For PoS, clearly, we do not need to add the timestamp, rather the implicit timestamp given by number of blocks and number of skips should be the measure of choice. What does a node gain or lose when it changes the rule of when to accept a block by \Delta t, where \Delta t can be positive or negative?
As far as I can think, there are two effects of this on the rule-changing node, one positive with \Delta t positive in \Delta t and one negative:
- On the positive side, a node may be able to see into the future if other nodes start broadcasting their blocks early. Of course this is only relevant if other nodes actually do this.
- On the negative side, the node risks following a chain that later turns out not to be the main chain, because someone made a “long skip extension” of the main chain. However, this could easily be remedied by the node implementing a new rule: Only follow extensions of the chain up to \Delta t that would have been the main chain at the real time t, where the extension has a small number of skips.
- Finally, a second negative in the case where a node also broadcasts blocks early would be that it would miss out on transaction fees for not collecting the maximum number of transactions it could have collected.
From these effects, it seems that for a single node, there is very little to gain for changing the rule, but losses can also be kept at a minimum by also implementing stricter fork choice rules for chains between t and t+\Delta t.
However, what happens if a fraction f of nodes decided to break away from the rule (this could happen through an particular client implementation changing the rule, intentionally or unintentionally)? They would clearly only get any advantage among them if they also publish blocks early.
- In the pure RANDAO case (RNG exploitability analysis assuming pure RANDAO-based main chain), they would get the advantage of seeing the entropy slightly earlier than everyone else, if one or more of the next blocks are produced by the fraction f. This by itself probably does not translate into a direct monetary advantage, unless there are lotteries going on using this entropy. In fact, if level 2 contracts make use of beacon chain entropy, then this might encourage nodes to this behaviour. Maybe we need a rule to not use beacon chain entropy to decide anything in contracts? That would probably require making the beacon chain entropy itself inaccessible from inside the EVM, not sure if that’s possible, but feels like it could be.
- Another way this fraction could use this lookahead feature is to exclude other validators not participating in the scheme. In this way they could probably execute an uncoordinated 51%-attack on the chain, similar to [RANDAO beacon exploitability analysis, round 2]. However they would be able to get lucky “runs” before reaching the critical 36%, forcing other nodes to adopt the new rule. I think this would be the scenario to be worried about. [Interesting follow-up: Analyse at which level this pressure would become a relevant factor]
- In a vdf based RANDAO, the advantages would be different:
- If there is a small fraction with a “small” lookahead, they would mainly get the advantage of being able to start the vdf computation before everyone else, and so would get the vdf rewards if one of the rule-breaking nodes is the last entropy contributors.
- If there is a larger fraction, they may be able to get vdf results before the rule-following main chain has arrived at the vdf input. As long as the fraction f does not coordinate, this probably will still not allow manipulation of the entropy, so in the vdf case, the rule-breaking is overall more harmless. But this situation might also warrant more investigation on whether it lowers the overall security of the beacon chain.