Protocol Resiliency Questions


I have some questions about the protocoI:

a) is it possible for one node to gain more rewards by attacking another node? AFAIK so far only Cardano has protocol level protection against this.

b) what are the sybil protection mechanisms? A single large owner distributes his stake in a lot of nodes to affect the chain for his benefit. There are potential attacks that would benefit this bad actor but wouldn’t cause the value of Harmony to drop (if executed properly)

c) Is there a point at which too many nodes (more decentralized) would negatively affect efficiency, even with the low network latency and full sharding Harmony uses?



I am trying to answer c). Yes, it is possible of too many nodes that may impact the efficiency as we need to get 2/3+1 vote for consensus. However, since we can always reshard the additional nodes into different shard or even into new shard if we get too many nodes, it is somehow still manageable.


My attempt to answer b)

We require validators to stake tokens before they are allowed to participate in the consensus in shards. After they staked and at the beginning of the next epoch, its stake will be converted to voting share(s).
1 voting share is 1 vote in Harmony’s FBFT consensus.

Note that these voting shares are calculated based on a dynamically adjusted conversion rate (please see §Adaptive-Thresholded PoS in our whitepaper for detail) so that sufficient number voting shares will be created for each shard and malicious stakers are not able to concentrate their power in one shard.

Then the voting shares will be randomly assigned to shard(s). The validator needs to run validating node(s) and join the shard(s) where the voting share(s) got assigned.

Based on our security assumption is we have at most 1/4th malicious nodes; we calculate that if each shard contains 600 units of voting shares, and if we have epoch change every 24 hours then the chance of one shard being corrupted is once in ~1000 years.