Consensus on the list of delegates

[sschechter]

Are you trying to figure out how to hack the network? Just read the source if so?

Reading the source won't help much because I can't get the idea. Common sense says that if a government controls election process then this government can't be voted-out if it doesn't want this. In the real world we have separation of powers. What do we have in BitShares to avoid abuse of power? I already knew that the shareholders can fire delegates, bad thing is that they have to do it only with help of these delegates and the delegates may refuse to do so by pretending that they don't see voting-out transactions.

In the BitShares world, delegates are not government representatives, they are employees of a company. If your scenario happens, what is the actual harm done?

[liondani]

You can try out several attacks very cheaply on DevShares 

Sent from my ALCATEL ONE TOUCH 997D

[Troglodactyl]

But it won't be, because every time an honest delegate's turn comes around, the votes will be included and the longest chain will be an honest chain again.

Blocks of honest delegates will be excluded completely. Bitcoin Selfish Mining attack uses exactly the same trick.

Sure, they'll be excluded from confirmation in the hostile chain, but they'll still be the leaf blocks in that chain after every honest delegate turn.  Each such honest leaf block can include votes that replace the hostile delegates and heal the chain.

[Come-from-Beyond]

Are you trying to figure out how to hack the network? Just read the source if so?

Reading the source won't help much because I can't get the idea. Common sense says that if a government controls election process then this government can't be voted-out if it doesn't want this. In the real world we have separation of powers. What do we have in BitShares to avoid abuse of power? I already knew that the shareholders can fire delegates, bad thing is that they have to do it only with help of these delegates and the delegates may refuse to do so by pretending that they don't see voting-out transactions.

[Come-from-Beyond]

If we come to the problem from another side...

Let's assume that 20 honest delegate is indeed enough to outweigh the other 81 ones. Then we should agree that in situation when 61 delegates vote for no change, 20 delegates vote for scenario A and 20 delegates vote for scenario B we will be completely confused what branch to follow - A or B. Hence this can be used to fragment the network. It's so obvious that I can't even provide a formal proof (trivial things are very hard to prove).

[jsidhu]

Are you trying to figure out how to hack the network? Just read the source if so?

[Come-from-Beyond]

But it won't be, because every time an honest delegate's turn comes around, the votes will be included and the longest chain will be an honest chain again.

Blocks of honest delegates will be excluded completely. Bitcoin Selfish Mining attack uses exactly the same trick.

[sschechter]

So then what would be the point of doing all this?

The point is just to show that power that controls election will stay on the top forever. This is what we observe in a lot of dictatorship countries where elections are faked.

BitShares is like a company, not a country. In you're hostile takeover scenario, the result would be that no new employees can be hired, unless they have the approval of the existing employers.  In your nightmare scenario, BitShares becomes like every other company on the planet. I think I'll manage to sleep ok.

[sschechter]

Then users will swarm the boards wondering why their transactions went through.  The community will discover they've been attacked, and will roll back / fork the network to vote in a new set of delegates.  The attackers attack will have been for naught.  Short term, this attack will give BitShares a minor black eye, but long term it will show how resilient the network is and there will be no more incentives to perform this attack again.

This won't work for DACs. They can't read forums. A good solution ought to be automatic.

Already addressed by a previous post:

"BitShares always has a back up plan in case of the unpredictable black swan, but it doesn't waste time squabbling about optimizing the effectiveness of plans that are unlikely to ever be needed."

"Its why we will make the money while those chasing perfection will end up teaching university courses. "

You opinion of what is a 'good' solution is just your opinion, based on a theoretical assumption that a DAC can't have human intervention.  As a practical solution, I think my solution is great, and it kills the incentive for such an EXTREMELY improbable attack.

[xeroc]

How about a penalty for delegates not including transactions that the network has seen for 30 secs and are valid? Penalty would be to deny 2-10 rounds of payment.
Would that help in this case?

This would be difficult to implement and is unnecessary. Ignoring legitimate blocks makes your chain shorter than including them does...

I am not talking about invalidating blocks .. but reducing the pay if a transaction was excluded by you.

Delegates can identify if you misses to include a tx ... if i reveice a tx and construct a block containg it although i received the tx 30secs ago already.. coulsn't i assume the previous 1 or 2 delegatea have received them to?

Sure, numbers have to be optimized..

[Troglodactyl]

So then what would be the point of doing all this?

The point is just to show that power that controls election will stay on the top forever. This is what we observe in a lot of dictatorship countries where elections are faked.

Nicely derived argument.

Except that the delegates can't falsify votes, and thus don't actually control the election. They can't even conceal the existence of the votes. They can only exclude them from their blocks.

[cube]

So then what would be the point of doing all this?

The point is just to show that power that controls election will stay on the top forever. This is what we observe in a lot of dictatorship countries where elections are faked.

Nicely derived argument. 

[Troglodactyl]

Ignoring legitimate blocks makes your chain shorter than including them does...

It's fine as long as your chain is still the longest.

But it won't be, because every time an honest delegate's turn comes around, the votes will be included and the longest chain will be an honest chain again.

[Come-from-Beyond]

Ignoring legitimate blocks makes your chain shorter than including them does...

It's fine as long as your chain is still the longest.

[Troglodactyl]

How about a penalty for delegates not including transactions that the network has seen for 30 secs and are valid? Penalty would be to deny 2-10 rounds of payment.
Would that help in this case?

This would be difficult to implement and is unnecessary. Ignoring legitimate blocks makes your chain shorter than including them does...