Well done, you got me. Work can be wasted if done at the wrong end of the chain. If you read on to the end though, I clarify that expression.
Work can be wasted whenever orphan blocks are produced. Orphan blocks do not contribute to network security, they do not pay their creators, and they are not relayed to the rest of the network.
What may have tripped me up was the way they describe gamma on the various pages. When I was reading the paper, I was struggling to find a unifying theme for all of the ways they use gamma. It seems to be a choice on one page, and then an expression of the natural race between competing blocks on the next.
In regards to latency, you seem to be missing a very important aspect of reality on the bitcoin network. If you are sitting on a block, waiting for the rest of the network to find one so that you can publish yours, the signal that you need to act is also the signal that you have already lost. Don't feel bad, this entire paper was written because of the same misunderstanding. You can not win races by waiting for the rest of the network to pass you.
If you are trying to achieve gamma=1 then yes, the signal that you need to act is also the signal that you have already lost. But unless I am the VERY LAST node on the network to receive this block, it may be possible for me to get my block to other nodes that have not yet seen the honest block and in this way recruit at least some of the honest miners to work on my chain. Even if you do not agree with this seemingly obvious statement, it DOESN'T MATTER. Because as I am getting tired of pointing out, the attack still works for gamma=0. This is the case where we assume that I was indeed the very last node to receive the block and not a single honest node will compute a single hash on my block in the case of a tie. In this magical case I need 33% of network hash-power to earn excess rewards.
The charts are very illuminating. In figure 2, each of the simulation points is exactly on the calculated line. This is a dead giveaway. The only way that can happen is if their model is fully deterministic except for mining function.
BS I replicated this result and I can guarantee you that the mining function is not deterministic. Besides, your premise is laughable. How accurately can you really read that chart? Enough to say that the simulated results are within 1% of the predicted values? 0.1%? You can easily get simulation results accurate to a fraction of that in a modest amount of time on a dated single core machine. I know because I tried.
I agree with you so much that I traveled back in time to do it. What is fully deterministic in their model is everything else. When a new block is found, gamma of the network switches to it, while 1-gamma switches to the attack block. This is not reality.
Nope still wrong. In my simulation, nodes get allocated to mine on one block or the other with a probability of gamma of being assigned to the
attacking block (you've got the logic of gamma reversed by the way) and I replicated their results perfectly. What is more, for the interesting cases gamma=0 and gamma=1, the two approaches are exactly the same.
"every other node" was hyperbole, but not far off from what it would really take. If the bitcoin network was laid out like an efficient mesh on a flat sheet, you wouldn't need many sensors. But the bitcoin network is tangled up like a wad of Christmas lights.
I don't really want to argue this point. As I have repeatedly stated I think that gamma->1 is extremely pessimistic and probably not achievable in the current network. But that is a red herring. The fact is that gamma->0 is extremely optimistic and even under those circumstances, the attack works. No Sybil attack is needed, so I wish we could stop discussing whether the Sybil attack is possible.