Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: [ANN] Maieuticoin [M] | OFFLINE STAKING | Maieuticoin Mobile | Android | Windows
by
notsoshifty
on 27/09/2014, 06:21:08 UTC
Quote from: MMXIV on September 27, 2014, 05:37:05 AM
The private keys aren't stored or saved. Once the private keys are loaded they are never checked again. When you use an exchange, you use their Private Key. When you stake with us, you are using your Private Key, not your address. So yes, it requires trust in me to handle it from the submission to the entry, but after that it will be very, very hard to even figure out where they are held. I've proven I am trustworthy by sending out several thousand dollars worth of miners for our raffles

Again, exchanges require you trust them without having the Private Key for yourself. You simply use a rented address. With us, you still have the Private Key, which means you could use that, combined with the address, for cold storage that continues to stake. Exchanges also do not stake if they are smart and using proper cold storage

The staking clients are on nodes that only connect to the seednodes and reject untrusted nodes across the network. They are only visible to mainnet in a second tier of IPs. The peers of the peers is the only way they are even seen and you won't find the IP of any of the staking nodes in your peerlist. If they do try to connect, they will appear as rejected, much like if it was it was a node from another blockchain being kicked out. We do not control all of these nodes. They trust explorers, multipool, exchanges, and other trusted peers

Over 60% of the network is now staking, spread across many, many nodes, which means you can't even buy enough on an exchange to attack it. There is no Proof of Work to utilize for an attack, either

Using us requires less trust than sending your coins to an exchange. To opt out, all you have to do is move coins to a fresh address

On the storage of keys: If private keys are required to sign PoS blocks by the staking clients then they are clearly being stored/saved somewhere on those clients. In memory, on disk in a reversibly encrypted form, etc - they're still out there. (Not to mention being sent unencrypted in a web form over the Internet). Or am I missing something??

On trust issues: You've accepted that this system requires trust in you. No matter how trustworthy you've been in the past, requiring this much trust in any person should raise alarm bells.

On network security: Putting a layer between virtual staking clients and public mainnet is a sensible approach, but you should accept that it isn't possible to 100% prevent unauthorised access. (And using phrases like "I assure you, though, our blockchain will now not ever be compromised", and wanting "third party peer validation that our blockchain is entirely secure" are clearly nonsense)

On blockchain security: You haven't addressed the point about >50% of the staking power being controlled by a single group of people, and the implications of this on overall blockchain security?