From: "pool2win" <kohli@ctemplar.com>
To: zmnscpxj@protonmail.com, bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Braidpool: Proposal for a decentralised mining pool
Date: Mon, 13 Sep 2021 08:03:42 -0000 [thread overview]
Message-ID: <06d43253aa86489989352c0dfa2bcf8e-kohli@ctemplar.com> (raw)
In-Reply-To: <CAO1K=nmhhMuisAXdddC1OSDUP2q8XsQjAUO4CVnyx8+BBvvwTw@mail.gmail.com>
Hi Filippo,
If a malicious miner, M broadcasts {m1, m2 ... mn} at a regular interval, *and* also broadcasts {m1*, mn*} where mn* is bitcoin block then M will cheat all other miners of their reward. You correctly identified this attack. The problem stems from the fact that I wanted to use the bitcoin block as the sentinel to mark the shares from the DAG that need to be rewarded. There's a few approaches we can take here, but I think the best one is that the hub broadcasts a "sentinel" to mark out the point in logical time up to which shares will be rewarded.
m1* <-------------------- mn*<--------+
|
m1 <----m2 <---m3 <-------------------+
^ ^ ^ |
| | | |
| | +-----------+ |
| | | |
| +--------+ | SENTINEL
+-----+ | | |
| | | |
a1 <------ a2 <-----a3 <------+
In the above diagram, when hub receives mn*, the bitcoin block to be rewarded, the hub has also received {m1...m3, a1...a3} and therefore rewards all those shares and broadcasts this logical time to the p2p by sending a sentinel announcement.
This solution will also scale to the multiple hubs construction, as each hub will define their own sentinel and the miners working with each hub can independently verify their shares are being correctly rewarded. The solution also handles the case where M is not referencing any other shares.
The above alternative, might also answer your question about why we need to build a DAG. With a DAG we can capture logical time. Without a DAG, the above solution will require the hub to announce the hash of shares from each miner that have been rewarded.
I really appreciate you taking the time to go through the proposal and pointing out the attack. I hope the above solution addresses your concerns.
Thanks and best regards
pool2win
next prev parent reply other threads:[~2021-09-13 8:03 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-06 10:15 [bitcoin-dev] Braidpool: Proposal for a decentralised mining pool Prayank
2021-09-07 23:38 ` ZmnSCPxj
2021-09-08 10:03 ` pool2win
2021-09-10 9:30 ` Filippo Merli
2021-09-11 1:09 ` ZmnSCPxj
2021-09-11 7:54 ` Filippo Merli
2021-09-13 8:03 ` pool2win [this message]
-- strict thread matches above, loose matches on Subject: below --
2021-08-29 5:57 pool2win
2021-09-02 6:46 ` Billy Tetrud
2021-09-06 6:23 ` David A. Harding
2021-09-06 7:29 ` Eric Voskuil
2021-09-06 7:54 ` David A. Harding
2021-09-06 8:26 ` Eric Voskuil
2021-09-06 9:03 ` pool2win
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=06d43253aa86489989352c0dfa2bcf8e-kohli@ctemplar.com \
--to=kohli@ctemplar.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=zmnscpxj@protonmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox