Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Altcoin Discussion
Re: Unmoderated XC thread
by
synechist
on 06/06/2014, 12:06:05 UTC
Quote from: chaeplin on June 06, 2014, 02:09:19 AM
Quote from: chaeplin on June 06, 2014, 01:58:42 AM
Quote from: phosphorush on June 06, 2014, 01:53:00 AM
doesn't the network have to agree on what was the initial transaction? Therefore knowing that a bad xnode didn't do what was supposed to do?

xnode owner can change mind.
xnode can suffer Windows crash.
xnode can suffer power failure.
xnode can suffer network interruption.

if any one of this happen, coins are gone, belongs to xnode.


Truth or FUD?

Say.

Chaeplin, thanks for your ongoing work on XC. However you appear to not be aware of some crucial details of how xnodes will work.

I posted the following on the official thread:

Quote
ATCsecure shall we discuss how Gmaxwell's post might apply to XC? I imagine it'd be a matter of whether the multi-path paradigm can be implemented without a dynamic trust system, while still preserving XC's ability to avoid blockchain bloat.

Multi-path has incredible possibilities; how about removing/reducing the need for trust with the following (which in all likelihood you've thought of already):

- your specification includes that each xnode only passes on fragments of transactions; this means each fragment will be a small (non-risky) amount.

- what if xnodes have to compete to relay a given fragment? This builds in redundancy, so that if one node attempts to steal the fragment, the others will pass it on. The fastest node gets the transaction fee.

- what if xnodes also can only pass on a single fragment at a time? This way a node would only ever have one fragment, and therefore could never amass enough money for it to be worth stealing.

- Xnodes would then compete for transaction fees by processing transactions faster than other nodes. This way the network would organically improve its capacity.

- At some cost to network speed, the protocol could also set a maximum fragment size to ensure the incentive to become a bad actor is always low regardless of the size of a given payment.


The effect of the above is that xnodes have two options:
- steal a fragment and (a) derive minimal reward, and (b) get booted off the network via the trust system
- or pass on (a) as many fragments as possible in the shortest time and (b) get multiple tiny rewards.
The second of these is prima facie preferable.


However this idea would still be vulnerable to the following attack:
- set up thousands of xnodes
- find a way to steal fragments (I understand this is only a speculative possibility and that there'll be a way of making this exceedingly difficult... however I can't think further about this without more information)
- steal thousands of fragments, delete nodes, create new ones, build up trust, steal more fragments.

I'm unsure whether this attack will be more profitable than just being an honest node; its feasibility will come down to the details. And, fortunately, you decide what the details are.

The security of the network could well depend on this balance of incentives, which is ok I suppose, but its precariousness is analogous to that of mining competition in bitcoin. A systemic solution to the problem would be preferable.

Any suggestions?


I'd like your opinion on this. Can you think of a way to make XC completely secure?