That was a good thing, and I agree. only the part before the “But” was actually directed at you, the rest just my 2cents to the discussion
1 Like
Ouch so thats UUPool and Core Pool down.
In the end there are a lot of people who have large financial incentive to scam pools.
We were asked multiple times to use a solution similar to HPool and we refused because we knew it would be an endless battle against scammers and that our farmers would suffer as a result of it.
I don’t think calling others “trolling” and “FUD” are anything near the “kind enough” words. Nonetheless, let’s focus on technical discussion of pooling’s safety against fake plots.
Please share your knowledge if you would, particularly if you has the insight about how to achieve the desired model as in “1. The Chia proof of space does not allow for false positives of solutions, even at its lowest difficulty”.
1 Like
Not biting here mate… why don’t you go fish in another pond…
2 Likes
In general it is EXTREMELY difficult to prove a negative whilst generally much easier to prove a positive
ie you only have to provide 1 fake plot that passes the test
but to prove a negative you have to prove that such a fake plot can NEVER be found and DOES NOT exist
Asking for such isn’t a symmetrical request so its unrealistic to assume the absence of a proof as evidence of the opposite - its just a cheap shot !
1 Like
Per a notification I received from discord, Core-pool is back online.
Why not? Is there anything they can not do that the Chia team/corp can? If so, that would strike me as a serious shortcoming of Chia.
well there is no blockchain connecting the user to hpool, and thats the problem.
I mean they could do it theoretically, but would make no sense to develop that parallel to the current pool protocol being developed by the chia devs
If you listen to the pool developers presentation on YouTube, you will hear in there that the pool protocol development they are doing is not special. Anyone in the community could build an equally safe protocol, at least in theory. It would require new plots, and those plots would be unlikely to be migratable to the official pooling solution. I believe any pooling solution today that does not require replotting cannot be done securely because the farmer controls the payout address.
Like fishing … enjoy and keep it up. Here comes some baits.
Back to the boring technical stuff. An attack to Chia pool can be unique for Chia Network, aiming to injecting fake plots to earn a share in total space rather than to claim a winning of coin as in other crypto networks.
The vulnerability could be exploited by the combination of following factors:
- Plot size. The file size can be easily faked (e.g. the Linux/Unix commands for creating sparse files).
- Timelords. The VDF (verifiable delay function) is designed to validate the amount of time has been spent plotting when claiming a coin. Would a pool operator be required to validate each plot’s PoT? My guess is no in the current pool protocol (I could be wrong, please correct). The “time” factor seems already out of the loop of pool validation.
- Quality. “A quality value is simply the hash of the proof. The best quality (best meaning lowest value) can be finalized first”. In other words, the response to a challenge of quality is not deterministic. I serious doubt the quality tests could be sufficiently to validate a plot given the time constraint for a pool operator to check on each plot.
- Digital Signatures. Those parameter are completely under farmer’s control. An adversary could sign it off with legitimate signatures without a harm to the purpose.
In general, Chia Network can be in a unique situation that an attacker might well keep a distance from the chain itself. The adversary only needs to aim at gaining an unfair advantage from Chia pools by plotting faster, taking sparse space, etc.
Once again, no one should take safety and security for granted.
Started the new NFT plotting couple days ago using madmax pool-puzzles branch compiled on TinyCoreLinux distro, also started farming on the new pool protocol since then …
Meanwhile … I reserve my right to doubt at the official pooling protocol, as well as the doubt on the entire proof of space and time thing. I too will also ignore the entire mathematics things since my two little brain cells couldn’t handle it, but i don’t pretend to understand it and tell other people to “go ahead and read the god damn green paper”. But here’s the things :
- Which part of the plot file gets most of the read, does it distributed evenly, or some part of the plot gets most of the read, like the fist 10%, or the middle 10%, or the last 10% … when doing official pool things.
- A k32 plot file basically a lookup table with 696969 entries, BUT is it even possible to make 10 malicious k32 plot with only 6969 (10%) entries but can do 20% of the low diff challenges instead of 1 normal k32 plot that can do 100% of the “any diff” challenge ?
I won’t pretend to understand the match but there is a thing that I think I can explain about the “difficulty”
The thing is the difficulty setting doesn’t change the actual mathematical difficulty or complexity of the proof of space.
Imagine it like this:
The network asks your plot a math question and based on the random data inside your plot is returns a certain number as it’s answer. Let’s assume this answer can be between 1 and 1000
If the difficulty is set to 10, any answer between 1 and 100 will result in a win.
But if the difficulty is set to 100, only answers between 1 and 10 will result in a win. So in this case your chance to win is 10x lower.
This is not how it works, but a simple analogy to show that the difficulty setting does not affect the math question being asked of your plot to answer. It just narrows or widens the possible responses that are eligible to win a block and thereby reducing or increasing the change to win.
1 Like
Figure 2