You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
A single rogue witness could create an alternative chain that is longer than the undo history. If they are able to connect to a peer first then that peer could end up "stuck" on the minority chain and would be unable to recover without manual intervention.
The goal is to ensure that at all times a node is able to recover if it is presented with the real chain and the real chain has no significant gaps without checkpoints confirming the gaps are legitimate.
Given an undo buffer of 1000 blocks we need to ensure that no node will extend a chain for which there may exist an alternative chain that is longer and which forks more than 1000 blocks ago.
Every time a block is missed it requires two blocks to confirm the miss with certainty that you are still on the highest participation fork. Based upon this information we can construct the following algorithm:
If you miss 1000 blocks in a row, then you will not push block 1001.
If you miss 999 blocks in a row, then you must produce 2 blocks for every block missed thereafter (2/3) delegate participation.
In effect this requires 2/3 participation to stay in sync while allowing short disruptions in block production.
Stated another way, the required UNDO history can be determined by the "missed_count". This means that a healthy network can get away with a shorter undo history than an unhealthy network and that the MAX_UNDO_HISTORY needs to define a threshold where a rogue witness is unable to flood a user's memory with undo state.
The text was updated successfully, but these errors were encountered:
There exists a potential attack where the attacker simply wishes to disrupt the downloading of new blocks by causing a client to go down many dead-end chains before finding the proper chain. The risk of this attack needs to be balanced with the risk of a natural short-term disruption in the participation rate on the main chain.
The blockchain now has a minimal participation requirement that can only
be overridden with checkpoints. Any time participation falls below a
minimal level no new blocks may be added.
Currently it requires 66% participation and tolerates short periods of
time below 66% participation with a maximum of 500 consecutive blocks
missed. For every two blocks produced 1 can be missed with a slack of
999 bias.
A single rogue witness could create an alternative chain that is longer than the undo history. If they are able to connect to a peer first then that peer could end up "stuck" on the minority chain and would be unable to recover without manual intervention.
The goal is to ensure that at all times a node is able to recover if it is presented with the real chain and the real chain has no significant gaps without checkpoints confirming the gaps are legitimate.
Given an undo buffer of 1000 blocks we need to ensure that no node will extend a chain for which there may exist an alternative chain that is longer and which forks more than 1000 blocks ago.
Every time a block is missed it requires two blocks to confirm the miss with certainty that you are still on the highest participation fork. Based upon this information we can construct the following algorithm:
If you miss 1000 blocks in a row, then you will not push block 1001.
If you miss 999 blocks in a row, then you must produce 2 blocks for every block missed thereafter (2/3) delegate participation.
In effect this requires 2/3 participation to stay in sync while allowing short disruptions in block production.
Stated another way, the required UNDO history can be determined by the "missed_count". This means that a healthy network can get away with a shorter undo history than an unhealthy network and that the MAX_UNDO_HISTORY needs to define a threshold where a rogue witness is unable to flood a user's memory with undo state.
The text was updated successfully, but these errors were encountered: