Bitcoin Forum
November 10, 2024, 05:36:30 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: [ANN] DEVS, read this, You're code is prolly vulnerable to this (a type of 51%)  (Read 518 times)
minerapia (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
August 09, 2013, 10:10:48 PM
 #1

While doing stuff with powercoin I found something dubious in the code (main.cpp)
Code:
if (vtx[0].GetValueOut() > GetBlockValue(pindex->nHeight, nFees))
that line checks that the block send to you, hasnt bigger subsidy that it's supposed to be.  Now what this allows is to make client which subsidy is, say
[orginal subsidy] - 0.0000001.

This creates situation where hacked client only accepts its own shares, but the unhacked clients allow both unhacked and hacked shares. Now if blockchain generated by the hacked client is at any time longer than the blockchain of unhacked ones it naturally takes order. So you can constantly have chance to override every block created with PoW if you have 51% of the network hashspeed.

Thus allowing ppl with 51% mine each and every block.
Situtation is somewhat equal with hybrid PoW/PoS coins, the race is just between the PoS blocks.

btw. I changed that greater-than to to equal and ran lvl 6 checks thru blockchain and didnt find any invalidated blocks because of it.

donations -> btc: 1M6yf45NskQxWXknkMTzQ8o6wShQcSY4EC
                   ltc: LeTpCd6cQL26Q1vjc9kJrTjjFMrPhrpv6j
digitalindustry
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


‘Try to be nice’


View Profile WWW
August 09, 2013, 10:15:22 PM
 #2

Thank you for this info - I'm going to check it out , i oft thought that many of the "coin makers" would write flaws into the code at various spots, some of the most notorious have already done so obviously .

- Twitter @Kolin_Quark
markm
Legendary
*
Offline Offline

Activity: 3010
Merit: 1121



View Profile WWW
August 09, 2013, 10:20:29 PM
 #3

I do not understand what you mean.

You are allowed to mint less coins than the limit, that has always been the case, but you cannot mint more.

There is nothing wrong with mining a fraction less coins than normal, it has always been allowed way back since bitcoin was invented.

Also people with 51% have always been able to do 51% attacks, so nothing new in that part either.

-MarkM-

Browser-launched Crossfire client now online (select CrossCiv server for Galactic  Milieu)
Free website hosting with PHP, MySQL etc: http://hosting.knotwork.com/
minerapia (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
August 09, 2013, 10:22:40 PM
 #4

Minting fraction less coins than normal leaves 49% of miners empty handed (if guy minting fraction less has 51% of hash rate). Thats the problem.

donations -> btc: 1M6yf45NskQxWXknkMTzQ8o6wShQcSY4EC
                   ltc: LeTpCd6cQL26Q1vjc9kJrTjjFMrPhrpv6j
digitalindustry
Hero Member
*****
Offline Offline

Activity: 798
Merit: 1000


‘Try to be nice’


View Profile WWW
August 09, 2013, 10:24:40 PM
 #5

MarkM is your other iteration Hazard ?

: D

jokes.

- Twitter @Kolin_Quark
markm
Legendary
*
Offline Offline

Activity: 3010
Merit: 1121



View Profile WWW
August 09, 2013, 10:26:27 PM
 #6

Rejecting blocks that mint full amount is actually a less bad 51% attack though than simply rejecting all blocks you didn't mine yourself, though in practice it probably ends up being the same thing since it is not likely anyone else will be mining less than the full amount.

So really I still don't see how it is in any way new or interesting, it is maybe just an example of a simple way of implementing in your code a method of rejecting blocks you didn't mine yourself.

-MarkM-

Browser-launched Crossfire client now online (select CrossCiv server for Galactic  Milieu)
Free website hosting with PHP, MySQL etc: http://hosting.knotwork.com/
minerapia (OP)
Full Member
***
Offline Offline

Activity: 168
Merit: 100


View Profile
August 09, 2013, 10:32:31 PM
 #7

Rejecting blocks that mint full amount is actually a less bad 51% attack though than simply rejecting all blocks you didn't mine yourself, though in practice it probably ends up being the same thing since it is not likely anyone else will be mining less than the full amount.

So really I still don't see how it is in any way new or interesting, it is maybe just an example of a simple way of implementing in your code a method of rejecting blocks you didn't mine yourself.

-MarkM-


Difference here is that:
a) it really simple to implement (and fix) (oh well ok, its not hard to code client that just doesnt accept blocks from network either)
b) this creates thousands of mini reorganizes instead of one huge, so its harder to detect (its not hard to code client to refuse to reorganize more than amount of confirmations needed for "valid" transactions, thus preventing double spend until checkpoints are fixed etc...)

donations -> btc: 1M6yf45NskQxWXknkMTzQ8o6wShQcSY4EC
                   ltc: LeTpCd6cQL26Q1vjc9kJrTjjFMrPhrpv6j
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!