Leo Wandersleb [ARCHIVE] on Nostr: 📅 Original date posted:2019-08-05 📝 Original message:On 8/6/19 7:04 AM, Chris ...
📅 Original date posted:2019-08-05
📝 Original message:On 8/6/19 7:04 AM, Chris Belcher via bitcoin-dev wrote:
> However, there _is_ a cost to being a sybil attacker. If we define
> honest makers as entities who run just one maker bot, and dishonest
> makers as entities who run multiple maker bots, then we can say that
> running a dishonest maker operation requires a sacrifice of fee income,
> because someone doing that would earn more money if they ran an honest
> maker instead. This happens because of the quadratic V^2 term in the
> formula calculating the fidelity bond value, which provides this
> incentive for lumping together fidelity bonds. This V^2 is probably the
> most important part for privacy.
As established above, there will emerge a market to lock coins, so these locks
will be readily available without having to buy them. Even with V^2 there is no
reason to amass more coins beyond a certain point. Running the biggest 5 V^2
scores should be pretty solid to get in on many coin joins.
> Another way is to require the bond signature proofs to involve the
> one-time taker identifier, and so be different every time. This
> basically requires fidelity bond privkeys to be online in hot wallets,
> and so should massively increase the difficulty of renting TXOs because
> the maker and the TXO owner need to be in constant real-time communication.
Requiring the bond to reside on a hot wallet would be a massive disadvantage.
No matter how you look at the whole problem of sibyl attacks, the honest maker
will have operational costs and gain fees and the sibyl attacker will have the
same plus profit from the deanonymization. As long as makers hunt marginal
profits, the sibyl attacker having the higher margin from deanonymization will
always win. The fidelity bonds would make this even worse, as increased
complexity and entry cost would not favor more makers but less even before the
centralization incentive mentioned above (V^2). To say that old holders have
bitcoins laying around that they can use for such bonds is a fallacy as they
could just as well rent them out on a bonds market.
How about turning this upside down and shift the incentives from being taker to
being maker by introducing a mandatory fee? If each join costs 1% per maker,
people would initially gasp and reject to update to that version but those who
do, will do to become makers, increasing the maker count massively and
eventually most people in frequent need of joining will also become makers to
offset the costs of being takers.
With these changed rules again the sibyl attackers would still have their
competitive edge and would flood the market with even more cheap offers but now
everybody would have an incentive to do the same and as makers have to have the
UTXOs, it's not free to sibyl attack already.
LW
📝 Original message:On 8/6/19 7:04 AM, Chris Belcher via bitcoin-dev wrote:
> However, there _is_ a cost to being a sybil attacker. If we define
> honest makers as entities who run just one maker bot, and dishonest
> makers as entities who run multiple maker bots, then we can say that
> running a dishonest maker operation requires a sacrifice of fee income,
> because someone doing that would earn more money if they ran an honest
> maker instead. This happens because of the quadratic V^2 term in the
> formula calculating the fidelity bond value, which provides this
> incentive for lumping together fidelity bonds. This V^2 is probably the
> most important part for privacy.
As established above, there will emerge a market to lock coins, so these locks
will be readily available without having to buy them. Even with V^2 there is no
reason to amass more coins beyond a certain point. Running the biggest 5 V^2
scores should be pretty solid to get in on many coin joins.
> Another way is to require the bond signature proofs to involve the
> one-time taker identifier, and so be different every time. This
> basically requires fidelity bond privkeys to be online in hot wallets,
> and so should massively increase the difficulty of renting TXOs because
> the maker and the TXO owner need to be in constant real-time communication.
Requiring the bond to reside on a hot wallet would be a massive disadvantage.
No matter how you look at the whole problem of sibyl attacks, the honest maker
will have operational costs and gain fees and the sibyl attacker will have the
same plus profit from the deanonymization. As long as makers hunt marginal
profits, the sibyl attacker having the higher margin from deanonymization will
always win. The fidelity bonds would make this even worse, as increased
complexity and entry cost would not favor more makers but less even before the
centralization incentive mentioned above (V^2). To say that old holders have
bitcoins laying around that they can use for such bonds is a fallacy as they
could just as well rent them out on a bonds market.
How about turning this upside down and shift the incentives from being taker to
being maker by introducing a mandatory fee? If each join costs 1% per maker,
people would initially gasp and reject to update to that version but those who
do, will do to become makers, increasing the maker count massively and
eventually most people in frequent need of joining will also become makers to
offset the costs of being takers.
With these changed rules again the sibyl attackers would still have their
competitive edge and would flood the market with even more cheap offers but now
everybody would have an incentive to do the same and as makers have to have the
UTXOs, it's not free to sibyl attack already.
LW