Wallets are created periodically based on governance.
updateWalletParameterschanges the time between wallets and
walletParametersreads it. The time between new wallets is held in
walletCreationPeriodin number of seconds, so the current value of
1209600represents 14 days. In order for the wallet to move funds, it produces signatures using a Threshold Elliptic Curve Digital Signature Algorithm, requiring 51-of-100 Signers to cooperate.
The probability that a Staker is chosen to be a Signer is equal to their percentage of the total TBTC Stake. Each Signer is chosen independently. The same Staker can be a signer on the same wallet multiple times. The same Staker can be a Signer on multiple wallets simultaneously.
For simplicity, say there are only three Stakers: Alice, Bob, and Carol. Alice has 250M T, Bob has 400M T, and Carol has 350M T staked, so they own 25%, 40% and 35% of the stake respectively. That means, Alice has a 25% chance to be a Signer, Bob has a 40% chance, and Carol has a 35% chance. Each Signer is selected independently.
The Sortition Pool is more complex (because of heavy gas optimization), but reasoning about it could look like this: For each Signer, we're going to generate a random number between 1 and 100. Alice is the Signer if the number is in [1, 25]. Bob is the Signer if the number is in [26, 65]. Carol is the Signer if the number is in [66, 100]. For example, if our first random number is 33, our first Signer would be Bob. We can generate 100 random numbers:
(75, 51, 13, 48, 36, 62, 46, 65, 97, 67...), and then use that to determine Signers:
(Carol, Bob, Alice, Bob, Bob, Bob, Bob, Bob, Carol, Carol...). This example illustrates a few properties mentioned earlier:
- Each Signer is selected independently. Whether or not Carol is the first signer has no influence on Carol being the second Signer.
- The chance that you become a particular Signer is equal to your share of the Stake.
If Carol has a 35% chance of being a particular Signer, what are chances that Carol has at least 51 of the 100 seats (and could control the wallet by herself)?
A Binomial distribution with parameters
pis the discrete probability distribution of the number of successes in a sequence of
nindependent experiments, each asking a yes–no question, and each with its own Boolean-valued outcome: success (with probability
p) or failure (with probability
This is exactly our situation! From Carol's perspective, there will be
n=100independent experiments, each asking a yes-no question (does this Signer belong to Carol), each with a 35% probability.
It's the last figure: "Cumulative probability: P(X>51)" that's relevant. That says there is a ~0.074% chance that Carol would have a controlling Share of any particular wallet.
The next important question is "The probability that Carol controls a Wallet is low, but it only needs to happen once for things to be bad. What is the probability that she controls any wallet in the next 2 years?"
A wallet is generated every 14 days, so over the next 2 years, the system would generate ~52 wallets. Each wallet has a
1 - 0.00074 = .99926or 99.926% chance of not being controlled by Carol. That means we can exponentiate:
Carol would have a ~3.8% chance of getting control of a wallet in 2 years. That's with her owning 35% of the total Stake! Alice has a much lower chance. She has a
0.0002131%chance of controlling a wallet, which means that over the course of 52 wallets, she has a
0.02131%chance of controlling any wallet in 2 years.
The only thing that a Staker accomplishes by splitting up their Stake into multiple identities is making the system appear to be more diverse.
For example, say that Alice split up her Stake equally into 5 accounts: Alice1, Alice2, Alice3, Alice4, and Alice5. Now, rather than Alice having a 25% chance to be a Signer, each account has a 5% chance which collectively add up to 25%.
To use the example from earlier: Alice has 250M T, Bob has 400M T, and Carol has 350M T staked. Alice has her T split into 50M for each identity. Alice1 would own 50M/1000M = 5%. Keeping with the simplification of assigning numbers from 1 to 100 to identities, Alice1 would get [1, 5], Alice2 gets [6, 10], Alice3 gets [11, 15], Alice4 gets [16, 20], Alice5 gets [21, 25], Bob gets [26, 65], Carol gets [66, 100]. If we use the same random numbers as before,
(75, 51, 13, 48, 36, 62, 46, 65, 97, 67...), then we make the assignments as
(Carol, Bob, Alice3, Bob, Bob, Bob, Bob, Bob, Carol, Carol...). Nothing has effectively changed!