It’s likely that I’m way out of my element with this question, but I was reading about “Shamir’s Secret Sharing Scheme” earlier tonight and had a thought
In secret sharing schemes, the standard use is to share something (in this case, part of a private key) amongst n number of ‘players’ and then allow an action to happen if a sub-set of those players bring their portions of the secret together. This allows for an action to occur without requiring everyone who has part of the secret to have to come together (say, someone has died, or there’s a conflict between members – but enough consensus to still meet the requirements of the number of required parts).
We’re already familiar in cryptocurrencies with the idea of multi-signature keys, so up to this point, it’s not really new territory.
What I’m curious about, however, may be something different. Is it possible to set up a secret sharing scheme where a large number of players are handed portions of the key, but the key is only valid when used by some maximum number of those players?
If it is possible, and if it’s something that could be extended to fit into a cryptocurrency’s operating protocol, would it not follow that you could theoretically set up a scenario where pooled minting is possible, but if it’s attempted by more than > X addresses, the key would not compute correctly, and therefore, could not be used as a valid private key to unlock an address to receive a coinstake transaction after a block was found?
I do not think that any form of pooled minting can be safe so long as the POS kernel search space is so easily exhausted in advance. While I do not feel that “pre-hashing” is a threat in the hands of independent users, a pool can easily “cherry pick” a limited cache of outputs it chooses to mint at any given time and can even pay a premium for certain stakes that help win consecutive blocks.
While the objective of increasing small stakeholder participation in POS is valid, it seems to me that any form of pool contradicts the very benefits of this increased participation.
[quote=“learnmore, post:3, topic:2611”]I do not think that any form of pooled minting can be safe so long as the POS kernel search space is so easily exhausted in advance. While I do not feel that “pre-hashing” is a threat in the hands of independent users, a pool can easily “cherry pick” a limited cache of outputs it chooses to mint at any given time and can even pay a premium for certain stakes that help win consecutive blocks.
While the objective of increasing small stakeholder participation in POS is valid, it seems to me that any form of pool contradicts the very benefits of this increased participation.[/quote]
Very true, only when x=1 it is 100% safe. Instead of limiting the number of stakes, it would make more sense to me, to limit the size of the stake when x>1. I don’t see an issue with 100 users pooling with each 1 PPC. The issue is when 100 users have a significant stake together. So limiting pools to say 0.01% of total coins available, approx 2100 PPC wouldn’t be a problem in my opinion. However this wouldn’t satisfy larger stakeholders by any means, but it might attract more smaller savers. It won’t hugely benefit the network from increased participation, but it makes minting feasible for everyone and therefore might make the network more attractive indirectly benefiting larger stakeholders.
Probably not what you were looking for…
@ben I don’t see a technical issue implementing your proposal as it can be as simple as a counter for the number of pooled addresses I guess. But I might oversimplify this, not being a developer.
I have a suggestion that might have been suggested before but if not, this is my 2 cents
The whole incentive behind pools is the steady minimal income rather than the big income that occurs far in between and this is true for both PoW and PoS …
What if the peercoin protocol is changed so that minting is still done on individual bases but the minting client can specify an address that the minted reward can be sent to? The use case would be like this :
Minting pool admin sets up a website and upon user registration, the user is given an address to configure his client with to send the minting rewards to instead of getting it himself. Then it’s the pool admins responsibility to distribute that minting reward among the the people minting for the pool.
I know this is a simple example with not much technical details but I feel like it solves the main problem of not wanting centralization in the security of peercoin.
We have to face the reality that pools never really existed for the purpose of securing a coin by rather as a way for distributing steady income. By using this method, the pool is not trusted with the security of peercoin. It’s only entrusted with distributing rewards to it’s participants.
Now the question maybe how those rewards are fairly distributed among participants, but that is a question for the pool admins to solve not for peercoin developers.
Would love to hear your thoughts on this. If the idea has merit, please copy it and start a new topic on it. I’m not too savvy with the development of cryptocurrency so I didn’t want to start a new topic with the idea until bright thinkers conclude it has merit
[quote=“IndigoMan, post:5, topic:2611”]What if the peercoin protocol is changed so that minting is still done on individual bases but the minting client can specify an address that the minted reward can be sent to? The use case would be like this :
Minting pool admin sets up a website and upon user registration, the user is given an address to configure his client with to send the minting rewards to instead of getting it himself. Then it’s the pool admins responsibility to distribute that minting reward among the the people minting for the pool.[/quote]
You will need some kind of multi-sig minting key to be able to enforce that the reward is really sent to the pool address.
[quote=“IndigoMan, post:5, topic:2611”]We have to face the reality that pools never really existed for the purpose of securing a coin by rather as a way for distributing steady income. By using this method, the pool is not trusted with the security of peercoin. It’s only entrusted with distributing rewards to it’s participants.
Now the question maybe how those rewards are fairly distributed among participants, but that is a question for the pool admins to solve not for peercoin developers.[/quote]
You’re right, it might be difficult to fairly distribute the rewards to the participants. How can the pool verify that participants are actually minting?
It might be an interesting solution for small stake holders, but they will probably prefer to give their minting key to the pool directly, and that would go against decentralization.
