There isn't any way any of this will work. So long as there are unverified endpoints (by some third party) there is no way any "trustworthy" system can be built up! What is to prevent me from being both a sybil, and under a second identity being just some "random" other party. Once we - as in me as a sybil generator and me as a disguised second party - transfer a file and sign off on it, I become slightly more trustworthy. So I do this enough times, with randomly generated "second parties" and soon I look really "hot and trustworthy"!
You need always need at least one trusted party to authenticate every transaction. And the question becomes how do you generate that first trusted party? Without it all this becomes moot. Chance On Thu, Jul 19, 2012 at 5:07 AM, Michael Rogers <[email protected]>wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 17/07/12 23:27, Tony Arcieri wrote: > > I'd like both sides to sign off on both a completed file transfer > > and a completed file storage lease. Failure to do so would prevent > > ongoing relationships. > > > > Sybils can claim whatever false histories they want, however the > > assumption is that, through normal system operation, a given peer > > will come into contact with more truthful peers than Sybils, and > > that by virtue of that the false histories concocted by Sybil > > networks will be noise filtered out by a collaborative filtering > > algorithm. > > > > Each peer is looking for patterns in the data (specifically > > self-similarity) across the combined histories of every peer > > they've ever interacted with. As long as they are able to reach a > > majority of "trustworthy peers" then hopefully the false histories > > concocted by colluding Sybils will be irrelevant. > > So, if I understand right, both parties must sign off on a transaction > in order for a third party to include the transaction in its > similarity calculations? So Sybils can create fake transactions > between themselves, but not between a Sybil and a legitimate peer? > > If that's right, I only have two remaining concerns: bootstrapping and > positive feedback. The problem with bootstrapping is how to > distinguish legitimate peers from Sybils when you have no interaction > history. > > The problem with positive feedback is how to prevent the interaction > graph from collapsing into clusters or isolated components. > Interaction leads to similarity, similarity leads to interaction - > don't peers become more and more likely to interact with the same > peers? Is there a need for a countervailing mechanism to encourage > exploration and give new peers a chance to interact? > > Cheers, > Michael > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.10 (GNU/Linux) > > iQEcBAEBAgAGBQJQB85vAAoJEBEET9GfxSfMB84IAKtHJZ4pi4QBBsGwrfI3PSk8 > G/mrcLADvScC/qXpHadxYUWacG8mubZIWqBkMWw4azh22rqGjiGoly2BdmJ3nv5b > l6AS4m7rbUPWqUysvQqQSg0JGDDVvB5b7w46pyQgVElB4AGEdDb5dFUsIFRpAUKm > O9YmiY/Eex/aNnofAqqHImL+az0Dtv9zlEWIZ9gxJyAO/8e7tTRaaghhI/b97Is+ > sDpFCEgBJ5uUbk+fIUX2qYWZ+fhkx9j0a1vTMHtuu4n9E22R4dU/5m7VqzSkwUaY > a8Qg/m3mJFX4fBPgG0J38MKiElh5dqNKvqFTMrjL6kn7o2CCFEtPgWNU2LfarEk= > =Iu4B > -----END PGP SIGNATURE----- > _______________________________________________ > p2p-hackers mailing list > [email protected] > http://lists.zooko.com/mailman/listinfo/p2p-hackers >
_______________________________________________ p2p-hackers mailing list [email protected] http://lists.zooko.com/mailman/listinfo/p2p-hackers
