Messages

1

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 19, 2018, 10:14:39 AM »

Unfortunately you havent proven anything new here, and most of this is incorrect.

A 51% attack would require more than 51% of the CPIDs, that was the statement I wanted you to make and you didnt.  Its literally impossible.

They cant fork off to another branch because of setbestchain, no client will follow that branch.

You discount the hardness to maintain a CPID with RAC.  Its not easy, try it, it takes a full node 1 day of work to get enough rac to be in the block.

Shuffling 250 transactions, Im sorry, wrong terminology, not possible, not related to what is in our code.  We deliberately only have left two fields in the getblockhash that can change the hash: nonce and timestamp.  Timestamp has an allowable window of 5 minutes in either direction from getadjustedtime, meaning we only allow 300 values (in seconds).  Nonce is limited (CheckNonce()) to 250 HPS globally.  You cannot submit a block to our network with a nonce > 251 for a block that is less than 61 seconds old.  Transactions have nothing to do with it.  This is indeed a security feature, and affects the conversation by 90%.  This alone + DGW prevents a 51% attack.  Were basically allow 99% of the hashes to pass through biblepay with no effect when they exceed the noncelimit.  To discount this effect to zero would be like ignoring the cornerstone of the building, its absolutely relevant as part of the base calculation for a 51% attack.

Regarding security expert, I am still working with Martin, but any real security expert is invited to take a look at the POW code, Im confident we are much more secure than the average POW implementation with the CPID restriction and the nonce limit in place, but this person will have to admit the weaknesses inherent in POW in the first place and make an honest comparison, not one that is biased towards removing the credibility for the other facets of PODC.  I admitted where the risks were in PODC, and Im basically telling everyone, we know the SQL database inside Rosetta is the weak point.  Lets find a way to create a tamperproof pill bottle for it, and make it more reliable.  I continue to say, I would rather live with Rosettas quirks than the current bitcoin status quo where 93% of the heat miners are now hogging the rewards and we have no control over upgrades.  Its a disaster, whereas PODCs environment is quite favorable.

If you're not hashing transactions; then how can you even verify the transactions within an announced blocked were actually mined and not just announced by someone using the same hash? If you don't hash the transactions all your block chain is getting consensus about is the timestamp and nonce... except that in the current source the hashMerkleRoot also get's thrown in to the block, which  can be changed by shuffeling/adding/removing  transactions.

51% of CPIDs isn't required, unless magnitude constitutes discounted hashrate, in which case you'll have PoL, in which case you'll get the same problems as with PoL;  just build up magnitude and spend it all at once to get a row of blocks.

Furthermore, the "best chain" is the longest chain, the whole point of a 51% attack is to become the best chain by outpacing the other chain.

2

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 18, 2018, 04:05:45 PM »

Im flabbergasted that Im still talking to you.  Your credibility is really close to zero.

First, they cant announce their CPIDs, because you cant sign a CPID unless you own it.  So thats incorrect.  They can just share 5 across 10,000 machines and watch for the last used cpid.  It gets them nowhere.  Why would it?  Its just the legal way to heat mine across 5 cpids? So what.  Its not going to last as the reward is too low.  Its not a 51% attack vector!  You dont even know what that means.

Next, if we have the 12000 machines from the botnet sharing the 5 cpids, now what we have done is limited those 12000 machines to 1/5th the size in hashing power, (because only one botnet machine can solve a block every 5 blocks).  Which, will in itself not be sustainable for long periods, becuse the reward is too low, but even if it did, all that would do is lower our botnet average difficulty to 1000 from 5000.  What are they achieving?  Nothing.   But I just proved it *increased* security vs. the bitcoin model.  (With your own example).

You said I cant limit hashes?  Incorrect.  We do limit hashes in prod.  A block hash can only change with a timestamp or a nonce change.  Its more work to create a new block than update its hash (so much more work, that its not worth recreating a block for every hash change).  So now you are limited to 250 nonces per second, Or a timestamp change.  We have a timestamp limiter in the code, meaning that is not a vector.  So yes, we do limit the hashes per second.   

Because the person mining the block can decide what transactions can be in it, he can just fork off the main branch and undo transactions... The whole point of a 51% attack. So even if he couldn't get his hand on 5 CPID's which is trivially easy.

So the goal of the attacker isn't to get those coins, it's the goal of the attacker to race the main branch so they can un do transactions and thus double spend their coins. I know very well what a 51% attack is thank you very much.

Further more shuffeling around transactions every 250 hashes isn't a limitation, it's merely a simple shuffle attackers could easily create just 100 transactions each block to shuffle around a bit, thus changing the outcoming hash (even without being able to change the nonce).

I don't know why I'm even arguing with you either, it's not like you're going to listen. Maybe you should ask a security expert about this stuff, I would be dumbfounded if there's any security expert willing to go on record saying that this is even remotely safe for a crypto currency.

3

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 18, 2018, 10:55:39 AM »

Ok conversation has improved slightly, thanks.

This vector is not possible because the Botnet would funnel all power to one cpid, then after they solve block #1, they will be unable to solve block 2,3,4, or 5.  (Because we have a rule in now that enforces Distinct CPIDs per set of 5)....   There will be a one in 1000 chance for each distinct researcher to jump in and solve block #2, partially because we limit each individual miner to 250 hashes per second (in prod now).  Yes I agree that botnet could then switch to CPID #2, but that  would raise difficulty up (as it is now, to 2500) choking themselves, and as I mention, our low nonce rule is Global:  Its not per machine - so You or anyone globally cannot solve a block at a rate of more than 250 HPS.  Meaning that each and every block gives the other 1000 participants a very high chance, a higher chance than your run of the mill crypto to solving that block.

Low Nonce + DGW + More private hashing = Lower volatility

It is a true statement that if a botnet were to attempt to share CPIDs, they would no longer be able to carry a 93% domination level....  Because we require distinct CPIDs per set of 5..... (CPIDs with magnitude....)

Bottom line is you should realize the setup here:  this ecosystem is safer than bitcoin...  in regards to 51% attacks...

So they'll need 5 CPIDs not really solving the problem just making it a little harder. Even still they could just announce other people their CPIDs.
Also you cannot limit hashes/s, only valid blocks get announced therefor hashrates are not public knowledge, changing that 250 to a 250000 is trivially easy.

4

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 18, 2018, 10:26:56 AM »

No.  I don't lie, and this is not about me.  Stick to the subject, and admit you were wrong about the 51% vector.
We have 12,000 miners now mining 202 blocks per day.
In the future, we promote CPID mining.
We will have 1000 miners (those are people that have access to the CPID signature), mining on controller wallets.
A reduction of 90% of the hashpower, means the POW difficulty will drop to Exactly its average.

All additional hashpower requires a SIGNED cpid.  With magnitude.  Meaning there is No random hashpower, which means we have a Decrease in volatility to the coin, and hence its risk. 

Therefore your analysis for a 51% above is incorrect.

Yes and when 90% is off mining Rosetta@Home by simply sharing a single CPID with magnitude the botnet will mine with full capacity simply funneling their hash power through a single CPID giving them a huge advantage.

Yes the dificulty will drop indeed, but that's my whole argument, lower dificulty = easier for bot net to mine. Even with this "DGW" thich will do nothing but make the botnet have a single CPID. They could also just use CPID of other accoutnts and use that in their block, the blocks would still be valid; they wouldn't get a reward but they'd still only need 5.1% (relative to current hashrates) to launch a double spend.

I won't concede my argument, because it's a good argument, it is not an argument from authority, it is not a fallacy it is math.

5

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 18, 2018, 09:53:46 AM »

I do.

Well please enlighten me with which top 50 crypto project you have been working and what your contribution has been, which of their developers did you work with?

6

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 18, 2018, 09:34:11 AM »

No sir, you dont know what you are talking about, because you are confusing reward levels with decreased security, while security has a 1:1 relationship to how much hash power is supplied against the front line network at a given time, and you continue to disregard DGW.  Do you have any experience with any of the top 50 cryptos, such as having multiple developers working for you?

Dont mislead our investors, and dont snap back and speak to me that way.  You've been warned.

"Do you have any experience with any of the top 50 cryptos, such as having multiple developers working for you?"
No, neither do you.

Stay classy Rob.

7

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 18, 2018, 09:11:07 AM »

There are no questions on bitcointalk from investors.  Burito is not an investor and that would be "singular".

I think what we have in the PODC testing room is better than we have in prod, since the status quo, has let us down, and we are sharing 93% of our emission with a botnet.  Id rather start by sharing it with 2000 boinc network cancer researchers, and making a major effort to ensure the security stays.

As I said once, it would be better to be hacked once a day inside Rosetta than we have currently.

I will say this:  the latest post from Swongle is 70% accurate this time, so I will not delete it, instead I will ask him if hes willing to help us make PODC the defacto standard, a highly secure consensus algorithm for blockchains, this way Biblepay could address the remaining 1% concern that he posts. 

I am dissapointed at the last part of the post, about his biased view of 51% attacks however.  If we are going to talk about this, we need to be neutral, and not spread FUD.  He knows that every coin is subject to 51% attack risk, and disregards the fact that a limited subset of miners with DGW in front of it is more secure than the unfair supermajority existing in bitcoin today.  Its redicules, to make those assertions and be taken seriously.

Yes 51% attacks exists in any coin, only you propose to make the required CPU-power only 5.1% by asking 90% of the cycles to go to non-direct blockchain related workloads. Don't patronise me, I know very well what I am talking about, you might disagree with me but that doensn't make you right. I will help you with PODC by telling you, don't implement PODC in this way, and I have told you this often with valid reasons.
 

8

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 16, 2018, 02:45:32 AM »

Since you won't accept my arguments regarding Cerntralisation or even about lowering the amount of hashes needed, here's a few more:

There's ASICS doing protein simulations / folding already:
https://en.wikipedia.org/wiki/Anton_(computer)

BOINC themselves are talking about "reducing the likelyhood of results and credit falsification" signifying that this is a problem that cannot be solved but is merely counteracted in a patchy way:
https://boinc.berkeley.edu/trac/wiki/SecurityIssues

GridCoin isn't considered a good implmentation of crypto by many hackers (not the evil kind):
https://news.ycombinator.com/item?id=8962896

Additionally, If a 51% attack is successfully executed (which will be much easier but even if you don't consider to be true), one can prevent new CPID's from joining the network simply by not allowing any CPID announcing transactions in to the network, there would be no incentive for miners to mine CPID announcing transactions other than for the good of the network (which isn't reliable enough for crypto).

9

Archived Proposals / Re: Proposal: Proof-Of-Distributed Computing as major reward algorithm

« on: February 10, 2018, 12:43:26 PM »

I oppose this proposal, I have given numerous reasons in the test net forum and on the BitcoinTalk forum.

In summary; my biggest concerns are as follows:

Less CPU protecting the network:

There is a finite amount of CPU resource currently working in order to protect the Bible Pay block chain by mining Bible Pay, the new algorithm for Rosetta@Home will not protect the block chain but would still get 90% of the current PoW rewards.
It follow that in a rational economy 90% of the current CPU resources will towards Rosetta@Home, therefor 90% of the CPU resources protecting the block chain will no longer be protecting the block chain.
It follows that a 51%-attack which requires 51% of the mining capacity will become 10 times less, making the amount of CPU power required for someone to launch such an attack 10 times less.

Effectively making it 10 times as easy (and therefor 10 times as inexpensive) to launch a 51% attack against Bible Pay.

Centralisation:

Rosetta@Home is a organisation to further scientific research, their point system is designed to be a novel way to gamify the donation of computing resources for scientific research. These points were never designed to hold any value, the people managing these points do not have protocol in place against black mail, corruption or fraud.
Nor has the organisation of Rosetta@Home accepted any responsibility for holding this position of trust.


Considering these facts I purpose we look in to different solutions for the problems currently being faced.
We cannot risk the network and in extension thereby the continious donations to orphans due to these facts.

10

TestNet Discussion Archive / Re: BIBLEPAY -TESTNET TESTING THREAD-Proof-Of-Distributed-Computing(Cancer Research)

« on: February 07, 2018, 03:36:23 PM »

FoldingCoin - HackerNews
https://news.ycombinator.com/item?id=8962896

Gridcoin - The Bad
https://web-in-security.blogspot.ca/2017/08/gridcoin-bad.html
https://github.com/Erkan-Yilmaz/GRC/issues/34

How does GRC "securely" reward BOINC computations?
https://www.reddit.com/r/gridcoin/comments/5w4v4i/how_does_grc_securely_reward_boinc_computations/

"nevertheless destroyable by a malicious actor with reasonable funding, since it relies on a centralized service to distribute its data."
"there is some concern about Gridcoin's dependency on a second outside network (the various BOINC projects and statistics collections and so on) which could be an issue for people who believe that it negatively impacts Gridcoin's decentralization as compared to Bitcoin, which has no such external dependencies."
https://bitcoin.stackexchange.com/questions/37276/why-cant-bitcoin-switch-over-to-gridcoins-proof-of-work-system

Gridcoin vs Golem
http://www.natesimpson.com/blog/archives/2017/05/21/why-gridcoin-beats-golem-hands-down/

===

I definitely see Swongels point and agree with his reasoning about decentralization,

But also going along that line of thinking, how truly decentralized is Bitcoin?
Theres a group of devs called Bitcoin Core that control commit access,
theres no inherent way to pay the Devs from Bitcoin itself and so they get funding from outside investors/donators that most likely have strings attached,
theres also the issue of mining becoming more and more centralized with ASICs with a few major players/groups controlling the majority of the network hash power,
Is Bitcoin decentralized?

How secure is the hardware that runs miners and nodes and wallets? Are there government backdoors built in?
How many people actually read the code that gets added to Bitcoin, How many have the skill to understand it?
Could someone pay off/bribe/blackmail all the Bitcoin devs?
Could someone hack 51% of Bitcoin's 11,000 full nodes?

Could a supercomputer come about that makes SHA 256 obsolete? How soon would we know about it?
What if the internet and computer use becomes extremely censored and monitored?
What happens if electricity across the world gets shut down?
What if the government prints more money and buys 51% of the currency?

How much does the average cryptocurrency investor or average person truly understand and care about 100% decentralization?
Ethereum vs Ethereum Classic, Ripple vs Stellar

Also its kind of funny, whenever there are any issues in the crypto space (coin fork/clone, trade scam, coin scam, exchange scam, etc),
theres tons of people who want the government to step in or want to add regulation

Is rewarding scientific research worth the risk of some centralization?
Is there any way to reward science research without centralization?

Im still quite new to cryptocurrency and I only know a little, just thinking out loud, I look forward to learning more!

I think the mining cycles going towards research is pretty awesome,
though I am also slightly worried about potential security concerns,
but Im down to see how it plays out.

Hi Togo,

I'll gladly answer some of your questions:

But also going along that line of thinking, how truly decentralized is Bitcoin?

"Theres a group of devs called Bitcoin Core that control commit access,
theres no inherent way to pay the Devs from Bitcoin itself and so they get funding from outside investors/donators that most likely have strings attached,
theres also the issue of mining becoming more and more centralized with ASICs with a few major players/groups controlling the majority of the network hash power,
Is Bitcoin decentralized?"

How do get open source developers paid for their work?
First of all I'll give you a link to a Wikipedia going into detail: https://en.wikipedia.org/wiki/Business_models_for_open-source_software
But personally I would use the reputation and experience from contributing to Bitcoin software in order to get jobs or provide services to companies interested in deploying Block Chain technology this can be very lucrative. (Companies such as Red Hat and Canoncical run off this business-model).

"theres also the issue of mining becoming more and more centralized with ASICs with a few major players/groups controlling the majority of the network hash power"

Yes, unfortunatly for Bitcoin ASICS make the amount of stakeholders in mining smaller than perhaps desirable, however there are still mutliple miners who all have the incentive to act in a good way there is an financial incentive for them not to join an attack (as they might lose mined bitcoins, Section 6 of the original Bitcoin white paper: https://bitcoin.org/bitcoin.pdf).


"How secure is the hardware that runs miners and nodes and wallets?"

Software security is defined by against which threat-model a system is protected, all Intel processors for instance contain Intel Managment Engine allowing for anyone with the key to take over.  However Bitcoin is ported to many different hardware types, hardware wallets running open-hardware MIPS processors for instance would be incredibly hard to remotely exploit. Nevertheless security will and can never be completely guarenteed (anyone who does lies), however this doesn't mean all threats are equal.

"How many people actually read the code that gets added to Bitcoin, How many have the skill to understand it?"

Many people have read the original Bitcoin client source code and audited it, however Bitcoin is not software it's a protocol; there are multiple implementations audited made by different people. Most are open source, some are not; this however means that the source code cannot be changed by a single person a change in protocol must be implemented by all software implementations of Bitcoin.

Anyone understanding C++ can read the C++ implementation of Bitcoin, there are however implementations availible in Java and Python (read more: https://www.reddit.com/r/Bitcoin/comments/213pxw/what_programming_language_is_bitcoin_written_in/)


"Could someone pay off/bribe/blackmail all the Bitcoin devs?"

Unlikely but not impossible, however if people decide that a new version of the protocol is harmful they can choose to fork (such as Bitcoin Cash and Bitcoin Gold) this way the coin splits in two with the community choosing which version they like best and choose to use that one.

"Could someone hack 51% of Bitcoin's 11,000 full nodes?"

Yes, one would have to hack 51% of the miners however, these miners all use different software in highly secured environments, if they were to be hacked they'd notice (by missing expected Bitcoins) and look in to the problem. One would have to do a great amount of hacking in order to get 51% of all the mining capacity hacked. (in contrast to just 1 instance when using a centralised system).


"Could a supercomputer come about that makes SHA 256 obsolete? How soon would we know about it?"

This is a really hard problem in Computer Science/Maths called P!=NP, In short all modern encryption and computer security depends on this rule being true. Breaking SHA256 (I would interpret as making it trivial to reverse the hashing operation) would have huge implications to all systems (not only crypto currency, but traditional finance, government, armed forces, etc.)


"What if the internet and computer use becomes extremely censored and monitored?"

If this happens, finance is no longer of importance, freedom of communication is a basic human right worth more than any monetary amount will ever be.


"What happens if electricity across the world gets shut down?"

Solar panels and wind mills will get more expensive, money will dissapear (I personally use very little cash these days anymore with electronic payment systems being wide spread). https://www.quora.com/What-percentage-of-the-worlds-money-is-digital


"What if the government prints more money and buys 51% of the currency?"

Crypto prices will rise during this buying, unless 51% chooses to sell their crypto for now useless and inflation torn fiat currency this cannot happen. https://www.economicshelp.org/blog/634/economics/the-problem-with-printing-money/


"How much does the average cryptocurrency investor or average person truly understand and care about 100% decentralization?
Ethereum vs Ethereum Classic, Ripple vs Stellar"

Less than they should, decentralised trustless consensus is the basis on which crypto currency is built. How many people understand encryption? Very few, many profit from it though removing encryption from online banking for example would negatively impact all users.
That's why people like me very much try to make noise when such a thing is planned.
People holding Bible Pay share my interest of keeping the coin decentralised regardless if they understand the underlying technology, if you're interested about why this is important I recommend reading the original Bitcoin white paper of watching a video going through it in layman terms. For example: https://www.youtube.com/watch?v=l9jOJk30eQs


"Is rewarding scientific research worth the risk of some centralization?"

No, this update might very realistically destroy the network which will have as a consequence that people will stop mining which will not only destroy the coin and take away money from orphans it will also make the added amount of compute power to research dissapear.

"Is there any way to reward science research without centralization?"

Yes, we could for example set another tithe for scientific research and donate the money to the project directly via the decentralised charity committee (master node voting). Directly rewarding researchers and allowing them to best allocate the funds to help scientific research.

I hope these answers clear up some of the questions you and others may have about this change and why there's a need to keep crypto currency decentralised.