mimblewimble team mailing list archive

Thread
Date

Re: Chain syncing spec

To: Ignotus Peverell <igno.peverell@xxxxxxxxxxxxxx>
From: Andrew Poelstra <apoelstra@xxxxxxxxxxxxxx>
Date: Wed, 11 Jan 2017 20:52:13 +0000
Cc: "mimblewimble@xxxxxxxxxxxxxxxxxxx" <mimblewimble@xxxxxxxxxxxxxxxxxxx>
In-reply-to: <e1F2NjDrrwMC5m85g4X9rO175gpBJcbnMh1vTCg_-5UkkWPGDFS09SZzD1o3JdvFYSxCK-vCJBNNbuyxwRtLqGFBXjAJ6Pw9Houl1CwO44E=@protonmail.com>
User-agent: Mutt/1.7.1 (2016-10-04)

Is it possible to make Protonmail quote messages using > ? When I read this in mutt it's all run together like so:


On Tue, Jan 10, 2017 at 04:38:32PM -0500, Ignotus Peverell wrote:
> I'm just getting to this, a week late.
> 
> Never too late, especially when no syncing code has been written yet :)
> 
> 
> I really don't like this "horizon" model.
> 
> There is some "horizon" model inherent to MW that you're ignoring: as of when does one get the full UTXO set? If you get it at block (head-100), what if there's a valid fork at (head-110)? There's some inherent complication in the security model there.
> 
> 
> What does a node do in the presence of multiple forks who disagree at the horizon, but which have different total difficulties? How long after a node has made a decision on the real chain can this be modified?
> 
> In the presence of multiple forks a node backtracks, in the extreme case leading to what you suggest: the full header history.
> 
> 
> At best this seems very hard to analyze. At worst it leads to DoS attacks
> 
> That's the argument I'm the most sympathetic to: it's harder to analyze. I'm still questioning whether it's worth it or not.
> 
> But even bitcoin's security model relies strongly on incentives. So if you're willing to spend 2 weeks worth of proof of work (for example) faster than the rest of the chain just to make new nodes fail bootstrapping, why not just do a 51% attack that can work immediately and gives you a lot more control?
> 
> 
> it seems like you can trick a node into rewriting its history
> 
> No, not after bootstrap.
> 
> 
> trick it into downloading and fully validating every block by conflicting at decreasing heights,
> 
> Not without proving more and more work, especially after a successful bootstrap.
> 
> 
> In fact if the proposed security model is ok, I don't know what the point of MW is at all, you can just fork Bitcoin, add a horizon and magic "can't reach consensus" rule, and you'll get the same security model without so much research and development.
> 
> Now you're getting glib :D
> 
> I agree however that the security model becomes a little less clear and that may not be something we want as a default from the start but more something we can explore later on. However I'll make a couple more points:
> 
> - We're discussing the "limited history" mode right now, there's still a full node mode. I did ask in my first email whether we should have full nodes also do cut-through.
> 
> - I think the UTXO horizon is just as tricky as the header horizon: it's not as well understood and the DoS vectors could have more repercussion in terms of traffic.
> 
> 
> And as always, thanks a lot for the review and analysis!
> 
> - Igno

> -- 
> Mailing list: https://launchpad.net/~mimblewimble
> Post to     : mimblewimble@xxxxxxxxxxxxxxxxxxx
> Unsubscribe : https://launchpad.net/~mimblewimble
> More help   : https://help.launchpad.net/ListHelp


-- 
Andrew Poelstra
Mathematics Department, Blockstream
Email: apoelstra at wpsoftware.net
Web:   https://www.wpsoftware.net/andrew

"A goose alone, I suppose, can know the loneliness of geese
 who can never find their peace,
 whether north or south or west or east"
       --Joanna Newsom

Attachment: signature.asc
Description: PGP signature

References

Chain syncing spec
From: Ignotus Peverell, 2017-01-02
Re: Chain syncing spec
From: Andrew Poelstra, 2017-01-10
Re: Chain syncing spec
From: Ignotus Peverell, 2017-01-10