From a conversation in Komodo Discord on june 29, 2018
ProficieNt – @jl777 where can I read up on the difficulty algo related to notaries? because I’d imagine malicious notaries may be able to abuse their mining priviliges? Btw, how does the community veto / kick notaries? Can a vote be called?
jl777 – Notaries get to mine at easy diff once per 65 blocks. With 64 notaries there is room for some underperforming notaries, the annual election will sort that out a single notary couldnt really do much to abuse their mining, a 1.6% attack isn’t very strong. Certainly if all the notaries are compromised, then we have a problem. But a lot of notaries are known community members
ProficieNt – The ratio of notary mined blocks to standard is 3:1 but 64/65 blocks a notary will get a chance to mine one, how does that play out?
jl777 – The notaries add delayes to their mining where longer and longer random delays are added the loser the external mining percentage gets
ProficieNt – Is there a document on this algorithm? or something I could search for?
jl777 – A dishonest notary could get 20% more blocks, but they would be found out. The code is the documentation in this case:
if ( gpucount < 33 )
uint8_t tmpbuffer; uint32_t r; int32_t n=0; uint256 randvals; memcpy(&tmpbuffer[n],&My_notaryid,sizeof(My_notaryid)), n += sizeof(My_notaryid);
memcpy(&tmpbuffer[n],&Mining_height,sizeof(Mining_height)), n += sizeof(Mining_height);
memcpy(&tmpbuffer[n],&pblock->hashPrevBlock,sizeof(pblock->hashPrevBlock)), n += sizeof(pblock->hashPrevBlock);
pblock->nTime += (r % (33 – gpucount)(33 – gpucount));
ProficieNt – If honest notaries should be mining 1.17% of the blocks, you’re saying a dishonest notary could mine 1.4% of the blocks but it would be obvious to the public
jl777 – Yes all the notary statistics are closely monitored by the notaries, doing such things would disqualify a notary
ProficieNt – Okay and if someone, or a group of people, start abusing the network the community could hardfork? Or is there a protocol level way to kick notaries?
jl777 – If majority of notaries are compromised, a hardfork seems the only safe way to correct things
ProficieNt – If around 5 start performing selfish mining attacks and trying to gain more control? How could they be dealt with?
jl777 – Most notary operators are known community members. Loss of reputation would be a big loses, and wouldn’t it take closer to 20 notaries to do selfish mining? Unless you mean the 1.4% notary corruption is unlikely and in any case it is visible and correctable if the unlikely happens
ProficieNt – Correctable through a hard fork though?
jl777 – Yes, we have a scheduled annual hardfork and we use it to activate new consusus changes at the same time
ProficieNt – Okay, and if someone is caught buying votes they are disqualified through social consensus?
jl777 – Sometimes there is an in-between hardfork. It seems it is impossible to detect buying of votes. And if KMD holder wants to give his voting decision to someone else, that in a way is his decision. There are all sorts of doomsday theories how all the notaries will be planted zombies and such nonsense. The reality is that the community makes a serious decision about who the 64 are, as the last elections showed
ProficieNt – Okay, fair enough. How do assetchains pay for notarization? As I understand, that is currently a manual process?
jl777 – Yes, notaries need to get the coin being notarized and the KMD to cover the notarizing txfees (but not the BTC txfees that are already paid) and the notaries have to start running the coin, and then notarize it. There is no way to automate that, so it is necessarily a manual pricess
ProficieNt – I’m just wondering what the reason for requiring 13 notaries to reach consensus? Would it not be possible to let anyone notarize and it to just be a part of the normal mining process?
jl777 – Where is the incentive for them to notarize? Without a decent number notarizing how to know it is very likely the mainchain? Without knowing who the notaries are how would we know who is notarizing? And if they are not known then there is no reputation loss, to prevent playing games. So, yes it is possible, but we have a public election process, etc. not sure what is gained from anonymous random notarizers. It seem you are trying to make problems out of non-issues
ProficieNt – 1) To secure their chain of PoW, with SmartContracts you could attach a bounty to proving notarization.
2) Surely you can have individuals optionally run the Bitcoin blockchain. If someone tries to fake that Merkle tree, the nodes with the BTC chain can send a proof showing that the merkle was invalid and the others can ignore the previous notarization. (Not sure how this works but might help: https://blog.kyber.network/chain-relays-or-a-practical-approach-for-cross-chain-trades-d0d7003f266b)
3) We build systems that don’t need trust because they are more efficient and resilient. If you make notarization anonymous using incentives, you can support many more chains and without any middleman handling the money. Linking the Chains with BTC Relay: https://media.consensys.net/linking-the-chains-with-btc-relay-5ffd2c8248
jl777 – I thought BTC relay was discontinued, the daily cost of ETH txfee was $10,000+ or something like that. Nice theoretical solutions are nice, but until it is proven you can get regular BTC notarizations with miners upfronting the BTC and somehow coordinating with each other, it is unproven. Trusting BTC relay to exist is not any better
ProficieNt – Maybe not the BTC cost but from other assethains into KMD, that should be automated and can be done.
jl777 – Such enhancements are not prohibited and likely will be done
ProficieNt – And why do the miners need to coordinate?
jl777 – The BTC fees are the big hurdle. Will you trust a single anonymous notarizer? Doesn’t that open up a lot more minority attack vectors?
ProficieNt – You don’t trust anyone, you trust the BTC blockchain
jl777 – A losing fork can be notarized by a single miner? seems very weak
ProficieNt – Look, the problem with BTC is its slow so yes it’s not perfect but smaller coins into KMD, you should be able to anonymize and automate the process
jl777 – Any blockchain is always in flux, also we are believing that BTC tx, when it goes into the mempool, the odds of it not getting eventually confirmed are very small, though it is of course better when there isn’t a mempool backlog
ProficieNt – Okay, forget BTC. We are trying to make Komodo the best it can be, so it seems that automatic notarization on KMD is relatively straight forward and would be a big bonus to the network? It decreases a central reliance on notary nodes and makes the protocol more resilient
jl777 – Not sure it is relatively straight forward, but I would definitely consider such a pull request as long as there are no issues found by the anonymous and lack of N nodes in agreement
ProficieNt – where do you see problems? The main pre-requisite is a scripting language / smart contracts so these chains can manage their notarizations. The contract has a function submitNotarization() which takes a block header / proof as an argument. It has a second function submitChallenge() which lets someone challenge a previous submission by submitting a block that shows an earlier inclusion of the notarization TX. If they do this, the previous notarization is removed and the new notarization is accepted. That’s probably a naive SC implementation but you guys are the devs here so you tell me. @jl777 the current solution requires notaries to run every child chain, right?
jl777 – Yes
xRobeSx – @ProficieNt I’m not sure this helps, but I saw you mentioning everyone should be able to notarize. Technically anyone can setup a tier 2 Notary Node network and notarize whatever coins they wanna run to KMD. So technically you could run your own private NN’s to notarize your private assetchain to KMD for example. As for notarizing to BTC, as James said it’s very expensive so that’s why the KMD team covers paying the btc fees for the elected (tier 1) NN’s.
ProficieNt – @jl777 this will pose great scalability issues, issues that trustless notarization will solve. @xRobeSx but that mechanism still requires you to trust someone. Someone who probably isn’t as trustworthy as the current notaries. I’m suggesting a mechanism by which you trust no one, in the sense that anyone can be a notary and prove if someone is disingenuous, add a few economic incentives and you’ve got a highly scalable protocol
xRobeSx – I’m just saying in the scenario I just mentioned, you wouldn’t have to trust the notarization to KMD as you could do it yourself with your own NN’s. As for the KMD -> BTC notarization of the previous, you’d be trusting just the elected NN’s. I’m not trying to persuade your thinking, just bringing up another angle, as I don’t think many people realize there can be sub NN tiers
jl777 – This is all in the realm of possible, the subNN is not enabled yet, it is needing a bit more work
xRobeSx – Oh thanks for the clarification James. I thought it was possible and @SHossain was using a subNN to notarize the scaling chains
jl777 – It is called a notarizing testnet. For testing, not mainchain use (yet) but yes, the notarization group can be customized with an external JSON config file
ProficieNt – @xRobeSx are we building a blokchain or an SQL database? Why should my network participants trust me to solely manage notarization?
xRobeSx – I’m not saying just you. You could setup 1 private NN and maybe release documentation for anyone using your coin to notarize it? Maybe you could make the first assetchain that has decentralized notarizations