delete

[markm]

No, the point is anyone can buy a dirt cheap mass-mass-mass-produced ASIC coffeewarmer but its special purpose hardware so an attacker would not just happen to have tons of them lying around left over from cracking some CIA private communique or whatever.

Admittedly putting power in the hands of the masses does tend to mean putting it in the hands of the botnets... But you plan that anyway it seems.

-MarkM-

[1714156196]

1714156196

[1714156196]

1714156196

[NASDAQEnema]

Supernodes allow even the peasants to mine the trust chain. And besides it's unnecessary if you just allow potentiall attackers to fuck up each others' forks by using partial blocks.

I cannot believe you guys think the peasants should be second class especially regarding trust nodes.

Fuck this.

It's a good thing my friends are working on something compatible with most chains cuz it seems each community does not know how to say no to power trips.

[tgsrge]

i am not saying anyone here is mal intentioned - i want to believe everyone here honestly wants to fix the issue.

i am just pointing out that that the fixes proposed thus far have some severe flaws...but i cant come up with anything better myself.

IMO people should accept 51% attacks as part of the risk of dealing with nascent alternate cryptocurrencies, one which there is no fix besides throwing in extra hash power yourself to protect your investment, and that is that

[passerby]

Is the point to move closer to centralization and put the power in the hands of the wealthy? We already have that system. It’s global.

At this point, cryptocoins are best seen as investment vehicles. People who have invested a lot into an investment vehicle tend to work towards ensuring that it does not devalue.

The logic for giving people with the biggest investment in the chain "superpowers" is sound.

Solidcoin merely gave too much superpowers and in a technologically inferior manner. I'm sure there is a less noxious way that would allow to retain some accountability and feedback from "peasants".

Now, there is another sound approach - you see, unless there is an AI catering to the chain, there already is no less than one implicit "trust node", the developer.
And you trust the developer absolutely.
You trust him not to put a well-disguised "accidental" remote exploit into the code to pwn your box and take your money .

So you may as well allow yourself to occasionally accept "this blockchain is canon, the other one is heresy" kind of "decrees" signed by dev-node...

[NASDAQEnema]

If you allow partial blocks to be written say every X% transactions then it's not enough to have the longest blocks, you also need to maintain that speed and during an attack speed varies even if they are blind mergers. Attackers will have to check their stats all the time. Once there's multiple attackers the threshold goes from 51% to 75% or more.

The solution to the 51% problem is either an emergency pool that mines only when there's a sudden drop in hashrate, leaving the altchains to grow (or you'll replace violence by the state with violence by zealots), or take a paranoid monopolar (easily bipolar) system and make it naturally multipolar.

[NASDAQEnema]

Is the point to move closer to centralization and put the power in the hands of the wealthy? We already have that system. It’s global.

At this point, cryptocoins are best seen as investment vehicles. People who have invested a lot into an investment vehicle tend to work towards ensuring that it does not devalue.

The logic for giving people with the biggest investment in the chain "superpowers" is sound.

This rhetoric wouldn't fly on the school playground, how the fuck do people actually believe this.

It's not an investment vehicle. Exchanging one currency for another is not investment. It's valueless hedging. Musical chairs does not a factory make.

It's the least amount of effort which leads to a different analysis: None of the big investors actually give a shit for bitcoin evolving into something useful for many different interests. Furthermore, since the big shots want it easy, they will attack any innovator that makes things less comfortable. Because they can. There's several such wankers already in this community.

Solidcoin merely gave too much superpowers and in a technologically inferior manner. I'm sure there is a less noxious way that would allow to retain some accountability and feedback from "peasants".

It gave out no superpowers. One little clique had them.

"Accountability and feedback"... Fuck you and your crumbs from the master's table.

Now, there is another sound approach - you see, unless there is an AI catering to the chain, there already is no less than one implicit "trust node", the developer.
And you trust the developer absolutely.
You trust him not to put a well-disguised "accidental" remote exploit into the code to pwn your box and take your money .

Maybe you need to reread the software license. This is a seriously uninformed comment.

So you may as well allow yourself to occasionally accept "this blockchain is canon, the other one is heresy" kind of "decrees" signed by dev-node...

When the possibility of checkpoints was added, it was by vote of the user.

[markm]

Another approach that has so far been working really really well for those that have taken it is to put aside the actual using of a blockchain format for your new currency until some future time when the sheer volume of transactions will provide enough incentive (via transaction fees) for miners to get on board. All the chains that have taken this approach, that I know of, have proven far far more successful (in such terms as how many dollars each coin is worth for example) than any of the alts that have tried to fly in blockchain format throughout this early period.

For example although DeVCoin got quite a bit of hashing power through merged mining, and GRouPcoin seems to have survived simply by no one being interested enough to attack it yet, neither are worth nearly as much as the coins that took the more cautious approach of retreating to an Open Transactions format until such time as deploying as a blockchain again starts to look less vulnerable than it looks so far. (GRouPcoin is their weathervane for that; the longer GRouPcoin continues chugging along without being crushed, the more the other coins keep saying hey maybe we could have stayed in blockchain form afterall, like GRouPcoin did, maybe we too would have been unattacked all this time... But, notably, GRouPcoin is valued far less than the coins that retreated into the security of the Open Transactions form...)

-MarkM-

[Bitcoin Oz]

If a fork comes out and its still got the 51% vulnerability it is no better then bitcoin.

If bitcoin cant survive without chain lock ins it cant advertise itself as p2p either.

[iddo]

There are several decentralized proof-of-stake proposals, here is one: https://bitcointalk.org/index.php?topic=37194.msg462786#msg462786
The idea is to solidify the true chain with checkpoints that are signed by participants who have financial interest in the cryptocurrency. This means that if there's a fork before the checkpoint block, it doesn't matter which branch of the fork is chosen (all the participants who have financial interest will follow the same rules therefore they'd choose the same branch, so if the branch was prepared by a single entity with lots of hashpower who competed with all the distributed hashpower then it's fine to choose the branch of this single entity), and therefore if someone wants to protect himself from 51% double-spending attack he simply needs to wait until a signed checkpoint block in order to be sure that the relevant transaction couldn't be reversed. An attack with lots of computing power cannot fake ECDSA signatures as if he had more financial interest than all the others, because that'd be infeasible without knowing the privkeys that control the coins.
I think that both Litecoin haters and Litecoin supporters would agree that it'd be a very worthwhile experiment to implement a decentralized proof-of-stake in Litecoin, but it's not an easy design/programming task and it should be done carefully, preferably by a team of programmers.
Coblee: maybe it's indeed better that you start a thread when you have time to brainstorm serious ideas, to avoid the offtopic BCX comments.
Edit: this link explains the proof-of-stake ideas better: https://en.bitcoin.it/wiki/Proof_of_Stake

[makomk]

That's the paradox that needs to solved or a system to prevent abuse. Solidcoin's 51% attack schema worked, trust me I tried a dozen times from every angle I could. Unfortunately I think it was the wrong approach or better said, the wrong execution of the right idea.

You didn't try hard enough.

[Bitcoin Oz]

There are several decentralized proof-of-stake proposals, here is one: https://bitcointalk.org/index.php?topic=37194.msg462786#msg462786
The idea is to solidify the true chain with checkpoints that are signed by participants who have financial interest in the cryptocurrency. This means that if there's a fork before the checkpoint block, it doesn't matter which branch of the fork is chosen (all the participants who have financial interest will follow the same rules therefore they'd choose the same branch, so if the branch was prepared by a single entity with lots of hashpower who competed with all the distributed hashpower then it's fine to choose the branch of this single entity), and therefore if someone wants to protect himself from 51% double-spending attack he simply needs to wait until a signed checkpoint block in order to be sure that the relevant transaction couldn't be reversed. An attack with lots of computing power cannot fake ECDSA signatures as if he had more financial interest than all the others, because that'd be infeasible without knowing the privkeys that control the coins.
I think that both Litecoin haters and Litecoin supporters would agree that it'd be a very worthwhile experiment to implement a decentralized proof-of-stake in Litecoin, but it's not an easy design/programming task and it should be done carefully, preferably by a team of programmers.
Coblee: maybe it's indeed better that you start a thread when you have time to brainstorm serious ideas, to avoid the offtopic BCX comments.

This proof of stake is an interesting concept.

[passerby]

It's not an investment vehicle. Exchanging one currency for another is not investment. It's valueless hedging. Musical chairs does not a factory make.

What the living hell makes you think crypto-coins are, at this point, currencies ?

They are, depending on how you view them, exotic goods or extremely exotic derivatives/securities of a very special kind.

It's the least amount of effort which leads to a different analysis: None of the big investors actually give a shit for bitcoin evolving into something useful for many different interests. Furthermore, since the big shots want it easy, they will attack any innovator that makes things less comfortable. Because they can. There's several such wankers already in this community.

And who are the glorious victimized innovators, might I ask ?

"Accountability and feedback"... Fuck you and your crumbs from the master's table.

The fat lady sings again...

Maybe you need to reread the software license. This is a seriously uninformed comment.

So, you a mere software license,  a legal construct, would prevent a developer from intentionally making a mistake that is (for outside auditor) indistinguishable from honest mistake and allows remote code execution ?

Good grief, as long as we have a good software license, we are quite safe indeed   
 

[k9quaint]

Maybe you need to reread the software license. This is a seriously uninformed comment.

So, you a mere software license,  a legal construct, would prevent a developer from intentionally making a mistake that is (for outside auditor) indistinguishable from honest mistake and allows remote code execution ?

Good grief, as long as we have a good software license, we are quite safe indeed   
 

Some people (usually those who cannot read or write code) feel safer with a proprietary software license and closed code bases. They presume if the attacker cannot read the code, then the product is impenetrable. Unfortunately, that is a false presumption.

For those of us that can read & write code, we would rather have access to it. Having the permission to modify it is also nice.

To answer your question, yes a license can prevent that sort of mistake by enlisting the entire world to examine and improve the code base.

[Vorksholk]

What if the protection was done in such a way that a 51% attack would require the attacker to not only have tons of hashing power, but have a bunch of the cryptocurrency wallet programs running? This could be executed like this:

The current blockchain would the the blockchain the majority of the clients are using, so no matter how much hashing power is poured into mining an alternate blockchain, unless the majority of clients are getting that block projected as it is mined, merging the chain would cause the other clients to disregard the forked chain as it wasn't the one they agreed to use. As well, while someone could rent a bunch of EC2 instances and run tons of clients on them, perhaps the system would also take into account the ip-space diversity, making a 51% attack require tons of clients running all over the place (aka, needing a botnet).

Would that work at all or am I just spewing out words?

[Litecoin]

Is the point to move closer to centralization and put the power in the hands of the wealthy? We already have that system. It’s global.

I cannot agree. Cause the power is already in the hands of the wealthy. There's quite a few individuals who are running +10% of the network. Nothing is stopping them from working together. Like bankers.
I have +500 GPU's in stock, nothing would stop me from unboxing the cards and use all that power with other "corrupt" individuals to attack the chain.
Of course, I'd never hurt my investments.
I would rather trust rich LTC holders (trusted nodes) than "Mining-Power Leaders" with no Litecoins.

[maxcarjuzaa]

"Connect to Trusted nodess" could be an opcional feature. Anyone can enable or disable the trusted node verification, and you can choose whatever trusted node you want, you could choose your exchanger trusted node, or Coblee's trusted node, or your own trusted node, or disable the trusted node verificacion completely.

So you have 51% atack protection and still decentralized control, you should be able to choose 1, 5 or more trusted nodes, if you have more than 1 they vote.

so besides 51% power, atacker needs to take control of trusted nodes to perform an atack, and everyone can choose their own trusted nodes combination making an atack even more difficult. The atacker wolud need 51% power and control over 51% of your "specific", "trusted nodes combination".

[sd]

SolidCoin trusted nodes are a bad idea, they introduce points of failure into the network.

There have been cases where entire countries have fallen off the Internet due to under sea cables being cut by ships anchors and suchlike. If trust nodes are involved the isolated part of the network would be unable to mine. In the current setup they could continue to mine and when reconnected the transactions from the shorter blockchain get integrated into the longer one.

Don't follow SolidCoin's bad example and come up with some design-by-committee hack.

[maxcarjuzaa]

another way

$speed = speed at last diff change

choose n random nodes as trusted nodes the first time the software is run and write the list for next starts

if conection is lost to one or more trusted nodes and actual_network_speed < ($speed * 2)
then it conects to new random node as trusted node

oldest nodes are more trustworthy in case of 2 blockchains in the network.

you can edit the trusted nodes file when you launch the currency to prevent 51% atack at block 1.

so you have 100% decentralized control and you are not vulnerable to 51% atack anymore

[tgsrge]

not to mention, wtf is stopping someone from ddosing the "trusted nodes", anyway? and thus introducing yet another way to attack the network....

[sd]

another way

$speed = speed at last diff change

choose n random nodes as trusted nodes the first time the software is run and write the list for next starts

if conection is lost to one or more trusted nodes and actual_network_speed < ($speed * 2)
then it conects to new random node as trusted node

oldest nodes are more trustworthy in case of 2 blockchains in the network.

you can edit the trusted nodes file when you launch the currency to prevent 51% atack at block 1.

so you have 100% decentralized control and you are not vulnerable to 51% atack anymore

That introduces more problems. Say I run a few hundred small virtual machines which are all nodes in your network. I can find out where the trusted nodes are much like blockchain.info finds out where transactions and blocks come from. I need only ddos the trusted nodes I don't control one at a time until I control all of them. Then I can reject all blocks other than the ones I mine or cause all sorts of other mischief.