Bitcoin Forum

Bitcoin => Development & Technical Discussion => Topic started by: chickenado on May 31, 2011, 03:28:57 PM



Title: Fuzzycoin: defending against the kiddie-porn-in-blockchain attack
Post by: chickenado on May 31, 2011, 03:28:57 PM
Here is how Bitcoin could be modified to solve this attack (mentioned several times on other threads):

1. Transfers to young addresses incur high transaction fees. Transaction fees drop as addresses age in block chain.

2. Users cannot make exact transactions.  Say, for example, that I sign a transaction for 1.0000000 BTC.  This will only be included in a block if the miner also signs it. However, by default, miners always reject my first proposal and send back a signed proposal salted with a random number, say 0.97429313 BTC. I can then choose to sign this, and commit it to the block chain, or make another first proposal.  The whole thing can of course be automated in the original client.

Blocks that contain transactions not signed by both parties are rejected by the protocol.

Thoughts?


Title: Re: Fuzzycoin: defending against the kiddie-porn-in-blockchain attack
Post by: Luke-Jr on May 31, 2011, 04:32:15 PM
1. Transfers to young addresses incur high transaction fees. Transaction fees drop as addresses age in block chain.
Addresses aren't stored in the block chain, except as outputs to transactions. Since every transaction generally has a unique address for its output (except for donations), all addresses are usually "young". When it becomes possible for merchants to use a single address for all transactions (ie, when clients can easily send an address-signed email with a transaction id), this might become viable.
2. Users cannot make exact transactions.  Say, for example, that I sign a transaction for 1.0000000 BTC.  This will only be included in a block if the miner also signs it. However, by default, miners always reject my first proposal and send back a signed proposal salted with a random number, say 0.97429313 BTC. I can then choose to sign this, and commit it to the block chain, or make another first proposal.  The whole thing can of course be automated in the original client.
Miners can't "send back" anything at all...