[quote=“Thireus, post:7, topic:3338”][quote=“presstab, post:6, topic:3338”]Hey guys, cool to see you already linked to my findings. I have a full article released about it here: http://bitcoinist.net/interview-presstab-pos-vulnerabilities/
There is no myth about this problem, anyone can hash with about a 12,000% advantage on the current PPC code and be completely within the bounds of the protocol. I think that if PPC were wise, it would instead of saying “this is not a problem”, just go ahead and change the timedrift variable. It is not hard.
Also keep in mind that the most significant risk about this problem, in my opinion, is the impact on difficulty. If everyone runs this code, block target will be significantly overshot.[/quote]
Thank you for posting here. Could you share with us your thoughts about which timedrift value we should use, and what would be the consequences (apart from preventing this attack).
We changed HyperStake from 15 minutes timedrift to 60 seconds. Giving a binary to all of our peers that allowed 5 minute hashdrift created a major decrease in difficulty and overshooting targets by more than double. 60 seconds seems natural because A) that is what the standard ppc client is hashing into the future anyways, so it shouldn’t change much of how the network is operating B) there is reason to have some drift allowance, slow internet connections, etc.
BLK and some other coins are using 15 second. Not sure how that is going, but I would assume high orphan rate. Even our new 60 second drift is creating a bit higher orphan rate, but nothing absurd.