Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 715A93EE for ; Mon, 22 May 2017 19:12:56 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-oi0-f42.google.com (mail-oi0-f42.google.com [209.85.218.42]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id C19A5202 for ; Mon, 22 May 2017 19:12:55 +0000 (UTC) Received: by mail-oi0-f42.google.com with SMTP id h4so173906868oib.3 for ; Mon, 22 May 2017 12:12:55 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:cc; bh=yPDEaqRdQimkZHsQ8kivsJfnDsxJbB45/bUeAFgip1M=; b=V9QRpAoVBaAYli5KnTkfxrNLEoiv8HjfycbEV/V3k+HEgmPLo0mdi76i6hv6c4K8FH Who6bVWY7g9cyld66sXXOkil+fmhDOVweB+v508/A2LfSDPSiciD3ij65k52wCa4Q/8I e9uwQlbA0/pbqztQmFw+b4w9IgRI37vbjXkLiSQETKgdputU3H1tsIPGAkkRCAhYNSSe GJf5hdNMdonfwSb97WufFfnRXMeHevYQwv+klOvpP2PDFGx02QxfYZ3mkTA3zH8Jkxrf BIG6P5CpK+W9Leq5QMoIy4UnveNnpEQUiUDqYjO2rFMT52yDI3V+TX7ERzqnOcWB4RzE t72Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:cc; bh=yPDEaqRdQimkZHsQ8kivsJfnDsxJbB45/bUeAFgip1M=; b=eAjFaf3kcaSTml1blR64dRHu+g+xs8+9dRA5VEVVJLk/InUqU5SndIOGz38a/ic2t0 zRkAYHqRR4lm/S4tF1zfAn9lWSlx/c33IgHiLXUjTsrk3R/wjYFgrwCif+u82+nNgbmn kIf9JFjBLfq+3OJiYpaYZrCmQg4RXPGSlFmjmSRS+1MnELjTdNBEogu07LS5HcKdqz4m u6SkZY3/pJrh8EZLbQp0Qzg7oABOM++ITMuRLMYqXtOh1dTE3QQq2FaPKCKIi2IzYERV xHZGNFpR0HjazkGu3/YPG5Ny50SJOwgKmRH6J3tnQwD56bq5ZaElxMkbtWuavQdy+ALI wl9g== X-Gm-Message-State: AODbwcBMHptjSkhgHhGhqn4voXu8HZxcJ7Nx9DOVTXGbHU5DieGMdkMp 94UgJpZWqgPvFvOLFxmUH1Da6WN0/676 X-Received: by 10.202.85.70 with SMTP id j67mr13138554oib.160.1495480374936; Mon, 22 May 2017 12:12:54 -0700 (PDT) MIME-Version: 1.0 Received: by 10.74.100.89 with HTTP; Mon, 22 May 2017 12:12:54 -0700 (PDT) In-Reply-To: References: <24f2b447-a237-45eb-ef9f-1a62533fad5c@gmail.com> From: Tier Nolan Date: Mon, 22 May 2017 20:12:54 +0100 Message-ID: Cc: Bitcoin Dev Content-Type: multipart/alternative; boundary="001a113d255c8447d5055021a877" X-Spam-Status: No, score=-0.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FROM,HTML_MESSAGE,MISSING_HEADERS, RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Drivechain -- Request for Discussion X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2017 19:12:56 -0000 --001a113d255c8447d5055021a877 Content-Type: text/plain; charset="UTF-8" On Mon, May 22, 2017 at 5:19 PM, Paul Sztorc via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > > In the future, when there is no block subsidy, a rich attacker can also do > that in mainchain Bitcoin. > I don't think they are the same. With Bitcoin, you only get to reverse recent transactions. If you actually reversed 2-3 weeks of transactions, then the Bitcoin price would fall, destroying the value of the additional coins you managed to obtain. Even if their was no price fall, you can only get a fraction of the total. With BMM, you can "buy" the entire reserve of the sidechain by paying (timeout) * (average tx fees). If you destroy a side-chain's value, then that doesn't affect the value of the bitcoins you manage to steal. The incentive could be eliminated by restricting the amount of coin that can be transferred from the side chain to the main chain to a fraction of the transaction fee pay to the bitcoin miners. If the side chain pays x in fees, then at most x/10 can be transferred from the side chain to the main chain. This means that someone who pays for block creation can only get 10% of that value transferred to the main chain. Main-chain miners could support fraud proofs. A pool could easily run an archive node for the side chain in a different data center. This wouldn't harm the performance of their main operations, but would guarantee that the side chain data is available for side chain validators. The sidechain to main-chain timeout would be more than enough for fraud proofs to be constructed. This means that the miners would need to know what the rules are for the side chain, so that they can process the fraud proofs. They would also need to run SPV nodes for the side chain, so they know which sidechain headers to blacklist. > In point of fact, the transactions *are* validated...by sidechain full > nodes, same as Bitcoin proper. > > The big difference is that Bitcoin holds no assets on another chain. A side-chain's value is directly linked to the fact that it has 100% reserves on the Bitcoin main chain. That can be targeted for theft. > Paul > > > Regards, > ZmnSCPxj > > --001a113d255c8447d5055021a877 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
On M= on, May 22, 2017 at 5:19 PM, Paul Sztorc via bitcoin-dev = <bitcoin-dev@lists.linuxfoundation.org> wrote:

In the future, when there is no block subsid= y, a rich attacker can also do that in mainchain Bitcoin.

I don't think they are the same.

With Bitcoin, you only get to reve= rse recent transactions.=C2=A0 If you actually reversed 2-3 weeks of transa= ctions, then the Bitcoin price would fall, destroying the value of the addi= tional coins you managed to obtain.=C2=A0 Even if their was no price fall, = you can only get a fraction of the total.

With BMM= , you can "buy" the entire reserve of the = sidechain by paying (timeout) * (average tx fees).=C2=A0 If you destroy a s= ide-chain's value, then that doesn't affect the value of the bitcoi= ns you manage to steal.

The= incentive could be eliminated by restricting the amount of coin that can b= e transferred from the side chain to the main chain to a fraction of the tr= ansaction fee pay to the bitcoin miners.

If the side chain pays x in fees, then at most x/10 can be tr= ansferred from the side chain to the main chain.=C2=A0 This means that some= one who pays for block creation can only get 10% of that value transferred = to the main chain.

Main-cha= in miners could support fraud proofs.=C2=A0 A pool could easily run an arch= ive node for the side chain in a different data center.

This wouldn&= #39;t harm the performance of their main operations, but would guarantee th= at the side chain data is available for side chain validators.

The sidechain to main-chain timeout wou= ld be more than enough for fraud proofs to be constructed.=C2=A0

This means that the miners would nee= d to know what the rules are for the side chain, so that they can process t= he fraud proofs.=C2=A0 They would also need to run SPV nodes for the side c= hain, so they know which sidechain headers to blacklist.


In point of fact,= the transactions *are* validated...by sidechain full nodes, same as Bitcoi= n proper.


T= he big difference is that Bitcoin holds no assets on another chain.=C2=A0 A= side-chain's value is directly linked to the fact that it has 100% res= erves on the Bitcoin main chain.=C2=A0 That can be targeted for theft.
<= /div>
=C2=A0
Paul

Regards,
ZmnSCPxj
--001a113d255c8447d5055021a877--