Bitcoin Forum
December 11, 2017, 09:11:46 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 [6] 7 »  All
  Print  
Author Topic: Cheap way to attack blockchain  (Read 27682 times)
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1246


17kKQppUsngUiByDsce4JXoZEjjpvX9bpR


View Profile WWW
November 29, 2015, 05:18:08 AM
 #101

Shit, the devs shoud fix this asap before the word gets out and FUD-ers start screaming the price down.
This is not something that can be easily fixed. The sig op limit is to prevent spamming blocks full of transactions that take a lot of time to process. Yet increasing the limit would mean that more transaction could go in that delay processing even more and a lower limit means that fewer other transactions can make it into the block. I don't think there really is a fix for this.

1513026706
Hero Member
*
Offline Offline

Posts: 1513026706

View Profile Personal Message (Offline)

Ignore
1513026706
Reply with quote  #2

1513026706
Report to moderator
1513026706
Hero Member
*
Offline Offline

Posts: 1513026706

View Profile Personal Message (Offline)

Ignore
1513026706
Reply with quote  #2

1513026706
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
USB-S
Sr. Member
****
Offline Offline

Activity: 364



View Profile
November 29, 2015, 06:39:09 AM
 #102

Shit, the devs shoud fix this asap before the word gets out and FUD-ers start screaming the price down.
This is not something that can be easily fixed. The sig op limit is to prevent spamming blocks full of transactions that take a lot of time to process. Yet increasing the limit would mean that more transaction could go in that delay processing even more and a lower limit means that fewer other transactions can make it into the block. I don't think there really is a fix for this.
We'll if you're afraid of confirmation times you could just increase the transaction fee?

However when bitcoin increases in price the said attack wouldn't really be that cost efficient, when people could just mitigate this by increasing their trasaction fee. However couldn't we just implement burn fees if this said spam attack gets way out of hand. You know, just to make the spammers profitable for the rest of us?
basil00
Member
**
Offline Offline

Activity: 60


View Profile
November 29, 2015, 03:40:05 PM
 #103

Another attack...last 6 blocks (edit: and counting) have been hit.

Example: #385910 with 19125 fake sigOps.  The block is only 200KB despite a 5MB backlog (according to tradeblock).  It seems this attack is very effective.

Edit:
#385911 unaffected (enough high-fee legit txs)
#385912 = 18990 fake sigOps, 280KB.
#385913 = 18945 fake sigOps, 281KB.
#385914 = 17325 fake sigOps, 470KB.
...etc.
YarkoL
Legendary
*
Offline Offline

Activity: 978



View Profile
November 29, 2015, 04:25:43 PM
 #104

I don't think there really is a fix for this.

Lower priority of P2SH transactions with multiple sig ops?
And/or make them cost more.

dev blog https://yarkol.github.io
BTC 18kHb54jqcpWEkuAkCFsGMzR6BMgYnpi2T
hetecon
Full Member
***
Offline Offline

Activity: 182


Best Coder


View Profile
November 29, 2015, 08:12:29 PM
 #105

Another attack...last 6 blocks (edit: and counting) have been hit.

Example: #385910 with 19125 fake sigOps.  The block is only 200KB despite a 5MB backlog (according to tradeblock).  It seems this attack is very effective.

Edit:
#385911 unaffected (enough high-fee legit txs)
#385912 = 18990 fake sigOps, 280KB.
#385913 = 18945 fake sigOps, 281KB.
#385914 = 17325 fake sigOps, 470KB.
...etc.

Wow this is bad news. Any pull requests on githbu to fix this yet?
trout
Sr. Member
****
Offline Offline

Activity: 328


View Profile
November 29, 2015, 09:38:16 PM
 #106

the fix seems trivial - calculate the min relay fee (and all the rest of the fee thresholds) based on the size and the number of  sigops, rather than the size only. I don't get why it's not in the latest release.
Am I missing something?

amaclin
Legendary
*
Offline Offline

Activity: 1260


View Profile
November 29, 2015, 10:52:49 PM
 #107

Am I missing something?
1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes.

BTW. This is funny test.
Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users.
Blocks are not filled.
Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored)

https://en.wikipedia.org/wiki/Tragedy_of_the_commons

Edit:
3) Since the start of this stress test the price on exchanges rized up. Everybody likes it  Grin
Are you sure that you really want to fix this issue? A lot of people would vote against  Grin
hetecon
Full Member
***
Offline Offline

Activity: 182


Best Coder


View Profile
November 30, 2015, 03:46:00 AM
 #108

Am I missing something?
1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes.

BTW. This is funny test.
Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users.
Blocks are not filled.
Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored)

https://en.wikipedia.org/wiki/Tragedy_of_the_commons

Edit:
3) Since the start of this stress test the price on exchanges rized up. Everybody likes it  Grin
Are you sure that you really want to fix this issue? A lot of people would vote against  Grin

Did they raise min because of this speicif attack?
amaclin
Legendary
*
Offline Offline

Activity: 1260


View Profile
November 30, 2015, 05:57:16 AM
 #109

Did they raise min because of this speicif attack?
I can non prove it. Of course, this is a joke. May be with truth in it
worhiper_-_
Hero Member
*****
Offline Offline

Activity: 700


View Profile
November 30, 2015, 03:49:17 PM
 #110

I would like to thank those that have (re)discovered this attack and shown it to be a viable attack using their own money to prove it.

Is anyone planning a large scale attack using this method?  That would be interesting.

How much would it take to fund a sustained attack, for example a 24 hour period?

Daily attack 5.7024 BTC - not a big deal
keystroke
Hero Member
*****
Offline Offline

Activity: 842


advocate of a cryptographic attack on the globe


View Profile
November 30, 2015, 04:18:13 PM
 #111

Nice security research. Can this attack be made profitable, or is it just DoS?

"The difference between a castle and a prison is only a question of who holds the keys."
trout
Sr. Member
****
Offline Offline

Activity: 328


View Profile
November 30, 2015, 04:26:03 PM
 #112

Am I missing something?
1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes.

BTW. This is funny test.
Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users.
Blocks are not filled.
Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored)

https://en.wikipedia.org/wiki/Tragedy_of_the_commons

Edit:
3) Since the start of this stress test the price on exchanges rized up. Everybody likes it  Grin
Are you sure that you really want to fix this issue? A lot of people would vote against  Grin

I've been just speaking about the default policy in the "Core" client.
In this sense, fixing the issue is trivial.
After such an update  miners/ relay nodes are of course still free to run any code they like -
nobody forces them to update their policy

Edit: All I'm saying is that it is easy to make this kind of attack as expensive as the "traditional" block-size-filling spam attack. I'm surprised this is not done yet.

hetecon
Full Member
***
Offline Offline

Activity: 182


Best Coder


View Profile
November 30, 2015, 04:39:36 PM
 #113

Is fixing of this issue requiring a full 'hard forking'
mezzomix
Legendary
*
Offline Offline

Activity: 1932


View Profile
November 30, 2015, 04:59:04 PM
 #114

Nice security research. Can this attack be made profitable, or is it just DoS?

This "attack" is a nuisance just like the HighS malleability.

Is fixing of this issue requiring a full 'hard forking'

No. As trout already wrote the miners can just take a higher fee for transactions with a large number of SIGOPS.

1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

They might be interested in the BTC value, too. So it's interesting for them to include all transactions to preserve the value of their BTC.
amaclin
Legendary
*
Offline Offline

Activity: 1260


View Profile
November 30, 2015, 04:59:42 PM
 #115

Nice security research. Can this attack be made profitable, or is it just DoS?
yes
keystroke
Hero Member
*****
Offline Offline

Activity: 842


advocate of a cryptographic attack on the globe


View Profile
November 30, 2015, 05:04:09 PM
 #116

Nice security research. Can this attack be made profitable, or is it just DoS?
yes
Aside from someone paying you to DoS. Wink

"The difference between a castle and a prison is only a question of who holds the keys."
hetecon
Full Member
***
Offline Offline

Activity: 182


Best Coder


View Profile
November 30, 2015, 09:23:31 PM
 #117

Nice security research. Can this attack be made profitable, or is it just DoS?

This "attack" is a nuisance just like the HighS malleability.

Is fixing of this issue requiring a full 'hard forking'

No. As trout already wrote the miners can just take a higher fee for transactions with a large number of SIGOPS.

1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

They might be interested in the BTC value, too. So it's interesting for them to include all transactions to preserve the value of their BTC.


So this will be able to have a fix but requires convincing of the largest pools.
basil00
Member
**
Offline Offline

Activity: 60


View Profile
December 01, 2015, 03:23:47 AM
 #118

Is fixing of this issue requiring a full 'hard forking'

Fixing the broken sigOp counting method is indeed a hardfork.  It can be fixed when (if?) there is a block-size hardfork, e.g. this is one proposal.

This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0.  Any miner that does not adopt this policy will still be vulnerable.
Syke
Legendary
*
Online Online

Activity: 2464


View Profile
December 01, 2015, 05:02:19 AM
 #119

This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0.  Any miner that does not adopt this policy will still be vulnerable.

A fee per sigop sounds like a good plan too.

Buy & Hold
mezzomix
Legendary
*
Offline Offline

Activity: 1932


View Profile
December 01, 2015, 06:51:52 AM
 #120

So this will be able to have a fix but requires convincing of the largest pools.

Yes. Miners are able to immediately require higher fees for these transactions or to ignore these transactions when they create blocks.
Pages: « 1 2 3 4 5 [6] 7 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!