Limitation of the node generating balance by the percentage of own invested funds

We all know that LPOS allows pools to run a node without their own resources. You can own a node with a million balance, and get almost all the blocks without having their own investments in Waves. Previously, it was proposed (by c1oud) to make mandatory ownership (for example) of 10% from the total node funds. The question is how to do it without getting rid of the function of leasing coins to yourself, which greatly increases the security of the node. I propose a technical solution to this problem.

Given: Supposing we have 2 addresses: A - node address, B - address with balance. You need to lease coins from the address B to the address A in such a way that address A identifies these coins as coins of the node owner. It is obvious that the only way to identify yourself as the owner of address B is to know its seed.

Solution: in order that address A identifies the node owner in address B, you should associate these two addresses with labels denoting their belongings to the same owner. As a label, you can use the presence of a special new type of transaction in the history of address A (let’s call it “ricochet”). To initialize the ricochet transaction, the owner of address B must enter the seed from address A in the data entry field. Then address B will be charged to the fee and to the address A N-th number of coins Waves is sent, which is then sent back to the address B (without fee), and finally, from the address B the same N-th number of coins is leased to the address A. The Presence of the incoming transaction " ricochet " from address B in the history of address A allows you to be sure that the seeds for both addresses A and B are known for just one owner, creator of transaction “ricochet”. This will rule out collusion with the owners of addresses A and B.

Further, it becomes possible to use the N number of Waves (participating in the transaction “ricochet”) to calculate limitations of the generating balance according to the formula: GeneratingBalance = min (Balance, N*10);

PS Of course, it is not necessary to send the entire generating balance from one address to another, you can just do a special new type of leasing, the initialization of which requires the seed from the pool address. But, as far as I can judge, only the real movement of the whole balance can guarantee the security of the algorithm.

2 Likes

Yea some time ago I proposed idea of limiting number of lease-able waves to the generator address with accordance of generator own balance. And I still do believe it will help with better decentralization of the network. At that time the idea was just to set maximum limit of lease-able waves with some coefficient (ie 10 times more) but now i believe that lease-able amount should be limited for high end own balances as well in discontinued approach:
every generator address can receive 100k of waves leased without any limitations.
100k own waves - max leased lease 1m waves (where for 1 waves you can have 10 leased waves)
next 100k waves - max leased amount is 1.1m waves form previous 100k own waves and base 100k leaseble waves + 500k waves (where for 1 waves you can have 5 leased waves)
next 300k waves - max leased amount is 1.6m waves from previous 200k own waves + 900k waves (where for 1 waves you can have 3 leased waves)
next 500k waves - max leased amount is 2.5m waves from previous 500k own waves + 1M waves (where for 1 waves you can have 2 leased waves)
and if own waves balance is 1M+ then for every own wave after total balance of 1M you can get 1 leased waves.

So that means that with your own 1M waves balance generator address could have 3.5M leased waves (total generating balance of 4.5M waves)

Undland’s proposal addresses the approach how to identify leased own balance as own balance to still be able to use security measures of not providing seed for the generator which holds own amount of waves.

Why so complicated? We can just require miners to have some waves on generating address, I mean without leasing.

I think it doesn’t make much sense to make things more strict for large-balance account, since you anyway can use several addresses for single owner/node.

I was thinking about this thing too. When we will be ready to switch to provably secure PoS we’ll most probably anyway will need to introduce some real waves depositing for miners. Moreover it’s natural for PoS to require miners to be an investors and this is one of important security factors.

I would implement a rule requiring miners to have some share of waves their own. Then we can activate this rule starting with let’s say 1%. After that it can be automatically increase it by 1% every month until we reach target threshold of 5-10%

1 Like

I fully agree with this method if it can be implemented securely. It would shrink the huge pools and heavily increase decentralization

I said it’s safer with a lease. As a node owner, I don’t want to store the dat file with a balance on the remote server. I also wouldn’t like to have any connections between the node and the PC with my balance except connections via the blockchain.

Yes you can have several addresses within 1 node but do you think lessors will be leasing to different wallets if there are several knowing that it belongs to the same node (what about real decentralization then)? Of course if they are presented as different pools then its different story but own balance on the nodes would still be required for larger amount of leased waves (may my proposed initial lease-able amount of waves of 100k probably could be ignored and only real balance taken into consideration). In the end we do need a proper way to identify legit players by making them staking their own waves. (My initial proposal was to just check for own generating balance but if there will be more secured POS for storing and accessing own balance then that should be definitely used.

Also why not we limit number of generation address on 1 physcal node by connecting node nonce to the generator address

As I checked the idea that i have proposed before, i found that there have been idea behind “node generation uptime” - ie with node being new it could be restricted to get a higher balance leased to the generator address and that limit could be increased as the time passes.

Anyway we started a discussion now and that’s good, if ideas which are stated here are yet raw we could polish them and have a better secured decentralized network

Well, in general i see one problem with this: it will limit the overall amount of Waves participating in the staging process and this will make a 51% attack cheaper.

Furthermore, i really don’t like to have any funds on the node itself, at least as long as a Smart Account (in this case for 2FA) can not be a forging address. I assume that this is not possible, right?

Having funds on the node would make the whole thing a lot more unsecure in comparison to a usual wallet, e.g., in cases in which the server is hacked.

:joy::joy: @alexkof just define a number, required to run node. that’s it. do it after 2fa.
limitation with percentage of funds can cause more centralization. like you said.
I support that, the number of coins should be 1000 in node wallet. imo it is fair enough when you think the future of waves chain.
read this topic to see all solutions :slight_smile: Incentivisation With Inflatıon + Coin Burn [discussion]

Well, what Hawky says is also my largest concern, it can get cheaper to get a 51% attack possibility if the total amount of waves leased decreases.

I also spoke with Alexkof in Moscow about this, and after giving it a thought, I can’t help but thinking you are mostly solving a problem that doesn’t really exist.

Most nodes that have a decent share in the network are also in possesion of a decent amount of Waves… and I am even using the Waves I own to boost other starting nodes to help them grow… so you would kinda kill that project as well.

I don’t think this really solves anything. Decentralisation is something you cannot enforce this way. Incentivising small nodes and discouraging leasing to (very) big nodes is the way forward I` say. It’s a process and needs time. Rome was not build in a day and a really well decentralised network will also take a while.

1 Like

What you write here means that you value key from an account with several millions forging power much less than account with several tens of thousands. That is what probably should be fixed.

How much 51% attack costs right now? Imagine you are leasing pool and you have an account with several millions of leased funds. For much are you ready to sell it to me?

This may be possible if we decide to do this. Currently it’s not, but we can start with this. Although I don’t know if it’s proper way or not. As I said, miner shouldn’t value account with 1m forging power less than account with 50k real waves.

actually best would be to support decentralization by creating more physical nodes… leasing its self kills an idea of “maybe i should start my own node” cause it’s much more easier to lease. I like the waves team initiative to suppor new/small nodes by leasing them waves to be able to participate in generation process.

Limiting amount of lease-able waves would require most of waves holders to rethink of what they are doing and maybe start their own nodes if they are willing to support network and guarantee its decentralization - every1 needs to understand that decentralization is achieved only if there are alot of active generating nodes. Yes at some point it might seem that it would be easier to set 51% attack but we do still have leasing.

if it could be possible to set script contract, which would distribute fees to the lessors automatically and earned fees are locked for that purpose only, then more smaller nodes would receive waves to their addresses as lessors are guaranteed to receive profit form leasing.

Uhhh… I forgot about that topic already :slight_smile:

This is true. But nodes that pay out 100% also are a reason that people lease. If you hold large amounts of waves and having your own node is much more profitable than leasing you will achieve decentralization. People now lease because a node is costing money and leasing is making money (and much easier).

Setting up a node is pretty easy, even more so if you don’t have to do payouts because you only lease to yourself.

So:

  1. incentivise small nodes
  2. discourage leasing to big nodes
  3. nodes need to stop paying out 100% of revenue.
1 Like

No, what I was saying is that we open additional motivations to attack nodes.

I do not understand you. The Leasing function does not imply the storage of funds at the leasing address. Right? So the value of the pool address is equal to the value of the accumulated mining rewards, rather than the generating balance.

you can come up with many different algorithms that soften the requirements for small nodes and tighten for large ones. If the volume of large nodes decreases as a result, then this will increase the resistance to attack 51. Am i right?

Only option to commence 51% would be buy waves and have high own generating balance :slight_smile: but I think it is considerably costly 51% attack. That is actually why I changed my mind from initial proposal of just having leaseable max amount to be ie 10 times higher than own balance. Additional time variable could give network a better protection as well - older nodes should be considered more legit than new ones.

Don’t forget that it is not distinct-able which node actually working with specific generation balance, which means that in order to identify that you probably have to attack all nodes - but as long as wallet.dat is encrypted and config file does not have any relevant information regarding wallet you are safe even if access to node is compromised. Just make sure you are clean every time you restart your node (check for possible change of API key and other keylogging stuff if applicable). If there will be a more secure way of starting a node without a possibility to compromise wallets integrity or its generating balance then that probably always a good solution for all of us.

Or maybe we need to look for another option of how to limit leases? ie MRT? :slight_smile:

I am heavily against this proposal, let me elaborate.

  1. Security: Hawky mentioned it already in this thread - today, roughly 44% of all WAVES are participating in the process of generating new blocks. If we were to cap a node’s mining power at 10x its own stake, it’s more than likely that the aforementioned 44% is to decrease significantly. Let me extend: Over 20 million WAVES are sitting on exchanges, Waves itself holds another 5 million at the least. That gives us a rough cap of 75 million WAVES that could participate in mining, either directly or indirectly through a lease.

Thus, we would require node owners to own a minimum of 7.5 million WAVES and this figure increases the more uneven leasing stakes are distributed. I think that’s a ridiculous requirement to make as it heavily impacts the security of the Waves blockchain.

  1. Core Principles: A crucial core principle of blockchain is perimissionlessness. One should be able to join a network without any limitations/censorship/pre-requirements. If a node operator HAS TO have a effective balance on an address, I think that defeats this core principle. The current minimum of 1000 WAVES is only meant to secure the network (it eliminates a known attack vector in Nxt’s PoS-algorithm) and it’s not required to have it as an actual balance on the node.

In this context I’d also like to include fairness. Not everyone can afford to purchase WAVES even though he would like to contribute to the community by running a node. I don’t think it’s in the spirit of crypto to limit his work’s potential but rather to embrace his efforts.

  1. I’m not of the opinion that a node operator has to actually hold WAVES. If he runs a stable node/pool, he is already doing a greater deed to the community/network than someone who just purchased some WAVES. Why would be oblige him to buy WAVES so he can continue to run/scale his operation?

I’m also heavily opposed to a maximum generating balance. Any interference with the free market goes totally against the spirit of crypto. I wish we would try to educate our users/investors/community more about the consequences of unequal distribution of mining balances. And I actually think that has worked in the past: We at WavesGo actively asked our lessors to move their stakes to smaller nodes for the sake of decentralization. We also pushed to decrease the minimum requirement to 1k WAVES, again opening up new possibilities for small pools. Lastly, we even changed the algorithm in favor of small nodes to support further decentralization of the Waves network. The results are impressive: WGO went from 50% to a mere 22% (from 17m+ to 10m); WNET halfed its stake by asking large lessors to distribute their stakes and, in turn, small pools have gained considerably. If you compare our pools’ stakes with those of Ethereum or Bitcoin, you’ll see that Waves is actually pretty well-decentralized. What we actually need is more nodes and we do not achieve this by increasing the entry barrier for newcomers.

5 Likes

Amen to that, nothing to add

Sorry, but that is complete non-sense, of course we know which node operates with what generating balance.