EvilDave



Offline



Activity: 854

Merit: 1000









Hero MemberActivity: 854Merit: 1000 [NXT] Vitalik B. confirms the NXT algo is secure. April 06, 2015, 10:22:55 PM #1



Notes on Scalable Blockchain Protocols (v 0.0.2)



Pages 10 and 11 are interesting for NXT:



Quote Example 3.0.2. The cryptoeconomically secure entropy source used in

NXT[16] is defined recursively as follows:

E(G) = 0



Quote Lemma 3.0.3. The NXT algorithm described above satisfies the conditions

for being a cryptoeconomically secure entropy source.

Proof. To prove unpredictability, we note that the NXT blockchain pro-

duces a block every minute, and so the update



I must admit that most of this paper (and all of its math) go straight over my head, but VB does seem to regard Nxt as being 'cryptoeconomically secure' which sounds like a good thing to me.... anyone got any more expert input on this paper and it's implications for NXT ?

Just taken a look at Vitalik Buterins latest paper, which contains a couple of pages devoted to NXT and its algo:Pages 10 and 11 are interesting for NXT:I must admit that most of this paper (and all of its math) go straight over my head, but VB does seem to regard Nxt as being 'cryptoeconomically secure' which sounds like a good thing to me.... anyone got any more expert input on this paper and it's implications for NXT ? Nulli Dei, nulli Reges, solum NXT

Love your money: www.nxt.org www.ardorplatform.org

www.nxter.org www.nxtfoundation.org

AWARD-WINNING

CASINO CRYPTO EXCLUSIVE

CLUBHOUSE 1500+

GAMES 2 MIN

CASH-OUTS 24/7

SUPPORT 100s OF

FREE SPINS PLAY NOW vertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertised sites are not endorsed bytheBitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.

Daedelus



Offline



Activity: 574

Merit: 500









Hero MemberActivity: 574Merit: 500 Re: [NXT] Vitalik B. confirms the NXT algo is secure. April 06, 2015, 10:39:46 PM #2



Quote from: jl777 on April 06, 2015, 10:29:54 PM Lemma 3.0.3. The NXT algorithm described above satisfies the conditions

for being a cryptoeconomically secure entropy source.



Proof. To prove unpredictability, we note that the NXT blockchain produces

a block every minute, and so the update v ← sha256(v, V (β)) takes

place once a minute. During each round of updating, there is a probability

1 − po(60) that the primary signer will be online, and po(60) that the

signer will be offline and thus a secondary signer will need to produce the

block. Hence, after 1

−log(po(60)) blocks, there is a probability p ≈

1

2

that the

resulting value will be the default value obtained from updating v with

the primary signers public keys at each block, and a p ≈

1

2

probability that

the resulting value will be different. We model 512 iterations of this process

as a tree, with all leaves being probability distributions over sequences

of 512 public keys of signers, where all probability distributions are disjoint

(ie. no sequence appears with probability greater than zero in multiple

leaves). By random-oracle assumption of sha256, we thus know that we have

a set of 2512 independently randomly sampled probability distributions from

{0, 1}

256, and so each value will be selected an expected {0, 1}

256 times, with

standard deviation 2128. Hence, the probability distribution is statistically

indistinguishable from a random distribution.

To show that the first uninfluenceability criterion holds true, note that

the only way to manipulate the result is for the block proposer to disappear,

leading to another proposer taking over. However, this action is costly for

the proposer as the proposer loses a block reward. The optimal strategy

is to disappear with probability 0 < q <= 1 only when the predicate will

be unsatisfied with the proposer participating but will be satisfied with

the next proposer partipating; if a predicate has probability p this entails

disappearing p ∗ (1 − p) ∗ q of the time, meaning that the predicate will be

satisfied p + p ∗ (1 − p) ∗ q of the time instead of p of the time, a probability

increment of p∗(1−p)∗q will have a cost of p∗(1−p)∗q∗R if R is the signing

reward (whose real value is proportional to the quantity of transaction fees, a

reasonable metric of economic activity). Hence, the desired condition holds

true with b = 1.

To show that the second uninfluenceability criterion holds true, note that

when one is not the signer, one has no influence on the entropy, and when

one is the signer one has the ability to not sign and instead defer to the

next signer. Hence, an attacker controlling 1

k

of all signing slots will be able

to defer to the second signer 1

k

of the time, to the third signer 1

k

2 of the

time (by being in the first two slots simultaneously), etc, so in total such an

attacker will on average be able to choose between 1 + 1

k−1

values and thus

multiply the probability of a desired predicate by a factor of 1 + 1

k−1

. If the

attacker controls 1

3

of all signing slots, the result will thus be increasing the

probablity by a factor of 3

2

.



***********

it seems vitalik made a proof about NXT algo

None techies, just read the last line for explanation

Daedelus



Offline



Activity: 574

Merit: 500









Hero MemberActivity: 574Merit: 500 Re: [NXT] Vitalik B. confirms the NXT algo is secure. April 07, 2015, 10:09:16 AM #12



Quote from: Come-from-Beyond on April 06, 2015, 08:55:11 PM Quote from: gs02xzz on April 06, 2015, 08:23:43 PM



Quote Example 3.0.2. The cryptoeconomically secure entropy source used in NXT[16] is dened recursively as follows:

E(G) = 0

E( +) = sha256(E()+V ()) where V () is the block proposer of

.

Assumption 3.1. For any time internal I, there exists some xed probabil-ity po(I) such that a node randomly selected according to the weight functionused to measure a cryptoeconomic state machine's Byzantine fault tolerancecan be expected to be oine for at least the next I seconds starting from anyparticular point in time with at least probability po.Note. We can derive the above assumption from an altruism assumption bysimply stating in the protocol that nodes \should" randomly drop oinewith low probability; however, in practice it is simpler and cleaner to relyonly on natural faults.Note. Combining the two uninuenceability criteria into one (\it is impos-

sible to increase the probability of P from p to p (1+k) without expendingat least b L k resources") is likely very dicult; it is hard to avoid having

ways to cheaply multiply the probability of low-probability predicates byonly acting when you are sure that your action will have an inuence on theresult.

......



Lemma 3.0.3. The NXT algorithm described above satises the conditionsfor being a cryptoeconomically secure entropy source.Proof. To prove unpredictability, we note that the NXT blockchain pro-duces a block every minute, and so the update v sha256(v; V ()) takesplace once a minute. During each round of updating, there is a probabil-ity 1 ...........

In the paper - https://raw.githubusercontent.com/vbuterin/scalability_paper/master/scalability.pdf , the authors used Nxt algo as an example. It seems a confirmation of Nxt security (But I am not a expert)

BCNext's idea not to provide the whitepaper to force an independent analysis has finally worked. Good, now this page can be turned.

BCNext's idea not to provide the whitepaper to force ananalysis has finally worked. Good, now this page can be turned. Come-from-Beyond seems satisfied too