Bitcoin Forum
November 21, 2017, 06:18:35 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: “简单多数原则似乎不够?比特币挖矿非常脆弱”  (Read 1782 times)
HorseRider
Moderator
Legendary
*
Offline Offline

Activity: 1369


View Profile
November 05, 2013, 01:48:23 PM
 #1

有一种预感,这是比特币社区的大事儿。专门开个帖子讨论一下。

事情是这样子滴。

今天媒体发现了一篇论文,论文的作者是康奈尔大学计算机系Ittay Eyal和Emin Gun Sirer两位学者。论文指出,比特币网络安全有重大的安全隐患,过去认为比特币网络需要多数人作恶才能被摧毁,但是现在发现必须要更严格的大多数遵守规则才行。根据他们的分析,只需要1/3的算力联合起来作恶,那么比特币挖矿的去中心化特点就会迅速瓦解。

论文原文在此:
Majority is not Enough: Bitcoin Mining is Vulnerable
http://i.cdn.turner.com/money/2013/images/11/04/btcProc.pdf

论文的攻击方法要点是:

Quote
+在发现一个区块A之后,不要急于公布
+在这个区块A后面接着挖,争取发现区块B
+尽一切力量力求率先发现公共区块链条上面出现的区块。观察公共区块链条上与自己的链条相比谁更快

+如果在没有发现区块B之前,公共区块链条上面已经出现与A位置一致的区块Apublic,立刻发布区块A
区块A有一定概率会被其他诚实矿工接受,如果接受区块A的诚实矿工(当然还有攻击者本人)在A后面挖出了新的区块,那么区块A胜利。否则攻击者挖掘区块A和延续区块A的努力白费。

+如果攻击者发现了区块B,公共区块链条仍然没有发现区块Apublic,那么继续观察公共区块链条上面出现的区块。假定攻击者仍然未能占有51%的算力,那么公共区块链一般而言还是会追上来。那么在公共区块链条上面出现了区块区块Bpublic时,攻击者集中释放两个区块A和B

此时,区块A和B有一定概率会被其他诚实矿工接受。如果接受区块A+B的诚实矿工(当然还有攻击者本人)在B后面挖出了新的区块,那么区块A+B胜利。否则攻击者挖掘区块A、B和延续区块B的努力白费。此时其他诚实矿工发现挖掘区块Apublic的努力完全白费了。

如果不建立数学模型,攻击者似乎有得有失,但是定量分析发现,由于其他诚实矿工总是时不时地遭受损失,而且诚实矿工受到的损失更大。攻击者成功地运用”自损800、杀人3000“的战术,令自己最终占有全网产出的实际份额,超过诚实挖矿能够占有的份额。如果一旦有矿池发动攻击,其他诚实矿工出于经济理性,就会加入攻击者的队伍!而比特币全网算力就会迅速集中到这个攻击者的手中!(以上不代表楼主意见,仅仅是对论文愿意尽量忠诚的表述。)

按照论文的意见,如果攻击者拥有33%的全网算力,攻击者就是人心所向、势不可挡了!



有关媒体报道:

美学者发现比特币重大漏洞 或致货币体系崩溃
http://www.techweb.com.cn/news/2013-11-05/1351158.shtml


英文报道更是铺天盖地:

Google news is showing a number of articles which amount to FUD, and are multiplying like gremlins.
Perhaps the Bitcoin Foundation should put up a short rebuttal / press release encapsulating some of the information in this thread. While the Eyal paper has some merit - it is certainly not a situation of "'Bitcoin Is Broken' And Could Collapse"

Bitcoin flaw could let group take control of currency(比特币的内在缺陷可导致该货币被大型集团所控制)
CNNMoney - ‎3 hours ago‎
The flaw is due to the nature of how bitcoins are created -- people "mine" them by solving a complex puzzle with their computers. If used correctly, the system is set up so that someone guesses correctly every 10 minutes, and the winner gets 25 bitcoins.
http://money.cnn.com/2013/11/04/technology/bitcoin-flaw/

Bitcoin Researchers: You Can Game the System(比特币研究者:你可以玩弄比特币)
Mashable - ‎10 hours ago‎
Computer science researchers at Cornell University claim to have found a way to subvert the system driving production of the digital currency Bitcoin. The researchers call their technique “selfish mining,” through which individuals or groups of Bitcoin miners ...
http://mashable.com/2013/11/04/bitcoin-cornell-researchers/

Researchers Say 'Bitcoin Is Broken' And Could Collapse(研究者认为“比特币已经可以被攻破”,整个货币体系可能坍塌“
Yahoo!7 News - ‎1 hour ago‎
The problem is with how people "mine" bitcoins. Mining is how bitcoins are created. Most people don't mine bitcoins anymore. They buy them or take them as payment. But some people are in the business of mining coins with special bitcoin-mining computers ...
http://au.finance.yahoo.com/news/researchers-bitcoin-broken-could-collapse-014448102.html

Cornell Researchers Found a Way to Game Bitcoin(研究者发现愚弄比特币网络的方法)
RYOT - ‎2 hours ago‎
It's entirely likely and understandable, despite our better efforts to bombard you with Bitcoin stories recently, that you still don't know what Bitcoin is. (To be honest, 92 articles about it later we still don't fully grasp it.) But all you need to know is that it's digital ...
Bitcoin open to takeover, researchers discover with new algorithm
http://www.ryot.org/cornell-researchers-claim-able-game-bitcoin/456361

Science Daily (press release) - ‎58 minutes ago‎
Nov. 4, 2013 — A major flaw that has gone unrealized until now leaves the $1.5 billion Bitcoin market open to manipulation and a potential takeover, according to a new study by two Cornell University computer scientists.(比特币网络发现重大安全漏洞,可以被少数人操纵)
http://www.sciencedaily.com/releases/2013/11/131104112234.htm










留白是一种强调的意思。











论坛的英文区讨论帖:https://bitcointalk.org/index.php?topic=324413.0

16SvwJtQET7mkHZFFbJpgPaDA1Pxtmbm5P
Join ICO Now Coinlancer is Disrupting the Freelance marketplace!
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
kikizhu
Full Member
***
Offline Offline

Activity: 126

比特币家园 http://www.btc126.com


View Profile WWW
November 05, 2013, 01:55:23 PM
 #2

虽然看不懂,不过希望在0.9客户端出来后 能搞定这一漏洞。

rulesky
Sr. Member
****
Offline Offline

Activity: 434


View Profile
November 05, 2013, 04:12:21 PM
 #3

我也是看不懂 Grin 应该能尽快修复漏洞的,对BTC有信心。
arnoldsz
Jr. Member
*
Offline Offline

Activity: 58


View Profile
November 05, 2013, 04:20:51 PM
 #4

没用的,就算被部分矿工接受了,也就多一个orphan而已。正常挖矿还会因为网速问题挖出orphan呢,别说这种故意想搞事情的了
youdamushi
Sr. Member
****
Offline Offline

Activity: 392


View Profile
November 05, 2013, 04:26:56 PM
 #5

全网运算力   3,361,939GH/s 
33%是1,109,439.87GH/s 
可谁有1109TB的计算量


PARADICE.io






visionary
Hero Member
*****
Offline Offline

Activity: 497


🌟  eSports ICO: 01/11/2017 🌟


View Profile
November 05, 2013, 05:44:49 PM
 #6

他这意思就好比:

给我多快的宇宙飞船,我能穿越时空

           ▄▄▄██████████▄▄▄
        ▄███▀▀   ▄▄▄▄   ▀▀███▄
     ▄██▀▀ ▄▄████████████▄▄ ▀▀██▄
    ██▀ ▄███████▀▀▀▀▀▀███████▄ ▀██
   ██▀ ██████▀          ▀██████  ██
  ██  █████▀         ▄▄▄▄▄██████▄ ██
██▀ █████  ▄▄▄██████████████████  █
▐██  ██████▄▄▄▄▄▄ ▀▀▀▀▀▀██████▀▀▀▀ ██▌
███ ▐███████████████████▄▄▄▄▄▄     ███
▐██  ▀▀██████████████████████████▀ ██▌
███ █▄▄▄▄    ▀▀▀▀▀██████████████ ▄██
  ██▄ █████▄              ▄█████ ▄██
   ███ ▀██████▄▄      ▄▄██████▀ ▄██
    ▀██▄ ▀▀█████████████████▀ ▄██▀
      ▀███▄  ▀▀████████▀▀▀ ▄▄██▀
         ▀▀███▄▄▄▄▄▄▄▄▄▄████▀
              ▀▀▀▀▀▀▀▀▀▀
██████████████████████████████████████████████████████████████
.eSports.com.
██████████████████████████████████████████████████████████████

                   ██                   
                   ██                   
                   ██                   
                   ▀▀                   
         ▄▄████▄▄      ▄▄█████▄         
     ▄▄██▀▀    ▀▀███▄███▀    ▀▀██▄▄     
     ██     ▄      ▀▀     ▄▄▄    ██     
     ██  ▄███▄        ▄▄▀▀▀▄▄  ██▌   
    ▐█▌  ▀█████▀        ██   ██  ▐██   
    ██    ▀█▀            ███     ██   
   ▐██           ▄    ▄           ▐█▌   
   ██         ▄███    ▀██▄         ██   
   ██      ▄███▀        ▀███▄      ██   
   ██▄   ▄██▀              ▀██▄   ▄██   
    ▀████▀▀                   ▀████▀   
█   █
█ █ 
█ █ █
     
█ █ █
  █ █
█ █ 
█   █
█ █ █
  █ █
btctycoon
Jr. Member
*
Offline Offline

Activity: 54


View Profile
November 05, 2013, 07:32:26 PM
 #7

我想这产生的一个问题不一定是所有矿工都涌向最大池子. 因为池子都加上这个尽可能晚公布的设定不难.
如果所有池子都这么干, 最后的结果是, 所有人都不发布(耗费他人算力), 都等着别人发布然后马上发布自己的(然后大家再比拼谁的链最长), 然后各个池子最终获得的几率应该和所有矿池尽早发布获得概率接近吧.
所有人都晚发布, 那么最终对所有人还是公平的. 但是最严重结果是每个块发现的时间人为延长了.
如果补丁的话, 这个应该是主要解决问题, 而引导矿池策略应该是次要问题.
btctycoon
Jr. Member
*
Offline Offline

Activity: 54


View Profile
November 05, 2013, 07:41:35 PM
 #8

奥, 还有一个问题.
如果A池比B池在N块儿上提前工作几个小时开始工作, 当B池开始后A池仍然没有发现, 那么在剩余的时间里, 对于N快A池相对于B池拥有找到的优势嘛? 我怎么觉得A和B的机会相等的.
你上抛硬币9次都是正面, 但是第十次抛正面的概率仍然是50%啊.
我不清楚是不是这样的, 最好有高手回答一下.
也可能优势不是指上面的情况, 而是晚公布仅仅是耗费竞争对手在上一个区块继续耗费时间, 然后希望自己在这段时间内已经找到下一个区块.
如果大家都采用这种策略, 最终结果应该是跟目前持平的, 只不过区块发现时间人为延期了.
innovation
Sr. Member
****
Offline Offline

Activity: 280



View Profile
November 05, 2013, 09:06:01 PM
 #9

有一种预感,这是比特币社区的大事儿。专门开个帖子讨论一下。

事情是这样子滴。

今天媒体发现了一篇论文,论文的作者是康奈尔大学计算机系Ittay Eyal和Emin Gun Sirer两位学者。论文指出,比特币网络安全有重大的安全隐患,过去认为比特币网络需要多数人作恶才能被摧毁,但是现在发现必须要更严格的大多数遵守规则才行。根据他们的分析,只需要1/3的算力联合起来作恶,那么比特币挖矿的去中心化特点就会迅速瓦解。

论文原文在此:
Majority is not Enough: Bitcoin Mining is Vulnerable
http://i.cdn.turner.com/money/2013/images/11/04/btcProc.pdf

论文的攻击方法要点是:

Quote
+在发现一个区块A之后,不要急于公布
+在这个区块A后面接着挖,争取发现区块B
+尽一切力量力求率先发现公共区块链条上面出现的区块。观察公共区块链条上与自己的链条相比谁更快

+如果在没有发现区块B之前,公共区块链条上面已经出现与A位置一致的区块Apublic,立刻发布区块A
区块A有一定概率会被其他诚实矿工接受,如果接受区块A的诚实矿工(当然还有攻击者本人)在A后面挖出了新的区块,那么区块A胜利。否则攻击者挖掘区块A和延续区块A的努力白费。

+如果攻击者发现了区块B,公共区块链条仍然没有发现区块Apublic,那么继续观察公共区块链条上面出现的区块。假定攻击者仍然未能占有51%的算力,那么公共区块链一般而言还是会追上来。那么在公共区块链条上面出现了区块区块Bpublic时,攻击者集中释放两个区块A和B

此时,区块A和B有一定概率会被其他诚实矿工接受。如果接受区块A+B的诚实矿工(当然还有攻击者本人)在B后面挖出了新的区块,那么区块A+B胜利。否则攻击者挖掘区块A、B和延续区块B的努力白费。此时其他诚实矿工发现挖掘区块Apublic的努力完全白费了。

如果不建立数学模型,攻击者似乎有得有失,但是定量分析发现,由于其他诚实矿工总是时不时地遭受损失,而且诚实矿工受到的损失更大。攻击者成功地运用”自损800、杀人3000“的战术,令自己最终占有全网产出的实际份额,超过诚实挖矿能够占有的份额。如果一旦有矿池发动攻击,其他诚实矿工出于经济理性,就会加入攻击者的队伍!而比特币全网算力就会迅速集中到这个攻击者的手中!(以上不代表楼主意见,仅仅是对论文愿意尽量忠诚的表述。)

按照论文的意见,如果攻击者拥有33%的全网算力,攻击者就是人心所向、势不可挡了!



有关媒体报道:

美学者发现比特币重大漏洞 或致货币体系崩溃
http://www.techweb.com.cn/news/2013-11-05/1351158.shtml


英文报道更是铺天盖地:

Google news is showing a number of articles which amount to FUD, and are multiplying like gremlins.
Perhaps the Bitcoin Foundation should put up a short rebuttal / press release encapsulating some of the information in this thread. While the Eyal paper has some merit - it is certainly not a situation of "'Bitcoin Is Broken' And Could Collapse"

Bitcoin flaw could let group take control of currency(比特币的内在缺陷可导致该货币被大型集团所控制)
CNNMoney - ‎3 hours ago‎
The flaw is due to the nature of how bitcoins are created -- people "mine" them by solving a complex puzzle with their computers. If used correctly, the system is set up so that someone guesses correctly every 10 minutes, and the winner gets 25 bitcoins.
http://money.cnn.com/2013/11/04/technology/bitcoin-flaw/

Bitcoin Researchers: You Can Game the System(比特币研究者:你可以玩弄比特币)
Mashable - ‎10 hours ago‎
Computer science researchers at Cornell University claim to have found a way to subvert the system driving production of the digital currency Bitcoin. The researchers call their technique “selfish mining,” through which individuals or groups of Bitcoin miners ...
http://mashable.com/2013/11/04/bitcoin-cornell-researchers/

Researchers Say 'Bitcoin Is Broken' And Could Collapse(研究者认为“比特币已经可以被攻破”,整个货币体系可能坍塌“
Yahoo!7 News - ‎1 hour ago‎
The problem is with how people "mine" bitcoins. Mining is how bitcoins are created. Most people don't mine bitcoins anymore. They buy them or take them as payment. But some people are in the business of mining coins with special bitcoin-mining computers ...
http://au.finance.yahoo.com/news/researchers-bitcoin-broken-could-collapse-014448102.html

Cornell Researchers Found a Way to Game Bitcoin(研究者发现愚弄比特币网络的方法)
RYOT - ‎2 hours ago‎
It's entirely likely and understandable, despite our better efforts to bombard you with Bitcoin stories recently, that you still don't know what Bitcoin is. (To be honest, 92 articles about it later we still don't fully grasp it.) But all you need to know is that it's digital ...
Bitcoin open to takeover, researchers discover with new algorithm
http://www.ryot.org/cornell-researchers-claim-able-game-bitcoin/456361

Science Daily (press release) - ‎58 minutes ago‎
Nov. 4, 2013 — A major flaw that has gone unrealized until now leaves the $1.5 billion Bitcoin market open to manipulation and a potential takeover, according to a new study by two Cornell University computer scientists.(比特币网络发现重大安全漏洞,可以被少数人操纵)
http://www.sciencedaily.com/releases/2013/11/131104112234.htm










留白是一种强调的意思。











论坛的英文区讨论帖:https://bitcointalk.org/index.php?topic=324413.0

这才叫研究。
kmtan
Full Member
***
Offline Offline

Activity: 196


I love Bitcoin


View Profile
November 06, 2013, 12:30:40 AM
 #10

很难看得懂。。。

viboracecata
Legendary
*
Offline Offline

Activity: 1288



View Profile
November 06, 2013, 04:49:35 AM
 #11

好像主开发工程师说会加入一个新的协议以使所有矿池能总是立即广播自己的成果

ef_asm
Member
**
Offline Offline

Activity: 100


View Profile
November 06, 2013, 06:47:16 AM
 #12

没看懂。
我想可以找一个盘子较小的山寨币试试,如果真的用三分之一的算力就能发动攻击,那么,比特币的安全性就被削弱了。原本需要51%的。
a137924685
Sr. Member
****
Offline Offline

Activity: 322


Live Stars - Adult Streaming Platform


View Profile
November 07, 2013, 11:51:18 PM
 #13

脆弱

sdxl
Sr. Member
****
Offline Offline

Activity: 252


View Profile
November 08, 2013, 02:00:25 PM
 #14

高深莫测,看不懂

nathun
Newbie
*
Offline Offline

Activity: 28


View Profile
November 20, 2013, 03:22:47 AM
 #15

不明觉厉

 ✰ PrimeDice.com | Instant Bitcoin Gambling | Free BTC Faucet | ( 1% edge) (https://PrimeDice.com) *Thread* (https://bitcointalk.org/index.php?topic=208986.0)
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!