Bitcoin Forum
December 13, 2024, 04:06:05 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: Fuzzycoin: defending against the kiddie-porn-in-blockchain attack  (Read 1276 times)
chickenado (OP)
Hero Member
*****
Offline Offline

Activity: 1036
Merit: 502



View Profile
May 31, 2011, 03:28:57 PM
Last edit: May 31, 2011, 03:41:09 PM by chickenado
 #1

Here is how Bitcoin could be modified to solve this attack (mentioned several times on other threads):

1. Transfers to young addresses incur high transaction fees. Transaction fees drop as addresses age in block chain.

2. Users cannot make exact transactions.  Say, for example, that I sign a transaction for 1.0000000 BTC.  This will only be included in a block if the miner also signs it. However, by default, miners always reject my first proposal and send back a signed proposal salted with a random number, say 0.97429313 BTC. I can then choose to sign this, and commit it to the block chain, or make another first proposal.  The whole thing can of course be automated in the original client.

Blocks that contain transactions not signed by both parties are rejected by the protocol.

Thoughts?
Luke-Jr
Legendary
*
expert
Offline Offline

Activity: 2576
Merit: 1186



View Profile
May 31, 2011, 04:32:15 PM
 #2

1. Transfers to young addresses incur high transaction fees. Transaction fees drop as addresses age in block chain.
Addresses aren't stored in the block chain, except as outputs to transactions. Since every transaction generally has a unique address for its output (except for donations), all addresses are usually "young". When it becomes possible for merchants to use a single address for all transactions (ie, when clients can easily send an address-signed email with a transaction id), this might become viable.
2. Users cannot make exact transactions.  Say, for example, that I sign a transaction for 1.0000000 BTC.  This will only be included in a block if the miner also signs it. However, by default, miners always reject my first proposal and send back a signed proposal salted with a random number, say 0.97429313 BTC. I can then choose to sign this, and commit it to the block chain, or make another first proposal.  The whole thing can of course be automated in the original client.
Miners can't "send back" anything at all...

Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!