While working on InstantX, I have found that masternodes where not meant to run with PoS or at least with its current implementation. The PoS block rewards are not random like PoW so masternodes can be manipulated by high stakers. Masternode quorums, masternode payment selection, InstantX and DarkSend are not safe with the current code. We need to find another solution and I need the communities help with this.
Since PoS creates the hash variable in the CMasterNode::CalculateScore method below, it can be manipulated to fix the masternode payment. Malicious code can be written to pre-calculate hashes to make your masternode "score" more favorable when you mint a block with PoS.
//
// Deterministically calculate a given "score" for a masternode depending on how close it's hash is to
// the proof of work for that block. The further away they are the better, the furthest will win the election
// and get paid this block
//
uint256 CMasterNode::CalculateScore(int mod, int64_t nBlockHeight)
{
if(pindexBest == NULL) return 0;
uint256 hash = 0;
uint256 aux = vin.prevout.hash + vin.prevout.n;
if(!GetBlockHash(hash, nBlockHeight)) return 0;
uint256 hash2 = Hash(BEGIN(hash), END(hash));
uint256 hash3 = Hash(BEGIN(hash), END(aux));
uint256 r = (hash3 > hash2 ? hash3 - hash2 : hash2 - hash3);
return r;
}
This is an interview with Evan Duffield of Dash as he explains it:
https://youtu.be/rNZcO2vm7Jc?t=926 (see ~15:26)
It should solve the problem.