if they are blind mergers. Attackers will have to check their stats all the time. Once there's multiple attackers the threshold goes from 51% to 75% or more.

The solution to the 51% problem is either an emergency pool that mines only when there's a sudden drop in hashrate, leaving the altchains to grow (or you'll replace violence by the state with violence by zealots), or take a paranoid monopolar (easily bipolar) system and make it naturally multipolar.

[NASDAQEnema]

Is the point to move closer to centralization and put the power in the hands of the wealthy? We already have that system. It’s global.

At this point, cryptocoins are best seen as investment vehicles. People who have invested a lot into an investment vehicle tend to work towards ensuring that it does not devalue.

The logic for giving people with the biggest investment in the chain "superpowers" is sound.

This rhetoric wouldn't fly on the school playground, how the fuck do people actually believe this.

It's not an investment vehicle. Exchanging one currency for another is not investment. It's valueless hedging. Musical chairs does not a factory make.

It's the least amount of effort which leads to a different analysis: None of the big investors actually give a shit for bitcoin evolving into something useful for many different interests. Furthermore, since the big shots want it easy, they will attack any innovator that makes things less comfortable. Because they can. There's several such wankers already in this community.

Solidcoin merely gave too much superpowers and in a technologically inferior manner. I'm sure there is a less noxious way that would allow to retain some accountability and feedback from "peasants".

It gave out no superpowers. One little clique had them.

"Accountability and feedback"... Fuck you and your crumbs from the master's table.

Now, there is another sound approach - you see, unless there is an AI catering to the chain, there already is no less than one implicit "trust node", the developer.
And you trust the developer absolutely.
You trust him not to put a well-disguised "accidental" remote exploit into the code to pwn your box and take your money .

Maybe you need to reread the software license. This is a seriously uninformed comment.

So you may as well allow yourself to occasionally accept "this blockchain is canon, the other one is heresy" kind of "decrees" signed by dev-node...

When the possibility of checkpoints was added, it was by vote of the user.

[markm]

Another approach that has so far been working really really well for those that have taken it is to put aside the actual using of a blockchain format for your new currency until some future time when the sheer volume of transactions will provide enough incentive (via transaction fees) for miners to get on board. All the chains that have taken this approach, that I know of, have proven far far more successful (in such terms as how many dollars each coin is worth for example) than any of the alts that have tried to fly in blockchain format throughout this early period.

For example although DeVCoin got quite a bit of hashing power through merged mining, and GRouPcoin seems to have survived simply by no one being interested enough to attack it yet, neither are worth nearly as much as the coins that took the more cautious approach of retreating to an Open Transactions format until such time as deploying as a blockchain again starts to look less vulnerable than it looks so far. (GRouPcoin is their weathervane for that; the longer GRouPcoin continues chugging along without being crushed, the more the other coins keep saying hey maybe we could have stayed in blockchain form afterall, like GRouPcoin did, maybe we too would have been unattacked all this time... But, notably, GRouPcoin is valued far less than the coins that retreated into the security of the Open Transactions form...)

-MarkM-

[Bitcoin Oz]

If a fork comes out and its still got the 51% vulnerability it is no better then bitcoin.

If bitcoin cant survive without chain lock ins it cant advertise itself as p2p either.

[iddo]

There are several decentralized proof-of-stake proposals, here is one: https://bitcointalk.org/index.php?topic=37194.msg462786#msg462786
The idea is to solidify the true chain with checkpoints that are signed by participants who have financial interest in the cryptocurrency. This means that if there's a fork before the checkpoint block, it doesn't matter which branch of the fork is chosen (all the participants who have financial interest will follow the same rules therefore they'd choose the same branch, so if the branch was prepared by a single entity with lots of hashpower who competed with all the distributed hashpower then it's fine to choose the branch of this single entity), and therefore if someone wants to protect himself from 51% double-spending attack he simply needs to wait until a signed checkpoint block in order to be sure that the relevant transaction couldn't be reversed. An attack with lots of computing power cannot fake ECDSA signatures as if he had more financial interest than all the others, because that'd be infeasible without knowing the privkeys that control the coins.
I think that both Litecoin haters and Litecoin supporters would agree that it'd be a very worthwhile experiment to implement a decentralized proof-of-stake in Litecoin, but it's not an easy design/programming task and it should be done carefully, preferably by a team of programmers.
Coblee: maybe it's indeed better that you start a thread when you have time to brainstorm serious ideas, to avoid the offtopic BCX comments.
Edit: this link explains the proof-of-stake ideas better: https://en.bitcoin.it/wiki/Proof_of_Stake

[makomk]

That's the paradox that needs to solved or a system to prevent abuse. Solidcoin's 51% attack schema worked, trust me I tried a dozen times from every angle I could. Unfortunately I think it was the wrong approach or better said, the wrong execution of the right idea.

You didn't try hard enough.

[Bitcoin Oz]

There are several decentralized proof-of-stake proposals, here is one: https://bitcointalk.org/index.php?topic=37194.msg462786#msg462786
The idea is to solidify the true chain with checkpoints that are signed by participants who have financial interest in the cryptocurrency. This means that if there's a fork before the checkpoint block, it doesn't matter which branch of the fork is chosen (all the participants who have financial interest will follow the same rules therefore they'd choose the same branch, so if the branch was prepared by a single entity with lots of hashpower who competed with all the distributed hashpower then it's fine to choose the branch of this single entity), and therefore if someone wants to protect himself from 51% double-spending attack he simply needs to wait until a signed checkpoint block in order to be sure that the relevant transaction couldn't be reversed. An attack with lots of computing power cannot fake ECDSA signatures as if he had more financial interest than all the others, because that'd be infeasible without knowing the privkeys that control the coins.
I think that both Litecoin haters and Litecoin supporters would agree that it'd be a very worthwhile experiment to implement a decentralized proof-of-stake in Litecoin, but it's not an easy design/programming task and it should be done carefully, preferably by a team of programmers.
Coblee: maybe it's indeed better that you start a thread when you have time to brainstorm serious ideas, to avoid the offtopic BCX comments.

This proof of stake is an interesting concept.

[passerby]

It's not an investment vehicle. Exchanging one currency for another is not investment. It's valueless hedging. Musical chairs does not a factory make.

What the living hell makes you think crypto-coins are, at this point, currencies ?

They are, depending on how you view them, exotic goods or extremely exotic derivatives/securities of a very special kind.

It's the least amount of effort which leads to a different analysis: None of the big investors actually give a shit for bitcoin evolving into something useful for many different interests. Furthermore, since the big shots want it easy, they will attack any innovator that makes things less comfortable. Because they can. There's several such wankers already in this community.

And who are the glorious victimized innovators, might I ask ?

"Accountability and feedback"... Fuck you and your crumbs from the master's table.

The fat lady sings again...

Maybe you need to reread the software license. This is a seriously uninformed comment.

So, you a mere software license,  a legal construct, would prevent a developer from intentionally making a mistake that is (for outside auditor) indistinguishable from honest mistake and allows remote code execution ?

Good grief, as long as we have a good software license, we are quite safe indeed   
 

[k9quaint]

Maybe you need to reread the software license. This is a seriously uninformed comment.

So, you a mere software license,  a legal construct, would prevent a developer from intentionally making a mistake that is (for outside auditor) indistinguishable from honest mistake and allows remote code execution ?

Good grief, as long as we have a good software license, we are quite safe indeed   
 

Some people (usually those who cannot read or write code) feel safer with a proprietary software license and closed code bases. They presume if the attacker cannot read the code, then the product is impenetrable. Unfortunately, that is a false presumption.

For those of us that can read & write code, we would rather have access to it. Having the permission to modify it is also nice.

To answer your question, yes a license can prevent that sort of mistake by enlisting the entire world to examine and improve the code base.

[Vorksholk]

What if the protection was done in such a way that a 51% attack would require the attacker to not only have tons of hashing power, but have a bunch of the cryptocurrency wallet programs running? This could be executed like this:

The current blockchain would the the blockchain the majority of the clients are using, so no matter how much hashing power is poured into mining an alternate blockchain, unless the majority of clients are getting that block projected as it is mined, merging the chain would cause the other clients to disregard the forked chain as it wasn't the one they agreed to use. As well, while someone could rent a bunch of EC2 instances and run tons of clients on them, perhaps the system would also take into account the ip-space diversity, making a 51% attack require tons of clients running all over the place (aka, needing a botnet).

Would that work at all or am I just spewing out words?

[Litecoin]

Is the point to move closer to centralization and put the power in the hands of the wealthy? We already have that system. It’s global.

I cannot agree. Cause the power is already in the hands of the wealthy. There's quite a few individuals who are running +10% of the network. Nothing is stopping them from working together. Like bankers.
I have +500 GPU's in stock, nothing would stop me from unboxing the cards and use all that power with other "corrupt" individuals to attack the chain.
Of course, I'd never hurt my investments.
I would rather trust rich LTC holders (trusted nodes) than "Mining-Power Leaders" with no Litecoins.

[maxcarjuzaa]

"Connect to Trusted nodess" could be an opcional feature. Anyone can enable or disable the trusted node verification, and you can choose whatever trusted node you want, you could choose your exchanger trusted node, or Coblee's trusted node, or your own trusted node, or disable the trusted node verificacion completely.

So you have 51% atack protection and still decentralized control, you should be able to choose 1, 5 or more trusted nodes, if you have more than 1 they vote.

so besides 51% power, atacker needs to take control of trusted nodes to perform an atack, and everyone can choose their own trusted nodes combination making an atack even more difficult. The atacker wolud need 51% power and control over 51% of your "specific", "trusted nodes combination".

[sd]

SolidCoin trusted nodes are a bad idea, they introduce points of failure into the network.

There have been cases where entire countries have fallen off the Internet due to under sea cables being cut by ships anchors and suchlike. If trust nodes are involved the isolated part of the network would be unable to mine. In the current setup they could continue to mine and when reconnected the transactions from the shorter blockchain get integrated into the longer one.

Don't follow SolidCoin's bad example and come up with some design-by-committee hack.

[maxcarjuzaa]

another way

$speed = speed at last diff change

choose n random nodes as trusted nodes the first time the software is run and write the list for next starts

if conection is lost to one or more trusted nodes and actual_network_speed < ($speed * 2)
then it conects to new random node as trusted node

oldest nodes are more trustworthy in case of 2 blockchains in the network.

you can edit the trusted nodes file when you launch the currency to prevent 51% atack at block 1.

so you have 100% decentralized control and you are not vulnerable to 51% atack anymore

[tgsrge]

not to mention, wtf is stopping someone from ddosing the "trusted nodes", anyway? and thus introducing yet another way to attack the network....

[sd]

another way

$speed = speed at last diff change

choose n random nodes as trusted nodes the first time the software is run and write the list for next starts

if conection is lost to one or more trusted nodes and actual_network_speed < ($speed * 2)
then it conects to new random node as trusted node

oldest nodes are more trustworthy in case of 2 blockchains in the network.

you can edit the trusted nodes file when you launch the currency to prevent 51% atack at block 1.

so you have 100% decentralized control and you are not vulnerable to 51% atack anymore

That introduces more problems. Say I run a few hundred small virtual machines which are all nodes in your network. I can find out where the trusted nodes are much like blockchain.info finds out where transactions and blocks come from. I need only ddos the trusted nodes I don't control one at a time until I control all of them. Then I can reject all blocks other than the ones I mine or cause all sorts of other mischief.

[maxcarjuzaa]

not to mention, wtf is stopping someone from ddosing the "trusted nodes", anyway? and thus introducing yet another way to attack the network....

you need to ddos every computer in the network as the trusted nodes could be random

[k9quaint]

not to mention, wtf is stopping someone from ddosing the "trusted nodes", anyway? and thus introducing yet another way to attack the network....

Not to mention if the trusted nodes were ever hacked or the keys shared with someone who later turned out to be unreliable, the block chain would be at their mercy. They wouldn't need 51%, they could fork the block-chain when ever they felt like it.

[tgsrge]

since the "trusted nodes" are random  (these three words shouldnt even go together imo) what is stopping the same attacker that would need to have a massive amount of computing power anyway from doing a Sybil attack and just getting in as many nodes as he wants in the networks with hopes that his nodes will be selected randomly as the trusted nodes ?

this trades one type of attack (computing power) for another (flooding the network with nodes in hopes that they will be selected as the trusted nodes by as many people as possible)

[k9quaint]

since the "trusted nodes" are random  (these three words shouldnt even go together imo) what is stopping the same attacker that would need to have a massive amount of computing power anyway from doing a Sybil attack and just getting in as many nodes as he wants in the networks with hopes that his nodes will be selected randomly as the trusted nodes ?

this trades one type of attack (computing power) for another (flooding the network with nodes in hopes that they will be selected as the trusted nodes by as many people as possible)

Super nodes could be chosen randomly, but they have a means of proving themselves as a super node.
Once they are chosen, they are vulnerable to DDoS and hacking to obtain their private keys.

And do you really want a random cross-section of users holding the keys to the block chain?

[maxcarjuzaa]

another way

$speed = speed at last diff change

choose n random nodes as trusted nodes the first time the software is run and write the list for next starts

if conection is lost to one or more trusted nodes and actual_network_speed < ($speed * 2)
then it conects to new random node as trusted node

oldest nodes are more trustworthy in case of 2 blockchains in the network.

you can edit the trusted nodes file when you launch the currency to prevent 51% atack at block 1.

so you have 100% decentralized control and you are not vulnerable to 51% atack anymore

That introduces more problems. Say I run a few hundred small virtual machines which are all nodes in your network. I can find out where the trusted nodes are much like blockchain.info finds out where transactions and blocks come from. I need only ddos the trusted nodes I don't control one at a time until I control all of them. Then I can reject all blocks other than the ones I mine or cause all sorts of other mischief.

no you cannot as every network node could be trusted node to other nodes, you need to ddos every single machine in the network as trusted nodes are choosen ramdonly.

as no new trusted nodes are selected if network speeds is > 2x $speed (to prevent atacker nodes to become trusted nodes) the atacker cannot introduce the new chain because it is automatically discarded by the network, no matter if hi/she has 51% or 99%.

to perform an atack the atacker should have 51% hash power mining the network for X time to infiltrate "trusted eveils nodes" inside the network and at the same time 101% hash power mining the fork to perform an atack and in that circunstance the forked chain can be droped by the network.

while the atacker is minig the network he/she should have to ddos everysingle "honest node" to make it disconect from its pears in order to infiltrate their own trusted nodes.

[maxcarjuzaa]

since the "trusted nodes" are random  (these three words shouldnt even go together imo) what is stopping the same attacker that would need to have a massive amount of computing power anyway from doing a Sybil attack and just getting in as many nodes as he wants in the networks with hopes that his nodes will be selected randomly as the trusted nodes ?

this trades one type of attack (computing power) for another (flooding the network with nodes in hopes that they will be selected as the trusted nodes by as many people as possible)

Super nodes could be chosen randomly, but they have a means of proving themselves as a super node.
Once they are chosen, they are vulnerable to DDoS and hacking to obtain their private keys.

And do you really want a random cross-section of users holding the keys to the block chain?

If i recieve a block that thats not "fit" in my block chain I ask to my connected peers or "trusted random nodes" wich is the valid one?

so i can discard the longestone if is not from a trusted node and i do not trust new nodes when the network speed increases too much so you cannot introduce the new block chain unless you have 51% power from the very begining of the chain.
 

[k9quaint]

since the "trusted nodes" are random  (these three words shouldnt even go together imo) what is stopping the same attacker that would need to have a massive amount of computing power anyway from doing a Sybil attack and just getting in as many nodes as he wants in the networks with hopes that his nodes will be selected randomly as the trusted nodes ?

this trades one type of attack (computing power) for another (flooding the network with nodes in hopes that they will be selected as the trusted nodes by as many people as possible)

Super nodes could be chosen randomly, but they have a means of proving themselves as a super node.
Once they are chosen, they are vulnerable to DDoS and hacking to obtain their private keys.

And do you really want a random cross-section of users holding the keys to the block chain?

If i recieve a block that thats not "fit" in my block chain I ask to my connected peers or "trusted random nodes" wich is the valid one?

so i can discard the longestone if is not from a trusted node and i do not trust new nodes when the network speed increases too much so you cannot introduce the new block chain unless you have 51% power from the very begining of the chain.
 

How do you determine "trusted random nodes"?
Specifically, how do you know they are trusted and how do you connect to them?

[maxcarjuzaa]

since the "trusted nodes" are random  (these three words shouldnt even go together imo) what is stopping the same attacker that would need to have a massive amount of computing power anyway from doing a Sybil attack and just getting in as many nodes as he wants in the networks with hopes that his nodes will be selected randomly as the trusted nodes ?

this trades one type of attack (computing power) for another (flooding the network with nodes in hopes that they will be selected as the trusted nodes by as many people as possible)

that could be possible, we could restrict the random trusted nodes to the 50% top coin holders. So you need to be in the N top holders to become a trusted node.

if someone want to buy all the coins and buy all the netpower to destroy the chaincoin go ahead, feel free to do it :-)

[maxcarjuzaa]

since the "trusted nodes" are random  (these three words shouldnt even go together imo) what is stopping the same attacker that would need to have a massive amount of computing power anyway from doing a Sybil attack and just getting in as many nodes as he wants in the networks with hopes that his nodes will be selected randomly as the trusted nodes ?

this trades one type of attack (computing power) for another (flooding the network with nodes in hopes that they will be selected as the trusted nodes by as many people as possible)

Super nodes could be chosen randomly, but they have a means of proving themselves as a super node.
Once they are chosen, they are vulnerable to DDoS and hacking to obtain their private keys.

And do you really want a random cross-section of users holding the keys to the block chain?

If i recieve a block that thats not "fit" in my block chain I ask to my connected peers or "trusted random nodes" wich is the valid one?

so i can discard the longestone if is not from a trusted node and i do not trust new nodes when the network speed increases too much so you cannot introduce the new block chain unless you have 51% power from the very begining of the chain.
 

How do you determine "trusted random nodes"?
Specifically, how do you know they are trusted and how do you connect to them?

the same way litecoind trust a node that sends a new block, and the same way a REORGANIZATION could happend today, with the exception that you trust more in nodes that have more coins (in your stored blockchain) and have been in your "known nodes" list longer and you do not choose new budies or "trusted nodes" if speed is 2x last dif change speed (we can study the best factor value).

so if a new blockchain is sent by a node to you that implyes you have to drop more than one block from your blockchain you ask to your trusted nodes what to do. if 51% of your oldest buddies say discard you discard the new longest chain.

in order to select your budies or trusted nodes they have to have more than x coins or be a top x% holder (we have to think about how much to be elegible). The number should be small enough to make available for almost every honest node and big enough to make it expensive to the atacker.

[k9quaint]

since the "trusted nodes" are random  (these three words shouldnt even go together imo) what is stopping the same attacker that would need to have a massive amount of computing power anyway from doing a Sybil attack and just getting in as many nodes as he wants in the networks with hopes that his nodes will be selected randomly as the trusted nodes ?

this trades one type of attack (computing power) for another (flooding the network with nodes in hopes that they will be selected as the trusted nodes by as many people as possible)

Super nodes could be chosen randomly, but they have a means of proving themselves as a super node.
Once they are chosen, they are vulnerable to DDoS and hacking to obtain their private keys.

And do you really want a random cross-section of users holding the keys to the block chain?

If i recieve a block that thats not "fit" in my block chain I ask to my connected peers or "trusted random nodes" wich is the valid one?

so i can discard the longestone if is not from a trusted node and i do not trust new nodes when the network speed increases too much so you cannot introduce the new block chain unless you have 51% power from the very begining of the chain.
 

How do you determine "trusted random nodes"?
Specifically, how do you know they are trusted and how do you connect to them?

the same way litecoind trust a node that sends a new block, and the same way a REORGANIZATION could happend today, with the exception that you trust more in nodes that have more coins (in your stored blockchain) and have been in your "known nodes" list longer and you do not choose new budies or "trusted nodes" if speed is 2x last dif change speed (we can study the best factor value).

So I buy a bunch of Litecoin, set up a few nodes and hang out for a few months for them to gain trust. Now I have lots of Litecoin and trust. I convert my LTC to BTC and then immediately launch my alternate blockchain before everyone has confirmed my LTC transaction. In some parts of the network I still have LTC, and I am still trusted because of it. When people ask me about the real chain, I tell them to reject it.
Now I have BTC and LTC and the network still trusts me. That seems like a bad combination.

Plus, 51% of trusted nodes could dominate the network with no way for anyone else to either fight back or gain trust.

[maxcarjuzaa]

you are not understanding the concept, read it again, think about it, do the math, simulate in your head

[k9quaint]

you are not understanding the concept, read it again, think about it, do the math, simulate in your head

I did. You equated trust to some combination of time connected & LTC owned. Both of those can be obtained easily (in the mathematical sense).
51% of trust nodes should roughly equate to control of the network. A lone attacker might have difficulty, but a cartel could easily form. Especially if pool operators and exchanges are involved.

You seem to be assuming that you can determine who you should trust, and that they would never betray or disagree with you and thus make the network secure. Instead, assume that some of those you trust will betray you and then examine what the consequences of that would be. If you don't believe that trusted people might betray you, please examine Bitcoinica and mybitcoin.com for evidence to the contrary.

[ripper234]

Poll - Should Proof of Stake be implemented in Litecoin?

[Bitcoin Oz]

How do you come to a network consensus that the blockchain you are using is the correct one ? For one thing the genesis block should always be the same so you could always discard a chain which doesnt contain the same genesis block you have been using the whole time.

You could have a set of parameters that warn you when conditions are suboptimal. For instance monitoring pools on the network to see if they are being ddosed would trigger an alert.

If you can have a set of parameters and something happens which causes them to change you could refuse to accept a new blockchain untill such time as it came back to "normal". Sudden spikes or dips that go outside preset "statistical mean range" would cause certain defensive measures to happen to protect the network.