search

hclivess / verihash

4 stars 1 forks source link

Missing piece #1

Open EggPool opened 5 years ago

EggPool commented 5 years ago

"it simply compares individual hashes to the latest Bitcoin hash and returns the best candidate."

Maybe I'm missing something, but:

This supposes the fork resolution happens for every one at the very same time. That would mean perfect info for every node (every node has all the competing blocks same time - not the case irl or in case if a network split, it's a math. proven impossibility) Then that you query the bitcoin chain same time and get same info (not the case, btc chain can move in between request from A and request from B 1 sec later) Then that btc itself does not fork (it does, so the reference can be orphaned)

So there is no guarantee 2 nodes will end up with the same info and will elect the same winner hash.

hclivess commented 5 years ago

Yes, nodes are not supposed to have all available information, but they can always select the best candidate out of all possible information they have, gradually decreasing the number of candidates to 0. They should be able to do it within 10 mintues, and the project utilizing this should have their own scoring system.

A possible BTC forking would indeed render any resolution to the level of forking happening, but the same goes for Veriblock. I believe good consensus mechanisms should precede any third party solutions that depend on other blockchains.

Thanks for the ideas, I will update the readme again.

EggPool commented 5 years ago

To go on, if you write nothing to the BTC chain, you are subject to made up chains. No way to distinguish a real current chain, made in due time, and a fork that was made on purpose, after the btc hashes are known (vs a network split resolution, were you also have to rejoin 2 splits after some partition)

Only by writing in a chain locked up by a huge hash, you protect against this, because it's - somehow -immutable and a proof of when it was written. Just reading does not help, because then however solid the reference is, you can make up the shit chain way more easily, so the safety is just the one of the weaker one, and you gained nothing but troubles and a new attack vector.

hclivess commented 5 years ago

Yes, this is a valid and serious concern. I will think about ways to remedy this (if possible).

Assumingly, a network split with anchors on BTC network does not mean these splits are resolved, because even when there is a proof, the data may still not be available in a period of time. The 51% attacker could submit proofs to the BTC network without providing data, nullifying any validity of the PoP system.