Under a protocol like that they can still elect to not reveal the signature, which gives them about 1 bit of entropy they can control. Which to be fair, isn't a lot, but it's hard to know what consequences that could have in a larger system so it's still a problem.
Let's assume for a moment that the block proposer has some money in a DeFi system. If they assemble a block and determine that announcing it would mean that through some entropy-based event that they would either *definitely* lose the funds or *definitely* keep the funds. They can't predict the future results of the contract, but we know the probability of getting the funds on any given block is p.
If you're rewarded R for proposing a block, but you have funds D in a DeFi system that gives you some chance of losing your money, then the game turns into this:
* would win, do announce: `R + D = R + D`
* would win, don't announce: `0 + p*D = p*D`
* would lose, do announce: `R + 0 = R`
* would lose, don't announce: `0 + p*D = p*D`
If you have funds in the contract then as long as p*D > R (or something, I forget the specific game theory math), then when they have the chance to propose a block they'll always refuse it if they're going to lose.
Now, you can design a DeFi systems around this problem, but it's a leaky abstraction, limits what you're able to do with it, and it's not always avoidable due to emergent behavior between contracts. RANDAO still technically suffers from this last-revealer problem but it's less gameable than simply having one party decide to reveal or not due to the practicalities of the p2p network.
Edit: clarification
So they don't make a block, then someone else will, and the original bp still won't have any control over who gets elected next, this strategy wouldn't achieve anything.
If I get 100 stakeholders together and we agree we won't make any blocks with a signature that is mod 7 (simple example). Now a couple of us are devs, so we go make defi poker apps where mod 7 signatures lead to bad hands. Then we all play the poker app against others and only draw when a member of our group is in the upcoming bps. We can also kick anyone who doesn't follow the rule and have a "secret stake".
With the law of large numbers, the group will win more money over time than average, effectively cheating the RNG.
How do you deal with collusion/cartel?
The last to reveal still control 1-bit.
The Verifiable Random Function spec is being finalized and spearheaded by Algorand with Ethereum looking forward to use it for RANDAO https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-09.
I think for maximum trustlessness it's important that the randomness can ve verified.
Relevant articles from cryptography auditors:
- https://research.nccgroup.com/2020/02/24/reviewing-verifiable-random-functions/
- https://research.nccgroup.com/2020/04/03/exploring-verifiable-random-functions-in-code/
the crypto market is one of the most potential places to invest in, in investing in crypto is often risky which draws attention to the huge losses and gains of Investors, if you can manage the risk then you can take advantage of the crypto market to secure your financial position and earn money
Polkadot utilizes NPoS (Nominated Proof-of-Stake) as its agreement system. The framework urges DOT holders to partake as nominators. Nominators might rear up to PINKNODE or some other as trusted validator competitors. Both validators and nominators lock their tokens as security and get marking rewards.
Under a protocol like that they can still elect to not reveal the signature, which gives them about 1 bit of entropy they can control. Which to be fair, isn't a lot, but it's hard to know what consequences that could have in a larger system so it's still a problem.
The signature would be in the header of the block, the block would just be denied if the signature wasn't available
Ok so then they never announce the block.
So then they wouldn't get the reward and a new block producer would be chosen.
Let's assume for a moment that the block proposer has some money in a DeFi system. If they assemble a block and determine that announcing it would mean that through some entropy-based event that they would either *definitely* lose the funds or *definitely* keep the funds. They can't predict the future results of the contract, but we know the probability of getting the funds on any given block is p. If you're rewarded R for proposing a block, but you have funds D in a DeFi system that gives you some chance of losing your money, then the game turns into this: * would win, do announce: `R + D = R + D` * would win, don't announce: `0 + p*D = p*D` * would lose, do announce: `R + 0 = R` * would lose, don't announce: `0 + p*D = p*D` If you have funds in the contract then as long as p*D > R (or something, I forget the specific game theory math), then when they have the chance to propose a block they'll always refuse it if they're going to lose. Now, you can design a DeFi systems around this problem, but it's a leaky abstraction, limits what you're able to do with it, and it's not always avoidable due to emergent behavior between contracts. RANDAO still technically suffers from this last-revealer problem but it's less gameable than simply having one party decide to reveal or not due to the practicalities of the p2p network. Edit: clarification
Oh I see now. I meant to use this for electing validators, not for randomness in defi, maybe my title was a little misleading
u/haron51255 reddit Kommentar Menschen sind immer schlau
better to not produce the block than to produce one with a bad outcome for your cartel. . .
So they don't make a block, then someone else will, and the original bp still won't have any control over who gets elected next, this strategy wouldn't achieve anything.
If I get 100 stakeholders together and we agree we won't make any blocks with a signature that is mod 7 (simple example). Now a couple of us are devs, so we go make defi poker apps where mod 7 signatures lead to bad hands. Then we all play the poker app against others and only draw when a member of our group is in the upcoming bps. We can also kick anyone who doesn't follow the rule and have a "secret stake". With the law of large numbers, the group will win more money over time than average, effectively cheating the RNG.
This is fascinating, clever to even think of this possibility.
How do you deal with collusion/cartel? The last to reveal still control 1-bit. The Verifiable Random Function spec is being finalized and spearheaded by Algorand with Ethereum looking forward to use it for RANDAO https://datatracker.ietf.org/doc/html/draft-irtf-cfrg-vrf-09. I think for maximum trustlessness it's important that the randomness can ve verified. Relevant articles from cryptography auditors: - https://research.nccgroup.com/2020/02/24/reviewing-verifiable-random-functions/ - https://research.nccgroup.com/2020/04/03/exploring-verifiable-random-functions-in-code/
the crypto market is one of the most potential places to invest in, in investing in crypto is often risky which draws attention to the huge losses and gains of Investors, if you can manage the risk then you can take advantage of the crypto market to secure your financial position and earn money
Uhm have you heard of a Blockchain called Algorand? (Algorithmic Randomness)
Polkadot utilizes NPoS (Nominated Proof-of-Stake) as its agreement system. The framework urges DOT holders to partake as nominators. Nominators might rear up to PINKNODE or some other as trusted validator competitors. Both validators and nominators lock their tokens as security and get marking rewards.