[Bounty] (6 BTC) Unworkable last milestone
Ron Gross
jr.wi...@gmail.com
> Willet, can you try and explain here why this bounty should be awarded, and for what exactly?
bytemaster posted for pages and pages trying to convince me that the escrow fund model wouldn't work. I convinced him that it would work when it was over-funded. d'aniel described an attack vector which would cause it to collapse when under-funded.
Due to this attack, if the escrow fund ever falls to 100%, the stabilized currency will need to be dissolved. There were several strategies discussed to make sure that the escrow fund starts out over 100% and tends to stay above that threshold, so the base idea should still be workable.
The end result is that the spec will need to be updated with a few changes to avoid this vulnerability. I had agreed to a bounty in theory if you guys approved and someone could find a chink in the armor, but we hadn't officially set a number when the attack was posted.
I proposed 3BTC for bytemaster for being fanatically persistent, even though he didn't actually come up with the attack, and 3 BTC for d'aniel for actually describing how such an attack would work.
With that, I'm going offline for a few days (we're headed to a family reunion). I'll try to catch up on everything on Monday.
P.S. 25 more BTC was sent to the Exodus address a few minutes ago :)
Ron Gross
--
You received this message because you are subscribed to the Google Groups "MasterCoin" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mastercoin+...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
jr.wi...@gmail.com
The attack is to create a new GoldCoin competitor GoldCoin2 with over 100% backing, which the market will prefer over the original GoldCoin. You then short the original GoldCoin to death. If you have enough money, people panic, the original GoldCoin crashes, and your short pays off.
This attack does not work until shorting becomes possible, and then it only works if someone has a very large amount of money to put to work.
The proposed solution is to automatically dissolve a pegged currency if the escrow fund goes below 100%. I will probably make this a configurable parameter so people can experiment with under-funded escrow funds if they want to.
The other part of the solution is to create incentives which tend to keep the escrow fund over-funded, so everything can still work. A number of incentives for doing this were discussed, including:
* Require currency creator to add some funds to escrow at the beginning, in exchange for receiving any overflow from the escrow fund if it becomes massively over-funded later
* Charge some small transaction fees and put them in the escrow fund
* Create built-in shorting of the pegged currency, and put any losses from the short-sellers in the escrow fund.
Some combination of these incentives will probably be in the next revision of the spec.
