RE: Blockchain Update: Platform Independent State Files by smooth

View this thread on: hive.blog | peakd.com | ecency.com

Viewing a response to: @steemitblog/blockchain-update-platform-independent-state-files

steem · @smooth · Oct 3 '19 (edited)

$0.18

Platform independent state files should be signed by whomever is claiming they are a valid record of the blockchain state, and/or potentially signed by consensus witnesses, possibly with the valid state checksum committed to the chain itself (which process would then constitute signing by consensus witnesses to the extent the recorded commitment is validated).

Just throwing these files around without accountability is dangerous as it leaves open the potential of everyone being too cheap or lazy to do their own verification, just copying the file and leaving the hard work to "someone else", with a malicious or accidentally incorrect state file spreading widely through mere replication. Comparing checksums doesn't help with that.

👍 timcliff, smooth, ilyasse

`author`	smooth
`permlink`	pytohr
`category`	steem
`json_metadata`	{"app":"steemit/0.1"}
`created`	2019-10-03 23:41:54
`last_update`	2019-10-03 23:45:12
`depth`	1
`children`	4
`last_payout`	2019-10-10 23:41:54
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.094 HBD
`curator_payout_value`	0.087 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	738
`author_reputation`	260,341,674,014,643
`root_title`	"Blockchain Update: Platform Independent State Files"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	91,204,177
`net_rshares`	917,848,845,044
`author_curate_reward`	""

properties (23)vote details (3)

voter	rshares	pct
smooth	301,079,229,878	1%
timcliff	616,618,216,751	81%
ilyasse	151,398,415	100%

@arifcorlu · Oct 7 '19

This is very nice

properties (22)

`author`	arifcorlu
`permlink`	pz0vbd
`category`	steem
`json_metadata`	{"app":"steemit/0.1"}
`created`	2019-10-07 20:52:27
`last_update`	2019-10-07 20:52:27
`depth`	2
`children`	0
`last_payout`	2019-10-14 20:52:27
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	17
`author_reputation`	13,456,483,786
`root_title`	"Blockchain Update: Platform Independent State Files"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	91,328,531
`net_rshares`	0

@mysearchisover · Oct 6 '19

Please help verify how #realsteem works. I sent 1 Steem to Booster. 
Feel free to help verify how #realsteem works.
https://steemit.com/steemleader/@mysearchisover/steemleader-abuse-stats-140790-23-638

properties (22)

`author`	mysearchisover
`permlink`	pyyx90
`category`	steem
`json_metadata`	{"tags":["realsteem"],"links":["https://steemit.com/steemleader/@mysearchisover/steemleader-abuse-stats-140790-23-638"],"app":"steemit/0.1"}
`created`	2019-10-06 19:39:03
`last_update`	2019-10-06 19:39:03
`depth`	2
`children`	0
`last_payout`	2019-10-13 19:39:03
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.000 HBD
`curator_payout_value`	0.000 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	201
`author_reputation`	106,037,311,868,398
`root_title`	"Blockchain Update: Platform Independent State Files"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	91,292,437
`net_rshares`	0

@sneak · Oct 5 '19

$0.06

> Just throwing these files around without accountability is dangerous as it leaves open the potential of everyone being too cheap or lazy to do their own verification

I think perhaps the threat model here is overblown.  Releasing them with simple CS hashes is fine, IMO.

👍 smooth

`author`	sneak
`permlink`	pywo6h
`category`	steem
`json_metadata`	{"app":"steemit/0.1"}
`created`	2019-10-05 14:27:54
`last_update`	2019-10-05 14:27:54
`depth`	2
`children`	1
`last_payout`	2019-10-12 14:27:54
`cashout_time`	1969-12-31 23:59:59
`total_payout_value`	0.029 HBD
`curator_payout_value`	0.029 HBD
`pending_payout_value`	0.000 HBD
`promoted`	0.000 HBD
`body_length`	272
`author_reputation`	28,694,344,106,492
`root_title`	"Blockchain Update: Platform Independent State Files"
`beneficiaries`	`[]`
`max_accepted_payout`	1,000,000.000 HBD
`percent_hbd`	10,000
`post_id`	91,254,374
`net_rshares`	306,730,003,712
`author_curate_reward`	""

properties (23)vote details (1)

voter	weight	wgt%	rshares	pct	time
smooth	0 B		306,730,003,712	1%

@smooth · Oct 5 '19 (edited)

We've already had (and possibly still have), I believe a majority or close to it of top witnesses (and certainly at least the 1/3 required break BFT) run by a single person because of outsourcing (witness as a service). Still others rely on a packaged software (and chain data?) distribution from this same person without doing any real validation of the contents of it beyond checksum to guard against download failure. It is hard to overstate the hazards that come from people taking the easy path when given the choice.

I would not at all rule out that a majority of witnesses could (mostly with good intentions) grab an erroneous or malicious state file, copy from each other (checksums check out!) and start running consensus on top of it without ever verifying it. At that point, the erroneous or malicious state mutation either becomes consensus or will need to be rolled back, both being very damaging to the credibility of the chain. This only needs to  happen once, ever, to have potentially catastrophic consequences. A example of a situation where I could particularly see this happening is under pressure to recover quickly from a chain halt.

properties (22)