Risk of Safecoin making the SAFE network fragile

It would be fairly trivial today, for example, to attack the network by building a bunch of Amazon nodes for a few minutes of time… overwhelming the network with nodes that deliver value to the attacker, fake confirmations, etc. You’d only need to spin up those nodes for a few minutes to do an immense amount of damage.

Farmers, on the other hand, derive value over years of service. You cannot expect them to react quickly.

Bitcoin is comparatively safe because the cost of “spinning up a bunch of miners” is very prohibitive. The cost is deliberately made harder, so that Bitcoin miners cannot have real utility - but provide safety. I think it’s obvious that “proof of resource” is cheaper to forge than “proof of work”.

But does that matter? Is that really what MaidSafe is for? Heck no. MaidSafe is, ideally, a reliable and affordable replacement for protocols like “http”. The need for this is enormous, and the growth potential is huge. I would never disparage SafeCoin. But just don’t be under any illusions that it competes somehow with PoW coins like BitCoin. It is not a “store of value” … it’s a “store of resource value”. Which is limited, but still very valuable, and probably far more valuable than its current pricing levels.

Someone clever could probably come up with a maximum valuation model that computes the cost of a 75% attack vs the reward of that attack using commodity cloud services.

1 Like

New nodes have no reputation though - it is the reputation that is the stake with safenet. Sure, you can spin up a bunch of nodes quickly, but it will take time for the network to trust them (to give them a good reputation).

4 Likes

maybe give this a read http://blog.maidsafe.net/2015/01/29/consensus-without-a-blockchain/

2 Likes

Good Point , and what a difference it will make …

This could be true, but it has nothing to do with safecoin. It could also be done to the network if safecoin were not involved. It is an attack vector, sure, and one to be concerned with, especially while the network is small, causing too much churn to be handled. That’s why they’re really working over the code to handle churn well–with certain safeguards, I think.

But, again, safecoin is earned at the point that the resources which have been offered are PROVEN to HAVE BEEN valuable–incrementally on GETs. Requires a certain longevity of good behavior, the longer the better.

I don’t think anyone disputes that. Many (including myself) have mentioned this in various topics such as the one below.

(Incidentally, that topic was also - as seen from the title - making fun of the disgusting PoW coin).

I think the idea is within rich for ordinary people. Because even if your math isn’t great, it’s possible to make a fairly accurate estimate, overprovision and still not put too much money at risk.

  • yes, i see that now. for a vault attack you need to keep them online for long enough to develop enough reputation to execute the attack. and, of course you can forge value with gets. i think it’s a matter of hours or days, though, not months - so it’s still pretty fast?

  • for a spend attack, i dont see how you need reputation at all?

I don’t think there are defined parameters yet. However, I suspect David Irvine will not support magic numbers here, so they will probably be parameters the network learns. How long they have been available, how quickly they have served data, etc.

Either way, spinning up nodes which have to prove themselves useful, before being able to cause damage may be counter productive to an attacker.

Sorry, I am not sure which this attack is? Spending lots of Safecoin on storage?

I assume you mean having enough nodes to control a Safecoin. If memory serves this is very hard indeed (harder than bitcoin), search for double spend might find details.

This is speculative at best. Too many factors at play. This network has yet to start crawling. We’re being presentind the bare minimum. This community and the development team has the ability to pull rabbits out of our asses.

The structure has been neary built. Soon we’ll reinforce it. Ideas about how to do this is always welcome. Going on about an issue that has been acknowledged to death is kind of boring. I don’t mean to offend. The meat of this issue has been chewed digested and ready for excretion.

Let’s find solutions if the’re not already in place.

So I hope we can agree to move forward and not remain stagnant.

One possibly crappy idea is to have seperate reputation systems. One for vault stability and another for close group participation. Come on people. Fart them out regardless to how rediculous they might seem. As long as you’re genuinely trying I don’t see the problem.

I’m getting twisted drunk and on using my phone to post this. Don’t expect a response till tomorrow. Unless by miracle I retain enough cognative finction to make myself useful before than. Peace my dudes. :v: :wink:

2 Likes

Correct me if I’m wrong. But no one, not even the network, can take a Safecoin away from someone that has already taken possession of a Safecoin. The Safecoin is cryptographically secured with the owners digital signature and only the person with the private key can tell the network to transfer that Safecoin.

2 Likes

I still can’t tell what you mean by a spend attack. Could you define it more clearly and give a possible mechanism for the exploit?

Spend attack plan:

  • Become president of the US
  • Borrow and spend enough to double US government debt
  • Profit (and help another spending attacker get elected)

A SafeNet version:

  • Buy 10K worth of SAFE
  • Upload data until the network is 100% full (this must be done quickly, eg from 1000 VPS over a period of 1-2 hours)

…then watch as all those coins you spent are quickly given out to new nodes coming online provide new storage. Moreover, the cost of storage will likely go exponentially higher as full capacity is approached, making it increasingly expensive to put new data.

I get that it is theoretically possible, but you would literally have to have money to burn to cause a temporary DoS attack, which only prevents writes to the network, for a limited period.

I suppose being able to force the price to move could all own you to, say, spread bet on the move at the same time. That would give a financial incentive if it was possible (although buying up the same amount of coin in a short period would probably be more direct and lucrative, Tbh).

  • Nothing would come online within couple of hours required for this attack.
  • With 1,000 VPS at 1MBs, that’s 1GB/s or 3.6TB/hour. Even without a bot I’d be able to upload 36 TB/day which means to keep up the farmers would have to put 100 TB on the net within 24 hours. Not likely.
  • A bot could upload 100 TB within hours.

Yeah, but if you can’t upload data because the network is out of space, or if you lose data when I take 100TB of capacity offline within 5 seconds, that may present some challenges for the period after the attack is over.

Sure, but at what cost vs what benefit?

  • Cost: 1,000 VPS * 24 hours = few hundred bucks at most?
  • Benefit: I’d rather not disclose that, but I’m sure others have various ideas on that (makes me think some other storage coin should redirect a fraction of their marketing monies to this :-)).

That is just the VPS cost. How about the cost of the PUTs, which will get increasingly more expensive as the network approaches saturation point?

I don’t know, we’ll see how much PUTs will cost.
I made some attempts to guess, but educated guessers on this forum have declined to speculate on that.

Secondly, you don’t know how much spare capacity will exist on the network. Maybe they’d need to strike at at peak hour (e.g. when it’s 93% full). If the network is 4 PB large, 7% would be 28 TB.

As the price of storage will change with demand (read: spare storage available), I wonder whether ‘filling’ the network is feasible at all. It may just make PUTs prohibitively expensive.

Ofc, ludicrously expensive PUTs wouldn’t be good for the network either, but it would deter these sort of attacks effectively. The storage cost would fall again as the network recovered (more storage came online).