-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Bounding the recipient set and payment rates #6
Comments
Very interesting approach with the Merkle tree commitment. Do I understand correctly that such an approach poses a limitation on how often O can update |
Yeah you could allow O to update |
How does pre-pay help bound Can you elaborate on how pre-pay mitigates |
Pre-pay doesn't help bound
A B might face a stricter pre-pay policy if it has transacted zero value with O. As the amount of value transacted with O increases, the pre-pay policy could be relaxed. So, if a malicious B wants to improve its ability to double spend it would first have to transact some amount of value with a set of Os before it can effectively double spend with that set of Os. If a malicious B double spends at this point and has its penalty escrow slashed then all Os would ban the offending address which means the malicious entity would have to start fresh with a new account in order to start double spending again which also means it faces stricter pre-pay policies again. The goal here is to add another cost to double spending because you have to re-build reputation once you get caught double spending once. This assumes ticket redemption either immediately upon receiving a winning ticket or at least within some bounded time after receiving a winning ticket which is enforced by a ticket expiration time. I think this assumption is fine for an initial version. |
Within the Livepeer network, we already have a bound on
N
because the number of registered orchestrators on the network is always known.We can bound
W
by having a recipienti
define a time window with an associated max payment ratew_i
. During each time window, the recipient is only willing to accept tickets from a particular sender until it receivesw_i
macropayments from the sender. If a sender hits this limit, the recipient stops accepting tickets until the next time window. The declaredw_i
might reflect a recipient's willingness to take on risk.Chiesa et. al present an interesting idea in the form of recipient address set Merkle tree for each penalty escrow
n
recipients then there aren
valid authentication paths and the root contains at least the sum of the max payment rates for then
recipients. The recipient can verify that the sender's penalty escrow is >= the value in the root. A sender could try to to make the value in the root smaller by making one of the max payment rates in the leaves smaller than the actual declared value. If we assume that the recipient for that leaf will refuse to work with the sender since the max payment rate in the leaf is wrong then it is fine that the value in the root is inaccurate because the value transacted with this particular recipient will just be 0.The text was updated successfully, but these errors were encountered: