From: Andrew <onelineproof@gmail.com>
To: Moral Agent <ethan.scruples@gmail.com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Selfish Mining Prevention
Date: Fri, 14 Sep 2018 17:30:02 +0000 [thread overview]
Message-ID: <CAL8tG=kKwjbR4-rOn8K3-=myW5Nx6ugkyPWTTy9c+r0wrA6i0A@mail.gmail.com> (raw)
In-Reply-To: <CACiOHGzZ3VQVDsRdU6wsC+mqYJ6nTa4sm4snqDNTcR6x5XP2=Q@mail.gmail.com>
(reposting to whole list instead of just him) @Moral Agent:
Interesting proposal though it introduces some elements
of proof of stake so it would be more controversial in my view. Also,
something needs to be explained about how this would not create an
attack where difficulty is frequently dropping by 25%, and suddenly we
find ourselves with a very low difficulty and PoW attacks can easily
happen. I need to analyse your proposal more, but I prefer to discuss
it on your blog instead of here just to limit the side topics and
focus only on my proposal.
No one has yet given me a good reason for why not to support my proposal...
On Fri, Sep 14, 2018 at 2:49 PM, Moral Agent <ethan.scruples@gmail.com> wrote:
> You might be interested in an idea I wrote about that is in a similar spirit
> here:
>
> https://medium.com/coinmonks/taming-large-miners-with-helper-blocks-6ae67ac242f6
>
> From the article:
>
> When a block is solved, it randomly selects one satoshi from the utxo set
> and gives whomever controls that satoshi the power to generate a “Helper
> Block”. The Helper Block commits to a subset of transactions for inclusion
> in the next block. A miner can accept the Helper Block by including the
> suggested transactions and giving the associated transaction fees to a
> payment address specified in the Helper Block. Miners who do not use a
> Helper Block must satisfy a 25% higher difficulty.
>
> On Fri, Sep 14, 2018 at 9:56 AM Andrew via bitcoin-dev
> <bitcoin-dev@lists.linuxfoundation.org> wrote:
>>
>> I discussed this more at bitcointalk:
>> https://bitcointalk.org/index.php?topic=4998410.0
>>
>> The attacks I'm interested in preventing are not only selfish mining
>> and collusion, but also more subtle attacks like block withholding,
>> and in general anything that aims to drive out the competition in
>> order to increase hashrate fraction. I also scrapped the idea of
>> changing the block subsidies, and I am only focuses on fees.
>>
>> You can read more about the motivation and details in the bitcointalk
>> thread, but my proposal in short would be to add the concept of
>> "reserve fees". When a user makes a transaction, for each txout
>> script, they can add parameters that specify the fraction of the total
>> fee that is held in "reserve" and the time it is held in "reserve"
>> (can set a limit of 2016 blocks). This "reserve" part of the fee will
>> be paid to miners if the hashrate rises. So if hashrate is currently h
>> and peak hashrate (from past year) is p, then for each period (1 day),
>> a new hashrate is calculated h1, and if h1 > h, then the fraction
>> (h1-h)/p from the reserve fees created in the past 2016 blocks will be
>> released to miners for that period (spread out over the 144 blocks in
>> that period). And this will keep happening as long as hashrate keeps
>> rising, until the "contract" expires, and the leftover part can be
>> used by the owner of the unspent output, but it can only be used for
>> paying fees, not as inputs for future transactions (to save on block
>> space).
>>
>> This should incentivize miners to not drive out the competition, since
>> if they do, there will be less of these reserve fees given to miners.
>> Yes in the end the miners will get all the fees, but with rising
>> hashrate they get an unconditional subsidy that does not require
>> transactions, thus more space for transactions with fees.
>>
>> I can make a formal BIP and pull request, but I need to know if there
>> is interest in this. Now fees don't play such a large part of the
>> block reward, but they will get more important, and this change
>> wouldn't force anything (would be voluntary by each user), just miners
>> have to agree to it with a soft fork (so they don't spend from the
>> anyone-can-spend outputs used for reserve fees). Resource requirements
>> for validation are quite small I believe.
>>
>> On Sat, Sep 1, 2018 at 12:11 AM, Andrew <onelineproof@gmail.com> wrote:
>> > As I understand, selfish mining is an attack where miners collude to
>> > mine at a lower hashrate then with all miners working independently.
>> > What are the current strategies used to prevent this and what are the
>> > future plans?
>> >
>> > One idea I have is to let the block reward get "modulated" according
>> > to peak hashrate. Say p is the peak hashrate for 365 periods (1 year)
>> > consisting of 144 blocks, h is the hashrate of the last 144 block (1
>> > day) period, and r is the base subsidy (12.5 BTC currently). You can
>> > then make the max block reward 0.5 r (1 + h/p). So if hashrate is at
>> > peak you get the full reward. Otherwise you get less, down to a min of
>> > 0.5 r.
>> >
>> > If miners were to collude to mine at a lower than peak hashrate, then
>> > they may be able to do it profitably for 144 blocks, but after that,
>> > the reward would get modulated and it wouldn't be so much in their
>> > interest to continue mining at the lower hashrate.
>> >
>> > What flaws are there with this? I know it could be controversial due
>> > to easier mining present for early miners, so maybe it would have to
>> > be done in combination with a new more dynamic difficulty adjustment
>> > algorithm. But I don't see how hashrate can continue rising
>> > indefinitely, so a solution should be made for selfish mining.
>> >
>> > Also when subsidies stop and a fee market is needed, I guess a portion
>> > of the fees can be withheld for later if hashrate is not at peak.
>> >
>> >
>> > --
>> > PGP: B6AC 822C 451D 6304 6A28 49E9 7DB7 011C D53B 5647
>>
>>
>>
>> --
>> PGP: B6AC 822C 451D 6304 6A28 49E9 7DB7 011C D53B 5647
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
--
PGP: B6AC 822C 451D 6304 6A28 49E9 7DB7 011C D53B 5647
next prev parent reply other threads:[~2018-09-14 17:30 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-09-01 0:11 [bitcoin-dev] Selfish Mining Prevention Andrew
2018-09-13 23:19 ` Andrew
2018-09-14 14:49 ` Moral Agent
2018-09-14 17:30 ` Andrew [this message]
2018-09-14 18:00 ` Moral Agent
2018-09-15 5:29 ` Damian Williamson
2018-09-15 16:01 ` Andrew
2018-09-15 22:45 ` Damian Williamson
2018-09-16 23:20 ` Eric Voskuil
2018-09-17 13:18 ` Andrew
2018-09-17 15:40 ` Eric Voskuil
2018-09-17 19:36 ` Eric Voskuil
2018-09-17 14:09 Zawy
2018-09-18 20:26 ` Andrew
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAL8tG=kKwjbR4-rOn8K3-=myW5Nx6ugkyPWTTy9c+r0wrA6i0A@mail.gmail.com' \
--to=onelineproof@gmail.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=ethan.scruples@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox