Albatross Security Considerations

#1

There was some really interesting discussion considering security in Albatross. I wanted to ensure a lot of it stays accessible for the future so I have archived some of the conversation to here, and encourage everyone to continue the conversation here (or to at least post every so often so major points that came up during the Discord conversation can be recorded).

EhssanD:

The point that I mentioned to Marvin is still valid in my opinion. They assume having 2/3 of honest validators in each Macro block cycle. The adversary nodes are in danger of losing their stake but if you can take down some of nodes with ddos or correlate with them so they don’t participate then you can stall the network with less than 1/3 of validators and the silent nodes won’t lose anything. Because there is no way to find that out systematically

Rob:

I don’t know exactly how this works, but can’t you make a lot of dishonest nodes (for the sake of participating and having a higher % chance to get picked) and make them disagree with honest ones?
Resulting in the system slashing honest players?

Albermonte:

You can still make a POS pool and have the 51% of coins

EhssanD:

You don’t need 51, you just need control of 34 % of validators in one round. That control does not mean owning those nodes necessarily. Assume we have 100 total validators in one round. The adversary owns only one node in this 100 list but there are other 33 nodes that are willing to be silent (or are down by any means) and do not participate in any sort of transaction. None of their security measures works in this situations. and the silent nodes will not lose their stake.

Talleyrand:

You can argue the same with PoW though, it would be easier to attack Nimiq as PoW than as PoS today(edited)
Only bitcoin and Ethereum can really argue to be really tough to attack right now
Imo if there is a discussion it should be on the economics because in terms of security Nimiq is de facto weak PoW wise

brantje:

Imo the problem with PoS is that it’s much harder for new people to join

‘EhssanD:’

I don’t see the relation between Nimiq current hashrate and the possible flaws in POS algorithm. Security is always a valid discussion and a major concern

‘Rob:’

Pos for macro blocks with a minimum stake
Pow for micro blocks for new players?

Marvin:

I think something interesting to consider is that the proposed 34% attack is only attacking liveness of the network, not security. You don’t earn anything from the network and its users if the network stops working, so incentive should be rather low. A 51% attack on PoW chains allow to break security (double spend).
If you own the 34% yourself, the attack is likely to damage your own asset as the value of the network will be affected by a larger downtime.
If you reach the 34% using DDoS, you also would be required to keep the DDoS running or the network will directly continue its operations. The easiest thing to do against such an attack is to have a backup node that can take over should the primary node go down. I would actually expect large owners to do exactly that.

1 Like