Signed proxy mining

[1-r-0-n-M-4-n]

Signed proxy mining

To protect users' funds I propose to introduce signed proxy mining.

Currently running a mining node 24/7 with open private key (main identity wallet) is pretty risky.
Not many users know how to configure their VPS in a good secure way and many users running their nodes from home PCs can be a victim of a virus, malware, 3rd party unauthorized access (PC stolen) etc.
With inroducing staking in IIP-4 (and possible in IIP-5) these risks have increased a lot.
Also I believe that this feature is needed for a larger adoption in future.

The idea of signed proxy mining is that owner of identity can send special transaction:

signMiningProxy(proxyMiningAddress)

After transaction confirmed by blockchain user can control mining, submit flips, pass validation with node running with proxyMiningAddress.

Transactions that can be sent from proxyMiningAddress:

• InviteTx
• SubmitFlipTx
• SubmitAnswersHashTx
• SubmitShortAnswersTx
• SubmitLongAnswersTx
• EvidenceTx
• OnlineStatusTx
• KillInviteeTx
• DeleteFlipTx

All other transactions must be reverted by the network.

When node receives one of those transactions it must lookup in blockchain state whether transaction address is simple identity address or signed proxy mining address.

If address is simple then logic of handling transaction doesn't change so backward compatability for those who doesn't want to use signed proxy mining remains.

If address is signed proxy mining address then node must get owner of this address and process this transaction like it was sent from main identity address.

Oracle voting transactions are excluded from the list of permitted transactions because they are actually smartcontract calls. With implementing Turing complete contracts it will be dangerous to call them from proxy address.

Block mining process must account accordingly all nodes under control of proxy mining addresses. Mining from main wallet address must be prohibited if this address has signed proxy address. Delegating from main identity address must be prohibited too if it has signed proxy address but for pool owner signed proxy mining must be available as it will help owner of a pool (e.g. family pool) to protect funds of pool members.

Hard fork will be needed. If proxy signed mining will be implemented then in next hard forks all nodes under proxy addresses must be counted as they running from main identity address.

So in the end with proxyMiningAddress user can do all day-tasks (submit flip, invite people. activate mining, pass validation) except oracle calls without a risk that if someone get control over proxy address then he can terminate identity and drain all balance from it. Main identity wallet can be stored separately on an offline device and used to offline signing other transactions if needed.

Future improvements:

• Standalone utility with GUI that can generate signed transactions from offline PC with main identity wallet.
• An option in webapp and desktop client to broadcast signed transactions.
• A note in the UI if user runs its node under a control of a signed proxy address.

Maybe I missed some obvious things here, so consider this proposal as a draft of a draft :)

[ubiubi18]

I like that idea. I would like to keep my mining node running at home. But in case that marketcap increases beyond a certain treshold i am going to stop it due to security considerations. Something like signed proxy mining can make a difference.