[Lightning-dev] Proof-of-work vs fees

ZmnSCPxj ZmnSCPxj at protonmail.com
Mon Dec 2 02:04:21 UTC 2019

Good morning Orfeas,

> > > > -   Locking the up-front fees for a time, then reverting them to the original sender.
> > >
> > > This means that I can burst-spam today, wait until unlock, repeat. If the PoW scheme somehow enforces fresh PoWs (e.g. by needing (nonce || recent block hash) as proof), I can't do this attack.
> >
> > But in order for PoW to actively limit spam, the PoW target must be high enough that you can burst-spam today, wait until you get your next passes-the-threshold PoW, repeat.
> > The difference is that PoW has more variance, but that variance itself can limit non-spam usage (in much the same way that too high an up-front locktime would also limit non-spam usage).
> We wouldn't be able to burst-spam with PoW if it was (nonce || recent block hash || recipient public key). Including the pubkey there makes sense anyway.

I think we have differences in "burst-spam" definition here.
My definition of this is that I can spam any number of routes, until I run out of some resource (CPU processing and time for PoW, liquid funds for locked-fee).
But afterwards, once time passes (I have accumulated more additional PoW, or the lock on my fee expires) I will be able to spam once again.
Both are equivalent to me economically: locking my funds prevents me from earning with it (i.e. opportunity cost) continuously, which matches the continuous drain on my energy reserves and hardware deprecation caused by PoW.

> We can further concatenate some kind of `secret_to_get_fees` in the PoW so that P the payer can't outsource the PoW calculation to some service S without P trusting that S won't steal the fee. I.e. P can't buy the PoW.

*For whom* is the fee?

The fee is paid to intermediate nodes by the payer --- it is already a "sunk cost", thus the payer will not particularly care if the intermediate nodes fail to claim the fee.

Finally, if the payer knows a secret that, by itself, can be used to claim the fee paid to the intermediate node, then the intermediate node would also have to trust that the payer will not reverse the fee by such a claim.
If the secret is not enough that, by itself, it can be used to claim the fee, then knowledge of that secret will not allow the PoW service to steal the fee.

> > Money represents the allocation of available energy (by the simple mechanism of purchasing energy using money; the invisible hand is really the mechanism which directs energy towards the production of goods that are demanded), and PoW is a proof that somebody allocated available energy for the production of the PoW.
> I think I understand now the root of our disagreement, please correct me if I'm wrong.
> You are saying that PoWs, being a scarce resource, have a market value. In other words, we can engineer PoW in a way that it can be bought for money.
> I'm saying that PoW and fees are not blindly interchangeable as an anti-spam measure for LN. (Heck, even the various versions of PoW we devised in this thread are not interchangeable!) I'm further saying that we don't know whether every PoW-based scheme can be transformed to an equivalent fee-based scheme.
> In this sense, I believe we are both right.
> The argument "there is a market price for PoW, therefore PoW and fees are equivalent, therefore we can use fees and PoW interchangeably for LN anti-spam" is not correct though. Just s/PoW/sneakers and the reason will become obvious. (This substitution is OK because neither sneakers nor PoWs can be converted back to abstract energy and reused to produce different goods, only exchanged for other manufactured goods or money.)

Sneakers are just another altcoin.
If they have any value at all, they can be resold.

(I am being facetious at this point; you win this part of the argument: PoW is valued by intermediate nodes as a spam-limiting factor, but not necessarily resellable elsewhere due to being tied to a particular payment attempt)


More information about the Lightning-dev mailing list