How does MaidSafe solve double-spending?

First I’d like to apologize. My frustration was only about half with this thread, the rest completely unrelated, so mybad. I normally do a much better job putting my frustrations aside and explaining things. While I still contend most of these questions could be answered with more reading, getting frustrated is not the answer.

Private
Private content will be known to be false instantly. There is no way to fake private content due to how the self encryption + obfuscation + deduplication works.

Public
In order to fake public data there would be a process. See what the public data looks like, make your own “bad” version of it and serve it up in whole to the end user. That would require ALL members of the colusionnew users group to be malicious. Any one member serving up different data than the others will result in garbage. (if at any point the network connects you to 4 members all colluding together, the network is ruined anyway - see the collusion resistance thread on the dev list)

Ownership
I Believe this is where your question really lies, but I put the other info just to cover the bases.
We’re entering the territory of “this is my understanding” and not “this is how it is” here.

Using the idea of consensus chains (which I had forgotten about, thank you) and my understanding that each consensus group is responsible for a single coin, this makes it increasingly difficult mess with. It’s not that a group controls “the coins,” it controls “a coin.” This is an important distinction. You would need to control all 4 nodes for a particular coin in order to steal it. If you only control 3 (which is incredibly hard in it’s own right) then it will get bumped up to the next level of the chain. If there is a problem, it will bump up again. All of this to steal a SINGLE coin. It is nearly impossible to control what group you’re in. So you would have to control a HUGE majority of the network as whole…

To me, this makes it MORE secure than Bitcoin. If you control 51% of the bitcoin network (though that’s hard now, it didn’t use to be) you can control ALL of the network. What transactions go through, redo transactions you don’t like, complete control. With Maidsafe, that percentage is much higher - and with significantly less control over what happens with them.

2 Likes

I think I agree with you and understand almost everything there. It seems that the idea is that sybilling a large % of the network should be very hard. Because if it’s not then you can do very bad things. So now I’m trying to understand exactly what mechanism makes sybilling hard.

In Bitcoin there isn’t really any sybil attack other than a simple DOS attack to prevent you from talking to anyone at all. The Bitcoin 51% attack has to do with hashpower not # of nodes. In Bitcoin sybilling is easy because no node is really required to do any work, so if it was vulnerable to sybil attacks it’d be dead already. I’m still trying to figure out what mechanism verifies and enforces maidsafe nodes to do work so that you can’t easily sybil millions of nodes to take over a large % of the network.

I have to disagree wholeheartedly, this type of thing is neither “criticism” nor “good”. Constructive criticism may be good, but this isn’t it. This appeared to be a guy refusing to read anything, though claiming he had read everything and moving the goalposts of his questions in a very rude manner. I found this irksome and spoke my mind and I will continue to do so, .I have absolutely no idea who “don’t make it a religion and don’t be blind believers” is aimed at or why it was thought relevant to thread, nor do I feel that saying “goodbye” out of sheer exasperation constitutes “trolling”.

I missed much of this thread while travelling. Of that I am delighted :smile: We are not journalists so please everyone lets call each other by our handle or fist name. Irvine says … is not endearing :slight_smile: This will cause grief.

It is false to imagine that only proof of work is a valid consensus mechanism IMHO. A sybil attack in this environment is being able to take over the mechanism for consensus. In Bitcoin it’s 50% of the hashing power, so that can be done in many ways as any sybil type attack on any species or system can. So segment the network for one, that would cause chaos, or get >50% of hashing power etc. Bitcoin has been great and will be for a long time. There are debates all over about what it is, a public ledger, a transaction system, currency, store of wealth, … and more, I know it will not be everything.

So if you can see there requires to be a greater than 50% attack (anything over this is very good, very good indeed). So then how to get >50% or whatever the attack is becomes the issue. If there are 500million nodes and you need another 400million to attack a single coin, then the odds are in our favour. If you think nodes are to easy to create then you may believe this is easily possible. That would make us pretty incompetent an would have an issue easily fixed by a competent person. This is another important point, I have made it before, do not expect a Model T Ford with ABS brakes or a bitcoin blockchain with > 7 transaction per second on day 1 (5 years ago).

The thread referred to earlier does show the attack model is >50% (won’t go into detail, it is above that and being verified at the moment. So then we need to consider off-line attack, the easiest. This would be where you create huge lists (crypto hard) of nodes to try and get 4 close to each other in an XOR space. Then insert into the network. If we only used this single group as a manager then we have another issue (birthday paradox related). Again would be easily fixed by a competent person.

So in a quick reply and until we have time to document properly this part, here is a precis, I hope it helps.

1: A Node creates key pairs (as per PKI paper on wiki)
2: Node inserts into DHT, the 4 closest to this ID insert an agreed placement addition to the key, thereby distributing the node in the DHT to a place not chosen by the node (this kills the off line attack).
3: The network actions are chosen in a manner that requires several of these groups to act on data in a deterministic manner (like reversing the birthday paradox to state which day they share and then stating these sharing must also have another birthday related value that is deterministic and confirmable cryptographically). This is the chained consensus.

There are a huge amount of advances here, such as using the node rank to place nodes in a manner that’s distributed based on average rank per group and some more as discussed previously. Rank itself can weight answers, but that’s a much bigger area to discuss.

I hope you do not see this as hand waving or flannel (some of the top cryptographers did not get bitcoin for many years, scientists did not get relativity etc. it’s not unusual), I am answering lots of people and repeating many answers while being told I need to document much of this better. (so be here and there at the same time) So it’s a no win at the moment. I think many of the community get this process and can see where we are going, I hope you can now a bit better to.

This is an area we have been working on recently a little more and the safecoin has allowed us to re-factor much of the vault complexity. The vault paper does explain the chain of events better than I will here, but it will change and simplify. Best not to focus purely on the network, the access mechanism and encryption are other parts of the circle that are very important. Google scholar has a lot of papers etc. as well which will help a bit.

The most important point is innovation never stops, we are part of an evolving species and new things will be invented all the time. We need to encourage this. I spent a few days talking with bticoin ‘experts’ (a term I detest) and going over much of this with them as well. It is not being evaded in any way. It is not clear as it should be an if we get a tech author it will help a lot. There should be enough to ask a very specific question though and that will help us all.

For very large ranging questions like this, perhaps the hangouts will help as it requires a huge amount of typing and we could document it faster without the many questions. A whiteboard and questions works really well as we can show exactly the processes and math as well.

BTW I like questions a lot and love criticism, to critique something is very hard though and can come across as a blind attack. I think this has happened in this thread. This community has had some troll attacks as well and these are very destructive so awareness is high. This project is to important for many people in this world to ruin it with such things. Hope this all helps in some wee way though.

2 Likes

@dirvine First off, thanks for repsonding. I absolutely don’t think that proof of work is the only valid consensus mechanism and I don’t mean or want this to turn into a debate of X against Y. But everyone knows Bitcoin and it’s helpful to draw anologies to certain aspects of it. It’s also a sort of measuring stick in terms of attack resistance.

Maybe I’m missing something but I still don’t see an answer to what makes it hard to bring on huge numbers of nodes. Or how you establish a decentralized consensus on rank among untrusted nodes.

Nothing will stop people bringing on a huge number of nodes at any cost. Making this hard is the issue. So hard as in bitcoin means expensive (more expensive to attack than what you would get) and the network effect means this number gets hard very quick. I do not think there is any such network (including bitcoin) that can prevent a massive attack from destroying it. Its all in the difficulty. If this has been your debate then I agree, no matter what sheer weight of numbers will eventually win.

This is where we use cryptography and a very efficient DHT implementation (this part has never existed), to:

1: Identify nodes (PKI)
2: Measure the distance from a crypto secured node to another in xor space
3: Use distance from an action (or node, or data element etc.) to evaluate responsibility and authority.
4: Use the non euclidean distance to create a huge network of connected events and groups in xor space (like a 3d connected venn diagram)
5: Where owned malleable data (such as directory entries, coins, contracts, computations etc.) are involved then use signatures as authority to mutate, but only allow the responsible nodes to give this data
6: Use network synchronisation, (this includes accumulate and account transfer as per vault paper in wiki) to ensure the network atomically can mutate any data.
7: Maintain strict deterministic consensus groups to manage a chain of events that complete a ‘transaction’

Hope that helps a little, it does need detail and a doc, there will be a vault paper soon from Greig at the Uni, another paper specifically on consensus chans is also required. It need to identify all the above plus access, account creation and immutable data (self encryption). The problem is the reading required is huge, This is why I like a whiteboard, I have used this with many many professors and industry leaders to go over the whole process. It is huge and very hard to summarise as you may imagine. It’s hard to summarise this, as is bitcoin (i.e. how does the p2p network work in bitcoin (hint it’s not detailed in the paper) as this is an essential part of bitcoin working).

1 Like

Just a side point…

Public data could still be signed, in theory. I am not sure whether this is currently being done, but I don’t see why it wouldn’t be possible. This way, even public data can be verified to be as the author (who can still be anonymous) defined.

This is one of my favorite threads so far. It’s summarizing a lot of stuff I didn’t quite understand while trying to read up on the history of the project.

Started off rocky with a lot of offensive/defensive stuff, but I had a lot of the same questions and the answers are all being summarized well. Thanks all.

5 Likes

Yes this was due to the language used. I see it a lot more now, Irvine is hand waving, Irvine is useless at explaining etc. This is what gets folks backs up on this forum. I agree and would hate to see others spoken about like that, its not the community we want. I did note this discussion went straight on bticointalkforum which did lead to our old troll pal chiming in attacking again. So I do not think there was trolling, but can understand completely why folk thought there was. This is a huge problem for public forums and is crazy as it is the free speech we want, just without the nutters :slight_smile:

1 Like

Lol, yes, I did have my hackles raised but nobody got hurt and people got informed…so result! I’ll try to refrain from getting defensive and being trollfinder general in future though (I’ll try.no promises…lol)

3 Likes

I moved 4 posts to a new topic: Question for David (@dirvine)

(Maybe this should all be in private conversations but for now I split it off to separate thread in off-topic)

1 Like

There are stupid troll topics and then there are technical topics (albeit maybe worded aggressively or with an undesirable tone). As a non-techinical(-ish) person who supports the ideas behind Maidsafe, I actually want it to be attacked on these grounds, technically that is…I want to see it to go through the fire. Bitcoin survived the same skepticism, if not worse – this is expected, in a public forum no less.

The cryptocurrency space is rife with scams, and is only natural that people remain skeptical. I would argue it is beneficial. People want to see these ‘attacks’ won – not evaded, especially early on when there is not much proof yet beyond whitepapers. At this stage, this is what builds trust and support.

In essence, let’s make sure we’re not throwing the beneficial topics(baby) out with the real troll topics (bath water). :smile:

1 Like

I agree, but there is a balance. I spend a huge amount of time trying to answer points raised and this is great when points are actually quizzical and intrusive into the tech. Its hard to encourage somebody to win a race or competition by using slander or foul language and asking them to die (all in caps).

So with limited time I think we need to be as encouraging as possible in finding answers. That is all Engineers and innovators do, find answers. Doing so in a sea of hostility is very harmful. So yes critique and debate by all means is to be encouraged, improper language and insults in my opinion should be quashed. It would not happen in person I am 100% sure of that.

I for one would welcome all efforts to ensure we have critique, debate and morality with a helpful dose of scepticism where appropriate.

1 Like

I completely agree with you here, as it’s obvious nothing is foolproof, everything has failure modes. What I’m trying to determine, as precisely as possible, is what are the failure modes of maidsafe. With Bitcoin you simply need to spend the same amount of money as all the other miners (nothing to do with nodes) plus initial investment. So I’m not asking if a hard attack can affect maidsafe but how hard does it need to be. Thus why I was asking about how hard it is to sybil.

Specifically: what makes it hard to start brining on tons of nodes into the network? What is the mechanism that makes this expensive?

1 Like

This was answered specifically earlier in this thread. Read my first answer again please.

here we go again…I’d stop trip trap, trip trapping over this bridge now to be honest.

I reread your first answer but I still don’t see anything that specifically mentioned how hard it was to bring on a new node. To be clear I don’t mean hard as in “how hard is it to bake a cake”, but hard as in how expensive is it (assuming the node does the minimum necessary), and does that vary in any way depending on anything.

The closest I found was this, but it doesn’t realy have any details on how expensive that would be.

2 Likes

Min stored data, rank, placement on net and as much as we wish really. There will be a minimum level of work to be valid, this with rank makes it more difficult. Calculating this by the network is key. There are many ways, rank is key though. Having these calculated is also important, it’s only a joining process,

Not hard at all, nodes go into a non routing table to begin with, so no rank etc. This is not “wishy washy or handwavy” as you describe and it is not a difficult part of the process. The hard parts are self auth, self encrypt and consensus etc. The proof of difficulty will be published with math proofs for these parts as they go live. It will all be discussed in great detail in hangouts papers and docs, it just will not happen all at one point in space and time. safecoin has made much of this easier, but different from the existing code if you look there.

TL;DR You will need millions of computers or virtual machines (over 61% of the network population for a chain of 2). If you are looking for a detailed doc on this with safecoin in the mix then it does not exist yet.

3 Likes

TCP connections are cheap, so a single malicious host can in theory masquerade as tens of thousands of simultaneous nodes in a network. A small botnet of such hosts can easily build up millions of nodes in a single network.

Bitcoin fixed this with proof-of-work, which can be regarded as a special case of proof-of-resource: a limited physical resource has to be used up as proof that it’s not being progammatically duplicated. Unfortunately, in the case of CPU time, it’s extremely wasteful. This is especially true when increasing mining difficulty means there are more wasted resources to achieve the same goal, not to speak of the economic factors that lead to network centralisation (the number of actual miners in Bitcoin is decreasing, since only solo miners and mining pool operators are, technically, miners).

There must be a better way, and I hope MaidSafe provides one.

Writting data to any volatile or non-volatile memory is using a limited resource, however it should not be considered proof-of-resource until the node can prove that it has done so, and that it carries on doing so until told otherwise by the network. This is a tricky problem, but I think it’s doable, and I’m looking forward to seeing more details on MaidSafe’s implementation of this.

Exciting times ahead, no doubt.

Edit: Not to be pedantic, but in a technical discussion we should use the right terms. Bitcoin’s 51% attack is not a Sybil attack, since it can be achieved with a single (computationally very powerful) node. A Sybil attack by definition involves a large amount of ‘pseudo’ nodes under the control of a single attacker, normally made possible when creating such nodes is trivial, which is what we’re trying to prevent here with proof-of-resource.

2 Likes