From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 69F4CE1C for ; Sun, 20 Dec 2015 08:30:39 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f51.google.com (mail-wm0-f51.google.com [74.125.82.51]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id D3C92A0 for ; Sun, 20 Dec 2015 08:30:38 +0000 (UTC) Received: by mail-wm0-f51.google.com with SMTP id l126so34306785wml.0 for ; Sun, 20 Dec 2015 00:30:38 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=0JqSlH1Tb+fB526mdgLG8Zo4wnN6V5VngyP/lBoNfrc=; b=ooKxdbgvC0uI0dAIJyG9+9JlRkxXGWFCW/OaLEXiuOb2VLvDYnTfcsKJevF/9gFZ5l PeoeNLfFpAvsleB7FWEOyUEA/4rehD5XbTLdDQmR9qRJV0QqDDB5EwHFcElJdH9HDyxY C0YaithWs+QFtAa/ZN6kXlHxNKCphazWRO7VAs2DqMVKSNRrareNrubshox4IFtEpEZI SX3W6KZ18D09EvUggnLXQv6gGqciLlsyFZWn+K/VLub28nvkZ1Q61Xrr4G9QFWKqGgDX UEjSqjyd0AG33IbFKzMhWpneyX+nDfepvYS4Y9VM1jrE3oMPIrd742vk0SkFZ5la5lOd ng3Q== MIME-Version: 1.0 X-Received: by 10.28.16.72 with SMTP id 69mr13692089wmq.100.1450600237554; Sun, 20 Dec 2015 00:30:37 -0800 (PST) Received: by 10.194.23.195 with HTTP; Sun, 20 Dec 2015 00:30:37 -0800 (PST) Received: by 10.194.23.195 with HTTP; Sun, 20 Dec 2015 00:30:37 -0800 (PST) In-Reply-To: References: <20151219184240.GB12893@muck> <219f125cee6ca68fd27016642e38fdf1@xbt.hk> Date: Sun, 20 Dec 2015 09:30:37 +0100 Message-ID: From: Natanael To: =?UTF-8?Q?Emin_G=C3=BCn_Sirer?= Content-Type: multipart/alternative; boundary=001a11471346dee1c40527502f15 X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Sun, 20 Dec 2015 15:13:24 +0000 Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] We need to fix the block withholding attack X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Dec 2015 08:30:39 -0000 --001a11471346dee1c40527502f15 Content-Type: text/plain; charset=UTF-8 Wouldn't block withhold be fixed by not letting miners in pools know which block candidates are valid before the pool knows? (Note: I haven't read any other proposals for how to fix it, this may already be known) As an example, by having the pool use the unique per-miner nonces sent to each miner for effective division of labor as a kind of seed / commitment value, where one in X block candidates will be valid, where X is the current ratio between partial PoW blocks sent as mining proofs and the full difficulty? The computational work of the pool remains low (checking this isn't harder than the partial PoW validation already performed), they pool simply looks at which commitment value from the pool that the miner used, looks up the correct committed value and hashes that together with the partial PoW. If it hits the target, the block is valid. --001a11471346dee1c40527502f15 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable

Wouldn't block withhold be fixed by not letting miners i= n pools know which block candidates are valid before the pool knows? (Note:= I haven't read any other proposals for how to fix it, this may already= be known)

As an example, by having the pool use the unique per-miner n= onces sent to each miner for effective division of labor as a kind of seed = / commitment value, where one in X block candidates will be valid, where X = is the current ratio between partial PoW blocks sent as mining proofs and t= he full difficulty?

The computational work of the pool remains low (checking thi= s isn't harder than the partial PoW validation already performed), they= pool simply looks at which commitment value from the pool that the miner u= sed, looks up the correct committed value and hashes that together with the= partial PoW. If it hits the target, the block is valid.

--001a11471346dee1c40527502f15--