-
Notifications
You must be signed in to change notification settings - Fork 135
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
why deposits removed? #660
Comments
As originally proposed above, I believe there are at least two significant flaws: Claim 1: Is successfully collecting the deposit also a race condition?This was asked by @barryWhiteHat:
I propose this could be defeated by bribing with a smart contract that says "if & only if the MACI contract withdrew [deposit amount] to [briber's address], [bribee's address] can withdraw escrowed [bribe amount] from this bribe contract. Otherwise return [bribe amount] to [briber's address]". Thus the briber can be sure they'll either successfully collect the deposit, or get their bribe amount returned. Claim 2: Will the deposit amount always exceed the potential bribe amount?
This is per Vitalik's intended design, but Bob and Alice can trivially work around this... If Bob instead offers Alice Y + X, then Bob collects the X deposit. Thus Bob nets out -Y, Alice nets out +Y, and the deposit ended up having no effect. This assumes Bob can reliably withdraw the bribe, per Claim 1 above. |
If the deposit amount could be partially burned, if and only if it was being stolen, that could be a partial mitigation.
But all this fails because now there is a public on chain record of whether the deposit was stolen or not, compromising the fundamental "unconfirmability" that MACI was trying to create in the first place. As @barryWhiteHat pointed out in the thread:
It seems like a lot of these issues could be solved, and the deposit made useful again, if it could be withdrawn privately without leaking information. |
trying to understand the motivation why @weijiekoh removed deposit functionality here: ad6bdb6 as part of #60
Seemed like a powerful mechanism from vitalik's original proposal. Was a flaw found?
The text was updated successfully, but these errors were encountered: