public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Paul Sztorc <truthcoin@gmail•com>
To: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Cc: "lightning-dev\\\\@lists.linuxfoundation.org"
	<lightning-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] A Comparison Of LN and Drivechain Security In The Presence Of 51% Attackers
Date: Sat, 26 Feb 2022 19:42:22 -0500	[thread overview]
Message-ID: <39992d10-fa91-daca-19a6-9f9840cacc76@gmail.com> (raw)
In-Reply-To: <M6pN0qkZsl6BUonPHbqh9XQNpOnGoywK_muHcMu7Uwtzb1cYyxXaS6T7U1TJ69yf_s95Os3wGq58Ibct5KdGc35gXXB80kDXNJNW7Yb2nc8=@protonmail.com>

Not bad, but not particularly good either.

Definitely correct:
   1  (plus extra credit, it was originally 1008+2016),
   3a "whales"
   3b (atomic swaps is the "official" answer, but otc trading is also 
acceptable, or just "trade" in general)
   6
   9  part one

Close, but not quite right:
   2  (part one "~4" is correct, but you didn't answer part two)
   3a "attacker- miners" is not the way I see it at all
   3c true, but I was talking about withdrawal security, not hashrate, 
[this is related to the 3a "attacker miners" mis-answer]
   4  ? you seem to have not very seriously answered this. The 
parameters are spelled out in the original Nov 2015 post

Some kind of miscommunication may have happened:
   8 -- I was more thinking, what happens if the UASF fails (in 
thwarting miners) vs succeeds. (I take it for granted that non-DC users 
will prefer to do nothing, and prefer to be unaffected.)

Seems wrong to me:
   0  seems like a pretty big misunderstanding happened here, or else 
you mistakenly typo'd the wrong word
   5  (you started with m=1 examples, which is not what was requested; 
and finished with something not a sidechain attribute)
   7  [related to the miss on #5] ; it is not a re-ask of question #0
   9  part two is wrong
  10  you did not answer

Paul


On 2/26/2022 2:39 AM, ZmnSCPxj wrote:
> Good morning Paul,
>
>
>> I don't think I can stop people from being ignorant about Drivechain. But I can at least allow the Drivechain-knowledgable to identify each other.
>>
>> So here below, I present a little "quiz". If you can answer all of these questions, then you basically understand Drivechain:
>>
>> 0. We could change DC to make miner-theft impossible, by making it a layer1 consensus rule that miners never steal. Why is this cure worse than the disease?
> Now miners are forced to look at all sideblocks, not optionally do so if it is profitable for them.
>
>> 1. If 100% hashrate wanted to steal coins from a DC sidechain *as quickly as possible*, how long would this take (in blocks)?
> 13,150 (I think this is how you changed it after feedback from this list, I think I remember it was ~3000 before or thereabouts.)
>
>> 2. Per sidechain per year (ie, per 52560 blocks), how many DC withdrawals can take place (maximum)? How many can be attempted?
>>       (Ie, how does the 'train track metaphor' work, from ~1h5m in the "Overview and Misconceptions" video)?
> I hate watching videos, I can read faster than anyone can talk (except maybe Laolu, he speaks faster than I can process, never mind read).
>
> ~4 times (assuming 52560 block per year, which may vary due to new miners, hashrate drops, etc)
>
>> 3. Only two types of people should ever be using the DC withdrawal system at all.
>>    3a. Which two?
> a.  Miners destroying the sidechain because the sidechain is no longer viable.
> b.  Aggregators of sidechain-to-minechain transfers and large whales.
>
>>    3b. How is everyone else, expected to move their coins from chain to chain?
> Cross-system atomic swaps.
> (I use "System" here since the same mechanism works for Lightning channels, and channels are not blockchains.)
>
>>    3c. (Obviously, this improves UX.) But why does it also improve security?
> Drivechain-based pegged transfers are aggregates of many smaller transfers and thus every transfer out from the sidechain contributes its "fee" to the security of the peg.
>
>> --
>> 4. What do the parameters b and m stand for (in the DC security model)?
> m is how much people want to kill a sidechain, 0 = everybody would be sad if it died and would rather burn all their BTC forever than continue living, 1 = do not care, > 1 people want to actively kill the sidechain.
>
> b is how much profit a mainchain miner expects from supporting a sidechain (do not remember the unit though).
> Something like u = a + b where a is the mainchain, b is the sidechain, u is the total profit.
> Or fees?  Something like that.
>
>> 5. How can m possibly be above 1? Give an example of a sidechain-attribute which may cause this situation to arise.
> The sidechain is a total scam.
> A bug may be found in the sidechain that completely negates any security it might have, thus removing any desire to protect the sidechain and potentially make users want to destroy it completely rather than let it continue.
> People end up hating sidechains completely.
>
>> 6. For which range of m, is DC designed to deter sc-theft?
> m <= 1
>
>> 7. If DC could be changed to magically deter theft across all ranges of m, why would that be bad for sidechain users in general?
> Because the sidechain would already be part of mainchain consensus.
>
>> --
>> 8. If imminent victims of a DC-based theft, used a mainchain UASF to prohibit the future theft-withdrawal, then how would this affect non-DC users?
> If the non-DC users do not care, then they are unaffected.
> If the non-DC users want to actively kill the sidechain, they will counterattack with an opposite UASF and we have a chainsplit and sadness and mutual destruction and death and a new subreddit.
>
>> 9. In what ways might the BTC network one day become uncompetitive? And how is this different from caring about a sidechain's m and b?
> If it does not enable scaling technology fast enough to actually be able to enable hyperbitcoinization.
>
> Sidechains are not a scaling solution, so caring about m and b is different because your focus is not on scaling.
>
>> --
>> 10. If DC were successful, Altcoin-investors would be harmed. Two Maximalist-groups would also be slightly harmed -- who are these?
> Dunno!
>
>
> Regards,
> ZmnSCPxj




      parent reply	other threads:[~2022-02-27  0:42 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-02-24 12:49 ZmnSCPxj
2022-02-24 21:39 ` Paul Sztorc
2022-02-26  7:39   ` ZmnSCPxj
2022-02-26 14:58     ` Billy Tetrud
2022-02-27  0:42     ` Paul Sztorc [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=39992d10-fa91-daca-19a6-9f9840cacc76@gmail.com \
    --to=truthcoin@gmail$(echo .)com \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=lightning-dev@lists$(echo .)linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox