Theory: How to side-step soft-consensus
27 comments
I believe both 0.22.2 could, and 0.22.888(8) can, be side-stepped given the right shuffle round formation. Let's assume we have two subsequence rounds, first A, then B:
Shuffle Round A | Shuffle Round B | |
---|---|---|
1 | jayplay.witness | cryptoking777 |
2 | matreshka | steemhunt |
3 | bukio | hoasen |
4 | rlawlstn123 | zzan.witnesses |
5 | triple.aaa | future.witness |
6 | justyy | maiyude |
7 | steemhunt | bukio |
8 | parse | rlawlstn123 |
9 | ocd-witness | segye.witness |
10 | menacamel | steem-dragon |
11 | segye.witness | matreshka |
12 | dev.supporters | klye |
13 | skuld2000.wit | parse |
14 | zzan.witnesses | dev.supporters |
15 | maiyude | triple.aaa |
16 | future.witness | justyy |
17 | hoasen | indo.witness |
18 | indo.witness | skuld2000.wit |
19 | hinomaru-jp | menacamel |
20 | steem-dragon | jayplay.witness |
21 | cryptoking777 | hinomaru-jp |
Let's also assume that the block signed by witness A-21 (cryptoking777) and B-1 (cryptoking777), is not applying the softfork logic.
They need not be the same witness, but in this example they are. This means that a transaction containing a censored operation would be accepted by two distinct rounds, and thus irreversible.
This means, in order to find this kind of shuffle formation, someone who wants to side-step the majority softfork logic only needs to broadcast the desired operation roughly every 126 seconds (two 63 second rounds).
If A-21 accepts the transaction, they return a trx_id
. The broadcaster keeps track of this trx_id
and checks after the next round if it becomes irreversible. And it would become irreversible if B-1 produces a block that agrees with A-21.
In a nutshell: Do one broadcast in one round then check if the transaction persists the next round. Repeat. Eventually, you might find the correct pair of sequential shuffle rounds.
Questions:
Was this possible in 0.22.2?
Yes. I believe this was possible in both softforks. There's no fundamental difference between them, other than the list of accounts.
Does this mean the exchanges weren't needed to overpower 0.22.2?
I believe so.
Why didn't you post about this back in 0.22.2?
In that scenario, only Steemit, Inc. was affected by this, so it wasn't potentially a widespread issue that warranted a post. I was already in hot water for my opinions. I wasn't about to "take their side" on this over a theory.
I also did talk about this openly, off-chain, if it came up. It never came up between me and anyone at remaining at Steemit, inc.
Is it possible to verify the code against the version being signaled?
No. A witness can report a version that they do not run depending on their skill or access to someone with the required skill.
Comments