You are viewing a single comment's thread from:

RE: Hive Hardfork 24: Upcoming Release Candidate, Testnet, and Other Info

in #hiveblockchainlast year

Can we also include changing the number of consensus witnesses to something larger, like say 100 for added security? That or change the number of votes from 30 to say 5, or even better would be 1 vote but with a vote slider to be able to vote for more than one witness with our stake? There was much talk of these things at the time of the hardfork but now they seem to have been forgotten about, at least publicly.

Sort:  

The problem with only 1 witness vote is it will be easier to cause a stalemate. One would only need 20% of HP instead of >50% of hp to do this attack.

How do you figure? 1 vote with a sliding voting scale so you can use all your voting power on 1 witness or however many you choose by adjusting the voting weight down.

I don't think you have put enough thought into this.

Currently, there is 140,623,980 HP, ~70 million HP is required to do a Sybil attack or 51% attack on the Hive network and elect the 17 witnesses necessary.

If your 1:1 proposal is enacted, ~7 million HP would make it certain 1 specific witness is in the top 20. Now (30 votes each) >50% is needed to get 1 or them all.

At a 1:1 voting (sliding scale doesn't matter and is probably a disadvantage if it is a coordinated attack), if everyone is voting ideally (impractical) ~200 million HP would be required to definitely have a 17 witness consensus making it much more difficult to attack this way.

However, ~ 28 million HP would be enough to get 4 witnesses in the top 20 (much easier to coordinate only requiring a few of the top whale accounts). If there are 4 witnesses not agreeing to a consensus, there is no consensus and hard forks are not possible. They could make whatever demands they want to change their vote. Until it is changed no hard fork is possible without creating another chain like Hive 2.

If you are thinking Bah this would never happen! Please check out the most recent history on Hive/Steem where it happened when >50% (the current amount) is required to mess things up.

I have thought about this plenty and worked out the napkin math as well and it all comes down to one easy trade-off. Someone preventing something from happening is infinitely better than them being able to impose their will and change the entire network.

Right now we need > %50 to attack the network and impose will or make Hive a dead project.

If > %50 feels something is good, that is actually a majority. Even if they are blocked, > %50 wanting something bad enough to do this spells bad news moving forward. I know calling it a consensus is stupid, but technically >80% isn't a consensus either.

If your changes are done an attacker will need %20 > to make Hive a dead project. Attackers will get what they want because they won't move their votes until it happens. Imagine if it was done immediately after a hard fork with a bug that could be exploited?

The proxy.token did this when Steemit, Poloniex, Binance and Huobi were attacking the Steem network. For weeks proxy.token ensured no one would get a consensus and started asking for stupid things like banning certain witnesses, removing of downvotes, quicker power downtimes (so exploiting the network would be even easier), and a bunch of other crazy changes the majority of people disagreed with. It was so screwed up Hive was forced to be created. This permanently damaged the reputation of DPOS and subsequently both networks.

Lowering the number of witnesses one can vote for is not making the network safer. A lot more thought and complicating factors go into this. For now, allowing people to vote for anything less than 17 witnesses is dangerous because it will make a coordinated attack easier rather than more difficult. The majority will lose their power to prevent attacks.

If it ain't broke don't fix it. Please think of a solution that doesn't make attacking Hive easier.

This doesn't make attacking HIVE easier, it makes controlling it significantly harder. Right now it takes significantly less HP to control the consensus witness spots than 5 votes per account (or 1 vote with a slider) would require. That isn't really debatable, it's a fact. Had either of those measures been in place when Justin Sun bought the Steemit.Inc stake he never could have controlled the top 20 witness spots and none of this would have happened.

If it ain't broke don't fix it

Which means it clearly is/was broke and needs to be fixed.

I don't think you understand.

The Steemit stake has been removed. It is now almost impossible to get >50% of HP.

Also, as promosed after the split, with the next hardfork it will take 30 days after powering up to be able to vote for witnesses. This will prevent exchanges from being able to do it quickly.

Therefore we eliminated the threat that allowed over 100 million SP (like 30% of all Steem) to be used to vote.

So it is extremely unlikely to get >50%. Also, if we get that much, there is serious trouble anyway because the votes are split somewhat evenly.

However, it is still very possible to get 20%.

Do you have another reason for wanting to tinker?

Just because that stake has been removed doesn't mean someone else couldn't acquire a very large stake and power it up over time and do exactly the same thing. Sure it wouldn't be quick, but it would be possible, which is why the changes should be made.

Aside from that, why are we letting 20 people (actually 17 people) decide the direction of the entire project, not to mention safe guarding everyone's money. What if those 17 people get together and decide they don't like someone and fork their stake out? We've already seen it happen several times from both sides. So there is the security aspect for people's funds and why I also mentioned changing the consensus witness number to something much larger than 20 in my original comment.

Also, aside from an attack, there is the issue of a couple large holders being able to handpick all of the top 20 witnesses, which means the direction of the entire platform can be driven by a couple of the largest stake holders. Hardly a very decentralized model.

Not to mention that the current witnesses get entrenched in their positions over time as well, making it less and less likely they could ever lose their spot.

i agree with the idea of increasing consensus witnesses to at the very least 100.
If not, surely another takeover, (like the 1 that occured with with steem) could happen in the future.