Can someone explain, how the new "miners can volunteer to raise their share difficulty"-protocol change works? I don't understand how cheating is prevented.
Can't you just mine in secret and for example find a difficulty 1000 share, and then connect to the p2pool network and send: "hey, my address is 1abcsomething and I'm mining difficulty 1000 and here is a share"?
No because the process is this
1) your miner tells p2pool daemon what difficulty share it would like to look for (it must be min diff or higher)
2) p2pool
PUTS THE DESIRED SHARE TARGET DIFFICULTY INTO THE COINBASE.
3) p2pool creates the block header (which contains a merkle root hash and thus coinbase hash and thus the coinbase values including the desired difficulty
4) miner hashes nonces using values from #3 and finds a share (say it happens to be a difficulty 80,000 share).
5) miner can only submit it ias the difficulty requested in #1 because every other node verifies the work done by every node.
6) if miner "cheats" and alters the share difficulty then the hash is invalid. Changing the coinbase changes the block header and the new block header combined w/ nonce doesn't produce a valid share hash.
One thing to add: only step #1 is new. Steps #2 to #6 have always existed and must exist to prevent cheating as a client could always hack the code. Proper difficulty reporting can never be based on the client.