I guess, we all agree that OG pools should go long time ago. I mean, leave the support on the harvester side, but kill the OG plotting capabilities. Yet, for whatever reason those plots are still being promoted by chia as one way of farming.
Not sure, but I think for chia that implies 51% of the nodes, not the netspace and NoSSD is whale-heavy (has about 1/10th of Space farmersâ count). If this is the case (51% applies to nodes), NoSSD can be safely ignored as a drop in a bucket (2k farmers out of 100k).
Maybe I should be clearer. NoSSD is âconsumingâ 2k farmers (turning potential 2k nodes in just 1), thus that is a drop in the bucket comparing to 100k farmers out there, at least for now.
Nah, thatâs fair. Traditionally it leaned 51% of hashrate on other coins â pools. Node count checks out in our case and thatâs a valid point; our situation is different in that respect.
Im not sure how that would even work, afaik, its not nodes i think, nodes just relay info, its the proofs ( so space ) that matter as they dictate whos forming the blocks.
But iirc i dont think 51% atk works in chia and needs a bigger %
The first section applies - âMajority Attack.â I think the key from that section is:
If we normalize the networkâs honest space and fastest timelord to equal 1, then in order for the attack to succeed, the product of the attackerâs space [SA], timelord speed [VA], and double-dip advantage [DD] must be at least 1:
SA * VA * DD >= 1
The following 2 tables show percentage of netspace needed for different combination of timelords / double-dip advantages and ranges are from 25.4% to 67% of netspace needed to pull it off. Not sure how those combinations translate to real time implementation, but given that the resources are there, it looks like the attack may be successful already at 25.4% of controlled netspace, and NoSSD has just crossed that threshold (netspace).
Although, in the one before the last paragraph, they also put this statement:
Therefore, Chia uses a base line assumption of 51% of the netspace required for a majority attack to have a chance at succeeding.
And a disclaimer. This section would require a bit of time to understand (at least for me), so I am just quoting what I feel is relevant glancing over it, but without much if any understanding of it.
Again, sorry for dismissing netspace requirements. Clearly, it was and still is way over my head.
EDIT
Kind of a corollary to the above. If the node count / percentage is not significant, then (kind of) why bother with running a node, and not something like former FlexFarmer or FoxyPoolFarmer. (If I recall, chia first raised a lot of stink when FF was introduced, and later issued an apology by the chief guy due to him being âmisleadâ by his staff about how it worked.)
Youâre still missing why it matters, its not JUST the creation of blocks being the issue, but whats inside those blocks being the issue (transactions), so its not enough to just sign your own blocks, but you need to pick and choose your own transactions to prevent several types of abuse, majority consensus (51% attack) being one of them since you can write and re-write the history going forward.
Take the Stratum V2 change Bitcoin is trying to push on their pools, so that miners sign their own blocks rather than the pool, but they still rely on those centralized pools for the transaction information to include with their signature, so its half of the solution and failing to tackle the critical part.
This is why Chiaâs official pooling protocol was so special and rose to legendary levels of decentralization far above other chains, but is now sinking back down because of NoSSD using the traditional pooling model which keeps the power in their back pocket and/or becomes a place to attack.
P.S. In the end ânumber of nodesâ is not whats securing the network because thats just the number verifying it, its the decentralization of those singing blocks and thus the transactions within them, thats whats critical for decentralization and why 100k nodes making their own blocks was special.
Above is a picture basically indicating the impact NoSSD is having on decentralization because as I said its block creation and choosing your own transactions thats the critical part, running a node is part of doing that but not the main sticking point people seem to be repeating. If you want to cross reference that to publicly available data and compare to other chains to confirm or disprove my statement feel free too but I donât want to do a lot of hand holding here to organize all the data for you.
You already cited it and thats why I added the 51% right after it because I thought that would make it abundantly clear on what I was referencing in that context, you quoted the 51% in another reply.
So lets try to break it down super basic, nodes verify data to ensure it aligns with the ârulesâ of the network but that does not mean nodes are the end all be all in the process, you need someone creating the chain and including transactions in the blocks which is what farmers need to be doing independent of any 3rd party (pool or remote node), because that results in the most decentralization of the chain.
In my earlier Bitcoin example, their pools create blocks and control what transactions go inside them and they are as I indicated trying to switch to a better model where individual miners sign the blocks but they will still rely on the pool telling them what transactions to include. Chia takes all of this a step further by saying âbe your own independently controlled entity, you create and decide on it allâ by using the PlotNFT to share only the reward portion with the pool but remain fully independent otherwise (since most farmers run their own node to gather their own transactions to make their own blocks).
Independent farmers creating blocks has the largest impact on the nakamoto coefficient and why NoSSD is ruining it, which is why Chip22 was proposed to address the issue and hopefully restore without force the decentralization the network once had, this is all similar to the hpool days when they ruined it, reference photo above (Also note gigahorse has minimal impact because farmers still create their own blocks, especially when you use the adjusted numbers to accurately reflect that).
The second part is what I was interested in. Still, thank you for the first (legendary) part.
OK, I think that we are back to square one.
They way I understand that chia doc is the way you have it in that paragraph (I bolded it). Everything that they have there is about netspace. So, the 51% quoted by me was strictly related to it (netspace). Also, please note the text from the first paragraph:
It is colloquially known as a â51% attackâ because the attacker must control more than half of the blockchainâs resources (hashrate for PoW, netspace for PoST) in order to succeed.
Unfortunately, I donât see any reference to nodes there, thus âmajority consensusâ you are referring to. The formula provided clearly mentions âattackerâs space, timelord speed, and double-dipâ and that is used to derive the netspace percentage needed (together with those other two) to have a successful attack. Nothing there that I can see / understand that suggests that 51% of nodes is also needed.
By the way, NoSSD has already crossed that 25.4% needed for a successful majority attack, but that is rather a border line scenario. However, they are closing on 33.3% and that requires just 1 super-timelord.
By the way, I am not trying to minimize the significance of nodes verifying the data. Although, the main point for me is that NoSSD has already crossed the border-line netspace requirement to have a successful attack, thus the question is whether they could have that super-timelord(s) to execute on it. At least, that is what I can read / understand from that doc.
As I have already stated that document is not easy to read (for me), so thus my confusion. I have also zero knowledge / interest in other blockchains.
One more thing. As I am not really that familiar with blockchains, I think we may be having wording problems. Potentially we are talking about the same thing, but just phrasing it differently.
Also, if you have on hand a source of that chart, I would appreciate it.
People often confuse the role of a node and how it can be complicit with certain attacks, you can âattackâ the network and get every node to agree by having the majority of the block creation (51%) or in the case of 3rd party nodes they could manipulate the block creators relying on them for transaction information and send only certain ones at certain times that are advantageous to their trading, etc.
What it boils down to is 100k independent nodes creating blocks and choosing their own transactions independently, which means attackers who wish to exploit the centralization of certain things go from having a single static party to attack, to hundreds or (very realistic future) thousands of dynamic anonymous independent nodes around the world that would all have to be compromisedâŚ
its much easier to attack one static point than thousands of dynamic points when trying to make a chain of consecutive blocks, thats the reason why Bitcoin is trying to copy the Chia Farmer model.
P.S. This is why NoSSD having a known built-in backdoor via libtorrent is an unnecessary security risk, for numerous reasons, the end user, and the network as a whole, it becomes a single point of attack. (Maybe now you can begin to understand and appreciate more about why I continue to strongly oppose their backdoor, and why the rest of crypto opposes such backdoors in the software as well.)
Thanks, that means that you are describing a different attack from what I was trying to understand and what started this conversation. That text you quoted I wrote as a corollary to how I read that âmajority attackâ based on the controlled netspace (i.e., applying to NoSSD case right now).
As far as I recall, chia retracted all attacks on FlexFarmer, basically blessing that solution. FoxyPool farmer is quite similar to FF and I have not seen attacks on that one (I think that they (FoxyPool) are running farmer on client side, and just let it use their super-node). (So, at least for me, this is yet another confusion (yes, we do need nodes, but no just farmers will do âŚ).)
Sorry, but I donât buy this argument or at least positioning of it. From the app / dev point of view, libtorrent is just a shortcut, in this case most likely initially used by NoSSD to deliver software updates (as they didnât have money to pay for hosting - my guess). However, I do agree that it is foolish on their side to not get rid of it, even if just to squash those type of accusations you brought up.
However, any running program, and I mean any can have code that reaches back home and can bring new binaries to the client side (no bittorent needed), thus installing whatever is convenient to start an attack. Therefore, whether bittorent lib is included or not is irrelevant and just dilutes the problem (IMO).
From my point of view, it all boils down to the trust level (regardless of open/close-source code) and that is not just some artifacts in the code. I think this is where the focus should be, not blindly picking up on some artifacts that can easily be changed, thus rendering those accusations moot.
As I stated before, from the trust point of view, I would not touch their code with a ten-foot pole. However, from technical capabilities, they are much stronger than chia (what kind of makes me nervous about that timelord(s) needed for the majority attack).
Yes, NoSSD is a threat for having a known built-in libtorrent backdoor, it can impact end users and the network as mentioned above with an example showing why the rest of crypto rejects backdoors.
I love when people âagreeâ then âdisagreeâ then try to mitigate that with âany code can do itâ as if that applies to this specific scenario of a KNOWN built-in backdoor from anonymous developers with trust issues and a past history of public outbursts calling into serious question their motivations for putting it back in after allegedly removing it, malicious actors benefit the most from these poor decisions.
If any code can do something, then there is nothing special about their code, any code can do it right? (This is where you tell me, but any code isnât doing it, and thats where I touch my nose and say bingo)
What you are implying there is that removing bittorent will remove all trust concerns with respect to NoSSD. Or you are saying that only having a known backdoor is a problem. Either way, I find it rather BS.
You are again taking two different things and trying to imply that those are related. I guess, this is your confusion.
What I said is that whether they have that bittorent or not is irrelevant, that has no bearing on the trust in what they provide. However, having it there activates people to bang on that single thing ad nauseam.
So, let me repeat it. Banging on that bittorent is diluting the problem as that can be easily fixed by them and according to your logic that would imply a âproblem fixed.â Therefore, I think that it is you who is confused here.
Actually, I have one more objection. I donât think that libtorrent by itself is a backdoor, as you try to imply. It is just a communication protocol and as with any such protocol the usage is not based on the protocol but rather how it is being used. Here is the link to libtorrent in Wikipedia - https://en.wikipedia.org/wiki/Libtorrent. I guess, following your logic, that article is written by backdoor society to whitewash it.
I think you are trying to muddy what I am saying so you can find something to argue about by nitpicking something, you seem very intent on finding a fight in your life, Iâm not interested.
Citing the backdoor is libtorrent allows me to quickly describe to those who have been in crypto long enough to know the history and will understand, the severity of this known backdoor in NoSSD.
This is why the crypto community as a whole rejects known backdoors, the risk outweighs any gain.
You were SO concerned about the security of the network moments ago and brought up NoSSD passing a theoretical threshold if some other things align, well what do you think that means for anyone who wishes to attack the network?
It means they got a one-stop-shop to compromise and abuse the network thanks to that unnecessary security risk, thats the point, but you are trying to hyper focus on one part to pick a fight while the overall message seems to be escaping you in this âits badâ âits not badâ âany can do itâ tangents.
If you run a binary, you are already showing your trust in the developer. The developer can execute code on the machine, the code could already be present in the binary or distributed through various protocols like torrent, HTTP, FTP, or a proprietary one. If you donât trust a developer, you can run the binary in an isolated environment, such as Docker.
As a biggest pool we concern in reputation much more than any possible minuscule one time fraud act. Our business model is clear and we intend to stick to it.
Can we already ditch this torrent conspiracy and ignore those who still spreading the FUD about it? Thank you.
The problem with your go-to distraction speech is that it doesnât resolve the security vulnerabilities, docker can only attempt to mitigate (varying results for CPU/OS/etc) not prevent, it also doesnât secure other devices on the users network nor prevent malicious acts from the host machine externally.
Someone concerned with reputation wouldnât sacrifice network or user security by having a known built-in backdoor that makes the network and users unnecessarily vulnerable to exploitation.
Its not a âconspiracyâ when NoSSD has known backdoors that go against best security practices.
There is a reason why the crypto industry shuns backdoors, because its an unnecessary security risk, the person who benefits most from this asinine behavior are malicious actors.