[Cryptography] Preventing co-op notary defection
Phillip Hallam-Baker
phill at hallambaker.com
Mon Jul 7 08:38:51 EDT 2014
On Mon, Jul 7, 2014 at 5:11 AM, Ben Laurie <ben at links.org> wrote:
> On 7 July 2014 03:15, Phillip Hallam-Baker <phill at hallambaker.com> wrote:
> >
> > So yes, your mintettes are voting in a similar way but as part of a
> "central
> > authority". I think the voting scheme brings sufficiently effective
> controls
> > as to dispense with the need for a central authority. I think it is
> possible
> > for it to become a genuine peer scheme with loose binding.
>
> Bottom line: don't believe it. How do I, as a relying party, determine
> when agreement has been reached? How do members of this "loose
> binding" determine it? Once more you are back to establishing
> consensus in an unknown group.
>
> This seems like the core problem with Ripple, too, BTW.
Well I'm not actually interested in the currency problem so I haven't
considered whether the consensus approach is sufficient for them.
The log contains all the administrative decisions of the co-op. So given
one valid checkpoint the RP can roll forward to get a current state that
can only be bogus if a majority of the co-op members defected.
> Maybe not such a big step technically but I think it would make a huge
> > difference to how certain parties would accept the scheme.
>
> By pretending you can do the impossible? Always a hit, in my experience.
>
Well it depends on whether you take loose binding to mean that the members
are chosen at random with no filtering at all or if you accept that there
is still going to be filtering but the trustworthiness of the system
doesn't rely on it being absolutely accurate.
I was not thinking that the notaries would be random anonymous volunteers.
Obviously there have to be controls in place to prevent a majority
defection which means that attempts to set up sock puppet notaries have to
be avoided.
And whether the system is viable is going to depend on what use you attempt
to make of it. As the Paypal folk found out, everything changes when money
is involved. Paypal's initial fraud rate was devastating. One of the
signals that BitCoin is going to have an ugly future is the fact that so
much of the infrastructure is based in countries where organized cybercrime
runs rampant.
Designing a system that is acceptably secure against an adversary averse to
publicity, armed with legal threats of limited territorial extent is
entirely feasible. If the attackers are looking to make billions in bitcoin
then its more likely the coercion will include threats of or actual murders
and the system falls down.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20140707/52c89b74/attachment.html>
More information about the cryptography
mailing list