Instantx questions

[kaykurokawa]

Hi, some questions about instantx.

1. My understanding is that all nodes will reject blocks that contains a double spend based on the transaction locks. Is this correct?

2. If so, can't masternodes vote on two different transaction locks, sending one out to one half of the network, and sending another to a second half. Now presuming all nodes see both locks there is no problem because both locks will be rejected, but a node that is not particularly well connected might only see one and assume the transaction lock is valid when it has been rejected by the rest of the network. This will effectively force the ill connected node to reject a block that will be accepted by the rest of the network.

3. Do new nodes download past transaction locks when verifying blocks? How do you guarantee consensus when transaction locks are not protected by proof of work.

4. Does Instantx effectively make dash into a hybrid POW/POS system? Why or why not?

 

[thelazier]

Hi kaykurokawa
I would like to try to answer your question with my understanding.
1. instantx currently sent to 20 Masternode (yes, a part of network), then all these nodes will check the transactions and confirm back. The transactions will show you the number of verified masternode.
2. the node that is not part of instantx transaction will see transaction as normal. and The receiver of instanx transactions will still need to wait for some more confirmation before use this amount , The InstantX transactions is to confirm that you have incoming trx verfied by Masternodes only.
3. new node download block chains the transaction is in block chains. So, it's POW protected.
4. InstantX is service of Masternode , Masternode enable Dash to be Proof of Service(not Stake) system, on top of POW. If you don't care about Masternode Features, you still be able to use Dash as normal POW system as general miner's view..

Hope my answer helps.

 

[kaykurokawa]

Thanks, for answering. I am still not clear on all four questions, so let me rephrase the most important question (1) and take it from there:

Are the transaction locks part of the block consensus rules? If there is a transaction lock on an unspent, and a block is mined that spends the unspent elsewhere, will that block get rejected by the full nodes in the dash network?

 

[moli]

Thanks, for answering. I am still not clear on all four questions, so let me rephrase the most important question (1) and take it from there:

Are the transaction locks part of the block consensus rules? If there is a transaction lock on an unspent, and a block is mined that spends the unspent elsewhere, will that block get rejected by the full nodes in the dash network?

Are you thinking of a normal PoW block consensus and a Finney attack? In InstantX locking, the consensus comes from the Masternodes... and if there's not a consensus, the IX transaction becomes a normal PoW transaction... Let me paste an excerpt from Evan's white paper:

"To stop a Finney Attack from succeeding, the network must be capable of rejecting blocks that violate existing transaction locks. They must also be able to differentiate between a transaction lock on a given transaction and a successfully locked transaction via the Masternode network locking consensus system. Only when the elected masternodes have relayed the lock for the given transaction is it to be considered successfully locked and a block with a conflicting transaction rejected."

Here's the link to InstantX white paper: https://www.dashpay.io/instantx/ (note that this was written before the rebranding so it mentions "Darkcoin" which is Dash now).

 

[kaykurokawa]

"the network must be capable of rejecting blocks that violate existing transaction locks."

So is the network currently rejecting blocks that violate the transaction locks or not? I assume yes?

If so, how do you prevent an ill connected node I described in (2) from forking?

 

[moli]

"the network must be capable of rejecting blocks that violate existing transaction locks."

So is the network currently rejecting blocks that violate the transaction locks or not? I assume yes?

If so, how do you prevent an ill connected I described in (2) from forking?

That question will need a dev to answer.
UdjinM6 crowning flare

 

[thelazier]

"the network must be capable of rejecting blocks that violate existing transaction locks."

So is the network currently rejecting blocks that violate the transaction locks or not? I assume yes?

If so, how do you prevent an ill connected node I described in (2) from forking?

IMO, Forking is normal on POW network, no need for prevention. The ill connected node will need to be resync to the main network if the node want to be part of the network. The ill connected is not network problem it's node's problem.

 

[kaykurokawa]

But instantx is not proof of work. And since your block consensus now relies on something that is not proof of work, you have introduced new problems. Below is example:

Bob votes for a transaction lock 1 where unspent A is sent to address B.
Bob also votes for another transaction lock 2 where unspent A is send to address C.
Bob then creates a transaction X where unspent A is sent to address B.

Bob now can broadcast transaction lock 1 and 2 however he pleases. If a node receives both locks, transaction X is valid. If a node recieves lock 1, transaction X is also valid. But if a node only receives lock2, transaction X is invalid. How does a node know which state is the correct one? Even if a node receives both locks, he can't know for certain whether the rest of the network also recieved both locks, or whether they only received lock2. The only way to know is by querying the majority of the network and seeing which state it wants to go into. Note that this is the exact thing that proof of work was created to avoid. With proof of work, you only need to connect to one honest node for it to work. Instantx makes network topology and connectivity extremely important.

 

[moli]

But instantx is not proof of work. And since your block consensus now relies on something that is not proof of work, you have introduced new problems. Below is example:

Bob votes for a transaction lock 1 where unspent A is sent to address B.
Bob also votes for another transaction lock 2 where unspent A is send to address C.
Bob then creates a transaction X where unspent A is sent to address B.

Bob now can broadcast transaction lock 1 and 2 however he pleases. If a node receives both locks, transaction X is valid. If a node recieves lock 1, transaction X is also valid. But if a node only receives lock2, transaction X is invalid. How does a node know which state is the correct one? Even if a node receives both locks, he can't know for certain whether the rest of the network also recieved both locks, or whether they only received lock2. The only way to know is by querying the majority of the network and seeing which state it wants to go into. Note that this is the exact thing that proof of work was created to avoid. With proof of work, you only need to connect to one honest node for it to work. Instantx makes network topology and connectivity extremely important.

Have you tried this to see the result?

 

[kaykurokawa]

No. Someone should though if my understanding of instantx is correct. If its not a dev, it'll be someone malicious.

 

[moli]

No. Someone should though if my understanding of instantx is correct. If its not a dev, it'll be someone malicious.

Evan spent a lot of time researching and testing InstantX, and we also had public testing before it was released as you can see here:
https://dashtalk.org/threads/v0-11-1-x-instantx-testing.3826/

 

[Sub-Ether]

No. Someone should though if my understanding of instantx is correct. If its not a dev, it'll be someone malicious.

If you are referring to a type of double spend attack with IX, this was tested in testnet, only the first lock is possible, the second one will be conflicted, try it yourself by creating 2 same wallets, do the first transaction just after the last proof of work in order to give yourself more time to issue the second transaction.

 

[moli]

If you are referring to a type of double spend attack with IX, this was tested in testnet, only the first lock is possible, the second one will be conflicted, try it yourself by creating 2 same wallets, do the first transaction just after the last proof of work in order to give yourself more time to issue the second transaction.

Exactly.

 

[kaykurokawa]

If you are referring to a type of double spend attack with IX, this was tested in testnet, only the first lock is possible, the second one will be conflicted, try it yourself by creating 2 same wallets, do the first transaction just after the last proof of work in order to give yourself more time to issue the second transaction.

I understand that it is supposed to be the expected behaviour. Please explain to me how the attack I described is not theoretically possible.

 

[moli]

I understand that it is supposed to be the expected behaviour. Please explain to me how the attack I described is not theoretically possible.

We can keep telling you but you won't believe it or can't understand it until you try it out for yourself.

 

[Sub-Ether]

I understand that it is supposed to be the expected behaviour. Please explain to me how the attack I described is not theoretically possible.

suggest reading the whitepapers and source code, but if you do manage to 'break' transaction locking in practice the developers would be interested to hear, no doubt a patch would be added - although to date no one has been able to do this.

 

[thelazier]

But instantx is not proof of work. And since your block consensus now relies on something that is not proof of work, you have introduced new problems. Below is example:

Bob votes for a transaction lock 1 where unspent A is sent to address B.
Bob also votes for another transaction lock 2 where unspent A is send to address C.
Bob then creates a transaction X where unspent A is sent to address B.

Bob now can broadcast transaction lock 1 and 2 however he pleases. If a node receives both locks, transaction X is valid. If a node recieves lock 1, transaction X is also valid. But if a node only receives lock2, transaction X is invalid. How does a node know which state is the correct one? Even if a node receives both locks, he can't know for certain whether the rest of the network also recieved both locks, or whether they only received lock2. The only way to know is by querying the majority of the network and seeing which state it wants to go into. Note that this is the exact thing that proof of work was created to avoid. With proof of work, you only need to connect to one honest node for it to work. Instantx makes network topology and connectivity extremely important.

I understand that the instantX transaction is designed to be another layer of verification of transaction on top of normal proof of work blockchain.
So, all the check of POW will be check at verification time of locking as well. If the instantx is not verified , it will become normal transaction anyway.
Locking and verifying the instantX by masternodes is special service. You pay more for this service. The service notify official wallet to confirm the transaction instantly.
Your example is not possible to be valid on POW , so it's never valid on instantX transaction as well.

Hope you understand.

 

[eduffield]

Hi, some questions about instantx.

1. My understanding is that all nodes will reject blocks that contains a double spend based on the transaction locks. Is this correct?

2. If so, can't masternodes vote on two different transaction locks, sending one out to one half of the network, and sending another to a second half. Now presuming all nodes see both locks there is no problem because both locks will be rejected, but a node that is not particularly well connected might only see one and assume the transaction lock is valid when it has been rejected by the rest of the network. This will effectively force the ill connected node to reject a block that will be accepted by the rest of the network.

3. Do new nodes download past transaction locks when verifying blocks? How do you guarantee consensus when transaction locks are not protected by proof of work.

4. Does Instantx effectively make dash into a hybrid POW/POS system? Why or why not?

Sorry I'm late to the party :wink:

1. Yes

2. There's multiple layers of defense against this type of attack. First off, the masternode network reduces the network propagation latency to about 4 seconds from side to side. That means you would need to propagate the conflicting transaction within that amount of time, otherwise the second one would be rejected, even while the first transaction lock was being created. But let's say you managed to propagate from both edges of the network, now you need to get your 2 confilcting transactions to their respective masternode quorums, which are picked randomly (deterministically using an algorithm defined in the IX paper), without hitting any of the masternodes that are seeing the other transaction, that seems unlikely alone.

But let's say you managed to do that by directly connecting to each of the masternodes and really planning this attack out. So you propagate both at exactly the same moment and get two transaction locks that are locking the same inputs. You would see a transaction lock for a brief second, then they cancel out and proof-of-work takes over. Look at CheckForConflictingLocks in instantx.cpp for more information.

As for your example about a node that isn't well connected and got only one of the locks? They might get stuck until they can get the second lock (which TCP/IP is really good at). As soon as they get that second lock, they will reconsider the block and continue on.

3. Up to version 12.0 this is true, it might not be true in the next version

4. Masternode quorums get their security from proof-of-work. It's a new type of blockchain based security, that allows us to do things not usually possible in normal blockchain based setups.

But instantx is not proof of work. And since your block consensus now relies on something that is not proof of work, you have introduced new problems. Below is example:

Bob votes for a transaction lock 1 where unspent A is sent to address B.
Bob also votes for another transaction lock 2 where unspent A is send to address C.
Bob then creates a transaction X where unspent A is sent to address B.

Bob now can broadcast transaction lock 1 and 2 however he pleases. If a node receives both locks, transaction X is valid. If a node recieves lock 1, transaction X is also valid. But if a node only receives lock2, transaction X is invalid. How does a node know which state is the correct one? Even if a node receives both locks, he can't know for certain whether the rest of the network also recieved both locks, or whether they only received lock2. The only way to know is by querying the majority of the network and seeing which state it wants to go into. Note that this is the exact thing that proof of work was created to avoid. With proof of work, you only need to connect to one honest node for it to work. Instantx makes network topology and connectivity extremely important.

So maybe we need to dive further into Masternode Quorums. This is a new concept in crypto that is very poorly understood, but greatly important for all of the technology that Dash employs. There's 2900 masternodes presently, each costing $3700, that's a total of $10M dollars that's in the masternode system at this point. A masternode quorum uses a recent blockhash to calculate 10 masternodes responsible per quorum, so all clients know who is responsible for which task. So when you propagate a transaction lock to the network, you'll need at least 5 other masternodes to sign those transaction locks. Let's say you have 100 masternodes on the network and you want to try and trick the system, here's a rough estimate of your chances:

(100/2900.0)**6 == .000000000168117

So you can't simply vote on a transaction lock. You need to be elected, along with 5/9 other random people that would have to be complicit. You don't pick the masternodes either, the proof-of-work hash does, which is why it inherits the security. This allows the network to perform highly secure things, with just a few nodes, then the rest of the network can trust that it was done correctly and not tampered with. As the market cap goes up and we get a more and more decentralized masternode network, the security of instantX and related technologies will also go up exponentially. Imagine on average each masternode was owned by 3 people, utilizing masternode shares.

I'm going to start making videos detailed how all of this works in great detail. It's something I can't do justice in a few paragraphs. There seems to be a huge misconception about how the security model works, hopefully I can correct that.

 

[kaykurokawa]

Thanks for the reply. If you can please reference the relevant files in the source code, this will help understanding for me and everyone else on the forum. I have a bunch of questions still about 2)

"First off, the masternode network reduces the network propagation latency to about 4 seconds from side to side."

Not sure what this sentence means. How are you achieving this? Please elaborate.

"You would see a transaction lock for a brief second, then they cancel out and proof-of-work takes over."

Doesn't that just mean I was able to cancel my transaction lock? Simply be sending two different transaction locks originating from two edges of the network? How is this not the same problem as a regular pow double spend? Can you explain the logic that determines when a second transaction lock is rejected ( you state: "otherwise the second one would be rejected, even while the first transaction lock was being created") versus when a second transaction lock cancels the first transaction lock?

 

[eduffield]

Thanks for the reply. If you can please reference the relevant files in the source code, this will help understanding for me and everyone else on the forum. I have a bunch of questions still about 2)

"First off, the masternode network reduces the network propagation latency to about 4 seconds from side to side."

Not sure what this sentence means. How are you achieving this? Please elaborate.

So when you propagate a message to your peers on the Dash network, you basically say "Hey, I have this new item in my inventory". Say you send it to 8 peers, afterward they each send the inventory to the peers they're connected to and so on. After a few hops, the whole network will have been reached. When I say our network has propagation rates of 4 seconds from end to end (absolute worst case currently), it means we require very few hops to propagate a message and our architecture is also hosted on low latency servers for the most part due to the reward/incentive system.

Our really low propagation rates are because of the masternode network hyper-connectedness. Each masternode, has 20-100 connections to other nodes. So from one side of the network to the other is just a few hops.

It starts with a client submitting an "ix" request instead of the normal "tx" message. That happens in wallet.cpp:1082. As messages propagate the network, they hit ProcessMessageInstantX (instantx.cpp:35)

At this point masternodes check if they're in the quorum in DoConsensusVote, via GetMasternodeRank. nBlockHeight is calculated by the block hash the transation in question was first included in. As consensus votes propagate the network, they're compiled in ProcessConsensusVote (instantx.cpp:305). Once they reach 6 of 10 votes, a lock is formed.

If a block arrives after a lock is formed, it will be rejected in main.cpp:2939.

If a miner decides to mine a chain a few blocks long, that includes a conflicted transaction, then somehow gets the lock after his blocks are accepted, once the lock is formed the chain will be flagged as invalid and removed at instantx.cpp:117.

Doesn't that just mean I was able to cancel my transaction lock? Simply be sending two different transaction locks originating from two edges of the network? How is this not the same problem as a regular pow double spend? Can you explain the logic that determines when a second transaction lock is rejected ( you state: "otherwise the second one would be rejected, even while the first transaction lock was being created") versus when a second transaction lock cancels the first transaction lock?

Yes if you managed to pull off an attack you end up with normal pow, which is OK. The system only degrades to POW under very unlikely attack situations that are detectable. In that case you weren't able to rip anyone off and the rest of the 99.999% of people using the system experienced no issues and continue to have access to instant transactions. The general idea is we can have most transactions enjoy the instantaneous nature, if the system is attacked it will be detected and a downgrade to pow will happen. It's a win-win.

As for the logic that will reject the second txlock request, it's instantx.cpp:74. The masternodes will not accept 2 conflicting transactions. The second will not make it past that line, therefore getting no signatures.