I posted code up on github here but wanted to open up the chance for discussion.
Full details in the pull request description, but a quick summary:
- Currently the generation signature only builds upon the id of the account that mined the previous block and the contents of the block and hash of the previous block are signed with the generators public key.
- This allows a miner or pool who finds multiple blocks in a row to easily change the contents of the block without having to recompute the work put into finding the block, potentially allowing an avenue for DOS spam attacks and also potential double spend attempts.
The proposal is to mirror what many POW coins do and include the hash of the transactions in the generation signature so changing the contents of the block will invalidate the work done to find it and ensuring that if a block has been included in the chain, even if the same miner finds multiple blocks in a row, it cannot be mutated.
This should hopefully improve the stability and reliability of the network without too large an impact on the design of the system - only wallets need to be upgraded. One minor downside is that after you broadcast a transaction miners will not consider it for inclusion in a block until after the next block is found, but with a 4 minute block time this shouldn't increase transaction latency by a huge amount.
I'd be interested to know what people think, I only got into burstcoin a few weeks ago by starting to mine and it was due to seeing far more forks and unreliability in mining than I was expecting that I dug into the code to try and find places where improvements could be made - as such I can't say I'm totally familiar with the codebase and may have missed something necessary in the change I've proposed.