technogymball (the creator this Reddit) wrote:

KPCN wrote:

The article is as biased as it gets. Also bs

If it is, explain why.

Actually if the reader will read and comprehend the entire body of discussion on this Reddit, I think with @smooth, @JollyMort, and @jonas_h’s assistance we were able to move the discussion forward into some worthwhile discussion. I am happy with the edification that resulted. I continued to learn and hopefully readers did also.

lethos3 wrote:

Also I don't know why you do not mention CT as zero-knowlege.
Combined with Steath addresses it makes Monero virtually impossible to track, and you have ring signatures on top of that...

Please c.f. my discussions with @JollyMort and @jonas_h about the disadvantages of CT and my doubt as to whether it adds anything needed in the context of the design I proposed.

ArticMine wrote:

Monero’s block size readjustment algorithm scales to the transaction volume. There will be no penalty.

Incorrect. The Monero network applies a penalty when a block with a blocksize above the effective median is mined, but does not refund the penalty when a block with a blocksize below the effective median is mined. This asymmetry means that in order to maintain a blocksuize above the minimum effective median of 300000 bytes one has to pay the penalty and burn coins. The reason for this is natural fluctuation in Monero's blocksize. One can check this here. https://xmrchain.net/ Monero's blocks are a far from uniform size unlike Bitcoin due to the adaptive blocksize.

Again you’re incorrect if you are implying that the perpetrator pays any ongoing penalty. Although what you write above is true, it doesn’t cause the perpetrator to pay any penalties ongoing to sustain the attack. Once the median block size has risen to accommodate the volume of transactions that includes the Sybil attack, then there is no penalty accessed for that volume of transactions because it is the new median. The perpetrator is mounting a sustained attack, not a short-term increase in the volume of transactions.

The perpetrator pays ~2% of (his percentage of the network hashrate of all) the block reward for this Sybil attack. This is not 2% of the payments, but only 2% of the block reward. Thus if the honeypot has any value then this 2% is not a hindrance. In fact, I argue that the value of the honeypot likely makes the complicit miner more profitable and thus the perpetrator’s hashrate grows and grows until perpetrator has asymptotically ~100% of the mining eventually (all other factors not considered in that simplistic model of perpetrator’s hashrate dominance over time).

Even if Monero modifies the adaptive block size algorithm to apply a penalty based not on exceeding the effective median of past block history as it is now, but exceeding some threshold (say 300000 bytes) regardless of the effective median, this is effectively just requiring higher transaction fees for everyone, so now you’ve made Monero less efficient (less attractive) than Zerocash technology. Also you will eventually run into the problem that as transaction fees become significant, then research has shown that proof-of-work strategies are incentives incompatible (there is no longer a Nash equilibrium of mining on the longest chain) and the chain diverges into a high orphan rate clusterfuck (I will be blogging about this next, because all proof-of-work coins are doomed, even those with a small tail reward). Sorry it is over for Monero (because the only solution to that clusterfuck for PoW is an oligarchy which is what Bitcoin must be to survive, but that means for sure Monero would be a honeypot).

It is economically equivalent whether the attacker mines her own blocks and includes the spam therein or pays another miner to include the spam in her blocks. The cost in both cases in the same.

Yup. And that is only about ~2% of the block reward currently.

The perpetrator by definition of wanting to capture the entire Monero as a honeypot is going to have larger economies-of-scale than the rest of the miners, so 2% difference in revenue will not make the lowest cost miner less profitable than the more marginal miners who have lower economies-of-scale and thus higher costs. And then add to that to the value (extra profit) gained from having the honeypot.

Here is a teaser for the opening of my next blog (and Monero’s adaptive block size algorithm will also be debunked as a solution):

I’ll explain the indisputable reason Satoshi’s proof-of-work (PoW) is irreparably broken. Outcomes will worsen. Ditto woesome proof-of-stake (PoS).

Blocks are a Tragedy-of-the-Commons

The tragedy is that the chronological ordering of monolithic blocks (of transactions) doesn’t have an objective consensus which sustains the commons. Hence the commons is either dissolved, destroyed or a coercive power must step into the power vacuum to enforce order.

At a cursory examination, PoW may appear to offer an objective consensus based on a randomized, decentralized competition to burn electricity. Dissecting it further though, the monolithic grouping of transactions into blocks is incompatible with a sustainable objective consensus.