Bitcoin Forum
November 08, 2024, 03:50:14 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: Solution to a 51% attack?  (Read 5474 times)
BitcoinEXpress
Legendary
*
Offline Offline

Activity: 1210
Merit: 1024



View Profile
October 12, 2013, 07:45:05 PM
 #21

Remember even when submitting with multiple nodes there will be a convergence point to a legitimate peer, and then that legitimate peer will be banned for transmitting too quickly, thereby segmenting the network for 4 hours but keeping many legitimate users safe.

Why do you assume that someone with more than 51% needs to submit blocks faster than the 5 in ten minutes? Very bad assumption. How are you going to deal with that when a number of legit users get banned. Miners will not take to that too well. What happens when someone hits you with a diff attack and causes about half your network to exceed the limit and gets banned therefore opening up the entire block chain to an attacker remaining within the defined limits?


Stop arguing over semantics, this was designed to stop some double spending attacks, basic difficulty attacks, and multipools(and it does that very well). When I say "virtual immunity" - I don't mean total immunity, I mean immunity from pretty much anyone out there who realizes that the cost of the attack would be greater than the gain.

Another bad assumption on your part. What if an attacker is paid to attack a chain and has zero intention to trade the coins? What if an attacker does it just because they're bored or just to do it?


The system is designed to cut off an affected portion of the network in the event of a multi-pronged attack, they will simply reconnect in 4 hours and continue on the main chain.

Again start cutting off legit miners and see how fast your chain dies.

Also in banning "legit" peers, what are you going to do when someone builds a list of lets say a 1000 peers, connects and starts sending "bad blocks" to them, ban them all? That in itself is an exploit I could build in only the time needed to scan for peers.

I applaud you guys for trying to find a solution to attacks but the smart thing to do is develop them, keep them quiet to keep and don't invite public ridicule with some posted half baked ideas that were obviously never tested


~BCX~

User705
Legendary
*
Offline Offline

Activity: 896
Merit: 1006


First 100% Liquid Stablecoin Backed by Gold


View Profile
October 12, 2013, 07:49:48 PM
 #22

"Virtual immunity" for double spends already exists.  It's called real life economics.  Here is the scenario.  A bad actor acquires X amount of coins costing Y in real/fiat value.  He then proceeds to buy ASICs to attempt the double spend.  Most large real life transactions for fiat would likely take a day or two so the resources needed to pull this off are big.  Let's say it's successful and the bad actor receives the amount Y.  Let's set aside the fact that this Y will likely be lower because of possibly exchange rate flux and costs.  So the bad actor now has Y amount in fiat and X amount in coins but the X amount of coins is now greatly devalued since a large double spend was revealed.  So he has gained almost nothing and his ASICs are now greatly devalued because of the great drop in exchange rate.  What he could've mined in block rewards in his lifetime would greatly outweigh the reward of a double spend which wouldn't even be double.  How that applies after block rewards stop or become very low will be a future issue for bitcoin to deal with.

kelsey
Legendary
*
Offline Offline

Activity: 1876
Merit: 1000


View Profile
October 12, 2013, 08:28:49 PM
 #23


Yeah. You gave a shitload of GLD away for basically free, which was promptly dumped for profit onto bagholders.

Great launch guys. Truly.


Well as one of them 'bagholders' I was more then happy to acquire them Smiley

I have to say out of all the alts, gld does give more away (to spread the coin) then pretty much any alt, and thats a good thing, love them or hate them (and as much as you continue to throw mud at them) microguys current team behind gldcoin have proven pretty much by now they are in for the long haul not a quick pump n dump profit.
MicroGuy
Legendary
*
Offline Offline

Activity: 2506
Merit: 1030


Twitter @realmicroguy


View Profile WWW
October 12, 2013, 10:06:33 PM
 #24


I sincerely appreciate the many constructive criticisms presented in this discussion.

Of all the jobs and businesses that I've been a part of over the course of my life, never have I worked with such dedicated, kind, and eager people as those that make up the GoldCoin team and community. The recent FeatherCoin video made mention of the importance of the community and I couldn't agree more.

Over the last 4 months we've come a long way. We started with a coin near death and have now rebuilt the currency and made it strong. The community has grown in numbers and the markets have shown their appreciation. We're even getting calls now from outside financial groups looking to invest in an emerging altcoin.

We're going to take this experience to learn and perhaps reevaluate our release procedures and protocols. I read one commenter suggesting we needed more testing and others pointing out certain weaknesses in the defense. This is valuable information and will help us to make GoldCoin even stronger as we work on the next update.

Thanks again to all of you who have offered helpful suggestions and advice.  Smiley
ghostlander
Legendary
*
Offline Offline

Activity: 1242
Merit: 1020


No surrender, no retreat, no regret.


View Profile WWW
October 13, 2013, 07:15:23 AM
 #25

@ghostlander it's not based on the assumption of a single peer, remember that in p2p networks as the network grows larger there is always a convergence point, it will segment the network for 4 hours before allowing them to continue, the segmentation is limited by how many nodes the attacker controls and is a good defense for a large network.

How are you going to stop an attack done by a pool relaying blocks through a dozen of peers located in different subnets? There are many other possible scenarios. Have you got any simulations done on what you call a network segmentation? Your white paper is not backed by any practical research, I see only some theories which are not impressive. Exchanges can protect themselves without them.

"If you've got a problem and have to spread some coins to make it go away, you've got no problem. You've got an expence." ~ Phoenixcoin (PXC) and Orbitcoin (ORB) and Halcyon (HAL)
akumaburn
Sr. Member
****
Offline Offline

Activity: 281
Merit: 250


The Gold Standard of Digital Currency.


View Profile
October 13, 2013, 07:56:49 PM
 #26

Remember even when submitting with multiple nodes there will be a convergence point to a legitimate peer, and then that legitimate peer will be banned for transmitting too quickly, thereby segmenting the network for 4 hours but keeping many legitimate users safe.

1. Why do you assume that someone with more than 51% needs to submit blocks faster than the 5 in ten minutes? Very bad assumption. How are you going to deal with that when a number of legit users get banned. Miners will not take to that too well. What happens when someone hits you with a diff attack and causes about half your network to exceed the limit and gets banned therefore opening up the entire block chain to an attacker remaining within the defined limits?


Stop arguing over semantics, this was designed to stop some double spending attacks, basic difficulty attacks, and multipools(and it does that very well). When I say "virtual immunity" - I don't mean total immunity, I mean immunity from pretty much anyone out there who realizes that the cost of the attack would be greater than the gain.

2. Another bad assumption on your part. What if an attacker is paid to attack a chain and has zero intention to trade the coins? What if an attacker does it just because they're bored or just to do it?


The system is designed to cut off an affected portion of the network in the event of a multi-pronged attack, they will simply reconnect in 4 hours and continue on the main chain.

3. Again start cutting off legit miners and see how fast your chain dies.

Also in banning "legit" peers, what are you going to do when someone builds a list of lets say a 1000 peers, connects and starts sending "bad blocks" to them, ban them all? That in itself is an exploit I could build in only the time needed to scan for peers.

I applaud you guys for trying to find a solution to attacks but the smart thing to do is develop them, keep them quiet to keep and don't invite public ridicule with some posted half baked ideas that were obviously never tested


~BCX~



@1: They do not need to.. however most attacks do have this done, as they need to outrace the main blockchain to be successful! As I said before, it is possible to slow boat the system but a "slow-boat" style attack is much more noticeable.

@2: Plenty of "What ifs" in life, yes this doesn't protect us from every conceivable scenario, but it does stop some, you have to give it that.

@3: That will only be the case in the event of a multipronged 51% attack, which I'm fairly certain would be fatal if those "legit miners" were not cut off for 4 hours anyways. IMO It's like saying why wear a bulletproof vest when it cant protect you from an RPG?

Attention is good for our market right now.. I realize the optimal solution is to do things quietly, however right now there is plenty of attention on genuinely shitcoins that could be on GoldCoin.
BitcoinEXpress
Legendary
*
Offline Offline

Activity: 1210
Merit: 1024



View Profile
October 13, 2013, 08:27:43 PM
 #27


@1: They do not need to.. however most attacks do have this done, as they need to outrace the main blockchain to be successful! As I said before, it is possible to slow boat the system but a "slow-boat" style attack is much more noticeable.

@2: Plenty of "What ifs" in life, yes this doesn't protect us from every conceivable scenario, but it does stop some, you have to give it that.

@3: That will only be the case in the event of a multipronged 51% attack, which I'm fairly certain would be fatal if those "legit miners" were not cut off for 4 hours anyways. IMO It's like saying why wear a bulletproof vest when it cant protect you from an RPG?

Attention is good for our market right now.. I realize the optimal solution is to do things quietly, however right now there is plenty of attention on genuinely shitcoins that could be on GoldCoin.


Why do keep fixating on "longest chain"? ? ?

The longest chain does not determine the accepted chain. With no disrespect intended it is clear that you do not even have a basic fundamental understanding of 51% attacks or any other for that matter. Everything proposed as "protection" in this thread is flawed to say the least.


~BCX~
akumaburn
Sr. Member
****
Offline Offline

Activity: 281
Merit: 250


The Gold Standard of Digital Currency.


View Profile
October 13, 2013, 08:40:31 PM
 #28


@1: They do not need to.. however most attacks do have this done, as they need to outrace the main blockchain to be successful! As I said before, it is possible to slow boat the system but a "slow-boat" style attack is much more noticeable.

@2: Plenty of "What ifs" in life, yes this doesn't protect us from every conceivable scenario, but it does stop some, you have to give it that.

@3: That will only be the case in the event of a multipronged 51% attack, which I'm fairly certain would be fatal if those "legit miners" were not cut off for 4 hours anyways. IMO It's like saying why wear a bulletproof vest when it cant protect you from an RPG?

Attention is good for our market right now.. I realize the optimal solution is to do things quietly, however right now there is plenty of attention on genuinely shitcoins that could be on GoldCoin.


Why do keep fixating on "longest chain"? ? ?

The longest chain does not determine the accepted chain. With no disrespect intended it is clear that you do not even have a basic fundamental understanding of 51% attacks or any other for that matter. Everything proposed as "protection" in this thread is flawed to say the least.


~BCX~

Correct me if I am wrong, but the longest valid chain is the accepted chain no?
ghostlander
Legendary
*
Offline Offline

Activity: 1242
Merit: 1020


No surrender, no retreat, no regret.


View Profile WWW
October 13, 2013, 08:46:53 PM
 #29

Why do keep fixating on "longest chain"? ? ?

The longest chain does not determine the accepted chain. With no disrespect intended it is clear that you do not even have a basic fundamental understanding of 51% attacks or any other for that matter. Everything proposed as "protection" in this thread is flawed to say the least.


~BCX~

Correct me if I am wrong, but the longest valid chain is the accepted chain no?

No if it's behind the last checkpoint for instance.

"If you've got a problem and have to spread some coins to make it go away, you've got no problem. You've got an expence." ~ Phoenixcoin (PXC) and Orbitcoin (ORB) and Halcyon (HAL)
akumaburn
Sr. Member
****
Offline Offline

Activity: 281
Merit: 250


The Gold Standard of Digital Currency.


View Profile
October 13, 2013, 08:53:32 PM
 #30

Why do keep fixating on "longest chain"? ? ?

The longest chain does not determine the accepted chain. With no disrespect intended it is clear that you do not even have a basic fundamental understanding of 51% attacks or any other for that matter. Everything proposed as "protection" in this thread is flawed to say the least.


~BCX~

Correct me if I am wrong, but the longest valid chain is the accepted chain no?

No if it's behind the last checkpoint for instance.


Yes, but checkpoints don't affect this system(other than the hard checkpoints we manually put in), as the auto-checkpointing is done locally and only stored in memory, it is lost upon closing the client.
akumaburn
Sr. Member
****
Offline Offline

Activity: 281
Merit: 250


The Gold Standard of Digital Currency.


View Profile
October 13, 2013, 09:10:55 PM
Last edit: October 13, 2013, 09:21:04 PM by akumaburn
 #31


@1: They do not need to.. however most attacks do have this done, as they need to outrace the main blockchain to be successful! As I said before, it is possible to slow boat the system but a "slow-boat" style attack is much more noticeable.

@2: Plenty of "What ifs" in life, yes this doesn't protect us from every conceivable scenario, but it does stop some, you have to give it that.

@3: That will only be the case in the event of a multipronged 51% attack, which I'm fairly certain would be fatal if those "legit miners" were not cut off for 4 hours anyways. IMO It's like saying why wear a bulletproof vest when it cant protect you from an RPG?

Attention is good for our market right now.. I realize the optimal solution is to do things quietly, however right now there is plenty of attention on genuinely shitcoins that could be on GoldCoin.


Why do keep fixating on "longest chain"? ? ?

The longest chain does not determine the accepted chain. With no disrespect intended it is clear that you do not even have a basic fundamental understanding of 51% attacks or any other for that matter. Everything proposed as "protection" in this thread is flawed to say the least.


~BCX~

Correct me if I am wrong, but the longest valid chain is the accepted chain no?

The longest valid chain and the longest chain are two different things.

The chain with the most hash rate will determine the valid chain.


~BCX~

I don't see how that affects us, this system works before the block validity checks.. Those are still done afterwards.

This system will simply remove(as best it can) all the longest chains that had any 6 blocks in a row that were produced too quickly (contain 6 blocks produced < 10 minutes).(Past block 100K)

It does this by banning peers locally(for 4 hours) and scheduling a temporary checkpoint 12 blocks ahead(checkpoints live only in memory and are erased upon client restart) who try to submit these new blocks with timestamps that fit the criteria.

It has extra checks for blocks prior to 100K as we have parts of our chain that do not fit that criteria atm and we don't want clients to be banned for sending those older blocks.

It's essentially a throttle on how fast valid chains can mine their blocks.
ghostlander
Legendary
*
Offline Offline

Activity: 1242
Merit: 1020


No surrender, no retreat, no regret.


View Profile WWW
October 13, 2013, 09:19:18 PM
 #32

Why do keep fixating on "longest chain"? ? ?

The longest chain does not determine the accepted chain. With no disrespect intended it is clear that you do not even have a basic fundamental understanding of 51% attacks or any other for that matter. Everything proposed as "protection" in this thread is flawed to say the least.


~BCX~

Correct me if I am wrong, but the longest valid chain is the accepted chain no?

No if it's behind the last checkpoint for instance.


Yes, but checkpoints don't affect this system(other than the hard checkpoints we manually put in), as the auto-checkpointing is done locally and only stored in memory, it is lost upon closing the client.

That's what I'd like you to explain in depth including why you think it's better than ACP which is a proven solution.

"If you've got a problem and have to spread some coins to make it go away, you've got no problem. You've got an expence." ~ Phoenixcoin (PXC) and Orbitcoin (ORB) and Halcyon (HAL)
akumaburn
Sr. Member
****
Offline Offline

Activity: 281
Merit: 250


The Gold Standard of Digital Currency.


View Profile
October 13, 2013, 09:22:43 PM
 #33

Why do keep fixating on "longest chain"? ? ?

The longest chain does not determine the accepted chain. With no disrespect intended it is clear that you do not even have a basic fundamental understanding of 51% attacks or any other for that matter. Everything proposed as "protection" in this thread is flawed to say the least.


~BCX~

Correct me if I am wrong, but the longest valid chain is the accepted chain no?

No if it's behind the last checkpoint for instance.


Yes, but checkpoints don't affect this system(other than the hard checkpoints we manually put in), as the auto-checkpointing is done locally and only stored in memory, it is lost upon closing the client.

That's what I'd like you to explain in depth including why you think it's better than ACP which is a proven solution.


I have modified my post accordingly,

By ACP, I assume you mean feathercoin's solution, I've not read that much about it in detail however from what I know

ACP may be "proven" but its still centralized... all one has to do is take down the checkpoint server(s) and then proceed with the attack.

This is a decentralized defense system that does the same job, arguably better for certain kinds of attacks.
kelsey
Legendary
*
Offline Offline

Activity: 1876
Merit: 1000


View Profile
October 13, 2013, 09:26:15 PM
 #34

I can see both sides of this argument/discussion, and both are idiotic.

The 'solution' looks lifted from another source and poorly implemented here. The knockers seem to think its claiming to be the answer to all attacks yet it isn't.

Concern is with such a system (and I've seen and tested similar in a different situation), banning legit peers by accident or as a centralised form of control on purpose, or by malace.

ghostlander
Legendary
*
Offline Offline

Activity: 1242
Merit: 1020


No surrender, no retreat, no regret.


View Profile WWW
October 13, 2013, 10:12:28 PM
 #35

Correct me if I am wrong, but the longest valid chain is the accepted chain no?

No if it's behind the last checkpoint for instance.


Yes, but checkpoints don't affect this system(other than the hard checkpoints we manually put in), as the auto-checkpointing is done locally and only stored in memory, it is lost upon closing the client.

That's what I'd like you to explain in depth including why you think it's better than ACP which is a proven solution.


I have modified my post accordingly,

By ACP, I assume you mean feathercoin's solution, I've not read that much about it in detail however from what I know

ACP may be "proven" but its still centralized... all one has to do is take down the checkpoint server(s) and then proceed with the attack.

This is a decentralized defense system that does the same job, arguably better for certain kinds of attacks.

It is centralised to some extent, though optional while enabled by default. Clients may unsubscribe if they wish to. In order to take down the master node(s), the attackers have to find those first as their IPs are not coded in the client. Even if they succeed, a new master node may be set up in a matter of minute.


Quote
This system will simply remove(as best it can) all the longest chains that had any 6 blocks in a row that were produced too quickly (contain 6 blocks produced < 10 minutes).(Past block 100K)

Goldcoin's block target of 2 minutes and 60 blocks to retarget assumed. Your white paper says: "No one peer may transmit more than 5 blocks every 10 minutes, regardless of their origin."  Do you understand there is quite a big difference between both statements? What do you use for peer identification? What if there are many peers attacking? What if they fake time stamps? What if it's a legit pool like Multipool or Middlecoin? There are many ifs.

"If you've got a problem and have to spread some coins to make it go away, you've got no problem. You've got an expence." ~ Phoenixcoin (PXC) and Orbitcoin (ORB) and Halcyon (HAL)
akumaburn
Sr. Member
****
Offline Offline

Activity: 281
Merit: 250


The Gold Standard of Digital Currency.


View Profile
October 14, 2013, 05:51:26 AM
 #36

Correct me if I am wrong, but the longest valid chain is the accepted chain no?

No if it's behind the last checkpoint for instance.


Yes, but checkpoints don't affect this system(other than the hard checkpoints we manually put in), as the auto-checkpointing is done locally and only stored in memory, it is lost upon closing the client.

That's what I'd like you to explain in depth including why you think it's better than ACP which is a proven solution.


I have modified my post accordingly,

By ACP, I assume you mean feathercoin's solution, I've not read that much about it in detail however from what I know

ACP may be "proven" but its still centralized... all one has to do is take down the checkpoint server(s) and then proceed with the attack.

This is a decentralized defense system that does the same job, arguably better for certain kinds of attacks.

It is centralised to some extent, though optional while enabled by default. Clients may unsubscribe if they wish to. In order to take down the master node(s), the attackers have to find those first as their IPs are not coded in the client. Even if they succeed, a new master node may be set up in a matter of minute.


Quote
This system will simply remove(as best it can) all the longest chains that had any 6 blocks in a row that were produced too quickly (contain 6 blocks produced < 10 minutes).(Past block 100K)

Goldcoin's block target of 2 minutes and 60 blocks to retarget assumed. Your white paper says: "No one peer may transmit more than 5 blocks every 10 minutes, regardless of their origin."  Do you understand there is quite a big difference between both statements? What do you use for peer identification? What if there are many peers attacking? What if they fake time stamps? What if it's a legit pool like Multipool or Middlecoin? There are many ifs.


0. The actual implementation of the code only acts on the 6th received block as that is what is necessary for a full confirmation.

To further clarify: if 5 blocks are sent by one peer, and another block is received by the same peer that has a timestamp within 10 minutes of the first block sent by that initial peer, the peer that sent those 6 blocks is banned.

1. Ip address is used for peer identification.

2. If there are many peers attacking the converging node will be banned and the network will be segmented for a few hours before repairing itself.

3. Faking timestamps is a whole other issue, but Bitcoin generally has resolved this by limiting how far in the future timestamps can be(+2h), thus while such an attack may work, it is fairly easy to counter by limiting the range of the timestamps/mode of determining the current time.

Don't blame us for this, blame the people who decided a non-accurate timestamp was A-OK.

I will look into a way around this inherent flaw in Bitcoin as it seems a hornets nest ready to unravel.

The defense makes no distinction between an attacker and someone who has > 51% of the hashpower... they are equally threatening.

4. Cryptocoin mining should be as distributed as possible, these mega-multi-pools only cause trouble by creating mass spikes of supply where its not wanted and the market no longer needs it.


With regards to the third point, I may decide to abandon the standard Bitcoin client entirely and come up with a new client from scratch and perhaps even a new blockchain (time and life allowing). There are many design decisions that were made by the Bitcoin team that I disagree heavily with. It's time-laxity being one of them.
shitscared
Newbie
*
Offline Offline

Activity: 46
Merit: 0


View Profile
October 14, 2013, 06:26:22 AM
 #37

SELL!!!  Grin
akumaburn
Sr. Member
****
Offline Offline

Activity: 281
Merit: 250


The Gold Standard of Digital Currency.


View Profile
October 14, 2013, 06:49:03 AM
 #38

SELL!!!  Grin
Lol Smiley

Ofcourse, if I do come up with a new chain, I will likely transfer all existing coins to the new chain somehow.

So no worries, your coins are safe from my ideological improvements...  Cool
Come-from-Beyond
Legendary
*
Offline Offline

Activity: 2142
Merit: 1010

Newbie


View Profile
October 14, 2013, 07:15:35 AM
 #39

With regards to the third point, I may decide to abandon the standard Bitcoin client entirely and come up with a new client from scratch and perhaps even a new blockchain (time and life allowing).

Is it ur coin - https://bitcointalk.org/index.php?topic=303898.0?


Ofcourse, if I do come up with a new chain, I will likely transfer all existing coins to the new chain somehow.

Mastercoin and Nxt already showed the way. Smiley


Btw, Nxt creator claims that he solved 51% attack...
flound1129
Hero Member
*****
Offline Offline

Activity: 938
Merit: 1000


www.multipool.us


View Profile
October 14, 2013, 07:47:39 AM
 #40

4. Cryptocoin mining should be as distributed as possible, these mega-multi-pools only cause trouble by creating mass spikes of supply where its not wanted and the market no longer needs it.

Irony much?

Multipool - Always mine the most profitable coin - Scrypt, X11 or SHA-256!
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!