<chowbungaman:matrix.org> What do the devs think of Dr. K’s proposed POW improvement for Monero? Work shares. He is working on a PR.

<chowbungaman:matrix.org> x.com/douglastuman/status/196418301…05670?s=46&t=WeY1AyuT6Ir1FNBKKq_Beg

<privacyx> I read the paper about work share:- and I understood, Work shares don’t kill decentralization in Monero they can actually strengthen it. By forcing miners to reveal partial work, selfish-mining becomes unprofitable and small CPU miners get their fair share. The danger isn’t the idea, it’s the implementation: if shares ar [... too long, see mrelay.p2pool.observer/e/m67ntrIKMmxVd3BN ]

<privacyx> However, Dr. K or Quai documentation do not explicitly detail how they've addressed the traditional DoS risk, where attackers spam the network with worthless low-difficulty shares, so this issue still remains from days of fruits

<privacyx> he absence of documented DoS safeguards doesn't necessarily mean none exist I just didnt find anything

<kayabanerve:matrix.org> @chowbungaman:matrix.org: Without commentary on their improvement to PoW, I strongly disagree on their premise for PoW. They claim with PoS, the stakers have to let you in. That's true here too with PoW. The whole issue with Qubic is they're attempting to capture consensus and prevent people from joining. Yes, PoS can be captured, yet that isn't unique.

<antilt:we2.ee> ... that's why I proposed the Eigentrust family of algorithms as finality layer. Stake replaced by a reputation score which can not be bought with money but must be earned over a long period and can be slashed quickly. needs testing though.

chowbungaman: It would need a hard fork (paying rewards based on work shares rather than full blocks), so I don't think that can be deployed any time soon. It also brings performance problems.

Here is proposal that can be deployed as a soft fork (work shares are also mentioned): monero-project/research-lab #144

antilt: Anything reputation-based in susceptible to sybil attacks. Spinning up 1000s of malicious nodes costs next to nothing compared to PoW or PoS.

<antilt:we2.ee> tevador: i'll reference some papers. spinning up 1000s of nodes wont help an attacker IF a trusted startup state has been achieved. Thats a big IF, of course. not perfect, but a fresh angle.

<-888:matrix.org> hello

"trusted startup" doesn't sound very decentralized

<kayabanerve:matrix.org> I think here it simply means that you trust it was done correctly, e.g., that Monero isn't sybil'd right now when we transition to this new consensus mechanism

<kayabanerve:matrix.org> It sounds decentralized

<kayabanerve:matrix.org> It just also sounds incredibly stupid, ofc Monero has actors running tens or hundreds of nodes right now, who would be dumb enough to say otherwise

<antilt:we2.ee> tevador: its very similar to what we are doing with seed nodes or dns checkpoints. nlp.stanford.edu/pubs/eigentrust.pdf is the basic paper and has been developed further since. It introduces pre-trusted peers. note that "quality of files served" must be translated to "blocks delayed <k" or similar...

<antilt:we2.ee> ... in our context. Formula (5) of the paper shows the recursive filter, and Figure 6 shows the simulation results for reduction of malicous collectives.

<kayabanerve:matrix.org> Oh, then it isn't decentralized, my mistake

<antilt:we2.ee> pretty shure the results (reduction better than 50% for a super majority of malicous peers) are too optimistic, but have not looked in depth at the filter formula.

<antilt:we2.ee> @kayabanerve:matrix.org: it starts with pre-trusted peers (devs running nodes). It claims from then on, telescoping back, it can be decentralized without restrictions. Turns out we rely on devs running some things, too.

You can't compare that to seed nodes. You only need 1 honest seed node, the rest can be malicious.

Eigentrust doesn't seem to be designed for blockchain use. It says it's for p2p file sharing.

<chowbungaman:matrix.org> > <@kayabanerve:matrix.org> @chowbungaman:matrix.org: Without commentary on their improvement to PoW, I strongly disagree on their premise for PoW. They claim with PoS, the stakers have to let you in. That's true here too with PoW. The whole issue with Qubic is they're attempting to capture consensus and prevent people from joining. Yes, PoS can be captured, yet that isn't unique.

<chowbungaman:matrix.org> So what is your take then on the concept itself? Work Shares, as an improvement to Monero’s pow.

<kayabanerve:matrix.org> That improvements to PoW don't really matter if it still will be less secure* than PoS, and isn't where I'd be effective contributing commentary regardless of my interest.

<kayabanerve:matrix.org> The asterisk is solely about how we're discussing security and decentralization as two different things, when they really aren't. The reason we want decentralization is for liveness and censorship resistance. I am at the point I believe PoS will provide a more secure, live, and censorship resistant system than the current PoW.

<kayabanerve:matrix.org> If the universe had objective truth and we had a genie who spoke it, and we were sure the genie did, we wouldn't ask for 100 more genies. We use decentralization so that even if some genies lie, we can obtain the truth so long as we trust enough genies to be honest.

<antilt:we2.ee> tevador: you didn't read my comments before. The idea is more about automated scoring based on objective metrics, not about human trust, btw. If you don't like the idea thats ok.

so what would be the objective metrics, besides "time a public node has been online"?

I just don't think it can work really. I don't see how it prevents sybil attacks. The Eigentrust paper doesn't explain at all how it would work in a blockchain setting.

even for "P2P file sharing networks", it's a very bizarre paper

<antilt:we2.ee> tevador: well, I share your doubts about the resistance to sybil attacks. I think they are too optimistic. The extension to blockchain - at least layer2's - has been proposed in following papers. Anyway, the metrics would have to be adopted for digital currencies, which requires a bit of creativity

<antilt:we2.ee> Anyhow, it seems likely that both fork rules will change and a finality layer will be introduced.