Re: AmericanPegasus initiates coverage on Sia. (Siacoin speculation topic)
Btw, how much are you willing to pay me for this education and distraction from my own work?
You are doing this of your own free will, and if you feel it is a waste of your time you are under no obligation to continue. When the full technology is complete, we will probably hire someone like Peter Todd to perform the audit.
To reiterate, hosts burn coins to get weight. Renters are 2x as likely to pick a host with 2x the burned coins. An attacker can burn a whole bunch of coins 1 time to gain an advantage, but hosts in the ecosystem will ongoing be burning coins, and all of the hosts that have burned coins in the past will have preference that the attacker needs to overcome.
If you presume that renters will prefer the host with the most burned coins, then hosts must either burn all their coins to be in the chosen top or they must join together to form an oligarchy of some sort (if that is possible) to stop other hosts from burning all their coins. Because the host that burns all his coins would then be chosen and he can then short the coin and delete all the data stored on the coin and walk away with the value that was in the coin.
Renters will probabilistically prefer hosts that have burned more coins, and they will prefer these hosts linearly according to the number of coins burned. This creates an incentive structure where the number of coins you should burn to be profitable is linearly related to the amount of storage you are offering to the network. Hosts that are aggressively burning coins to get ahead will end up burning more coins than they could ever make back through selling their disk space. They will be selected with higher probability, but they will not be profitable. Hosts will be most profitable when they are burning a small percentage (such as 4%) of their total expected revenue.
The short-and-delete attack won't work unless the host has managed to actually collect a sufficient portion of the data (and to collect a sufficient volume of shorts). Getting enough data to drop files, especially high reliability files (>5x redundancy), would require both having low prices and burning more coins than the rest of the ecosystem combined. It's an economically difficult attack, and requires a huge amount of prep work. Buying that many coins and then burning them will cause a supply shock, which will drive the price up, and make the attacker's life even more difficult as the attacker will be buying the coins at a greater price than what anyone else was buying at.
If you presume some equilibrium level will be attained by the market where hosts can earn some profit, then the Sybil attacker can burn that many coins too, because he is being paid for all his Sybil hosts. The fact that he only stores the data once (for all his Sybil hosts) reduces his costs, so he can afford to burn more coins than the other honest hosts (or burn the same number of coins as other honest hosts yet have higher profits). And the renter ends up with only 1 copy of the backup instead of the many copies they paid for.
I do assume that some equilibrium level will be attained, because hosts only have so much storage, and burning more coins to get more attention will not be profitable. There's a clear utility curve from burning coins. Going from having burned 0.001 coins per TB to burning 1 coin per TB has a massive utility - for just 1 coin you can increase your chances of being selected by 1000x! But then increasing your chances by another 1000x requires 1000 coins, and though you will pretty much always be selected your drives will be full and you can't make more money back.
"The fact that he only stores the data once (for all his Sybil hosts) reduces his costs" -> this is a deduplication attack, and does not work on Sia. All of the redundant pieces are encrypted with separate keys before being uploaded, which means that as far as an attacker (or honest host) can tell, every single bit of data on the Sia network is uploaded with a redundancy of 1x. The Sybil attacker cannot reduce his costs by storing only 1 copy, because 1 copy is all that existed in the first place. The absolute worst case scenario (assuming the attacker is successful) is that the renter ends up with the X copies they paid for, except that all X copies are on the attacker's machines. The attacker can then, at worst, commit vandalism by dropping all of the data.
An attacker cannot gain cost-efficiency by storing all the data, because the redundant pieces are encrypted with different keys, and the attacker is unable to figure out which pieces are not needed.
A sufficiently disruptive attacker can be displaced with a simple blacklisting.
So you attempt to solve decentralized file storage by making it centralized.
Also you can't identify who the attacker is! For as long as the attacker is successfully storing only one copy but charging for multiple hosts, this is not detectable. That is the entire point I made about why this is insoluble. Duh! You really need a citation? It is a simple logic.
No, there was no centralization invoked in any of the explanations I provided above. I'm not sure where you got that idea. The blacklisting happens at a per-renter level. If necessary (though unlikely), warnings can be sent out through the community that suggest a blacklisting strategy, but each person can make their own decision on whether it's needed or not. For the most part, blacklisting is performed behind the scenes based on data that the renter itself is witnessing, and the renter never automatically trusts information provided by other renters. I think it's unlikely that a community-wide notification would be necessary to stop a Sybil attack, but it is nonetheless something we have planned for.
At this point, I'm guessing TPTB and I are going to be going back-and-forth over the same problems repeatedly. I am probably going to ignore his posts because I do not feel that he is giving us a best effort. That said, I don't want to be ignoring potential problems, so if someone else is worried about an attack, or thinks that TPTB has made a good point which I have ignored, please repeat it and I will address it.