Bitcoin Forum
December 08, 2016, 07:58:14 AM *
News: To be able to use the next phase of the beta forum software, please ensure that your email address is correct/functional.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: The case for removing IP transactions  (Read 1660 times)
aceat64
Full Member
***
Offline Offline

Activity: 127



View Profile
September 16, 2010, 02:57:43 AM
 #1

Sending transactions to IP addresses should be removed or at least disabled by default.

As has been stated by many members of the community, it is in no way secure. I also believe that it may actually allow an attacker to determine the identify of an operator of a bitcoin node. Example, I send 0.01 BTC to various IPs on the network and record the IP and bitcoin address (a bitcoin address is autogenerated). If I run or have access to the information at one of the Bitcoin exchanges (or run a store/service that accepts bitcoins) I can then tie that IP address to the user of that site/service. In the case of an exchange I could tie that IP to a person's PayPal or bank account!

Another possible attack is to connect to a target node and initiate an IP transaction. The target will generate a new address, at which point you disconnect and start again. This might be useful as a denial of service attack.

1481183894
Hero Member
*
Offline Offline

Posts: 1481183894

View Profile Personal Message (Offline)

Ignore
1481183894
Reply with quote  #2

1481183894
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1481183894
Hero Member
*
Offline Offline

Posts: 1481183894

View Profile Personal Message (Offline)

Ignore
1481183894
Reply with quote  #2

1481183894
Report to moderator
1481183894
Hero Member
*
Offline Offline

Posts: 1481183894

View Profile Personal Message (Offline)

Ignore
1481183894
Reply with quote  #2

1481183894
Report to moderator
1481183894
Hero Member
*
Offline Offline

Posts: 1481183894

View Profile Personal Message (Offline)

Ignore
1481183894
Reply with quote  #2

1481183894
Report to moderator
LZ
Staff
Legendary
*
Offline Offline

Activity: 1456


Satoshi everywhere!


View Profile WWW
September 16, 2010, 03:31:50 AM
 #2

So may be IP transactions should be enabled only for IP addresses ranges reserved for private networks?
What about forced transaction fees for other IP ranges? (Payee will accept only transactions with fees.)

"Never invest unless you can afford to lose your entire investment." © S3052
nanotube
Hero Member
*****
Offline Offline

Activity: 485


View Profile WWW
September 16, 2010, 03:40:22 AM
 #3

It's not the sending that should be disabled by default, but the receiving, I think.

If the receiving end refuses to accept IP transactions, unless explicitly enabled, all the problems go away.

Right?

Join #bitcoin-market on freenode for real-time market updates.
Join #bitcoin-otc - an over-the-counter trading market. http://bitcoin-otc.com
OTC web of trust: http://bitcoin-otc.com/trust.php
My trust rating: http://bitcoin-otc.com/viewratingdetail.php?nick=nanotube
em3rgentOrdr
Sr. Member
****
Offline Offline

Activity: 434


youtube.com/ericfontainejazz now accepts bitcoin


View Profile WWW
September 16, 2010, 03:43:39 AM
 #4

It's not the sending that should be disabled by default, but the receiving, I think.

If the receiving end refuses to accept IP transactions, unless explicitly enabled, all the problems go away.

Right?

Right.  Good point!  Don't throw the baby out with the bathwater!

"We will not find a solution to political problems in cryptography, but we can win a major battle in the arms race and gain a new territory of freedom for several years.

Governments are good at cutting off the heads of a centrally controlled networks, but pure P2P networks are holding their own."
aceat64
Full Member
***
Offline Offline

Activity: 127



View Profile
September 16, 2010, 06:47:34 PM
 #5

Sorry, I guess I wasn't very clear in the original post. I would like for receiving of transactions by IP to be disabled by default.

LZ
Staff
Legendary
*
Offline Offline

Activity: 1456


Satoshi everywhere!


View Profile WWW
September 16, 2010, 08:43:59 PM
 #6

Seems that it would increase the security without decreasing the ease of use. So I like it. Smiley

"Never invest unless you can afford to lose your entire investment." © S3052
aceat64
Full Member
***
Offline Offline

Activity: 127



View Profile
September 16, 2010, 09:23:49 PM
 #7

I've created a patch that disables receiving of IP transactions by default. They can be enabled with the "-allowiptransactions" option or "allowiptransactions=true" in the bitcoin.conf file.

Here's the patch:
http://github.com/aceat64/bitcoin-patchwork/blob/svn/patches/disable_ip_transactions.patch

I've already incorporated the patch into my custom client: http://github.com/aceat64/bitcoin-patchwork

bitcoinex
Sr. Member
****
Offline Offline

Activity: 350


probiwon.com


View Profile WWW
September 19, 2010, 12:54:49 AM
 #8

But do not remove the IP-transactions at all, please!
http://bitcointalk.org/index.php?topic=1042.msg13160

New bitcoin lottery: probiwon.com
- Может, ты ещё и в Невидимую Руку Рынка веруешь? - Зачем же веровать в то, что можно наблюдать непосредственно?
satoshi
Founder
Sr. Member
*
qt
Offline Offline

Activity: 364


View Profile
September 19, 2010, 09:49:30 PM
 #9

Probably best to disable receiving by IP unless you specifically intend to use it.  This is a lot of surface area that nobody uses that doesn't need to be open by default.

In storefront cases, you would typically only want customers to send payments through your automated system that only hands out bitcoin addresses associated with particular orders and accounts.  Random unidentified payments volunteered to the server's IP address would be unhelpful.

In general, sending by IP has limited useful cases.  If connecting directly without a proxy, the man-in-the-middle risk may be tolerable, but no privacy.  If you use a privacy proxy, man-in-the-middle risk is unacceptably high.  If we went to all the work of implementing SSL, only large storefronts usually go to the trouble of getting a CA cert, but most of those cases would still be better off to use bitcoin addresses.

I uploaded this change to SVN rev 156.  The switch to enable is "-allowreceivebyip".

Senders with this version will get the error "Recipient is not accepting transactions sent by IP address".  Older version senders will get "Transfer was not accepted".

I used a different name for the switch because "-allowiptransactions" sounds like it includes sending.  If there's a better name for the switch, we can change it again.
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!