-
Notifications
You must be signed in to change notification settings - Fork 13
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[Docs] Shannon Probabilistic Proofs #899
base: main
Are you sure you want to change the base?
Conversation
|
GitGuardian id | GitGuardian status | Secret | Commit | Filename | |
---|---|---|---|---|---|
13506804 | Triggered | Generic High Entropy Secret | 13a5f50 | localnet/kubernetes/config-path-1.yaml | View secret |
12819930 | Triggered | Generic Password | 384d796 | localnet/kubernetes/observability-prometheus-stack.yaml | View secret |
14150880 | Triggered | Generic High Entropy Secret | 13a5f50 | localnet/kubernetes/config-path-3.yaml | View secret |
14150881 | Triggered | Generic High Entropy Secret | 13a5f50 | localnet/kubernetes/config-path-2.yaml | View secret |
🛠 Guidelines to remediate hardcoded secrets
- Understand the implications of revoking this secret by investigating where it is used in your code.
- Replace and store your secrets safely. Learn here the best practices.
- Revoke and rotate these secrets.
- If possible, rewrite git history. Rewriting git history is not a trivial act. You might completely break other contributing developers' workflow and you risk accidentally deleting legitimate data.
To avoid such incidents in the future consider
- following these best practices for managing and storing secrets including API keys and other credentials
- install secret detection on pre-commit to catch secret before it leaves your machine and ease remediation.
🦉 GitGuardian detects secrets in your source code to help developers and security teams secure the modern development process. You are seeing this because you or someone else with access to this repository has authorized GitGuardian to scan your pull request.
@RawthiL Friendly bump that this is on the backlog. Not urgent, but important. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think there is an issue with how the slash is calculated, allowing attackers to spam without penalty.
Adding a gist from @RawthiL for reference: https://gist.github.com/RawthiL/9ed65065b896d13e96dc2a5910f6a7ab |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Left some comments and NITs that might become irrelevant by your planned rewrite.
Eager to read the next version 📖
👀 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I got to line 185 in probabilistic_proofs.md but have to call it quits for today. Will resume in the morning.
Co-authored-by: Bryan White <[email protected]> Co-authored-by: Redouane Lakrache <[email protected]>
@bryanchriswhite I'm going to favor "onchain" versus "on-chain" given this resource: https://x.com/jessepollak/status/1764742947218858477 |
Co-authored-by: Redouane Lakrache <[email protected]>
Co-authored-by: Redouane Lakrache <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
Co-authored-by: Bryan White <[email protected]>
- [Analogs between Model Parameters and onchain Governance Values](#analogs-between-model-parameters-and-onchain-governance-values) | ||
- [Parameter Analog for Penalty (`S`)](#parameter-analog-for-penalty-s) | ||
- [Parameter Analog for Reward (`R`)](#parameter-analog-for-reward-r) | ||
- [TODO_IN_THIS_PR: Explain `p`](#todo_in_this_pr-explain-p) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
- TODO_IN_THIS_PR: Explain p
- [Selecting `ProofRequirementThreshold`](#selecting-proofrequirementthreshold) | ||
- [Calculating `p`: `ProofRequestProbability`](#calculating-p-proofrequestprobability) | ||
- [Calculating `S`: `ProofMissingPenalty`](#calculating-s-proofmissingpenalty) | ||
- [TODO_IN_THIS_PR: Above Threshold Attack Possibility](#todo_in_this_pr-above-threshold-attack-possibility) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
- TODO_IN_THIS_PR: Above Threshold Attack Possibility
|
||
$$ E[\text{Total Profit}_{\text{Dishonest}}] = R \cdot \frac{q}{p} - S = 0 $$ | ||
|
||
TODO_IN_THIS_PR, incorporate feedback from ramiro: |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
TODO_IN_THIS_PR, incorporate feedback from ramiro:
|
||
:::danger | ||
|
||
TODO_IN_THIS_PR: Honest faulty suppliers will also be affectd and peanlized, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
TODO_IN_THIS_PR: Honest faulty suppliers will also be affectd and peanlized,
|
||
Therefore, `R` can be assumed constant when determining the optimal `p` and `S`. | ||
|
||
### TODO_IN_THIS_PR: Explain `p` |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
### TODO_IN_THIS_PR: Explain p
|
||
### Considerations during Parameter Adjustment | ||
|
||
TODO_IN_THIS_PR: Add a mermaid diagram for this. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
TODO_IN_THIS_PR: Add a mermaid diagram for this.
|
||
#### Selecting Optimal `p` and `S` | ||
|
||
TODO_IN_THIS_PR: Add a mermaid diagram for this. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
TODO_IN_THIS_PR: Add a mermaid diagram for this.
|
||
$$ S = R \cdot E[K] = 20 \cdot 99 = 1980 ≈ 2,000 $$ | ||
|
||
## TODO_IN_THIS_PR: Above Threshold Attack Possibility |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
[linter-name (fail-on-found)] reported by reviewdog 🐶
## TODO_IN_THIS_PR: Above Threshold Attack Possibility
docusaurus/docs/protocol/primitives/probabilistic_proofs.md
Summary
Document probabilistic proofs in Shannon.
This is needed to determine secure & scalable values for on-chain parameters for Beta TestNet and beyond.
Original source: https://github.com/pokt-network/pocket-core/tree/staging/doc/probabilistic_proofs
Issue
Type of change
Select one or more from the following:
consensus-breaking
label if so. See [Infra] Automatically add theconsensus-breaking
label #791 for details