Hacker News new | past | comments | ask | show | jobs | submit login
Understanding the Stellar Consensus Protocol (medium.com)
154 points by synesso 43 days ago | hide | past | web | favorite | 14 comments

The authors of this protocol made a valiant effort to defend against sybil attacks by requiring intersecting quorums. However, it's not clear to me that they succeeded. Specifically, I worry that they are depending on people running nodes to vet other nodes in some out of band fashion. Clever and patient sybil attackers could insert themselves into the network over weeks or months, and then disrupt it while shorting it on exchanges, or by conducting double spend attacks against exchanges.

As was shown in Bitshares, which relied on holders of BTS to vote on "good" block producers, users can not be relied upon to make these judgements. They will either vote at random, or vote based on trivial stats like uptime. The holders of BTS ultimately paid the price when the creators of the coin forced through a proposal to increase the supply cap and the price collapsed as a result, but the creators have since moved on to other coins.

It seems to me that proof of work works, and proof of stake (as implemented in Tezos) may work, although it's not been running successfully for very long. I'm very suspicious of other consensus algorithms protecting billions of $s worth of assets.

The Sybil attack doesn't work against SCP because, unlike proof-of-stake, the validators are not anonymous. E.g., are you using Stronghold dollars? Then put their validators in all of your quorum slices and you will be guaranteed not to be forked from them. Eventually, every exchange and issuer should designate one or more validators. By including the validators of the institutions you care about in your quorum slices, you know you will be able to redeem and trade the tokens at those places.

Now what makes SCP different from traditional BFT replication is not just that the quorums are defined in a decentralized way, but that they require a transitive closure of dependencies. So if you depend on stronghold and stronghold depends IBM and binance also depends on IBM, then even if you don't think you care about binance, you will still remain in sync with them.


Seems like this has been discussed before.

I think the whole blockchain-based consensus model is wrong, as it is not very scalable AND it is susceptible to 33% attacks.

Here is what I propose instead:


Who cares? The vast majority of Stellar's currency XLM is owned by the founders just like Ripple, and their efforts to distribute this currency to the public are entirely disingenuous. For example, their 2017 airdrop purported to distribute up to 16% of the initial XLM to Bitcoin holders, while less than 10% of that amount was actually claimed (as to be expected when you make people jump through hoops to claim something of dubious value).

The crypto space has an near-infinite supply of new coins and new whitepapers to trap the naturally curious into a hopeless cycle.

Did you read the post? It’s not about the cryptocurrency, or even the network. It’s about abstract ideas for distributed consensus, which are applicable beyond any cryptocurrency. It’s probably interesting even if you’re not interested in Stellar!

While temiri is right, I'd like to continue the discussion that you've started by mentioning that their last airdrop, done in collaboration with blockchain.com, was also a fiasco. A lot of people didn't even bother claiming anymore, and many of those who tried (including me and a buddy that lives in the same building), weren't able to claim because the process was littered with bugs. Hopefully, a serious non-profit foundation will take over (fork) the open source Stellar tech, create a good and fair initial distribution mechanism, and then restart the cryptocurrency. It would probably need the help of governments or big corporations like Facebook/Google in order to insure a fair initial distribution.

I encountered one of those bugs and was able to get 'my' coins after maybe 3 back and forths with a human support person. It wasn't too hard for what could be a free $500.

Good discussion on an old thread between D.Mazieres (protocol author), Greg Maxwell and Vitalik https://news.ycombinator.com/item?id=9342348

The one thing I am curious about is the idea of reputation establishment. Has there been any attempt to reduce impact of a sybil attack by introducing reputation metrics?

What if for example with SCP quorum slices form only between nodes of agreeable reputation where reputation could either be transaction confirmation history or transaction participation history or some combination of both.

I would argue,if some form f reputation metric was in play,a simple 51% majority (for unfederated) would not mean much,especially if each node gets to unilaterally decide reputation metrics it finds agreeable which will make it hard for a sybil attacker to know how many nodes of what reputation it needa to control to succeed.where a failed sybil attack could reduce or eliminate reputation of the nodes it used.

The whole idea is so simple I feel a bit cluelees even asking about it,but does anyone know if similar consensus systems have been explored?

The thing is that reputation isn't formed in a vacuum. E.g., in the case of Stellar's blockchain, you have companies issuing assets like digital dollars or carbon credits or shares in commercial real estate ventures. The tokens have value because people trust their counterparties. Even in the case of XLM, Stellar's "native" cryptocurrency, ultimately people believe it has value because they can trade it for other assets on Stellar's built-in DEX or sell it for fiat currency or other crypto at exchanges. It doesn't matter how many Sybil nodes an attacker creates, if I place Kraken and Coinbase in my quorum slice, I will remain in sync with their validators and know that I can subsequently choose to deposit all of my tokens on those exchanges for trading.

I'm reading Charlie Stross's (cstross here) "Neptune's Brood" at the moment, which envisions an interstellar society constrained by physics (i.e. no FTL)... I can imagine the SCP would play a role in such a society perhaps!

I don't think it'll spoil anything to say Stross actually invented his own digital currency protocol for that book, taking advantage of the speed of light limit.

Nope, it absolutely could not, because it requires multiple round trips through the entire network to reach a result, which is completely unworkable to do anything useful with exactly in Stross' scenario.

Basically the whole point of Neptune's Brood is that in this scenario, only the most rudimentary consensus protocols are practical at all, and for security you have no choice but to rely entirely on the fact that subverting a node is prohibitively expensive.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact