Steemit has been a waste of my time for most of the last 4 months. Thanks to @nextgencrypto for demonstrating why, and provoking me to learn exactly how.
Steemit has been a waste of my time for most of the last 4 months. Thanks to @nextgencrypto for demonstrating why, and provoking me to learn exactly how.
I see what you mean, it does seem a bit odd to use the head block time as the seed, and not hardware time or similar. I can't pretend to understand why they would have done that.
Is it because it must be deterministic across witnesses, and so can't actually be random at all?
That's right, it actually does have to be deterministic, to keep a deterministic schedule.
Not only that, what guarantee is there that any given witness has not altered this code with a whitelist and the witness can then use this information to time flood attacks or for that matter, knowing that a certain witness (or witnesses) will approve, because of altered code, invalid transactions? Given enough witnesses under your control (ie, special code added to them to privilege you), you can rewrite the chain as you wish.
Yeah, I guess any decentralised system has these kinds of issues though.
This is what Proof of Work specifically avoids. The Solidus protocol specifically uses PoW to select a 'committee' (like the witness set)
I am going to have to think about this, because it is an obvious and simple way to get past this problem.
I see. So it's a weakness of 'DPOS'?
It's exactly what Solidus has solved. Nothing is stopping me from using a PoW election to select the schedule. You can see easily enough that the algorithm in the code cannot be left how it is.
Will you not find one thousand things that need improvement though, and take one thousand days to rectify them? I get the feeling this is a recognised weakness of DPoS, but any PoW presumably opens other possible attack vectors. Not that I know much about any of this.