You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The safest way to check a Spend is to go back all the way to Genesis. But in a big/old network this becomes unpractical very quickly, what we have in place is that nodes before storing a Spend, check the parents of that Spend so with at least one honest node in a close group, we can make sure this spend has a valid parent. Now if we assume all close groups of parents all the way to genesis have at least 1 honest node, then recursively we know that a spend stored on the Network is valid, without the need to check any parent.
On the other hand, If we assume one of the close groups on the way is compromised (which is quite hard with Sybil), then that one group can craft a fake Spend, and then craft an infinite number of child spends coming from this one. Since honest nodes only check one parent, honest nodes too will get ‘infected’ by this corrupt branch and only back-to-genesis check will be trustworthy as increasing the amount of parent you check would just require the bad actors to lengthen this chain. If on the other hand, the nodes check 2 generations, then the attacker will need the close group of 2 generations! And so on and so forth.
Currently we only check one parent, assuming Sybil defense on a huge network makes the attack quite improbable. Once sybil is in place we will have to check those assumptions.
With sybil defence here, the probability of this attack being successful is highly reduced. And the bigger the network, the more it is reduced. Also, the more Spend generations network nodes (and clients) check, the harder it gets to do this attack.
So what we could do (and probably should do) is to scale the amount of parents nodes have to check depending on Network size (aka attack difficulty).
The smaller the Network (and easier the attack), the more parents we have to check recursively (thus making the attack harder).
The text was updated successfully, but these errors were encountered:
The safest way to check a Spend is to go back all the way to Genesis. But in a big/old network this becomes unpractical very quickly, what we have in place is that nodes before storing a Spend, check the parents of that Spend so with at least one honest node in a close group, we can make sure this spend has a valid parent. Now if we assume all close groups of parents all the way to genesis have at least 1 honest node, then recursively we know that a spend stored on the Network is valid, without the need to check any parent.
On the other hand, If we assume one of the close groups on the way is compromised (which is quite hard with Sybil), then that one group can craft a fake Spend, and then craft an infinite number of child spends coming from this one. Since honest nodes only check one parent, honest nodes too will get ‘infected’ by this corrupt branch and only back-to-genesis check will be trustworthy as increasing the amount of parent you check would just require the bad actors to lengthen this chain. If on the other hand, the nodes check 2 generations, then the attacker will need the close group of 2 generations! And so on and so forth.
Currently we only check one parent, assuming Sybil defense on a huge network makes the attack quite improbable. Once sybil is in place we will have to check those assumptions.
With sybil defence here, the probability of this attack being successful is highly reduced. And the bigger the network, the more it is reduced. Also, the more Spend generations network nodes (and clients) check, the harder it gets to do this attack.
So what we could do (and probably should do) is to scale the amount of parents nodes have to check depending on Network size (aka attack difficulty).
The smaller the Network (and easier the attack), the more parents we have to check recursively (thus making the attack harder).
The text was updated successfully, but these errors were encountered: