Is there any reason why minting can’t be enabled on a multi-sig transaction as well?
I’d see the as allowing people to receive 1% on their staked coins while outsourcing the hassle of keeping the wallet online 24x7 (perhaps for a nominal fee of 0.1% of your income from minting.
User sends this coins to ‘Coin Minting Co’
User signs the transaction with ‘Sig 1’
‘Coin Minting Co’ signs the transaction with ‘Sig 2’
User retains ‘Sig 3’ for allowing withdrawals of staked coins if they decide to stop minting or for access to the reserved balance
‘Coin Minting Co’ would then put the users coins up for minting on the basis of being to stake a multisig transaction with two signatures.
Cold locked is ideal as you could send your coins to the ‘minting’ address and print those private keys out to put in a safe but what I don’t understand about cold locked minting is that surely you need to leave a wallet online somewhere so you have a CPU to search the space for new minting new blocks - If the coins are in an offline or cold wallet then this minting process can’t happen?
You’d need the N required keys on the same computer to sign the blocks found. So it defeats the purpose of multisig.
That’s what we are trying to accomplish here. Right now there is only one way to mint: having the private key that also enables you to spent the coins. We’re looking for the best way to allow minting without allowing spending.
If they can mint, they can spend. So that wouldn’t work (unless you trust them very much).
Yes you still need a computer somewhere to do the minting. We just want to remove from this computer the ability to spend the coins so that even if someone gets access to the computer he cannot steal the coins.
All the solutions presented in the first post make that possible. We’re just looking for the best way because it’ll be difficult to change afterwards.
I think that cold storage minting should protect the minting coins, but the 1% reward should be allocated to a spendable address. This way people will notice if someone steals their reward and conclude that their minting key is comprimised. This system will also force people to trust any company doing minting for them, and would give an incentive for people to do their own minting. This model will also ensure that small holders can mint in pools, wich is important to level the playing field between rich and poor.
[quote=“petar87, post:11, topic:2336”]I wouldn’t like ppc with risk-free minting. This feature is beneficial to individual but detrimental to coin itself.
For most users it would be even better not to use Rasperry Pi but just to give minting keys in public to some “online minting service”. I would be the first one doing that, just give them private keys don’t bother being online, no installation no anything… And soon that would lead to centralization and that “pool” would have chances to double spend.
I read that nxt implemented this feature as leased forging but I think they will have to remove it with next release if they are serious. Also I saw somewhere how Sunny King was considering this feature before and decided not to have it.
It’s not nice to expose private keys from cold wallet I agree, but that’s the price of this coin security.[/quote]
I tend to share Petar87 concerns. It is an example of ‘tragedy of the commons’ Tragedy of the commons - Wikipedia which is an engrained human behaviour.
People will take the easiest way to mint their coins, which is most likely the largest provider over time to get what is best for them, but overlooking that they are really contributing to the centralisation and with that increasing the vulnerability of the network and eventually put their own coins at high risk.
There are no easy solutions for this, something more direct and short term must be at stake for the users. @sandakersmann has a good example of that in his post, but I think we need more incentives for user to prevent ending up with a handful of companies minting the network and with that having the entire security of the in their control.
I looked at the idea of @ppcman to basically ‘tax’ these kind of transaction. Although I don’t think that is effective for large stakeholders unless you make the tax progressive.
Another way of going is that the community sets up an infrastructure of say 100 nodes who can uniquely use the multisig functionality for minting. Not sure whether that is feasible, but 100 nodes is better than just a handful. It would also allow the large PPC holders to spread their risk over multiple nodes. We would need to think on what would be needed to certify such node.
Funding of such a network can be done with the Peershares model, basically creating a kind of cooperative bank.
The concerns Petar87 and Cybnate have expressed about the potential of cold wallet minting to centralize the network are quite valid and have caused an evolution in my own thinking. If people pay a service to mint for them, they can still revoke that permission by transferring the coins without cooperation from the service they chose to trust. Still, they may not be able to do so quickly enough to prevent a bad outcome resulting from that centralization, such as double spends or even a protocol change.
Unless a method is discovered to prevent centralization of minting via minting services, decentralized networks such as Peercoin should not implement cold wallet minting. However, the way the Peercoin wallet presently works is also unacceptable. You must type your passphrase which is then displayed in plain text in the debug window for as long as you have the client open. That is an unnecessary risk. The menu based minting option present in Peerunity prevents display of the password and requires the passphrase to be entered to transfer coins, even while minting. This is probably the best solution because it provides reasonable security while preventing centralization of minting. It would be nice if there were some way to allow cold storage minting in a way that doesn’t lend itself to handing your minting keys over to a third party to mint for you, but I can’t see a way to do that.
Most Peershare implementations will be substantially centralized as the issuer will maintain a huge proportion of shares, often even the majority. In such a scenario cold wallet minting and using a third party service for minting makes sense. It will lower the barrier to entry for Peershares issuers because they will not need to maintain any infrastructure at all. Peershares issuers who own a majority stake would not have to put their network controlling keys at risk of theft to mint.
So, I propose we continue to discuss a cold storage minting solution and implement it in the Peershares template as we have been planning all along. However, it should not be used in Peercoin or any Peershare which is meant to be fully decentralized, unless a technique is found to prevent centralized minting. Peercoin and decentralized Peershares should employ the menu based minting solution present in Peerunity.
I wouldn’t like reward to be based on big vs small holders or what’s fair etc, it should pay users in the amount they contributed to security and it will really end up being fair. Big minters do get more coins, but they contribute more to security and interest 1% is the same. They also have bigger risk as they have more to lose if hacked.
[quote=“mably, post:26, topic:2336”]Unless you are an expert in security you will never mint with your hot wallet.
Exchanges are most probably minting my coins for themselves already, I want some part of the cake without risking to lose it all.[/quote]
I agree that many ppl won’t get enough incentive to mint, it would be good if this is addressed somehow. But it boils down to who do you want to really create blocks and add them on blockchain, handfull of entities not having their own coins or each holder for him self.
If somebody has such vast amount of coins or has such vast amount of trust (holding other people coins) he probably wouldn’t do double spend even if he get a chance.
Minting on behalf of others is just like POW pool mining, when a pool gets close to an alarm threshold, it’s the responsibility of the stake holders to leave the pool.
Yes it is exactly like PoW I agree. But notice that pool centralization is acknowledged flaw with bitcoin protocol.
Some ppl will leave, majority won’t, pools can get together etc. Bitcoin didn’t really solve this problem, if it did then yea ppc could do the same.
Does this proposal requires a protocol change (hard fork)? I suspect it does. If not so, we better continue discussing the risks and potential mitigation even further as somebody would implement this anyway some time in the near future.
Edit: I understand that it does require a protocol change.
What do you think about Compensating Proof of Stake miners with transaction fees (zacoins proposal) or small fixed reward? Or small reward related to difficulty will be better. It would give great incentives to run mining nodes.
Giving away the transaction fees looks an easy solution, but you actually take one of the pillars of the Peercoin economic model in my opinion. This is about the more the network is used the more wealth is spread amongst all Peercoin holders. In your proposal it will be directed to minters who are already rewarded. On top of that I doubt if this will give them adequate incentives knowing the value of the transaction fees which will need to be shared amongst all minting peercoin holders. Higher rewards is a solution, but the question is what or who would pay for that. Higher inflation? Doesn’t sound good to me. I think education in security and simplifying secure setups is a better way to go.
It is not different as with fiat, if you don’t trust anything you will have your money under your bed. But you won’t get any interest. If you dare to trust a bank or another person you might earn interest or profit, but this also increases your risk of loosing your money. It is no different with Peercoin minting. Cold storage - >no interest. Putting at stake securing the network → gain interest.
In the case of cold storage minting I think it should not only be about rewarding people, it is more about having an appropiate stake or if you wish share in it otherwise it would be easy to find ways to abuse the system for their own gains in the short term risking the network for all coin holders in the long term.
There are many options to solve this problem if you are fine with centralised services, but I think that defies the logic of the Peercoin blockchain and network and as Petar87 said it will makes us start thinking again why we started Peercoin and this discussion in the first place.
A way to keep a stake (skin in the game as people around me say) is to ensure that every minter wanting to hand over their keys to a 3rd party should have an equivalent and non-transferable stake in that same 3rd party. In that case I think it would be reasonable safe to continue with cold storage minting. How that would technically work needs more thought.
There are possibly other ways to solve this without increasing the risk of centralisation and I’m definitely keeping an open mind to this as it is something which needs to be addressed sooner or later I think *
Edit: assuming the amount of minting wallets and Peercoins at stake stays to low to adequately secure the network and to get rid of checkpoints.
Centralization in bitcoin pools is inevitable because the purpose of a pool is to reduce variance and to minimize the variance you must maximize the size. The ideal pool from a variance point of view is a pool with 100% of the network. Which is of course contradictory with the purpose of the network itself.
By allowing the minter to spend the reward we enable this whole variance competition in peercoin too. We make variance reduction pools possible because they will be able to split each reward. It will inevitably lead to centralization because the same “the bigger the better” problem would appear.
But if we don’t allow the minter to spend the reward we do not bring the whole variance reduction competition. If the pools can’t split the reward they can’t work.
There may still be service providers that mint for you, but there’s no such thing as the bigger the provider the better. So this doesn’t inevitably leads to centralization. A small provider may be just as good as a big one, and the barrier to entry is very low (a raspberry pi connected to internet and running a peercoin client).
There’s still the problem of people giving away their minting key. I’m not convinced but some people think there’s an incentive for coin owners to do that. And the tragedy of the commons tells us if there’s a small personal benefit they will do it.
A solution may be to slightly punish them. Right now when we receive 2 different blocks at the same height from the same previous output, we put the 2nd one on hold. We could put both on hold instead, and move one step backward in the blockchain. So as long as there are multiple clients minting the same coins, the reward would be delayed because the blocks would be rejected. I think that’s enough to defeat the incentive to give away your minting key.
minting only by security professionals/those who can afford hiring them(or buy custom sec. solutions)
cold-locked/delegated minting
Ad.1 - yes , it’s centralization, not related to $/kWh cost but to $/securedPPCs cost.
While fear is important part of human nature, here it leads to senseless behavior: ppl don’t mint even with 50% of their stake!
You don’t mint with 50% of your experimental(!!!) distributed accounting service shares - you may be almost sure that this experiment won’t take off and your shares market value will lose 99%!
We have to stop waiting for cold locked minting and concentrate on security solutions - secure and sustainable network where paper-wallet grows 1% per year is pure delusion. R-Pi minting behind firewall is secure, R-Pi minting with single connection to your private node on VPS is super secure, close your R-Pi in the safe and it’s ultra secure. No minting is hyper risky! I mint on my day-to-day desktop with code merged from few branches.
There’s clearly to small incentive to mint, I’ll remind my proposal: vote based inflation
minting pubkey is odd: increase inflation by mintingReward*X
minting pubkey is even: decrease inflation by mintingReward*X
random votes from users that don’t want to vote cancel each other
Beside minting reward there’s a voting incentive to increase/decrease inflation - few minters will try to maximize inflation, then more minters will oppose to stop dilution of their holdings, reverse, repeat. Self regulated risk/reward.
The principle of not allowing the minter to spend the reward is a good starting point. However I’m not entirely convinced this would prohibit the variance reduction competition. It does at a coin and reward level, but we are talking here at different incentives. The risk of putting coins at stake versus security. Most people would try to sell such a risk for the lowest fee and the best service.
So a large entity would be able to offer me a more attractive fee to mint my coins than a smaller entity even if they do not get the minting keys. Due to large scale they would be able to have a bigger stake in their wallet and be more successfull to mint (especially for small coin holders interesting). They would also be able to buy cheaper computer, disk and network capacity and provide the best service. With that they would likely be able to do a cheaper offer than that I have to buy and run a Raspberry Pi myself and with all of that “the bigger the better” problem surfaces again to some extend.
But maybe this is inevitable anyway in some form or the other, as it adheres to the basic rules of evolution, and can we only try to mitigate the risks as good as we can, until the next step in evolution will be made and rendering the current obsolete. Hmm, being profound here…
Now I think we understand the risk of your proposal including not allowing the minter to spend the rewards, maybe the incentives are relatively small and with that the risk is probably manageable with good education of especially the large coin holders. But again, it may also defeat the purpose of doing this if just a minority will use this.
BTW Not sure if I understand your punishment proposal. Does it assume that both provider and owners try to mint the same coins? I can’t see the scenario for that probably because I’m lacking the technical knowledge of the network or I just don’t understand what you are saying :
