Worst case scenario guy here.
TL;DRThe whole post is just my speculation on whether on not Solana's security can be influenced by institutions with big money. I look for security audits that took into account malicious node operators possibly influenced by banks.
Loving Solana's TPS. And the ecosystem. Absolutely amazing. By engineers for engineers. No scientific bullshit. No useless mathematical proofs. No peer reviews. Great. Not that there is anything wrong with peer review or scientific method in general but Satoshi was first and foremost an engineer. Le'ts remember that. We would not have Bitcoin today if he stopped on reading and writing academic papers. Same for PageRank - Page delivered the solution and not only read and wrote about it.And that's what Solana did - they delivered a product that works. Great.
And of course, I can easily imagine Solana being #1 blockchain on this planet. And pretty soon.
Proof of History - strike of genius
To learn more about Solana, for past few weeks I have been obsessively reading, listening and watching everything I could get my hands on about Solana. Starting from the Proof of History, though PBFT to block propagation protocol.Nothing beats the genius of the global clock provided by PoH withoutu which none of the above would provide such an enormous TPS! The simplicity of the PoH approach just blows my mind. It's so obvious when you think about it. So obvious that it's borderline unpatentable. How come nobody thought about it earlier such a simple thing.
- Sha256 loops as fast as possible, such that each output is the next input.
- The loop is sampled, and the number of iterations and state are recorded.
But that simplicity also worries me because that makes it a blockchain with security dependent on the software and hardware as clearly seen in 1).If I understand this security model correctly, hardware manipulation of just a bunch of machines would massively decrease the security of the network. Such hardware change could happen unknowingly to the Solana community. Nobody would even noticed that.
Speculation - CDBC needs a catalyst event
For CDBC to get mass adoption some catalyst event will be needed - like a massive crypto hack of #1 cryptocurrency. In a similar fashion as creating central banks required bank runs to happen first.
In a hypothetical scenario when some actors with endless money supply, like banks, would want to undermine the trust to the pro-freedom, anti-fiat crypto movement started by Satoshi Nakamoto could they be in a position to influence node operators to expose their own network for hacks, i.e., they would not hack it themselves of course. They would only make the network less secure.In other words, can a bunch of Solana node operators be influenced by banks to downgrade their hardware and expose the blockchain for hacks?
Security audits
I have been looking for any security audits that dealt with such scenarios but found none. The 2019 Kudelski audit that though it highlights the weakness of the PoH clock frequency it does not take into account a possible interference of node operators by third parties. I
It is clear that the Solana team themselves is aware of PoH deficiencies and that's why slashing was introduced - to heavily punish any bad actors. That makes it tinkering with Solana's security costly.
Anyway, I would love to see some security audits results that are taking hardware downgrade into account. Were there any audits considering such scenarios conducted at all?
No comments:
Post a Comment