[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: [tor-talk] torslap!

I used to be a big proponent of proof-of-work schemes, but I've scaled
back my preference significantly.  There's two problems with them:

1) An attacker can use economies of scale to get better results than
an ordinary user.  If a user takes 5 minutes, an attacker can use GPUs
or ASICs to take 20 seconds.
2) Attackers almost never, or would never, pay or use their own
computers to compute proof of work schemes - they use victims of a
botnet.  In which case the only person hampered by a proof of work
scheme are the legitimate users.[0]

Mike Hearn has given a good amount of thought to deposit-based
systems.  Pay a server $5 or 5 bitcoins, and if you're a legitimate
user (not dormant) for X months you can get the money back.  (Or you
never get the money back, and the payment is smaller).  In this
scenario, the cost of an account cannot be reduced via scaling; and
while you can use a botnet to mine bitcoins, now that GPU/ASIC/FPGA
bitcoin mining is the norm CPU-based botnets will be more expensive
that the income they generate.

I like this theory a lot, many many times I've tried to purchase
something, over Tor, but been rejected because I've come from an
anonymous proxy.  I don't even care about paying 25% more at that
point, I just want to do it anonymously.  These days, my opinion is
that I hope bitcoin matures to the point where a system like this is
both possible and widely implemented. [1]


[0] There's definitely some parallels to DRM there...
[1] I reserve the right, as always, to change it if swayed by a good argument ;)
tor-talk mailing list