On 2014-05-13 16:55, Bill Broadley wrote:
Trusting 3rd parties on reputation is problematic. But if you publish 5
non-existent torrents and 5 real torrents you should have a good idea on
which clients are faking it.
Reputation is the hard problem.
Assume a protocol where if everyone plays by the rules, everyone is
better off.
But new identities are cheap or free, so people can violate the rules in
various ways that are to their advantage, or perhaps they are just
making a denial of service attack, don't want the protocol to work.
Make identities difficult or impossible to fake, so that even if they
are cheap or free, someone who claims to be the same entity as last time
must genuinely be the same entity as last time.
Keep a list of all entities that you have interacted with, who appeared
to be following the protocol correctly, and who benefited you by
following the protocol.
conversely, keep a list of bad guys, but this will not be much use since
the real bad guys will manufacture lots of new identities very rapidly.
Of entities that you had beneficial interaction with, ask them who they
had beneficial interaction with.
The more direct your connection - you got a lot of benefit from A, so A
has a good rep in your database. A got a lot of benefit from B, so B
has a good rep in your database, but necessarily less than A. B got a
lot of benefit from C, so C has a good rep in your database, but
necessarily considerably less than B.
But, chances are, that for sufficiently indirect connections, you will
be connected to them by multiple chains, and such multiple
recommendations are allowed to add up.
However, suppose you get a benefit from A1 following the protocol, and
A1 recommends A2, A3, A4, .... A100000000. Further, each of these also
recommend each of the others. A2 recommends A1, A3, A4 ... A100000000.
You don't want this to inflate reputations to unreasonable levels.
Your only direct knowledge of this entire network is that A1 appears to
be a good guy. Then your algorithm for granting reputation through
indirect knowledge should be such that everyone in the entire A1 ...
A100000000 network gets no more reputation than A1 would have, perhaps less.
You wind up with a quite large list of known good guys
However if you interact with several members of the A1 ... A100000000
network, and they are all good, then the entire network A1 ...
A100000000 should have as good a reputation as if all those interactions
had been with a single identity - everyone in the mutually recommending
network should get the same reputation as single entity would if all
your interactions with the mutually recommending network had been with
single entity.
_______________________________________________
p2p-hackers mailing list
[email protected]
http://lists.zooko.com/mailman/listinfo/p2p-hackers