Penalty for Failure to Defend

TODO: This is a paste of a Github ticket Add "penalty-for-failure-to-defend" concept to book #264 in order to ensure the text is committed into the revision.

Our primary conceptual framework for quantitative comparison between Crosslink security properties versus pure PoW or Tendermint-like BFT protocols is called "penalty for failure to defend" (aka $PF D$ ).

Key Top-Level Details

PFDs can be specific to compromising specific properties; example: $PF D_{l i v e n ess}$ and $PF D_{f ina l i t y}$ are different (so there's no simple top-line number for a given protocol).
$PF D$ is distinct from the confusing misnomer of "cost-to-attack" (because the penalty may accrue to non-attackers, and the nature of successful attacks is that they cost less than designers or security defense analyzers fail to anticipate).
Neither $PF D$ or the ill-conceived "cost-to-attack" metrics are conclusive about financial feasibility, since they don't capture attacker revenue/profit.
Some $PF D$ may be a "financial value gauge" such as in Tendermint protocols where a $PF D$ could slash a large bond at stake. Meanwhile others may be a "rate" such as in PoW where the penalty to miners is loss of a future revenue rate over time.
The two different types of $PF D$ (gauge vs rate) cannot be directly compared for two reasons:
- The obvious reason that rates and gauges are different unit types.
- The less obvious reason that the trade-offs in compromise, response, and recovery dynamics are qualitatively incommensurate. (TODO: flesh out the nuance here.)

Keyboard shortcuts

The Zebra Crosslink Book

Penalty for Failure to Defend

Key Top-Level Details