achow101
Moderator
Legendary
Offline
Activity: 3500
Merit: 6833
Just writing some code
|
|
November 29, 2015, 05:18:08 AM |
|
Shit, the devs shoud fix this asap before the word gets out and FUD-ers start screaming the price down.
This is not something that can be easily fixed. The sig op limit is to prevent spamming blocks full of transactions that take a lot of time to process. Yet increasing the limit would mean that more transaction could go in that delay processing even more and a lower limit means that fewer other transactions can make it into the block. I don't think there really is a fix for this.
|
|
|
|
USB-S
Sr. Member
Offline
Activity: 574
Merit: 250
In XEM we trust
|
|
November 29, 2015, 06:39:09 AM |
|
Shit, the devs shoud fix this asap before the word gets out and FUD-ers start screaming the price down.
This is not something that can be easily fixed. The sig op limit is to prevent spamming blocks full of transactions that take a lot of time to process. Yet increasing the limit would mean that more transaction could go in that delay processing even more and a lower limit means that fewer other transactions can make it into the block. I don't think there really is a fix for this. We'll if you're afraid of confirmation times you could just increase the transaction fee? However when bitcoin increases in price the said attack wouldn't really be that cost efficient, when people could just mitigate this by increasing their trasaction fee. However couldn't we just implement burn fees if this said spam attack gets way out of hand. You know, just to make the spammers profitable for the rest of us?
|
|
|
|
basil00
Member
Offline
Activity: 60
Merit: 10
|
|
November 29, 2015, 03:40:05 PM Last edit: November 29, 2015, 04:33:57 PM by basil00 |
|
Another attack...last 6 blocks (edit: and counting) have been hit. Example: #385910 with 19125 fake sigOps. The block is only 200KB despite a 5MB backlog (according to tradeblock). It seems this attack is very effective. Edit: #385911 unaffected (enough high-fee legit txs) #385912 = 18990 fake sigOps, 280KB. #385913 = 18945 fake sigOps, 281KB. #385914 = 17325 fake sigOps, 470KB. ...etc.
|
|
|
|
YarkoL
Legendary
Offline
Activity: 996
Merit: 1013
|
|
November 29, 2015, 04:25:43 PM |
|
I don't think there really is a fix for this.
Lower priority of P2SH transactions with multiple sig ops? And/or make them cost more.
|
“God does not play dice"
|
|
|
hetecon
Full Member
Offline
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
|
|
November 29, 2015, 08:12:29 PM |
|
Another attack...last 6 blocks (edit: and counting) have been hit. Example: #385910 with 19125 fake sigOps. The block is only 200KB despite a 5MB backlog (according to tradeblock). It seems this attack is very effective. Edit: #385911 unaffected (enough high-fee legit txs) #385912 = 18990 fake sigOps, 280KB. #385913 = 18945 fake sigOps, 281KB. #385914 = 17325 fake sigOps, 470KB. ...etc. Wow this is bad news. Any pull requests on githbu to fix this yet?
|
|
|
|
trout
|
|
November 29, 2015, 09:38:16 PM |
|
the fix seems trivial - calculate the min relay fee (and all the rest of the fee thresholds) based on the size and the number of sigops, rather than the size only. I don't get why it's not in the latest release. Am I missing something?
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
November 29, 2015, 10:52:49 PM Last edit: November 29, 2015, 11:23:08 PM by amaclin |
|
Am I missing something? 1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction. 2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes. BTW. This is funny test. Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users. Blocks are not filled. Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored) https://en.wikipedia.org/wiki/Tragedy_of_the_commons Edit: 3) Since the start of this stress test the price on exchanges rized up. Everybody likes it Are you sure that you really want to fix this issue? A lot of people would vote against
|
|
|
|
hetecon
Full Member
Offline
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
|
|
November 30, 2015, 03:46:00 AM |
|
Am I missing something? 1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction. 2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes. BTW. This is funny test. Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users. Blocks are not filled. Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored) https://en.wikipedia.org/wiki/Tragedy_of_the_commons Edit: 3) Since the start of this stress test the price on exchanges rized up. Everybody likes it Are you sure that you really want to fix this issue? A lot of people would vote against Did they raise min because of this speicif attack?
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
November 30, 2015, 05:57:16 AM |
|
Did they raise min because of this speicif attack? I can non prove it. Of course, this is a joke. May be with truth in it
|
|
|
|
worhiper_-_
|
|
November 30, 2015, 03:49:17 PM |
|
I would like to thank those that have (re)discovered this attack and shown it to be a viable attack using their own money to prove it.
Is anyone planning a large scale attack using this method? That would be interesting.
How much would it take to fund a sustained attack, for example a 24 hour period?
Daily attack 5.7024 BTC - not a big deal
|
|
|
|
keystroke
|
|
November 30, 2015, 04:18:13 PM |
|
Nice security research. Can this attack be made profitable, or is it just DoS?
|
"The difference between a castle and a prison is only a question of who holds the keys."
|
|
|
trout
|
|
November 30, 2015, 04:26:03 PM |
|
Am I missing something? 1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction. 2) You are missing that it is almost impossible to upgrade relay policy on thousands of nodes. BTW. This is funny test. Miners just raised the minimum fee, leaving a lot of unconfirmed transactions and screaming users. Blocks are not filled. Right now mempool on https://tradeblock.com/bitcoin/ is 12mb (note: transactions with a fee less than 5 satoshi per byte are ignored) https://en.wikipedia.org/wiki/Tragedy_of_the_commons Edit: 3) Since the start of this stress test the price on exchanges rized up. Everybody likes it Are you sure that you really want to fix this issue? A lot of people would vote against I've been just speaking about the default policy in the "Core" client. In this sense, fixing the issue is trivial. After such an update miners/ relay nodes are of course still free to run any code they like - nobody forces them to update their policy Edit: All I'm saying is that it is easy to make this kind of attack as expensive as the "traditional" block-size-filling spam attack. I'm surprised this is not done yet.
|
|
|
|
hetecon
Full Member
Offline
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
|
|
November 30, 2015, 04:39:36 PM |
|
Is fixing of this issue requiring a full 'hard forking'
|
|
|
|
mezzomix
Legendary
Offline
Activity: 2674
Merit: 1261
|
|
November 30, 2015, 04:59:04 PM |
|
Nice security research. Can this attack be made profitable, or is it just DoS?
This "attack" is a nuisance just like the HighS malleability. Is fixing of this issue requiring a full 'hard forking'
No. As trout already wrote the miners can just take a higher fee for transactions with a large number of SIGOPS. 1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.
They might be interested in the BTC value, too. So it's interesting for them to include all transactions to preserve the value of their BTC.
|
|
|
|
amaclin (OP)
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
November 30, 2015, 04:59:42 PM |
|
Nice security research. Can this attack be made profitable, or is it just DoS? yes
|
|
|
|
keystroke
|
|
November 30, 2015, 05:04:09 PM |
|
Nice security research. Can this attack be made profitable, or is it just DoS? yes Aside from someone paying you to DoS.
|
"The difference between a castle and a prison is only a question of who holds the keys."
|
|
|
hetecon
Full Member
Offline
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
|
|
November 30, 2015, 09:23:31 PM |
|
Nice security research. Can this attack be made profitable, or is it just DoS?
This "attack" is a nuisance just like the HighS malleability. Is fixing of this issue requiring a full 'hard forking'
No. As trout already wrote the miners can just take a higher fee for transactions with a large number of SIGOPS. 1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.
They might be interested in the BTC value, too. So it's interesting for them to include all transactions to preserve the value of their BTC. So this will be able to have a fix but requires convincing of the largest pools.
|
|
|
|
basil00
Member
Offline
Activity: 60
Merit: 10
|
|
December 01, 2015, 03:23:47 AM |
|
Is fixing of this issue requiring a full 'hard forking'
Fixing the broken sigOp counting method is indeed a hardfork. It can be fixed when (if?) there is a block-size hardfork, e.g. this is one proposal. This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0. Any miner that does not adopt this policy will still be vulnerable.
|
|
|
|
Syke
Legendary
Offline
Activity: 3878
Merit: 1193
|
|
December 01, 2015, 05:02:19 AM |
|
This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0. Any miner that does not adopt this policy will still be vulnerable. A fee per sigop sounds like a good plan too.
|
Buy & Hold
|
|
|
mezzomix
Legendary
Offline
Activity: 2674
Merit: 1261
|
|
December 01, 2015, 06:51:52 AM |
|
So this will be able to have a fix but requires convincing of the largest pools.
Yes. Miners are able to immediately require higher fees for these transactions or to ignore these transactions when they create blocks.
|
|
|
|
|