Re: [ANN][DCR] Decred - Hybrid PoW/PoS | btcsuite Devs | Tons of New Features | Go
sambiohazard, all stake pools have the same code base, and to stop your fear, uncertainty and doubts I'm constantly update Dcrstats Stakepool to newest versions and add new security features to protect your accounts (2FA coming very soon, it's been successfuly tested in Evolution already).
So, first of all, if attackers will find a vulnerability in the stakepool or decred software, they won't attack only one biggest pool, but all of them. And you know it doesn't matter then 1 pool with 25% or 5 pools with 5%. Actually, yes, it matters, because I don't know how serious are all 9 pool operators, but our reaction and hot-fixing will be super fast.
Even if hackers can take control under all 10 existing stakepools (c0 + 9 from rfp), what can they do in the short terms? Do not include transactions in next 10 blocks? To destroy next 10 blocks? Even if they will take control of all stake pools, it cannot be a 1-minute attack. Hackers will have to maintain all the infrastructure and pay for the hosting of more than 40 servers, which are not cheap
PS: so far you are the only person who don't like something and who is going to attack the network.
So, first of all, if attackers will find a vulnerability in the stakepool or decred software, they won't attack only one biggest pool, but all of them. And you know it doesn't matter then 1 pool with 25% or 5 pools with 5%. Actually, yes, it matters, because I don't know how serious are all 9 pool operators, but our reaction and hot-fixing will be super fast.
Even if hackers can take control under all 10 existing stakepools (c0 + 9 from rfp), what can they do in the short terms? Do not include transactions in next 10 blocks? To destroy next 10 blocks? Even if they will take control of all stake pools, it cannot be a 1-minute attack. Hackers will have to maintain all the infrastructure and pay for the hosting of more than 40 servers, which are not cheap
PS: so far you are the only person who don't like something and who is going to attack the network.
I definitely agree with sambiohazard in this respect, and I'm pretty sure others do as well. I've voiced my concern for a healthier network distribution before, and this initiative, to me, is a step in the wrong direction. Nonetheless, you're providing a staking alternative for the less technical users, so kudos for that.
Folks, please consider joining any of the smaller PoS pools. Thanks!
Thanks for the support myagui. He probably didnt read my post. Dyrk when someone wants to disrupt the network, they would do it with least resource requirement. If you provide them with one pool with lots of tickets, they will attack it instead of 5 pools with 5% tickets as costs to attack will be significantly less. Dont tell me that you dont understand how distributing the tickets over pools is better while you claim to run a pool that is safe.
I wasn't talking about user account security with hackers rather about DDoS attack on your pool. On front of user fund/account security it is more about trust with you which i am slowly loosing as you go against what is good for the project and network.
I hope that it works out for everyone but path you are taking is certainly not the best for a decentralized currency. Your project introduces trust and centralization back into the system. I hope devs will intervene or introduce correct incentives at protocol level to ensure decentralization of PoS tickets.