The Game of Stakes: It’s Time for Some Game Theory
The Game of Stakes is a first of a kind participatory research program to see how collusion and deception interact with the incentive layer of a BFT Proof of Stake system. The study of incentive compatibility has been one of the most interesting areas of study in Proof of Work systems and the formalization of the subtle incentives to withhold blocks and selfishly mine is one of the most unexpected results in the space. It’s my hope that the Game of Stakes provides some novel results in the field of incentive compatible consensus protocols.
Those of us involved in the Cosmos project have been studying Proof of Stake and incentives for almost 4 years but ultimately there are limits to reasoning about these problems in the abstract and empirical data is necessary.
The most effective mechanisms to win the Game of Stakes are going to be cartel formation and vote withholding attacks combined with some usage of strategies to deny participation to validators not in your cartel. The configuration of the economic system within Game of Stakes is designed to maximize the effectiveness of these attacks. BFT systems offer strong guarantees that if a cartel controls less than 1/3rd of the network they have very limited ability to influence the system but it seems plausible that players in the Game might be able to get control of 1/3rd of the online voting power.
I’m very curious to see if these attacks manifest during Game of Stakes. I suspect that the combination of social coordination and modifications to the Tendermint stack make these attacks pretty difficult to implement. Smart validators will monitor closely to see if theses strategies emerge.
If you find these questions fascinating, I hope you’ll join our experiment.
How does a vote withholding work?
An honest validator will provide both prevotes and precommits on a valid proposal as per the diagram from Ethan’s thesis. A Byzantine validator cartel will only prevote/precommit on proposals from cartel members. If multiple cartels are naively carrying out this attack, the chain will halt but I imagine that adaptive strategies are possible here.
If I’ve got this attack ready, why would I deploy it on the Game of Stakes network instead of on mainnet?
These attacks are less likely to be effective in mainnet. They are clearly attributable and will likely lead to losing delegation or being hard forked out of the voting pool. So if an attacker is interested is using these attacks, there is much clearer path to reward through the game than waiting for main net.
What should be done for mainnet if these attacks manifest during GoS?
The Cosmos community should invest in observability tooling to detect if cartel formation is occurring and the kinds of manipulations that would provide a clear path to winning Game of Stakes manifest on mainnet.