惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Help Net Security
Help Net Security
C
Cybersecurity and Infrastructure Security Agency CISA
T
Threat Research - Cisco Blogs
K
Kaspersky official blog
NISL@THU
NISL@THU
S
Securelist
P
Privacy International News Feed
Simon Willison's Weblog
Simon Willison's Weblog
T
Troy Hunt's Blog
Last Week in AI
Last Week in AI
量子位
WordPress大学
WordPress大学
Y
Y Combinator Blog
GbyAI
GbyAI
T
Threatpost
S
Schneier on Security
C
Check Point Blog
B
Blog RSS Feed
S
Secure Thoughts
V
Vulnerabilities – Threatpost
A
Arctic Wolf
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
C
Cyber Attacks, Cyber Crime and Cyber Security
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
Latest news
Latest news
L
LINUX DO - 最新话题
Security Archives - TechRepublic
Security Archives - TechRepublic
博客园 - 【当耐特】
人人都是产品经理
人人都是产品经理
F
Fortinet All Blogs
Attack and Defense Labs
Attack and Defense Labs
博客园 - 三生石上(FineUI控件)
Hacker News: Ask HN
Hacker News: Ask HN
The GitHub Blog
The GitHub Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
The Register - Security
The Register - Security
U
Unit 42
L
LINUX DO - 热门话题
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
大猫的无限游戏
大猫的无限游戏
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
T
The Blog of Author Tim Ferriss
Google Online Security Blog
Google Online Security Blog
D
Docker
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
有赞技术团队
有赞技术团队
P
Proofpoint News Feed
D
DataBreaches.Net
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
S
Security Affairs

ashishb.net

A day in Luxembourg - the richest country in the world I was asked to install malware during a fake interview Book summary: Breakneck - China's quest to engineer the future by Dan Wang Book summary: How to Teach Your Baby to Read Book Summary: The Discontented Little Baby Book by Pamela Douglas Introducing Amazing Sandbox - run third-party tools and AI agents securely on your machine Why software outsourcing gets a bad reputation? Book summary: The Natural Baby Sleep Solution by Polly Moore A day in Antwerp, Belgium Journey of online influencers Two days in Brussels, Belgium Shortcuts - when we love them and when we don't A visit to Rakhigarhi Three days in overhyped Paris Empty Japan, crowded Tokyo The real lock-in in GitHub is not the code, but the stars 11-day Norwegian Breakaway East Caribbean cruise Sanskrit and Sri Lankan Air Force Use REST with Open API The Achilles heel of American capitalism Costa Rica in 4 days At a juice stall in Sri Lanka A short stay at Warsaw, Poland Best practices for using Python & uv inside Docker Two days in Vilnius, Lithuania How IntelliJ IDEs waste disk space Pregnancy Why there aren't many digital nomads from India Two days in Riga, Latvia To keep your machine secure, run third-party tools inside Docker Family Ties in Your DNA: Some relatives are closer than others Doctors per capita Two days in Tallinn, Estonia Ship tools as standalone static binaries Made in America Two days in Helsinki, Finland Maintaining an Android app is a lot of work The land of good deals Two days in Oslo, Norway FastAPI vs Flask performance comparison Google Search is losing to Perplexity Two days in Dublin, Ireland Continuous integration ≠ Continuous delivery World's simplest project success heuristic London in 5 days It is hard to recommend Python in production Inflation, IRS, Credit cards, and Vendors Temu and the Chinese approach Things to do in Miami Florida Revenue vs Cost Axis Language learning as an adult The unanchored babies of the green card limbo Price variance in the United States A day in Louisville, Kentucky A surprisingly positive experience with Air India Unhospitable Airports Android: Don't use stale views USA = Union of Sales and Advertisement A day in Nashville, Tennessee Minimize Javascript in your codebase A day in Birmingham, Alabama In defense of ad-supported products Real vs artificial world The science behind Punjabi singers Hiking Mt. Fuji The Indian startup bubble is insane Repairing database on the fly for millions of users Book Summary: One up on Wall Street by Peter Lynch It is hard to recommend Google Cloud At the Prague airport Kyoto in three days Migrating from WordPress to Hugo Book summary: Sick Societies by Robert B. Edgerton Statistical outcomes require statistical games Illegal immigrants to Europe via Cairo Tokyo in three days Mobs are Status Games Writing Script matters as much as the spoken language Sri Lanka in 5 days LLMs: great for business but bad business Book Summary: Safe Haven by Mark Spitznagel Mac shortcut for typing Avagraha symbol On a bus with an asylum seeker Nicaragua in 5 days When to commit Generated code to version control Why I always buy a local SIM in a foreign country Use Makefile for Android Four days in Guadalajara, Mexico Android Navigation: Up vs Back Hotels vs Airbnb vs Hostels Currency issues in Argentina Abstractions should be deep not wide Some data on podcasting Always support compressed response in an API service A day in El Calafate - Patagonia, Argentina Hermetic docker images with Hugging Face machine learning models American Elections The sound of "ch" API services should always have usage Limits Hiking in El Chaltén - trekking capital of Argentina
Stanford CS251: Lecture 8
Ashish Bhatia · 2019-04-01 · via ashishb.net

Lecture 8 - Alternative consensus

Puzzle solutions are probabilistic proof of work. A typical puzzle utilization function can be modeled as P(challenge, randomness - nonce, difficulty, …) -> true/false

P(c, r, d) for Bitcoin is SHA256^2(c, r, d) <= 2^256-d

There are many objections to this. It wastes resources on a meaningless computation, it is highly parallelizable and has returns of scale, randomness, long wait time between blocks, and leads to the creation of the mining pools. It is possible to redesign the system to make mining pools impossible but that would lead to only big players doing the mining. The centralized signing also eliminates all these issues and “private blockchain” is just a misnomer for a centralized blockchain.

Improvements (Cosigning)

  1. Cosigning in Ripple - consensus k out of n
  2. Cosigning in Stellar - arbitrary topology of who has to sign before something is trusted

Improvements (Block throughput)

BTC: one block every 10 mins Testnet: one block every 5 mins If block production rate is increased then there will be more forks leading to stale blocks. Current stale block rate is 1%. If the stale block rate increases, the cost of 51% attack goes down drastically. For example, if the stale block rate is 50% then the network efficiency is halved, so, a 51% attack only requires 33% of the network power to execute. Ethereum avoids this issue by using GHOST which not only includes the parent blocks but the uncle blocks as well. This allows Ethereum to have a block throughput of one block every 15 seconds.

Improvements ( Bitcoin-NG)

Between two majors blocks A and B signed by Ka and Kb, we can have micro blocks. 40% mining fee of each micro block will go to Ka and 60% to Kb. Due to some attack(???), Ka can only receive < 42% mining fee.

Features of SHA-256

  1. Anonymous
  2. Progress-free - Probability of success is linearly proportional to time and mining power invested. Note that SAH256-squared is not progress-free.
  3. Fast to verify
  4. Supports precise difficulty adjustments
  5. Compact specification

Improvements (ASIC-Resistance)

The eventual goal is to minimize advantage a custom ASIC has over a PC. There are a few possible approaches.

  1. Complex algorithms or advanced CPU instruction set - For example, X11 took 11 SHA-3 finalists and applies them in succession.
  2. Memory Hardness - ASICs cannot have too much memory. For example, Litecoin uses scrypt which references previously calculated values and requires a 16KB buffer. The worst part is that the verification is as slow as computation. Also, Litecoin ASIC mining advantage over Litecoin PC mining is higher than Bitcoin. An important problem is to come up with an algorithm which is memory-hard to compute but memory-easy to verify. Cuckoo hash works but is apparently broken.
  3. Moving target - Change the hash functions every few months. The question then remains is that who picks the new hash functions.

Do we want ASIC resistance

  1. ASIC miners, due to their investment, are most loyal to the crypto they are mining.
  2. ASIC resistant cryptocurrency can be attacked via botnets or rented resources on the cloud.

Improvements (Proof of Storage)

Store something useful like the library of Congress. (ashishb’s note: Filecoin came out later)

Improvements (Useful Proof of work)

Rather than do the SHA256 calculation, perform useful work like SETI@Home or Folding@Home. Not all solutions are equally likely though. An example is PrimeCoin, where the proof of work is to calculate Cunnigham chain, p1, p2, … pk, such that, pi = 2 * p(i-1) + 1. The goal is to find a chain whose length is determined by the difficulty level. p1 is composed of a value from the previous block and a nonce.

Improvements (Proof of stake)

Based on the stake one can vote on the blockchain. This can lead to oligopoly. Peercoin implements the proof of stake. H(c, r) <= 2^(256 - d - s) where s is the coin stake which consists of the sum of the coins with each coin holding being weighted by the time it was last use. So, a crypto puzzle is easier for someone who is sitting on the coins for a while.

Improvements (Proof of Deposit)

Choose a time to such that the fund movement is not allowed for the ti time frame, and then you are allowed to mine.

Nothing at stake problem

All vanilla proof of stake consensus suffers from nothing at stake problem. In case of proof of work, you can only mine on one chain at a time. In case of proof of stake, since no resources are involved, one can build on as many chains in parallel as possible. Slasher mechanisms have been designed to punish anyone caught doing this.

Improvements (Round-robin signing)

NXT coin uses this approach where a signer is elected every key block and can sign a set of blocks between the two key blocks. All signers have to be online and the new signer is the owner of the coin r such that r = H(H(b1) || H(b2) || H(b3) …). Chance of being a miner is proportional to how much you own. If you skip a signer, you lose money (???)

Improvements (Casper)

Casper is Ethereum’s planned proof of stake. There will be node validators who will put tickets on the fork. One fork will win and everyone else will lose money.