A government white paper published last week painted a picture of a railway system hobbled by the byzantine structures created since privatisation.
The system now has almost 400 full-time staff called “train delay attributers” whose job it is to argue with each other about assigning blame for a delay. Nearly half of delays are subject to this blame game, meaning they have to go through an extensive adjudication process involving a 199-page principles and rules document.
The most bizarre dispute of recent years involved a debate about who was to blame for a train hitting a peacock. If it was defined as a small bird, then the company driving the train was responsible: if it was categorised as a large bird, then the blame went to the operator of the tracks. The two sides ended up haggling over whether peacocks were bigger than geese. (The answer: a peacock is a “large bird”.)
Par ailleurs, le raisonnement de départ est complètement pété:
It's crucial for blockchain decentralization for regular users to be able to run a node
At 2:35 AM, you receive an emergency call from your partner on the opposite side of the world who helps run your mining pool (or it could be a staking pool). Since about 14 minutes ago, your partner tells you, your pool and a few others split off from the chain which still carries 79% of the network. According to your node, the majority chain's blocks are invalid. There's a balance error: the key block appeared to erroneously assign 4.5 million extra coins to an unknown address.
An hour later, you're in a telegram chat with the other two small pools who were caught blindsided just as you were, as well as some block explorers and exchanges. You finally see someone paste a link to a tweet, containing a published message. "Announcing new on-chain sustainable protocol development fund", the tweet begins.
By the morning, arguments on Twitter, and on the one community forum that was not censoring the discussion, discussions are everywhere. But by then a significant part of the 4.5 million coins had been converted on-chain to other assets, and billions of dollars of defi transactions had taken place. 79% of the consensus nodes, and all the major block explorers and endpoints for light wallets, were following this new chain. Perhaps the new dev fund will fund some development, or perhaps it will just all be embezzled by the leading pools and exchanges and their cronies. But regardless of how it turns out, the fund is for all intents and purposes a fait accompli, and regular users have no way to fight back.
Can this happen on your blockchain? The elites of your blockchain community, including pools, block explorers and hosted nodes, are probably quite well-coordinated; quite likely they're all in the same telegram channels and wechat groups. If they really want to organize a sudden change to the protocol rules to further their own interests, then they probably can. The Ethereum blockchain has fully resolved consensus failures in ten hours; if your blockchain has only one client implementation, and you only need to deploy a code change to a few dozen nodes, coordinating a change to client code can be done much faster. The only reliable way to make this kind of coordinated social attack not effective is through passive defense from the one constituency that actually is decentralized: the users.
Imagine how the story would have played out if the users were running nodes that verify the chain (whether directly or through more advanced indirect techniques), and automatically reject blocks that break the protocol rules even if over 90% of the miners or stakers support those blocks. If every user ran a verifying node, then the attack would have quickly failed: a few mining pools and exchanges would have forked off and looked quite foolish in the process. But even if some users ran verifying nodes, the attack would not have led to a clean victory for the attacker; rather, it would have led to chaos, with different users seeing different views of the chain. At the very least, the ensuing market panic and likely persistent chain split would greatly reduce the attackers' profits. The thought of navigating such a protracted conflict would itself deter most attacks.
Il y a une très grosse faille dans ce raisonnement: tous les utilisateurs utilisent le même logiciel (ou éventuellement deux dans le meilleur des cas). Donc il suffit que les auteurs dudit logiciel fassent partie de la conjuration et publient une mise à jour du logiciel et paf, ça passe comme une lettre à la poste.