I think a key requirement for a secure network is: If you make decisions for the network (i.e. vote as part of a group), you must have invested in the network (e.g. CPU, bandwidth, Safecoin, disk space). If it’s easy to get lots of votes, an attacker can do it and compromise the network. If we can make sure that to get 50% of the votes in the network, you e.g. have to provide more bandwidth and processing power than the rest of the network, then that makes an attack really expensive.
Another key point is: You must not be able to decide in advance where in the network (under which node name) to make that investment. If you can know what name you end up with before you decide to pay or do work, you can start lots of nodes and kill all except those that end up in one targeted group. And then you don’t have to overpower the rest of the whole network but only the rest of that one group.
So I think it’s dangerous to just assign one vote to every node right from the beginning, and it’s dangerous to give a new node its permanent name right away. Being able to run lots of nodes, with one vote each, on your machine doesn’t make the network more, but less secure: The botnet can also run lots of malicious vaults on each of its physical nodes!
That’s why I currently favour either:
- pay a Safecoin, then be assigned a network name and allowed to join as a node, or:
- be allowed to join immediately, have a vote with a weight proportional to the total amount of work you did for the network since you joined (i.e. start without voting rights), and be forced to relocate (i.e. be assigned a new node name) periodically (perhaps with exponentially increasing stays at the same place).
The first option would at least make every vote correspond to an up-front direct investment. The second one would make the vote correspond to how much service you actually provided for the network (relocation is necessary so you can’t target a group).
The other options would certainly also provide some amount of protection, but I’m always anxious to get to a simple formula in the end, that allows us to put the cost of an attack in relation to the total value or power of the network.