Max Wright's thoughts on the Security threats of Delegated Proof of Stake and Bitshares
Backstory: I recently gave a presentation to the Vancouver Bitcoin meetup about an exciting new development in the crypto world called Delegated Proof of Stake and Bitshares. This was a practise run for me to fine tune the presentation before creating a high quality video to present to Success Council Members. I apologize for the terrible Video and Audio quality but if you are super interested you may wish to watch that presentation here.
This post is a response to a well thought out blog post by Piotr Piasecki - an attendee of my presentation - titled Thoughts on Delegated Proof of Stake and Bitshares.
Delegated Proof of Stake is consensus algorithm first presented by Dan Larimar in a white paper of the same name published April 3 2014.
Although not explicitly stated I suspect Piotr acknowledges the numerous benefits that a Delegated Proof of Stake system offers. The primary purpose of his article however is to further the discussion pertaining to the security of the DPOS system.
Does the DPOS protocol sacrifice security to achieve its numerous benefits?
That is the million-dollar question. Piotr raises a number of security concerns over the Delegated Proof of Stake algorithm and in this article I hope to address them.
Thank you Piotr in advance to for the time and considerable intellect you have thrown into this assessment.
It is important to note that this author is not claiming that DPOS is perfect. Likewise it is acknowledged that Proof of Work as used in the Bitcoin protocol and Proof of Stake are not perfect. No system is.
Through out this post we shall assess the threat levels as a direct comparison to the afore mentioned consensus algorithms.
In addition there are a number of attack vectors that Proof of work systems are more vulnerable to than DPOS systems. This post will not draw attention to these and simply address the concerns raised by Piotr.
Security threat #1 Coin Distribution
It is worth noting that the first implementation of DPOS is BitSharesX and it has not positioned it self as a currency or payment system like Bitcoin. It is the world’s first profit producing Decentralized Autonomous Company (DAC). Given this is its primary use it is perfectly fair that the creator be the 100% share holder. He need not give any of his company away and simply collect the profits himself.
But lets assume that in time, the creator does choose to sell or give away a small portion of his company. The market would have to factor into its price the centralization of power that stems from this. In this instance while still being a fair distribution of coins I think we can all agree that the market would be unwise to choose this DPOS chain as a general form of money because of its centralized nature.
If however a coin distribution method was used, that in the markets opinion created a high degree of decentralization, then it perhaps may be wise for the market to adopt this coin as a general everyday currency. This would be similar to using your Apple stock to buy your groceries. If the technology allowed that to be frictionless, inexpensive and anonymous, then why not?
Security threat #2 Paying for Mining
Not so much a security threat as it is a discussion of potential capital gain. In the short term it is true that a Miner/Laborer may hoard their wares waiting for a price to come up to where it is profitable for them to sell. However there is a finite amount of resources the Miner/Laborer will be willing to spend. Eventually the profitable Miner/Laborer will win out.
To paint a more dramatic picture; this is the equivalent of saying the poorly run business will continue to operate at a loss waiting for the market to pay more for their services, just because costs are high. In a competitive environment customers will just move toward the well-run business.
Security threat #3 DDOS on Delegates.
Lets take a look at how a DDOS attack might look at POW and DPOS and compare.
With regard to DPOS while delegates are known their IP addresses are not known publically. But lets assume that through some detective work their IP addresses were discovered.
If any number of 1 to 100 of the 101 delegates are simultaneously DDOS’d and they fail to mine blocks then they are quickly voted out and other delegates are voted in. With block times of 10 seconds a small interruption to the network is made as some confirmations take up to 1000 seconds (17 minutes) instead of 10 seconds. A disruption to be certain. But not fatal.
It is important to note that delegates can campaign on their ability to defend against DDOS attacks and thus are incentivized to defend against that. If this was a concern to the users (stakeholders) then that would certainly be an important selling point for a delegate.
But now lets suppose all delegates are DDOS’d. Now we have a problem that votes cannot be changed because the votes are cast in every transaction and transactions must be mined to acknowledge a change of vote.
This is a serious problem. In this instance all transactions would be unconfirmed for the duration of the successful attack. i.e.: Either the attacker runs out of resources or any one of the miners defends against the attack.
The stakeholders do have another choice. As a fail safe to defend against all manner of attacks users have the ability to hardfork with a single click in their wallets. Granted this is undesirable, but the philosophy here is through removing the barriers to hardforks you reduce the value of attacks because hardforks are so easy.
And the final consideration is that 101 delegates is just an arbitrary number. Stakeholders can choose to increase the number of delegates at any time. As the network grows this may prove prudent.
Before we get to how a DDOS attack might work on Bitcoin I would like to introduce an important concept.
A network is as secure as it is decentralized.
The more miners securing the network the less dependant on each miner the network is and therefore more robust.
As Bitcoin scales there is a clear trend toward centralization. In the very near future most people agree that giant purpose built water-cooled ASIC farms will be the norm.
Already Bitcoin is centralized to the point that with just 2 mining pools you can control 51% of the network. With just 4 ASIC chip manufacturers you can control 90%+ of production. And as we rapidly approach giant purpose built mining centers it is certainly conceivable that by controlling just 10 or so of these mining centers one could control 51% of the network.
DPOS proponents believe that the trend toward centralization is unavoidable and thus it is best to plan for it in advance rather than ignore it and hope it won’t happen
With this in mind DPOS proponents believe that at scale their system is inherently more decentralized and therefore more secure because 101 delegates is more than 2 mining pools, 4 chip manufacturers, and 10 mining centers. And if it were not, the DPOS DAC could simply add more delegates.
With that said lets return to how Bitcoin is affected by a DDOS.
Bitcoin is similar to DPOS systems in that the IP address of mining pools is not known. And as a result we have not seen a DDOS attack on the miners to date. All though not a likely event it is still worth discussing what would happen just in case.
One such attack could be against the mining pools. A sustained attack on the top 10 mining pools would at present knock out 80% of the mining power. In time miners could mine directly and avoid using a pool at all and the system would recover relatively quickly (hours or days), but during that time confirmations could take an hour each.
A big disruption. But not fatal.
Identifying and DDOS’ing 10 mining pools would however be an easier task than doing the same with 101 (or more) delegates in the DPOS system. Again a system is as secure as it is decentralized.
Another point of attack could be to DDOS the top 10 mining centers. Again the same challenges arise in identifying them. I think a similar outcome would be achieved as the DDOS attack on the mining pools. About 80% of the hashing power would be knocked out and block times could blow out to be an hour or more. However with this attack the miners may not be able to recover as quickly.
Again 10 mining centers is far more centralized that 101 delegates.
I think in both DPOS and POW systems delegates/miners/pools are heavily incentivized to defend against an unlikely DDOS attacks.
Security threat #4 Margin delegate coercion
This is a possible outcome, and because voters can vote for many delegates at once it is possible that large stake holders could “sell” their votes multiple times. Again we go back to the principle that a system is as secure as it is decentralized.
At this point we have to rely on the fact that a large stakeholder stands to lose far more by voting for an inadequate delegate that could ever be paid to him in bribes.
Where as a delegate position may profit say, $20,000 per year, a 5% stake holder could see their net position move in value by that much with a price increase of less than 0.1%.
While small amounts of corruption may move into the system, the incentives are still in place to eject poorly performing delegates quickly.
Making up numbers to illustrate the point; perhaps the 105th best delegate for the job does “bribe” a large stakeholder to displace the 101st, but it is unlikely that a large stakeholder would jeopardize their investment by voting in the 1000th best delegate (even if it was himself).
Also it is important to re-iterate that DPOS is positioned not as a currency but as a DAC. In the real world when shareholders vote for a board of directors the same corruption exists to the same extent.
Security threat #5 Some people just want to watch the fees burn
I think this argument appeals to the shortsightedness of the stakeholder. Would you rather own 100% of the dry-cleaners down the road or would you rather own 10% of Apple Inc? Both stake holders and delegates are motivated to grow the value of the tokens. Doing this means attracting more customers. Customers are always your boss in the free market. Great products at low prices are the key to everyone’s success. Jacking up the fees in a competitive market would be counter productive to all parties primary goals.
Security threat #6 Malicious wallets and services
Should one of these DAC’s become so successful that the market chooses to use their tokens as a currency then I agree that in time the Coinbase’s of the world will appear and it is true that they will be in control of the voting power of the tokens that they are in custodianship of.
The owners of the private keys retain the voting power however. So the Blockchain.info’s of the world do not represent a centralization of power in this case. However a Coinbase like company does.
This move toward centralization is a detraction for sure, but one that poses little threat. Minimal gains are available to a nefarious actor who seeks to take over a majority of delegates for the sake of double spends. Not to mention they are extremely transparent to the community, and would be devastating to not only the value of their double-spend gains but also to their business. Imagine a company like Coinbase throwing away their business and out casting themselves from the community for a silly short term gain.
The only way to be truly devastating to the DAC is for them to hold 51% of all tokens in existence. As with all proof of stake systems this is generally considered a very unlikely scenario.
Security threat #7 BitShares and lack of Gateway incentives
This is not a security threat and in this case not even specific to DPOS. This actually refers to the concept of BitAssets that are a feature of BitSharesX but not a feature of all DAC’s who choose to run on DPOS.
This is an interesting discussion point but for the sake of keeping this post limited to potential security threats of DPOS we will leave this for another day.
That is for you to decide. ;)
Does DPOS provide an increase or a decrease in security vulnerabilities compared to Proof of Work systems like Bitcoin?
Reserve Your Free Seat
(Live Event, Limited Seating)