On Friday 02 Aug 2013 19:12:31 Peter Todd wrote: > On Thu, Jul 25, 2013 at 12:36:34PM +0100, Matthew Toseland wrote: > > > Basically the security model is now an attacker has to outspend the > > > defenders in terms of Bitcoins sacrificed. Not perfect, but it may be of > > > value, especially in conjunction with other protections. They do have > > > potential anonymity issues, but we're talking about opennet where the > > > attacker knows your IP address anyway. There's also a varient of > > > proof-of-sacrifice where you prove you attempted to create Bitcoins, a > > > proof that has no linkage to any other Bitcoin transaction. > > > > AFAICS this is a slightly more complex form of "pay to join", with the > > dubious advantage that nobody gets the money. In theory this might help > > people to not think we're scammers (although transient mode is more > > important to that end) ... but by the time you've explained it, you've lost > > them anyway, so I doubt it's worth the additional complexity. > > Well any decentralized attempt to limit sybil attacks and other attacks > via some kind of limited resource ultimately boils down to "pay to > join", the question is what are you paying and how likely are honest > users to already have what they need to pay? > > > It's likely that for the foreseeable future, any attempt to charge an entry > > fee will result in losing a lot of nodes... (Not existing nodes, but > > potential nodes). > > Social issues are a real concern - we have this same problem in Bitcoin > with SPV nodes, like a light-weight smartphone wallet, that aren't > contributing back to the network but are consuming resources. How do you > distinguish between a botnet pretending to be tens of thousands of smart > phones and tens of thousands of real ones? People are allergic to any > kind of fee... > > Another option you might want to consider is proof-of-work. In some ways > it's not as effective, because like I said before often the actual cost > to attackers is less, but the social dimensions may be more effective. > What are your thoughts there? The proof-of-work could easily be > something that is gradually phased out and replaced by > proof-of-useful-work as the opennet peer responds to more and more > requests, doing useful work.
Proof of work meaning hashcash? This is always going to be vastly cheaper for a competent attacker than for a user with low end hardware.
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Devl mailing list Devl@freenetproject.org https://emu.freenetproject.org/cgi-bin/mailman/listinfo/devl
