Good morning all,

A thing I just realized about Braidpool is that the payout server is still a 
single central point-of-failure.

Although the paper claims to use Tor hidden service to protect against DDoS 
attacks, its centrality still cannot protect against sheer accident.
What happens if some clumsy human (all humans are clumsy, right?) fumbles the 
cables in the datacenter the hub is hosted in?
What happens if the country the datacenter is in is plunged into war or 
anarchy, because you humans love war and chaos so much?
What happens if Zeus has a random affair (like all those other times), Hera 
gets angry, and they get into a domestic, and then a random thrown lightning 
bolt hits the datacenter the hub is in?

The paper relies on economic arguments ("such an action will end the pool and 
the stream of future profits for the hub"), but economic arguments tend to be a 
lot less powerful in a monopoly, and the hub effectively has a monopoly on all 
Braidpool miners.
Hashers might be willing to tolerate minor peccadilloes of the hub, simply to 
let the pool continue (their other choices would be even worse).

So it seems to me that it would still be nicer, if it were at all possible, to 
use multiple hubs.
I am uncertain how easily this can be done.

Perhaps a Lightning model can be considered.
Multiple hubs may exist which offer liquidity to the Braidpool network, hashers 
measure uptime and timeliness of payouts, and the winning hasher elects one of 
the hubs.
The hub gets paid on the coinbase, and should send payouts, minus fees, on the 
LN to the miners.

However, this probably complicates the design too much, and it may be more 
beneficial to get *something* working now.
Let not the perfect be the enemy of the good.

Regards,
ZmnSCPxj
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

Reply via email to