I don´t care about FUD and I don´t think that our sunny boy will "take over the chain". But I think it is a good time to educate about what dPOS is.
There is no 51% Attack in a dPOS Consensus. Not the fault of the witnesses that most of them don´t know this, there is simply no good documentation in the whitepaper.
dPOS is a synchronous classical consensus or at least a hybrid based on such classical consensus. Classical byzantine fault tolerant (BFT) consensus systems are build into rockets and nuclear power plants and airplanes for decades.
This is how it works in classical consensus
A small and fixed number of nodes/computers is distributed over the airplane or in our case over the world. The set of nodes is small because consensus requires All-to-All communication. 100 nodes
--> 100 x 100
messages = 10,000
. So more than 100 Witnesses is a baaaad idea because the message complexity increases exponentially.
- 21 x 21 (all to all in Eos and Steem) = 441 Messages
- 27 x 27 (Super-representatives in Tron) = allready 729 Messages
- 100 x 100 (in Bitshares) = 10000 Messages!
- 210 x 210 = 44100 ... forget it
This is how it works in dPOS
- in Steems dPOS quadratic message complexity seems not to be the reason for the bottleneck in number of witnesses see discussion with @raycoms in the comment section. It must have something to do with the round-robin algorithm. So Block-time probably comes from Network Delay/Broadcasting Method. I´m not aware of a distributed Clock or FLP-Problem in dPOS 🤷🤷🤷🤷🤷🤷🤷🤷🤷🤷♂️ so I would conclude that dPOS is in fact a synchronous or permissioned consortium chain (but much more flexible) and somehow hybridized.
[more Blockproducer means longer round]
This is how it does not work:
Majority consensus in >>Bitcoin<< means: the right chain is the longest chain where >>cumulative<< the most hash-power was applied to (heaviest chain), this is where >50% of the hash-power agrees on. Bitcoin has no concept of nodes, there is just hash-power.
This system has nothing to do with a classical byzantine fault resistant consensus system or hybrids like dPOS!
in Bitcoin the adding of blocks is not like a giant spinning wheel with fixed cabins (witnesses), but more like spinning the bottle. The mining-pool which finds the nonce (a small number - a digital needle in the hay stack) can add the block. The difference is that here everyone can join at anytime. In "Larimer"-Consensus everyone has the same chance to add a block, while in Bitcoin everyone has a chance proportional to the stake (which is applied hashpower).
A majority is not 51% (why percentages anyways? :D)
A majority in dPOS is 2/3 of the nodes respectively the stake. So, in order to tolerate n
number of faulty nodes you need 2n + 1
honest nodes! (*for further details scroll down)
“You require a ⅔ majority to have an honest system. Originally BitShares started with 100. There’s not enough oversight of who those 100 people are because there’s not enough bandwidth of voters’ attention to decide. Bringing it down to 21 reduces the cost of the system. The network has to pay each person that runs a full node.” — Daniel Larimer
The Last Irreversible Block (LIB) as Dan Larimer calls it, is the block which has >>2/3<< (~66%) of the nodes behind it. No honest node will move to a fork which is not build on the LIB.
In classical consensus we dont use percentages. I mean your father is not 50% of your parents right? Bitcoin or more correct Nakamoto-Consensus is Node agnostic, it does not care if the Hash-power comes from 200 nodes or from 20000 nodes.
dPOS the flexible Consensus
In computer scientific terms the correctness of the consensus algorithm is made of two immune properties: safety + liveness. One of them guaranties that the chain makes progress and does not halt ;)
dPOS has safety and liveness properties but technically in the case of a byzantine take-over the chain does not halt, it still runs or is in a "pending" state and waits that the stake holders somehow resolve the problem by re-electing.
[yes Vitalik you are right the problem is that not everyone is using his/her votes, this can be changed since the ecosystem of Steem is build around social interaction. We are connected!]
Conclusion
IS this worse or better? I mean "33%" sounds worse... Neither! It is more flexible.
This is why dPOS will never be used for storing Trillions of Dollars but it is perfect for DAOs and to have fun. Vitalik is realistically destroying dPOS as something on the level of Bitcoin. Of course he is right, but for anything sub-decentralized gold or sub-decentralized law it is fine or perfect for a community which wants to improve!
Here is my point. Most witnesses know very little about the consensus in Steem. They know how Steem works technically, but they don´t know the computer-scientific/mathematical laws governing dPOS. I see them doing their home-work. In the end the big guys like Nakamoto, Larimer, Buterin and Zamfir, Gürer, Team Rocket, Ignotus Peverell Poelstra, ... they are about game mechanics and not about having a nice front end or nicely separated wallet.
probably sooner or later we will need a real technical peer-reviewed paper. Investors need such Information. Yeah ok, sun ...I mean some don´t care, but huge venture funds do.
where the 1/3 treshold comes from
I could list you the decades old literature on BFT-Consensus but you would not read them anyways (because you think the math behind consensus is difficult af). Lets call the honest nodes h
and the dishonest nodes d
. Now the treshold t
is simply t > (h/2) + d
imagine there is a consensus fork and the honest nodes are evenly distributed on both sides: one side has h/2 and the other side has h/2 + d. When honest nodes are 60% and dishonest nodes are 40% your are fucked. Lets say we have 100 in total and 60 are honest (hey majority...fuck majority!) now 30 are on the right side of the consensus and 30+40=70 are dominating. For the single node there is no reference to know what it is right, it just has what the other node say.
h >= t > (h/2) + d
h > (h/2) + d
(h/2) > d
d < (h/2)
So the honest nodes must be more than half the honest nodes + dishonest nodes together. Now go brave witnesses protect our chain with informed decisions, don´t fall for FUD.
Literature:
GABRIEL BRACHA 1987 Asynchronous Byzantine Agreement Protocols
LARIMER 2017 The Problem with Byzantine Generals
LARIMER 2017 DPOS Loss of Consensus due to conflicting Last Irreversible Block
BUTERIN 2017 Engineering Security Through Coordination Problems
INTERCHAIN FOUNDATION 2017 Consensus Compare: Tendermint BFT vs. EOS dPoS
A general introduction to distributed Consensus Let’s Take a Crack at Understanding Distributed Consensus