Sefish Mining Fallacy - Part 2 (Q&A)steemCreated with Sketch.

in #bitcoin8 years ago (edited)

Question 1: What would a miner gain exactly by aligning transaction positions with other miners? (by elliotolds)

@newliberty: It isn't Monty Haul exactly, but perhaps similarly counter-intuitive for some? He includes scenario where there are double block released given an honest mined block, and probabilities of multiple contingent miners. p(SS|H). Since this category of attacks are miner vs miner, and the attack exists for a finite time for each attacking block, there is conditionality on the interrupt attempt, in much the same way that a missile defense system would work. The CVE-2013-2292 attack has never been launched, however in a Hard Fork scenario, we may see all sorts of corner cases that otherwise wouldn't matter, the vulnerabilities are magnified because it is not just bitcoins from the blocks won at stake but quite a lot more.

elliotolds [4 days ago] @newliberty can you specify exactly which event in the selfish mining algorithm P(SS|H) is supposed to represent? Your comments still don't make sense to me, if possible, refer to the state diagram in the selfish mining paper. show how you think this selfish mining simulation should be changed: https://www.reddit.com/r/Bitcoin/comments/1vxszh/selfish_mine_simulation_in_python/

cryptorebel [4 days ago] I think that simulation is very simple no? And it does not account for the ordering of transaction issue that craig talks about in the paper. a real mining simulation would probably give better results.

elliotolds [4 days ago] why do you think transaction ordering is relevant?

cryptorebel [4 days ago] well it seemed central to the argument Craig was presenting in his paper, just look at page 1 of his paper.

newliberty [4 days ago]
Search order matters in a known data set (UTXO for example)

cryptorebel [4 days ago]
from what the paper seemed to say is that because there are so many factors and latency in the network, each node will always be getting a different ordering of transactions, which results in a different hash, so possibly this is why it makes it more difficult for selfish miners to collude?? If they want to collude, then the ordering needs to be the same which requires extra time and resources resulting in economic disadvantage.

newliberty [4 days ago]
The sighash ordering matters in crafting the attack block for the CVE-2013-2292. In addition to quantity of verification, ordering so that data sought always misses caches exacerbates the time.

elliotolds [4 days ago]
@cryptorebel what paper are you talking about? why would a different hash make it more difficult for selfish miners to collude?

@newliberty why are you linking to a bug (CVE-2013-2292) that only exists in Bitcoin-Qt 0.8.0 and earlier? What specific cache misses are you talking about? Go through the sequence of steps one by one. Also, what is your computer science background?

cryptorebel [4 days ago]
this one: https://web.archive.org/web/20160502203749/http://www.drcraigwright.net/consistency-distribution-transactions/
also it seems Craig is working on a new paper titled "the fallacy of the selfish miner": https://web.archive.org/web/20160502203753/http://www.drcraigwright.net/posts/

newliberty [3 days ago]
2013-2292 is still an unmitigated issue for Core. BU mitigated it in large part in 2016 with Parallel Validation. v0.8 parallized a different issue, not block validation parallization with competing blocks.

elliotolds [3 days ago]
@cryptorebel that "paper" doesn't justify why transaction ordering is relevant, as far as I can see.
@newliberty why do you think transaction ordering matters for this issue?

newliberty [3 days ago]
The CVE issue here is merely a special case of the general case referred to by csw, which also includes selfish mining. TX ordering has effects on search, cache hits/misses. This is a more difficult to meter operation compared to simple number of sighash verifications.

elliotolds [3 days ago]
@newliberty it would be very easy to test the effect of TX ordering on validation speed on a given machine. As far as I know, no one else has ever suggested that cache misses are a significant component of the cost in verifying a block. Even if they were, you haven't clearly described the connection to selfish mining.

newliberty [3 days ago]
The ordering issue is (reputedly) tested, though not published as it remains a risk for some implementations.
TX order is not related to selfish mining in particular. Selfish mining and the CVE I've been discussing here are special cases of the general case which the paper addresses. I'm only raising that issue here as it is one of the reasons some core devs want smaller and not larger max_block_size (or MAX_BLOCK_BASE_SIZE in the latest Bitcoin Core version).

Question 2: Could you (or someone) just explain in words what probability is being referred to by P(SS|H)? Or what condition "|H" refers to? Is it, "The probability that the selfish miner mines two blocks in a row, starting at a time when the honest mining contingent has just mined a block"? what precisely do we mean by SS and H in "P(SS|H)" and when exactly is this claimed to apply within the selfish mining scenarios? (by zbingledack)

Questions to see if any of you know:

  1. What is the condition for "unbounded spread" in Bitcoin? That nodes have an economic incentive to both receive and to broadcast transaction data, that there is no limit to the number of nodes that can join the network (by mwilcox)

  2. How many Giant components does Bitcoin exhibit?

  3. How many edges / vertices are there in the Bitcoin network? Is this directed or undirected?
    mwilcox: Undirected. Each node can send or receive transactions, forward or receive blocks, replace or remove, and can both validate or invalidate blocks by choosing which head they mine on
    csw: Bitcoin is undirected. The Selfish Miner is directed. You cannot use the same maths and assumptions there either. The authors have modeled the SM response as the same undirected network....

  4. What is the Eigenvector of the network and nodes?

These questions are critical, if you cannot answer these, you cannot start to understand the system in Bitcoin. Centrality is good in network propagation, it is not the same as centralisation. I suggest that people read up on this.
Now, what is the Normailised [Closeness Centrality]https://en.wikipedia.org/wiki/Closeness_centrality of Bitcoin?
Between-ness centrality?
Eigenvector Centrality?

Question 3: What is the effect of changing from a Poisson to a Power law network? What is the distance and how does this change centrality measurements?
http://www.complexnetworks.fr/wp-content/uploads/2011/01/these-xiaomin.pdf

In Babaioff (2012) what was the study of Gamma referring to?

How were these findings used in the Selfish Miner paper?
If Bitcoin was degraded to a Small World system, what would change?

If you cannot answer those questions, you cannot even start to answer the assumptions used in SM.

Let's think on Percolation theory...
Is the propagation of blocks and Transactions Subcritical or supercritical or something in between?

What is the Sharp threshold for Bitcoin's Percolation model?

A little more reading:

Smirnov, Stanislav (2001). "Critical percolation in the plane: conformal invariance, Cardy's formula, scaling limits". Comptes Rendus de l'Académie des Sciences - Series I - Mathematics. 333 (3): 239–244.

Next, to go back to why this matters...

The first transaction released is on an open network with large inter-connectivity. It is an SEIR-C model and SIR as a simplification. The nodes that have received a block are not. Once you have received a TX, that node is now immunised from a competing block.

Node response:
1 Receive a valid TX or Block
2 Reject an equal but competing block that comes even a second later

As the nodes reject the new block, they do not forward it

This means that the distance and centrality values for the first node to release are NOT the same as the later ones.

You cannot model the transmission using the same formula and data... Bad assumptions lead to bad models. It is simpler, but wrong.

Question 4: what if all pools are selfish mining ?

Now, if ALL pools selfish mine, then it ends as a cluster fuck. But the model is different again. The economics of all miners doing this are the same if they do not. That is, it is no more profitable than not selfish mining But, a pool member can start to earn by defecting... So, a dishonest selfish miner can make more profit collapsing the system... And the Selfish Miner loses money...Which leaves them to stop Selfish mining

Next, Part 3 - Debate - https://steemit.com/bitcoin/@zillionaire/sefish-mining-fallacy-part-3-debate

Sort:  

Congratulations @zillionaire! You have completed some achievement on Steemit and have been rewarded with new badge(s) :

You made your First Comment

Click on any badge to view your own Board of Honnor on SteemitBoard.
For more information about SteemitBoard, click here

If you no longer want to receive notifications, reply to this comment with the word STOP

If you want to support the SteemitBoard project, your upvote for this notification is welcome!