[nullc]

In Bitcoin we can make a pretty concrete statement about computing power that one can reason about; the blocking attacker will not be successful without a majority of it.

Whats the similar statement for 'trust' which is sufficient for security? Obviously "attacker is partitioned from the network" is sufficient, but not very plausable. I'm sure there is a better statement possible, but its not clear to me what it is.

[andrewstellar]

Why wouldn't this be plausible? Let's say one day China had enough of Bitcoin, and used their essentially limitless resources to gain enough hashing power at will, to block transactions or rewrite them or what have you. Entirely plausible with Bitcoin (in this case, China doesn't care about the coin reward and therefore is not a "rational attacker" as the popular game theoretic model of Bitcoin security presupposes).

Now let's look at the Stellar model in this same situation. We've got a bunch of large company nodes that are probably Gateways (for the sake of argument say JCB, Wells Fargo, Barclays, and Bank of Brazil). We've got a ton of other nodes that belong to research universities, and then we have a bunch of "non-profit" or hobbyist or whistle blower nodes. There's a nice graph topology between all of these. Then one day China comes along and decides its had enough. How does it attack the network in this case? By hacking enough organizations to take control of their nodes? Seems a bit more unlikely than it gaining 51% of hashing power on the Bitcoin network...

[vbuterin]

> Let's say one day China had enough of Bitcoin, and used their essentially limitless resources to gain enough hashing power at will, to block transactions or rewrite them or what have you. Entirely plausible with Bitcoin

That's the Maginot Line attack, at Tim Swanson calls it. The more realistic attack is that China just hacks into five data centers and serves a warrant to another ten. An interesting property of the PoW incentive structure is that there is actually fairly little incentive to protect oneself against hacks, so I would not be surprised if it was fairly easy.

> By hacking enough organizations to take control of their nodes?

The key point in Stellar consensus is that even if enough nodes are hacked, then users can just stop trusting them and switch to other nodes, and so the network would "route around" the damage. With Bitcoin PoW, there's no way to exclude an attacker from participating; you have to accept their work just as much as everyone else's.

[andrewstellar]

Maginot Line attack, I like that. And yep, that's basically the point I've been trying to make in my posts. IMO Bitcoin isn't "trustless" - you need to implicitly trust those with hashing power aren't colluding to screw you.