Viewpoint | Vitalik: On Conspiracy, Part-2: Anti-Conspiracy and Public Goods

Unidentified and anti-collusion mechanism design

Unidentified and anti-conspiracy games are a big category. As long as the computing power of a single participant does not exceed 23.21% of the total network computing power, the workload proof mechanism is anti-collusion. If the design is clever, this limit can be relaxed to 50%. Logically speaking, the competitive market can effectively fight against conspiracy, and its security ceiling will be relatively higher, but the speed of approaching this ceiling will depend on the situation.

In terms of governance and content management (both are special cases that require arbitrariness ), one of the main and effective mechanisms is futarchy – usually referred to as “governance model based on predictive market decisions”, but I want to point out that the margin plays a very important role in it.

In general, the futarchy mechanism works by making “voting” no longer limited to expressing opinions, but also for making predictions, making correct predictions rewards, and making false predictions will be punished. For example, I have had a proposal before, "Create a forecasting market for a content management decentralized organization." I recommend a semi-centralized design where everyone can vote for or against the submitted content. The more votes you get, the easier it is for more people to see, and the other is a moderation panel. ) to make the final decision. Each submitted post has a very low probability (proportional to the total number of votes + negatives received in this post) and is submitted to the review team for final decision. If the review team approves a post, everyone who voted for it will be rewarded, and everyone who voted against it will be punished; if the review team does not approve the post, it will happen The opposite is true. This mechanism encourages participants to "predict" the review team's decision by voting.

Another example of futarchy is the governance system for token projects. Each voter must make a certain amount of tokens at the initial price when the vote is opened, making the wrong vote a higher cost. In addition, the vote is also subject to another condition: even if the decision to win in the vote is wrong, then all those who vote in favor must buy the token in the hands of all those who vote against it. This will ensure the high cost of voting in favor of the vote, thus eliminating the possibility of low-cost bribery attacks.

• Is “economic abstraction” feasible at Ethereum?
• Babbitt Column | What does the White Paper on the Application of Blockchain Judicial Deposits tell us?
• The Ethereum 2.0 era is approaching, the Genesis PoS block is scheduled to be born on January 3, 2020.

– A form of illustration of futarchy, the creation of two markets to represent "two different possibilities in the future" and the selection of markets with more favorable prices. Source: https://ethresear.ch –

However, the use of such mechanisms is limited. For example, in the content management above, we are not actually solving the governance problem, but giving it more functionality under the assumption that a governance tool is credible. We can also try to use the forecasting market instead of the review team to sell the ad slots in the form of tokens and to price these tokens by creating a forecasting market. The token price is actually a very interfering indicator. Although the application scenario is very wide, it does not apply to indicate some major decisions. Moreover, the value we want to maximize is usually not achieved through tokens.

In general, the value of governance decisions does not depend entirely on its impact on the price of the token, so a good mechanism that can arbitrarily determine the right and wrong cannot do so without restricting identity and resisting collusion. If someone wants to ensure that the game is unrestricted and thus establishes a system based on tokens rather than identity, it must choose between benefiting the public interest and favoring the chaebol. These two are incomprehensible. . Now let's take a closer look at the reasons behind it:

Suppose an author creates works that are beneficial to the public (for example, a series of blog posts) that benefit 10,000 members of the entire community. Suppose now that there is a mechanism that allows members of the entire community to bring a dollar of revenue to the creator through some sort of operation. Unless the members of the entire community are self-sacrificing, in order for this mechanism to work, the operating costs must be controlled to well below $1, otherwise the benefits that community members can support creators will be far less than the cost. No one wants to support the creator, and the whole system will collapse because of the tragedy of the commons. (Translator's Note: The original text.) Therefore, it is necessary to find a way for creators to earn $1 at a cost well below $1.

But now, let's assume that a local tyrant attacker opened 10,000 vests and formed a false community. This community works like a real community, just from supporting creators to another vest that supports attackers. If a real community can make a profit of $1 for the author at a cost well below $1, the attacker can continue to earn $1 for himself at a cost well below $1 until the entire rundown is exhausted. System funds up to now.

If a mechanism can coordinate with each other's participants, then in the absence of proper protection, the conspiring participants (for example, multiple accounts controlled by the same person) will be more coordinated and effortless. Take the funds in the system.

Similar challenges exist not only in the area of ​​financing, but also when deciding what to push. What kind of content do you think can create higher value: is it a high-quality blog that can benefit thousands of people, or is it the following ad?

Or the following?

Those who continue to pay attention to real-world political dynamics may point out that there is also a content that serves the centralized subject: social media controlled by the government. Both the centralized system and the decentralized system have to solve the same fundamental problem, that is, the “view (and general public goods) market” is very different from the “effective market” that economists call , which leads to even “ In peacetime, public goods (also translated as "common supplies") will also reduce production, and it is difficult to resist active attacks. This is a very difficult problem.

This is why a token-based voting system (such as a currency) has an important advantage over an identity-based voting system (such as Gitcoin CLR or /r/ethtrader's donuts): at least no bulk purchase account Benefits, because your influence is proportional to your currency, even if you have more accounts, your currency has not changed. However, the mechanism that relies on tokens rather than identity cannot fundamentally solve the problem of the abduction of distributed communities that support the common supplies by centralized interest groups; if the distributed community adopts a mechanism that does not restrict identity, it cannot avoid excessive power. The chaebol pretends to be a widely dispersed community for profit.

However, the design of the public welfare mechanism not only has the problem of identity fraud, but also the issue of bribery. In order to find the reason, let us consider the above mentioned example, but not the "false community" composed of the attacker's 10001 vest number. The attacker has only one identity and has registered an account to receive funds, and the other 10000 accounts. They are all real users – but each user receives a $0.01 bribe and then votes to get the attacker to get $1. As mentioned above, these bribes can be highly confusing, and even for the sake of convenience, third-party regulatory services will vote on behalf of users. If it is a "token voting" mechanism design, it is much easier to confuse voting: an attacker can rent tokens on the market and use these tokens to vote. Therefore, although certain types of game models can be identityless and resistant to collusion, especially those based on predictive market or margin, it is unfortunate that solutions that allow for conspiracy and do not restrict identity are simply unable to solve general public goods. The problem of funding.

Resistance to conspiracy and identity

Another solution is to face identity issues. As mentioned above, only a more secure centralized identity system, such as passports and other identity documents, cannot achieve large-scale operations; in the case of strong economic incentives, such systems are low-security and vulnerable to government Impact! Rather, the “identity” we are talking about is a collection of claims that define the identity of the person through personally unique information. This kind of mesh identity has long been prototyped, that is, HTC's blockchain mobile phone can retrieve the wallet function through social relationships.

The basic idea of ​​this retrieving function is to secretly share your private key to up to 5 trusted contacts and mathematically ensure that you can retrieve the original private key with the help of 3 contacts, less than 3 contacts can't retrieve it. This creates an “identity system” – it is up to your 5 friends to confirm if you are trying to get back the account. However, this is a proprietary identity system designed to address the issue of personal account security, as opposed to identifying an individual (and simpler!). Even so, based on this general model of mutual authentication, a robust identity model can be built. Such systems can also incorporate the futarchy mechanism described above if needed: if two parties have a disagreement about the identity of the same individual and are willing to bet on it, the system can call the trial team to determine which party is right. .

However, we also want “identity” to have another crucial feature: making the act of renting or selling identity untrustworthy. We obviously can't stop the transaction "You give me $50, I will give you the private key", but we can find ways to reduce the credibility of such transactions – so that the seller can easily deceive the buyer and give the buyer a False private key. One way is to establish a mechanism by which the owner of the private key can withdraw the private key by sending a transaction and arbitrarily choose a private key to replace it, and this is done in a way that cannot be verified. The easiest way to implement this mechanism is probably to have a trusted third party perform the calculation and only publish the results (with a zero-knowledge proof that proves the result, which is equivalent to trusting only the privacy provided by the third party rather than complete (sex), or through multi-party computing to achieve the same function in a decentralized manner. These methods cannot completely solve the problem of collusion (a group of people come together to discuss the voting plan), but they can be controlled to a certain extent without causing the system to collapse.

In addition, the initial allocation of the private key is also a problem. If a user creates their identity through a third-party hosting service and the hoster keeps their private key, what happens if the host steals the user's private key to vote? This is actually a very concealed way of bribery, that is, users use their voting rights in exchange for convenient services. In addition, if voting is unverifiable in this system, it successfully prevents bribery and enhances security, but it also obscures the custodian's use of the user's private key to vote. The only way to guard against this problem is. . . I verified. For example, an “issuer” ecosystem can be established, each issuer will issue a smart card with a private key, and the user can immediately download the private key to his or her smartphone and send a message to replace the private key with an undisclosed Private key. The issuer can be an individual who is considered to be credible by offline parties, meetings, or voting mechanisms.

Building an infrastructure for anti-collusion mechanisms, including a robust decentralized identity system, is a formidable challenge. However, if we want to release the potential of such a mechanism, it seems that it is impossible to go all out. At present, computer security issues have been criticized. For example, some experts have said that online voting should be "offline." However, if we want to expand the role of the voting mechanism and include more advanced forms such as deferred voting and quadratic financing, we have no choice but to face the challenge and try hard to design a success. A sufficiently secure system can at least meet the needs of certain use cases.

(Finish)

Original link:

https://vitalik.ca/general/2019/04/03/collusion.html author: Vitalik translation & proofreading: Min Min & A sword

(This article is from the EthFans of Ethereum fans, and it is strictly forbidden to reprint without the permission of the author.

We will continue to update Blocking; if you have any questions or suggestions, please contact us!