LogoLogo
Exchange
ExchangeReal World Assets
Exchange
ExchangeReal World Assets
  • Introducing: LX
  • Main Features
    • Social Features
  • Reliability
  • High Liquidity
  • High Performance
  • Simple Trading
  • Diversity
  • Interoperability/Bridge
  • User Support
  • Transparency
  • Security
  • The Problem
    • Negative Consequences of Centralization
  • The Solution
    • Security Solutions as a Decentralized Exchange
  • LX: A Decentralized Social Trading Platform
    • Lux Exchange DAO
  • Decentralized Application
  • User Experience
    • Easy to use
  • Accounts, Wallets, and Keys
  • Authentication
  • Features
    • Hardware Wallets
  • Portfolios
  • Social Trading
  • People Based Portfolios
  • Copy Swaps
  • Trading Charts
  • Indicator Alarm Manager
  • Smart Search
  • Watchlist
  • Community Support
    • Decentralized community service
  • Rewarded Content Production/Trading Bots
  • Token Curated Customer Service
  • LX Architecture
    • LX Architecture Comparison
  • eToro
  • EtherDelta
  • 0x Protocol
  • LX
  • Lux Protocol
    • Lux as a Distributed Autonomous Organization (DAO)
  • Governance
  • Lux Consensus
  • Terminology
  • Election Triggers
  • Attacks
    • Tragedy of Commons
  • Collusion
  • Censorship
  • ASIC Attacks
  • Long Range Attacks
  • Treasury and Bounty
    • Budgeting
  • Bounty
  • Lux Tokenomics
  • Decentralized Liquidity Pool (DLP)
  • Market Maker Fees
  • LX C++ Application Programming Interface (API)
  • Permission Mapping
  • Permission Evaluation Applied to Copy Trading
  • Parallel Permission Evaluation
  • LX Key Capabilities
  • Atomic Swaps
  • Facilitating Liquidity
  • Exchange Traded Funds
  • Crypto-asset Custody for Gateways
  • Cold Wallet
  • Smart coins
  • Crypto-asset Volatility
  • Gold as Collateral
  • Incentives
  • Interest Rate
  • Development Roadmap
  • LUX Constitution and Ricardian Contracts
  • Lux Protocol
  • DEX Core Platform
  • DApp UI/UX
  • Hardware Wallet Integration
  • Quality Assurance
Powered by GitBook
On this page

Was this helpful?

Election Triggers

Forked Proof of History generator PoH generators are designed with an identity that signs the generated sequence. A fork can only occur in case the PoH generator's identity has been compromised. A fork is detected because two different historical records have been published on the same PoH identity.

Runtime Exceptions A hardware failure or a bug, or an intentional error in the PoH generator could cause it to generate an invalid state and publish a signature of the state that does not match the local validators result. Validators will publish the correct signature via gossip and this event would trigger a new round of elections. Any validators who accept an invalid state will have their bonds slashed.

Network Timeouts A network timeout would trigger an election.

Slashing Slashing occurs when a validator votes two separate sequences. A proof of malicious vote will remove the bonded coins from circulation and add them to the mining pool. A vote that includes a previous vote on a contending sequence is not eligible as proof of malicious voting. Instead of slashing the bonds, this vote removes the currently cast vote on the contending sequence. Slashing also occurs if a vote is cast for an invalid hash generated by the PoH generator. The generator is expected to randomly generate an invalid state, which would trigger a fallback to Secondary.

Secondary Elections Secondary and lower ranked Proof of History generators can be proposed and approved. A proposal is cast on the primary generator sequence. The proposal contains a timeout, if the motion is approved by a super majority of the vote before the timeout, the Secondary is considered elected, and will take over duties as scheduled. Primary can do a soft handover to Secondary by inserting a message into the generated sequence indicating that a handover will occur, or inserting an invalid state and forcing the network to fallback to Secondary. If a Secondary is elected, and the primary fails, the Secondary will be considered as the first fallback during an election.

Availability CAP systems that deal with partitions have to pick Consistency or Availability. Our approach eventually picks Availability, but because we have an objective measure of time, Consistency is picked with reasonable human timeouts. Proof of Stake verifiers lock up some amount of coin in a stake, which allows them to vote for a particular set of transactions. Locking up coin is a transaction that is entered into a PoH stream, just like any other transaction. To vote, a PoS verifier has to sign the hash of the state, as it was computed after processing all the transactions to a specific position in the PoH ledger. This vote is also entered as a transaction into the PoH stream. Looking at the PoH ledger, we can then infer how much time passed between each vote, and if a partition occurs, for how long each verifier has been unavailable. To deal with partitions with reasonable human timeframes, we propose a dynamic approach to unstake unavailable verifiers. When the number of verifiers is high and above 2/3, the unstaking process can be fast. The number of hashes that must be generated into the ledger is low before the unavailable verifiers stake is fully unstaked and they are no longer counted for consensus. When the number of verifiers is below 2/3rds but above 1/2, the unstaking timer is slower, requiring a larger number of hashes to be generated before the missing verifiers are unstaked. In a large partition, like a partition that is missing 1/2 or more of the verifiers, the unstaking process is very very slow. Transactions can still be entered into the stream, and verifiers can still vote, but full 2/3rds consensus will not be achieved until a very large amount of hashes have been generated and the unavailable verifiers have been unstaked. The difference in time for a network to regain liveness allows us as customers of the network human timeframes to pick a partition that we want to continue using.

Recovery In the system we propose, the ledger can be fully recovered from any failure. That means, anyone in the world can pick any random spot in the ledger and create a valid fork by appending newly generated hashes and transactions. If all the verifiers are missing from this fork, it would take a very very long time for any additional bonds to become valid and for this branch to achieve 2/3rds super majority consensus. So full recovery with zero available validators would require a very large amount of hashes to be appended to the ledger, and only after all the unavailable validators have been unstaked will any new bonds be able to validate the ledger.

Finality PoH allows verifiers of the network to observe what happened in the past with some degree of certainty of the time of those events. As the PoH generator is producing a stream of messages, all the verifiers are required to submit their signatures of the state within 500ms. This number can be reduced further depending on network conditions. Since each verification is entered into the stream, everyone in the network can validate that every verifier submitted their votes within the required timeout without actually observing the voting directly.

PreviousTerminologyNextTragedy of Commons

Last updated 2 years ago

Was this helpful?