[RFC-0006] Remove Proof-of-Work Block Signature


#1

Published another RFC, feel free to discuss.


#2

I think generally is it a good thing to:

  • Simplify design and PoW block requirements
  • Remove the requirement for empty outputs (zero utxo problem)
  • Get closer to the Bitcoin conventions if possible

If the block signature is required for the staking algorithm, and the requirement for a block signature is removed, then pooled miners don’t need it as the coinbase coins don’t go in the local wallet anyway.

I have some questions:

  • Would this affect a standalone node mining proof-of-work but then holding in that wallet.dat until coin age maturity and expecting to stake? Could creation of a block signature be optional in that case, instead of mandatory?
  • Do utxos from a pool PoW mined block not “stake” for the vouts to offline keys? At least until sent/spent to a full node’s wallet?

#3

The proposal does not remove the signature, it removes the requirement for a valid signature for proof-of-work blocks.
This means that a miner can use those signature bytes for anything he likes, so if he really wants he could sign his block but it serves no purpose at all. Even worse, it exposes the public key of the miner’s address.
Conceptually there is no difference to mining to a local or offline wallet. When you mine using Peercoin Solo Pool, the payments would show in your wallet as if they are mined locally, the coinbase pays directly to your address it doesn’t matter whether it is mined using your wallet.dat or not.
The wallet.dat is just a database that stores private keys (and some less important indices). Coins do not mature in a wallet.dat, they mature on chain.

Are you aware you can hold the same keys on multiple nodes? Just make sure you don’t mint with all as that is considered bad behavior and will result in getting your blocks orphaned.
A miner can mine to any address on a machine that does not contain any private key and mint those addresses on a different machine, making it harder for an attacker to figure out where the keys are.
Pools should not store their private keys on their server as attackers know those keys hold a lot of coins for a while.
Unfortunately, almost all peercoin pools do store their keys on their server because they need the key to sign the block.
Peercoin Solo Pool seems to be the exception here, it pays to keys not stored on the server and sends a zero output to the online key that is used for signing, it’s a workaround for this vulnerability.

Long story short, that signature requirement for Proof-of-Work blocks does not serve any purpose at all, like the transaction timestamp it’s just plain stupid and opens up attack vectors.


#4

Thanks, this clarifies it for me, I’m on board with the RFC.

Block signature is only needed for proof-of-stake blocks and their coinstake txs.

Proof-of-work coinbase utxos will be able to go an address with externally hosted private keys (as is now) but without having the keys on the miner or having a dummy tx with zero output.

In all cases, the PoW miner can send to external address where a node with the private key is “staking”/minting with the private key continually.


#5

I dont understand this, isnt the block reward going to the miners address? Is the address not the same as the public key?


#6

No, the address is the hash of the public key in case of a P2PKH output, the public key is not revealed and will remain secret until the first payment.

Currently the block signature requires vout[0] to be a P2PK output that reveals the public key to be able to validate the block signature. But you can just as well mine to P2PKH outputs that don’t reveal the key again only Peercoin Solo Pool seems to be doing that.