Published on: 2017-12-14T03:24:07+00:00
In a series of email exchanges, Paul and ZmnSCPxj discuss the collective action problem in fraudulent withdrawals from sidechains and propose a solution using smart contracts. The proposed solution involves recruiting accomplices who are paid cuts of the theft through Accomplice Contracts. The thief broadcasts the existence of Hashed Time-Locked Contracts (HTLCs) without negotiating with the accomplices, reducing communication overhead. However, this solution requires significant funds in reserve and could be vulnerable if withdrawals are not restricted to simple P2PKH or P2WPKH.The conversation also delves into various topics related to drivechain technology. They discuss the potential for miners colluding and undercutting their competition by upvoting their own withdrawals and downvoting others. Paul argues that atomic swaps make such behavior unnecessary. They also address concerns about pools being created or destroyed multiple times and the possibility of miners harassing each other using strategy. Paul suggests that orphaning can be used as a response to spiteful miners. The security model of drivechain is discussed, relying on investor disappointment and the slow withdrawal process to increase security.The author proposes using P2PKH to create Theft and Accomplice Contracts, both being HTLCs. The timelock in the Theft Contract allows anyone to spend after the time limit, while the Accomplice Contract is an ordinary HTLC. By using P2PKH and an off-chain method, a HTLC with anyone-can-spend after the timelock can be formed. However, there are issues with timelock-encryption as a time measure. The author suggests that someone may exploit the mathematics of P2PKH to create something similar to a HTLC.The article discusses potential outcomes of miners colluding and making invalid withdrawals, as well as the issue of three mining pools with slightly different hashpower percentages. It is noted that three equal mining pools are unnatural and may lead to collusion. The possibility of miners colluding together and stealing all sidechain funds is also mentioned.In a post on the bitcoin-dev mailing list, ZmnSCPxj suggests restricting withdrawals to simple P2PKH or P2WPKH to fix a vulnerability. However, it is noted that this may not be enough due to Scriptless Script and Bellare-Neven signatures.The collective action problem in fraudulent withdrawals from sidechains is discussed, and a solution using smart contracts is proposed. The thief pays out to a destination address that is a P2SH of the Theft Contract and recruits accomplices who vote for the invalid withdrawal. Negotiation can be done parallel to the theft attempt, reducing the cost of organizing collective action. This method requires significant funds in reserve but aims to utilize existing miner funds. Restricting withdrawals to simple P2PKH or P2WPKH is suggested as a way to fix vulnerabilities.Paul Sztorc responds to criticisms of the security model for drivechains, addressing concerns about non-verifying miners being complicit in theft. He explains mechanisms in place to address problems with multiple withdrawals and argues against the idea that miners should always downvote. The email thread also includes a discussion on the security model for sidechains versus drivechains, with Sztorc stating that criticisms of drivechains' security are unfounded.The writer requests BIP numbers for the ideas discussed in the thread and argues for the benefits of technical review. They disagree with claims that there are no repercussions for fraudulent withdrawals and accuse others of committing the "useless sidechain fallacy. "An email conversation between Chris Pacia and Paul discusses the security model of sidechains, the marginal cost of casting a malicious vote, and the repercussions of fraudulent withdrawals. The potential impact of these repercussions is uncertain. The useless sidechain fallacy is also discussed, as well as the collective action problem inherent in fraudulent withdrawals.On December 3, 2017, Matt Corallo expresses concerns about the risk of centralization of mining in sidechains and the need for new sidechains to be rare events. However, it is noted that federated sidechains are already possible and the value of permissionless sidechain innovation is significant.A Reddit user presents an analysis on blind merged mining (BMM) and drivechains, highlighting the disconnect between voting and "blind" merge mining. The security model for sidechains is compared to every blockchain, but the lack of opportunity costs or collective action barriers in drivechains makes it less secure.The author of this context argues that the security model for sidechains is the same as that of every blockchain. They refute claims that 51% hashrate can steal coins in sidechains, stating that this is also true of the mainchain. However, they note that there are substantial opportunity costs and a collective action problem when it comes to re-writing the mainchain.
Updated on: 2023-08-01T22:15:16.788973+00:00