Bitcoin Forum
May 26, 2018, 01:31:33 PM *
News: Latest stable version of Bitcoin Core: 0.16.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: « 1 2 3 4 5 [6] 7 »  All
  Print  
Author Topic: Cheap way to attack blockchain  (Read 27931 times)
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1414
Merit: 1329


3F1Y9yquzvY6RWvKbw2n2zeo9V5mvBhADU


View Profile WWW
November 29, 2015, 05:18:08 AM
 #101

Shit, the devs shoud fix this asap before the word gets out and FUD-ers start screaming the price down.
This is not something that can be easily fixed. The sig op limit is to prevent spamming blocks full of transactions that take a lot of time to process. Yet increasing the limit would mean that more transaction could go in that delay processing even more and a lower limit means that fewer other transactions can make it into the block. I don't think there really is a fix for this.

Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
USB-S
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


In XEM we trust


View Profile
November 29, 2015, 06:39:09 AM
 #102

Shit, the devs shoud fix this asap before the word gets out and FUD-ers start screaming the price down.
This is not something that can be easily fixed. The sig op limit is to prevent spamming blocks full of transactions that take a lot of time to process. Yet increasing the limit would mean that more transaction could go in that delay processing even more and a lower limit means that fewer other transactions can make it into the block. I don't think there really is a fix for this.
We'll if you're afraid of confirmation times you could just increase the transaction fee?

However when bitcoin increases in price the said attack wouldn't really be that cost efficient, when people could just mitigate this by increasing their trasaction fee. However couldn't we just implement burn fees if this said spam attack gets way out of hand. You know, just to make the spammers profitable for the rest of us?

basil00
Member
**
Offline Offline

Activity: 60
Merit: 10


View Profile
November 29, 2015, 03:40:05 PM
 #103

Another attack...last 6 blocks (edit: and counting) have been hit.

Example: #385910 with 19125 fake sigOps.  The block is only 200KB despite a 5MB backlog (according to tradeblock).  It seems this attack is very effective.

Edit:
#385911 unaffected (enough high-fee legit txs)
#385912 = 18990 fake sigOps, 280KB.
#385913 = 18945 fake sigOps, 281KB.
#385914 = 17325 fake sigOps, 470KB.
...etc.
YarkoL
Legendary
*
Offline Offline

Activity: 987
Merit: 1000



View Profile
November 29, 2015, 04:25:43 PM
 #104

I don't think there really is a fix for this.

Lower priority of P2SH transactions with multiple sig ops?
And/or make them cost more.

“Civilization is a hopeless race to discover remedies for the evils it produces.”
― Jean-Jacques Rousseau
hetecon
Full Member
***
Offline Offline

Activity: 364
Merit: 100


Create Your Decentralized Life


View Profile
November 29, 2015, 08:12:29 PM
 #105

Another attack...last 6 blocks (edit: and counting) have been hit.

Example: #385910 with 19125 fake sigOps.  The block is only 200KB despite a 5MB backlog (according to tradeblock).  It seems this attack is very effective.

Edit:
#385911 unaffected (enough high-fee legit txs)
#385912 = 18990 fake sigOps, 280KB.
#385913 = 18945 fake sigOps, 281KB.
#385914 = 17325 fake sigOps, 470KB.
...etc.

Wow this is bad news. Any pull requests on githbu to fix this yet?

trout
Sr. Member
****
Offline Offline

Activity: 327
Merit: 250


View Profile
November 29, 2015, 09:38:16 PM
 #106

the fix seems trivial - calculate the min relay fee (and all the rest of the fee thresholds) based on the size and the number of  sigops, rather than the size only. I don't get why it's not in the latest release.
Am I missing something?

amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000


View Profile
November 29, 2015, 10:52:49 PM
 #107

Am I missing something?
1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes.

BTW. This is funny test.
Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users.
Blocks are not filled.
Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored)

https://en.wikipedia.org/wiki/Tragedy_of_the_commons

Edit:
3) Since the start of this stress test the price on exchanges rized up. Everybody likes it  Grin
Are you sure that you really want to fix this issue? A lot of people would vote against  Grin
hetecon
Full Member
***
Offline Offline

Activity: 364
Merit: 100


Create Your Decentralized Life


View Profile
November 30, 2015, 03:46:00 AM
 #108

Am I missing something?
1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes.

BTW. This is funny test.
Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users.
Blocks are not filled.
Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored)

https://en.wikipedia.org/wiki/Tragedy_of_the_commons

Edit:
3) Since the start of this stress test the price on exchanges rized up. Everybody likes it  Grin
Are you sure that you really want to fix this issue? A lot of people would vote against  Grin

Did they raise min because of this speicif attack?

amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000


View Profile
November 30, 2015, 05:57:16 AM
 #109

Did they raise min because of this speicif attack?
I can non prove it. Of course, this is a joke. May be with truth in it
worhiper_-_
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500


View Profile
November 30, 2015, 03:49:17 PM
 #110

I would like to thank those that have (re)discovered this attack and shown it to be a viable attack using their own money to prove it.

Is anyone planning a large scale attack using this method?  That would be interesting.

How much would it take to fund a sustained attack, for example a 24 hour period?

Daily attack 5.7024 BTC - not a big deal
keystroke
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1004


advocate of a cryptographic attack on the globe


View Profile
November 30, 2015, 04:18:13 PM
 #111

Nice security research. Can this attack be made profitable, or is it just DoS?

"The difference between a castle and a prison is only a question of who holds the keys."
trout
Sr. Member
****
Offline Offline

Activity: 327
Merit: 250


View Profile
November 30, 2015, 04:26:03 PM
 #112

Am I missing something?
1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes.

BTW. This is funny test.
Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users.
Blocks are not filled.
Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored)

https://en.wikipedia.org/wiki/Tragedy_of_the_commons

Edit:
3) Since the start of this stress test the price on exchanges rized up. Everybody likes it  Grin
Are you sure that you really want to fix this issue? A lot of people would vote against  Grin

I've been just speaking about the default policy in the "Core" client.
In this sense, fixing the issue is trivial.
After such an update  miners/ relay nodes are of course still free to run any code they like -
nobody forces them to update their policy

Edit: All I'm saying is that it is easy to make this kind of attack as expensive as the "traditional" block-size-filling spam attack. I'm surprised this is not done yet.

hetecon
Full Member
***
Offline Offline

Activity: 364
Merit: 100


Create Your Decentralized Life


View Profile
November 30, 2015, 04:39:36 PM
 #113

Is fixing of this issue requiring a full 'hard forking'

mezzomix
Legendary
*
Offline Offline

Activity: 2072
Merit: 1065


View Profile
November 30, 2015, 04:59:04 PM
 #114

Nice security research. Can this attack be made profitable, or is it just DoS?

This "attack" is a nuisance just like the HighS malleability.

Is fixing of this issue requiring a full 'hard forking'

No. As trout already wrote the miners can just take a higher fee for transactions with a large number of SIGOPS.

1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

They might be interested in the BTC value, too. So it's interesting for them to include all transactions to preserve the value of their BTC.
amaclin
Legendary
*
Offline Offline

Activity: 1260
Merit: 1000


View Profile
November 30, 2015, 04:59:42 PM
 #115

Nice security research. Can this attack be made profitable, or is it just DoS?
yes
keystroke
Hero Member
*****
Offline Offline

Activity: 854
Merit: 1004


advocate of a cryptographic attack on the globe


View Profile
November 30, 2015, 05:04:09 PM
 #116

Nice security research. Can this attack be made profitable, or is it just DoS?
yes
Aside from someone paying you to DoS. Wink

"The difference between a castle and a prison is only a question of who holds the keys."
hetecon
Full Member
***
Offline Offline

Activity: 364
Merit: 100


Create Your Decentralized Life


View Profile
November 30, 2015, 09:23:31 PM
 #117

Nice security research. Can this attack be made profitable, or is it just DoS?

This "attack" is a nuisance just like the HighS malleability.

Is fixing of this issue requiring a full 'hard forking'

No. As trout already wrote the miners can just take a higher fee for transactions with a large number of SIGOPS.

1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

They might be interested in the BTC value, too. So it's interesting for them to include all transactions to preserve the value of their BTC.


So this will be able to have a fix but requires convincing of the largest pools.

basil00
Member
**
Offline Offline

Activity: 60
Merit: 10


View Profile
December 01, 2015, 03:23:47 AM
 #118

Is fixing of this issue requiring a full 'hard forking'

Fixing the broken sigOp counting method is indeed a hardfork.  It can be fixed when (if?) there is a block-size hardfork, e.g. this is one proposal.

This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0.  Any miner that does not adopt this policy will still be vulnerable.
Syke
Legendary
*
Offline Offline

Activity: 2618
Merit: 1005


View Profile
December 01, 2015, 05:02:19 AM
 #119

This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0.  Any miner that does not adopt this policy will still be vulnerable.

A fee per sigop sounds like a good plan too.

Buy & Hold
mezzomix
Legendary
*
Offline Offline

Activity: 2072
Merit: 1065


View Profile
December 01, 2015, 06:51:52 AM
 #120

So this will be able to have a fix but requires convincing of the largest pools.

Yes. Miners are able to immediately require higher fees for these transactions or to ignore these transactions when they create blocks.
Pages: « 1 2 3 4 5 [6] 7 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!