Security Model of POA


#1

Hi,

First off, congratulations and thank you for what your are doing, it looks very promising!

One question though regarding your security model. Browsing through the forum, the website and the whitepaper, I did not understand why I should trust the network of independent validators to behave honestly? I get it that they are public notaries but it does not say much to me (I’m not a US citizen).

Would you mind enlightening me on the following?

  • What needs to happen for a double-spend attack to succeed? How many “corrupt” validators are required for it to succeed?
  • What are the economic incentives of validators? What skin in the game do they have (besides reputation) ?
  • Do you have a target number of validators in mind?
  • Are all validators US based? Why?

Any other information on the topic would be very appreciated!
Thanks a lot,

Thibauld


#2

Hello Thibauld–

here are two good links to cover your questions:


and

You’ll find more information elsewhere on the POA Network website. Enjoy and welcome aboard!


#3

Thanks! I found some answers but not all, especially the target number of validators.

Also, it triggered another question: Validators are rewarded with POA tokens every time they mine a new block. But I could not find any element on why the POA token should have any value? What is its utility? If the value of POA token tends to 0, its come back to my initial question: What is the financial incentive for validators to act honestly?


#4

Are all validators US based? Why?

There are at least two networks based on the same security mode of on-chain governance to decide on set of validators.

There are multiple networks with the same governance system launched by third parties, such as Colu, Artis etc. They use a different set of validators and criteria to nominate validators.

You can get all decisions on validator set from the network or you can use a voting Dapp for it

What are the economic incentives of validators? What skin in the game do they have (besides reputation) ?

1 coin per block to a validator who created the block
1 coin per block for self-sustainability emission

Do you have a target number of validators in mind?

25 was the target number for POA Core.
Rationale:
a. Practical
(i) Master of Ceremonies who is the first validator without voting rights but who can onboard initial validators.
(ii) First twelve validators oboarded by MoC
(iii) Twelve validators onboarded by on-chain governance

b. Scientific
Conclusions from Decentralization in Bitcoin and Ethereum Networks paper

These results show that a Byzantine quorum system [53] of size 20 could achieve better decentralization than proof-of-work mining at a much lower resource cost. This shows that further research is necessary to create a permissionless consensus protocol without such a high degree of centralization.

Are all validators US based? Why?

For POA Core all validators are US based individuals. It was a setting of the first network.
The security model with a new state, basically a new network, is relatively easy to create from scratch comparing to PoW networks or POA type of networks for the first time.
A dfifferent set of validators could be used for new networks.

But I could not find any element on why the POA token should have any value?

Please read What is ether? How is it different from other tokens such as bitcoin? to get sense why there is a need for token on Ethereum platform. A free market determined that price of equivalent unit of computations on POA plaform costs price of POA token CMC link here.

What is the financial incentive for validators to act honestly?

  • public responsibility. A dishonest behavior on an individual will be observable by the general public.
  • self-regulated governance. A dishonest behavior of an individual/ small group will be punished by a majority.

Dishonest by majority will break the system like any other consensus.