[Cryptography] Ynt: A new, more efficient consensus protocol

[Osman Kuzucu]

Gönderen: jrzx via cryptography <cryptography at metzdowd.com> adına cryptography <cryptography-bounces+bizbucaliyiz=hotmail.com at metzdowd.com>
Gönderildi: 15 Ocak 2021 Cuma 06:23
Kime: Greg <greg at kinostudios.com>

The basic fundamental problem is that want to establish consensus on a total order of items added to a pool of data, and you don't want some evil person determining the order he wants by spamming sybils onto the network.
This is not an issue for CBDC because they are central, they can put a restriction on who can host a node/peer, by distributing a whitelisted IP list on official node releases, and also broadcasting, perhaps even running their own "masternodes" that broadcasts that whitelist constantly.

However, I don't understand the logic behind "decentralized network for a centralized bank" and I don't understand the need for it. People develop decentralized cryptocurrencies, for example Bitcoin, to avoid the Central Banks and their ideologies. If a central bank is to issue such digital asset, all it need would be "cryptographically secure and verifiable". Which could be implemented on a central payment infrastructure easily, just like in "provably fair dice games".

Is anyone here thinking that Central Banks would give the "issuance of new assets" power to the individuals? I think they are just looking for a way to adopt this new technology, without losing control. This could be achieved by them hosting a couple BFT based nodes themselves, and allowing any individual to run a peer node. Because their own nodes would be in the same network, or at least be capable of downloading data at well over 20-30 MB/s, they won't have the problem of synchronizing, so their network can handle well up to 20K tps.

Mining, proof of work, solves this by making determining a total order difficult and expensive, by making participants wade through molasses in order to construct a total order.

Proof of stake solves this by making sure that big hodlers determine the consensus.
Again here, proof of work and proof of stake were developed so that average joe can participate in the decision making and can contribute to the network, which is not as important for a CBDC

Proof of luck, on the face of it, seeming allows a determined participant to manufacture as much luck as he wants.
Same KYC and whitelist I mentioned above.

On top of that, the paper actually has some wrong calculations I think (if I haven't forgot the math). It mentions that the block reward has to be greater than 0.02 cents. The equation has the number $360, which is calculated for 1 million participants as a cost. On the other hand, if only 10 million nodes are in the network, the cost would be $3.6K, and the block reward has to be 0.2 cents for an individual to have it profitable.

As for the lottery generation, the calculations are again wrong I think. Because even if there are 10 lottaries per second, what user needs is not 10H/s, but how many transactions are added to the mempool per second because the nodes has to hash all these transactions to find the winning ticket. At least that's what I understood from the paper. So, if there are 20K tps on the network, and 10 winner transactions, a node has to hash all these 20K transactions to see if they have a winning ticket or not. If I understood that part wrong, please correct me.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.metzdowd.com/pipermail/cryptography/attachments/20210115/48760cf9/attachment.htm>