A Successful Attack of Hybrid Casper Costs 1.67 Million Eth, $1.4 Billion, Says Vitalik Buterin – Trustnodes

A Successful Attack of Hybrid Casper Costs 1.67 Million Eth, $1.4 Billion, Says Vitalik Buterin


Stakers in hybrid casper are expected to receive a yearly interest rate of 5%, with punishment ranging from 1% to 100%, while withdrawals take four months according to a presentation by Vitalik Buterin, Ethereum’s co-founder, at Edcon.

Addressing the final details of Hybrid Casper, which has been in testing for some time and might go out in 2-3 months, Buterin said the process for end users would be as simple as clicking deposit.

There are a number of considerations, however, in an interesting and somewhat complex crypto-economics system that punishes centralization.

Eth staking rewards and penalties.

Going offline there doesn’t seem to mean experiencing an internet disconnection for say five minutes, but more being offline for half of the staking time or for 2/3rds of the time.

Just how much you’d lose or gain if you go offline depends on others. If everyone else stays online practically all the time, then you can go offline half of the time and still gain interest. If 2/3rd stay online, then you need to stay online 2/3rds of the time as well.

Larger pools are more dangerous because the system is designed to severely punish misbehavior if others are misbehaving at the same time and to be a lot more lenient if it is just you misbehaving either intentionally or unintentionally.

That means if your node gets hacked, or if your vpn gets hacked, or if your disc gets corrupted or whatever unforeseeable extremely rare event, and it causes only you to misbehave, then you lose “just” 2%.

If, however, others are misbehaving at the same time, then the penalties can go up very quickly. So if it’s 1% of others that are misbehaving with you, then you have 3 x 1 + 2 = 5% penalty. If it is 10% of others, then 3 x 10 + 2 = 32%.

That’s because of quadratic leaking, or the coolest graph in Casper. The system is designed to protect the system, with 1/3 here being a key number.

That’s basically the system re-adjusting itself, discarding the misbehaviors by slowly not counting them until the behaving eth return to 100% and the chain starts finalizing again.

So, if we understand this correctly, then that 1.67 million misbehaving eth is in effect slashed and the system turns back to running as if nothing happened. Which means the “successful” part of the attack would only be temporary.

That’s what not voting correctly means. This wouldn’t happen by itself, the node software behaves very well. So it would only happened if you hack the node and make it misbehave, or in extreme cases cosmic rays give you a corrupt disk and reference an earlier source because they do not know of the later ones.

If it is just you not voting correctly, than it isn’t fine, but it’s sort of meh. If however others are in failure mode too and misbehaving then it could start hurting pretty quickly.

That’s a simplified table to show that much depends on not just you, but on others too. So, when designing your staking system, you want to choose the least popular pool, or vps provider, or operating system, etc.

The point of all this is to get interest. Just how much would also depend on others. If it is 2.5 million eth staking, then it would be around 10%. If 10 million are staking, then it’s 5%, if 40 million then it’s 2.5%.

Some 1,500 eth are initially required to stake, making pools pretty much necessary. But while in Proof of Work there is an advantage in being in a big pool as it lowers variance, in Proof of Stake you’d rather be in a pool that is preferably 1,500 eth in total if our consideration of all factors is indeed correct.

That initial stake requirement will change however, and will be brought down to 32 eth once sharding goes live.

That’s to be expected soon-ish. Around 12-18 months optimistically. Earlier than that would be surprising. While if not out by 2020 we’ll reeee, unless some good reason.

Once you’re finished staking, you then have to wait another 4 months before you can actually have back the deposit and interest.

That is somewhat similar to Proof of Work requirements in bitcoin where you have to wait 3 months before you can spend block rewards.

The reason in eth is so that if you misbehaved, you can’t just quickly withdraw and run off. You’r stuck in the system for the next 4 months.

Likewise, it takes some time to log off, and the reason for that is also to bind you into the system. So if there is an attack on-going, you can’t just run off and leave only good will samaritans to fight. You have to instead stand up for eth and defend it with your deposit.

That’s why you get paid. It’s not a charity endeavor. It’s reward for providing security. That means there can be risks, but why someone would want to burn $1.4 billion for some temporary downtime, who is to know.

Copyrights Trustnodes.com


Comments (2)

  1. The amount of penalties will depend on the severity of the validators’ faults and can reach 100 percent.

    So you can lose all your money, nice scam.

Leave a Reply

Your email address will not be published.

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>