Bitcoin Forum
June 19, 2024, 03:32:18 PM *
News: Voting for pizza day contest
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Electrum sybil attack?  (Read 1055 times)
RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
July 06, 2016, 11:24:36 PM
Last edit: September 22, 2016, 04:12:09 AM by RealBitcoin
 #1

What prevents sybil attack from electrum servers? In the sense that a malicious attacker might show you a fake balance, how does Electrum defend against a conspiracy between malicious electrum servers to show you a wrong balance?

I read somewhere that electrum client connects to more servers, or atleast fetches the data from multple ones, or cross verifies it, i`m not sure. Is that true??

How are the SPV blocks verified, some basic explanation please (i read the docs, its not very informative)

racezefi
Member
**
Offline Offline

Activity: 80
Merit: 14


View Profile
July 11, 2016, 03:18:08 AM
 #2

Worse case scenario, they could lie to your client and make it believe it has a bigger or a smaller amount of coins.
They could also deny transaction propagation.
But never spend funds.
RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
July 11, 2016, 10:22:26 PM
 #3

Sorry but that doesnt answer the question. I`m curios how electrum verifies the blocks from each server.

I remember I read somewhere that it cross verifies it from multiple servers to make sure the blockchain is genuine.

DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 260



View Profile WWW
July 13, 2016, 04:23:01 PM
 #4

Go look at the GIT repo and see for yourself, or get one of the experts telling you all this to do it.

You sign the transactions you send.. Nobody is going to forge transactions unless they do something like get code execution on your client and load malware that grabs your wallet data after logging your pass phrase. If they can find vulnerabilities in memory they probably don't need a server they could just make malicious broadcasts and save all the hassle and costs.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
July 13, 2016, 08:22:37 PM
 #5

Go look at the GIT repo and see for yourself, or get one of the experts telling you all this to do it.

You sign the transactions you send.. Nobody is going to forge transactions unless they do something like get code execution on your client and load malware that grabs your wallet data after logging your pass phrase. If they can find vulnerabilities in memory they probably don't need a server they could just make malicious broadcasts and save all the hassle and costs.

No, i`m not talking about the software being compromized, i`m talking about the block headers being. Because you download them from a server, and if 1 server is malicious, they can send you fake blocks with fake TX.

That is why i`m asking how electrum prevents that?

DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 260



View Profile WWW
July 19, 2016, 04:13:54 AM
 #6

Go look at the GIT repo and see for yourself, or get one of the experts telling you all this to do it.

You sign the transactions you send.. Nobody is going to forge transactions unless they do something like get code execution on your client and load malware that grabs your wallet data after logging your pass phrase. If they can find vulnerabilities in memory they probably don't need a server they could just make malicious broadcasts and save all the hassle and costs.

No, i`m not talking about the software being compromized, i`m talking about the block headers being. Because you download them from a server, and if 1 server is malicious, they can send you fake blocks with fake TX.

That is why i`m asking how electrum prevents that?

By white listing scripts as is becoming the trend. Scripts are a huge attack surface as you pointed out. I found this out my first week writing a network fuzzer.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
July 21, 2016, 07:22:53 PM
 #7


By white listing scripts as is becoming the trend. Scripts are a huge attack surface as you pointed out. I found this out my first week writing a network fuzzer.

No you misunderstand, I`m curious how electrum client talks to electrum servers.

I have read somewhere in the past, not sure, that the client fetches the blocks or block headers and cross verifies them across multiple servers to prevent sybil attacks.

I would like a confirmation if that is true or not.

RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
August 26, 2016, 11:29:13 PM
 #8

bump, this question is still unanwswered.

DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 260



View Profile WWW
August 31, 2016, 09:15:25 AM
 #9

bump, this question is still unanwswered.

The chances someone who's actually looked at the code are here is very slim. I've never looked at their network code I just know they transfer headers and white-list scripts because that's all you need to know for what I was doing.

If there is a way to do such an attack it's just a potential ddos. There aren't many networking or coding experts outside of the full reference client dev community so you'd see long waits for patches too..

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
RealBitcoin (OP)
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1009


JAYCE DESIGNS - http://bit.ly/1tmgIwK


View Profile
September 01, 2016, 04:21:17 PM
 #10

bump, this question is still unanwswered.

The chances someone who's actually looked at the code are here is very slim. I've never looked at their network code I just know they transfer headers and white-list scripts because that's all you need to know for what I was doing.

If there is a way to do such an attack it's just a potential ddos. There aren't many networking or coding experts outside of the full reference client dev community so you'd see long waits for patches too..

Thats pretty sad, perhaps electrum should hire more developers, I see that the new version has already been updated in the changelog file, but not yet released.

And the commits are comming slowly as well on github, it would be nice if more devs would work on it.

DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 260



View Profile WWW
September 16, 2016, 10:15:55 AM
 #11

bump, this question is still unanwswered.

The chances someone who's actually looked at the code are here is very slim. I've never looked at their network code I just know they transfer headers and white-list scripts because that's all you need to know for what I was doing.

If there is a way to do such an attack it's just a potential ddos. There aren't many networking or coding experts outside of the full reference client dev community so you'd see long waits for patches too..

Thats pretty sad, perhaps electrum should hire more developers, I see that the new version has already been updated in the changelog file, but not yet released.

And the commits are comming slowly as well on github, it would be nice if more devs would work on it.

Yeah 2.7.0 or whatever it is has been in the works for months. The patches look like mostly string constant and UX changes. I use it with my cold storage on Tails so it doesn't really matter. I'm still waiting for them to use Android hardware keystore to multisig. I do portable on Windows for view only.

Regarding ddos: Most criminals with capabilities are too busy dumping databases from all the bad development practices on "credible" bitcoin sites. I wouldn't worry about them shutting down the market or crashing values yet. Maybe when it takes more than a public SQLi fuzzer to jackpot exchanges they'll get mad and ddos..

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!