By Winston - 20 Nov 2017
Per Lind: What is the problem with zero cost POW? #IOTA
Vitalik Buterin?: Way too much imbalance between PoW capabilities of average sender node (low power, no good ASICs) and PoW capabilities of potential attacker. Per-transaction or per-consensus-message PoW is good for anti-DoS and as an efficiency tool to reduce security parameters for eg. STARKs, but for consensus it's a bad idea.
David Sonstebo: Let me know when you've learned about network bound PoW and dare to continue the discussion with Ivancheglo, you know the guy who laid the ground work for Ethereum's PoS future. Until then please refrain from commenting on things you don't grasp, your recent track record is bad.
Vitalik Buterin: Network-bound PoW sounds like "proof of IP address", which is proof-of-authority where the entity that hands out IP addresses is the authority.
David Sonstebo: That's not at all what it is. When you resort to arguing based on what it "sounds like" you should really sit down and contemplate your process of reviewing concepts that are new to you.
Vitalik Buterin: https://en.wikipedia.org/wiki/Guided_tour_puzzle_protocol …
This relies on having a set of servers that must be accessed. Who runs the servers? If the attacker can become a server, then once they control 51% of those they can break the PoW
CFB: It's not that network-bound PoW that will be used in IoT environment. In IOTA ability of a node to occupy some range of the EM spectrum for some interval of time works as an anti-Sybil measure. Spectrum is a very scarce resource (@FCC can confirm that)...
Vitalik Buterin: Isn't this just incentivizing spamming the EM spectrum as a kind of 51% attack?
The fact that "legitimate" devices are probability constrained in amplitude by @FCC et al rules seems to make this problem even worse.
David: How are you proposing to spam the spectrum globally 24/7?
Vitalik: Not globally. Just locally, enough to spoof any individual device.
David: That doesn't disrupt the IOTA network though. I could take a radio jammer, or better a damn hammer and smash your IoT device to deny it service. That has no implication whatsoever on IOTA as a protocol.
Roman Semko: As long as the topography of the network is unpredictable, in what way is a higher PoW an advantage for the #iota #tangle attacker?
We are not on an outdated #blockchain technology with longest-chain argument here, mind you.
Vitalik: This is not about blockchains, this is about generalizeable results from BFT theory. BFT theory states that even with strong network synchrony assumptions, a 51% attack can break consensus.
Roman: A theory that supposes that you can efficiently use your PoW. Again, the topography matters. What do your lambo's horsepower matter if you're stuck in a rush hour?
Vitalik: "BFT theory" presupposes NOTHING about "PoW" or "topography", except that implied by the various synchrony assumptions.
Roman: Exactly! BTF presupposes NOTHING about topography, which is a crucial part for any attack (through higher PoW power or whatever you might come up with). The attacker's resources mean nothing if you cannot apply them effectively. "Heaven" and "Earth", as Sun Tzu said.
Paul Jensen: So, what is stopping me from running a million evil nodes and having a list of transactions that if I my nodes are called upon to validate, will say that the transaction is valid, when in reality it is invalid? Then I just spam the network with invalid transactions and wait?
Roman: Simple. Those transactions have to be valid as "real" nodes will verify them for validity. Otherwise your node will be dropped. Unless you are dumb enough to connect your wallet to an evil node, that feeds you with BS, this makes zero difference to the tangle.
And regarding spamming of the network with invalid data: Go ahead and try it. It was done before. Apart of strengthening the network, it had zero effect.
By Scott J - 20 Nov 2017
This is a great discussion, thanks for recording it here.
By Carpincho - 11 Jun 2018
Very nice conversation you had here =)
By longfld - 21 Jul 2018
Can someone help me by summery what is "Network-Bound-PoW" in a sentence?
network security provides in devices level?