distributed document popularity metrics using amortizable hashcash (Re: [p2p-hackers] BitTorrent measurements / fully decentralizedsystems)

Adam Back adam at cypherspace.org
Thu Dec 16 23:55:29 UTC 2004

On Thu, Dec 16, 2004 at 01:56:59PM -0800, "Hal Finney" wrote:
> > Documents are requested from peers, and with the requester sends his
> > view of the documents popularity stamp value.  The server adds the
> > requesters stamp to it's own stamp, and sends the new stamp in the
> > response.
> The grammar here is confusing to me.  

I was tired (2am) it was rushed.  OK start again:

Three cases A) selecting content, B) downloading content, C) voting on
content.  Even though it p2p I'll use server and client to mean the
usual things.  (A peer is just one or the other, or both in a given

A) selecting content:

the peer chooses the content that matches the search criteria and has
the highest rating.

B) downloading content:

the client acts (as you said) as a clearing house for stamps from the
servers it downloads from.  Note it doesn't need to send stamps back
to servers unless it does a calculation which gives a larger stamp
than the server already has.

C) voting on content:

during playback (implicit) or after explicit voting action the peer
votes on the content.  We might have positive as well as negative
votes, tracked separately, just add up their +ve and -ve normalized
value to reach the overall value.

(Normalization being what you have to do to factor out the logarithmic
nature of the composite stamps.  And that addition being standard
floating point addition.)

I tend to think it would be more effective to note vote directly on
content but vote on the reputation of pseudonymous content raters.

That way they build up a pretty heavy reputation which is going to be
seriously expensive to compete with.

> Anyway as I said it sounds like a good idea but I am a little unclear
> about the exact mechanisms and how the data would flow.  I'd appreciate
> it if you could explain that again.

Overall the basic mechanism is a distributed voting mechanism which
introduces no extra communications purely for converging on and
distributing the global sum of the votes.  There can be multiple votes
on any number of metrics, and meta-level votes (the content raters

One could also build decay into the model so reputations fade unless
maintained (or the popularity metric of a document fades).  This is
easy to do, just include the time in the stamp, and discard or reduce
the value according to some formula of stamps as they age.  eg. if you
were using the document popularity metric to weight caches you might
want to do this (depending on your availability criteria), eg to
ensure that very historically very popular, but passe content does not
hog cache space better used for new content.  I suspect that films
have this property ... every one wants it when its just out, after
that rush it tapers off except for more classic genre setting films.

As I mentioned (for others Hal knows all about the crypto) the actual
crypto is pretty easy, and looking at the things you can do with it I
think it would actually work pretty well in eg Kazaa or other similar
networks if deployed.

Maybe for meta-rating, you might even want to increase the weighting
of rating with age, to make it hard for the johnny-come-lately jammers
working for RIAA / MPAA et al to displace pseudonymous established
players.  (This would be a bit like Rivest & Shamir's micromint where
the system accumulates advantage over outsiders attempting to forge).

Also once you have established pseudonymous high rating rating service
pseudonyms you could have cross-pseudonym ratings, which are
conventional WoT signatures conveying big chunks of reputation.  A
jammer could spend lots of real-world money to buy enough CPU to
compete with the bona-fide rating services.  That reputation could be
revoked with a signature revocation certificate if the rating service
turned rogue (or got turned, private key compromised by jammer).

Generally it provides an anchor point for a distribution focussed
reputation system possibly solving the bootstrap problem.

And people tend to use what works, so you could imagine a system where
you pick rating services, and you don't add new ones unless the old
ones stop rating enough content for you.  The set of ratings services
is probably small enough for people to apply human intelligence to in
discussion forums etc.  Of course the jammer may try to jam those
also, but some of the good info will be exchanged out of band between
social networks.

Maybe we can even make it more expensive than it's worth to attack,
the final measure of true security :-)


More information about the P2p-hackers mailing list