contracts icon indicating copy to clipboard operation
contracts copied to clipboard

Published 20 hours ago verified publisher icon maticnetwork

potentially unbounded validation effort for users

Open johannbarbie opened this issue 6 years ago • 5 comments

as discussed here: https://github.com/maticnetwork/contracts/issues/22

So on the matic sidechain, there can only be one certified ERC20 implementation where none of the token holders can be contracts? Why allow any other transactions than in these certified ERC20 contracts? wouldn't it just open a window for the operator to flood users with garbage transactions, until users can not keep up to validate everything, then the operator sneaks in invalid state transitions, based on which he can then steal funds from the users?

I think the user can have simple latest state of (if users need it in any form example - Merkle sum as you mentioned) which they need and use it to get data instead of storing the whole chain. You can do same in UTXO (where you keep only unspent TXs).

I understand that you suggest to run a light client by users.

I don't think that is possible, because everyone needs to check all transactions, hence an invalid transfer by some other user can mean that at the end i'll end up in the exit queue while the contract has been emptied already.

johannbarbie avatar Oct 03 '18 09:10 johannbarbie

I understand that you suggest running a light client by users.

Prune such way that you can verify the current amount instead (for previous txs). Or Plasma XT kind of checkpoint (not a fan of this though :)

jdkanani avatar Oct 03 '18 09:10 jdkanani

I don't think that is possible, because everyone needs to check all transactions

Exactly due to such Usability/UX issues we use a PoS validator layer which is incentivised to perform this duty on behalf of the users. Moreover this layer is envisioned to be highly decentralised with a large stake to have economic incentives/disincentives to perform such duties.

But of course if there are any solution which reduce the dependency on the PoS layer (as its supposed to be an additional layer of security on top of Plasma related mechanism) for such activities, its much more desirable.

vaibhavchellani avatar Oct 03 '18 09:10 vaibhavchellani

a PoS validator layer

throwing another layer on top is great, but it reminds of security by obscurity.

Prune such way that you can verify the current amount instead (for previous txs). Or Plasma XT kind of checkpoint (not a fan of this though :)

do you have such a pruning mechanism in work? I understand once that is in place, this model would be as feasible as Plasma MVP, right?

johannbarbie avatar Oct 03 '18 09:10 johannbarbie

do you have such a pruning mechanism in work?

Not yet. Marked this issue as enhancement.

jdkanani avatar Oct 03 '18 09:10 jdkanani