Bitcoin Forum
November 02, 2024, 06:55:48 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 [9] 10 11 12 13 14 »  All
  Print  
Author Topic: delete  (Read 34069 times)
sonysasankan
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile WWW
March 09, 2014, 03:38:35 AM
 #161

It is very much a possibility that there are AUR holders in a country where doing whatever OP is planning on doing will be illegal, i.e. attacking money transfers, forging transfers, and what not. Or OP himself might be living in one. Comparing shares of a company to a currency is not applicable.

I doubt you even know what you're talking about. And so what? What is "Illegal"? Some Govt declared mechanism to decide whom to aggress upon? This is open source man...It has freedom to evolve and will always turn out better than before. The outdated will perish, and yes, it will have victims... it is up to you to adapt.

Pinkcoin Donations Address ---> PINK: PB9TmJXZTqzLroz9cLzCQe2cNWzEwJeq5g | BTC: 14Yxxxxko19qtLi3k2yvtWQ54vSQg2mLjB <---
Rent Mining rigs for cheap
kalus
Sr. Member
****
Offline Offline

Activity: 420
Merit: 263

let's make a deal.


View Profile
March 09, 2014, 03:46:48 AM
 #162

there is nothing that will stop even a small cartel from wrecking the coin.  

By cartel, I assume you mean an organization of people subject to the RICO criminal statute (18 U.S.C.A. § 1963) ?
Depending on where you live, US federal code may or may not apply to your activity.  

By cartel i mean a group of people that follow an agreement to follow the same market strategy in the manipulation of an asset.  members of a cartel engage in price fixing, manipulating output, manipulating market share, rigging bids, and division of profits.  the aim of a cartel, whether in industry, stock market, or cryptocurrency, is to increase the members' profits by reducing competition.  if you research the current pump-and-dump groups and the recent pump and dump of auroracoin, you can observe a cartel in operation.  


DC2ngEGbd1ZUKyj8aSzrP1W5TXs5WmPuiR wow need noms
kelsey
Legendary
*
Offline Offline

Activity: 1876
Merit: 1000


View Profile
March 09, 2014, 04:01:29 AM
 #163

there is nothing that will stop even a small cartel from wrecking the coin.  

By cartel, I assume you mean an organization of people subject to the RICO criminal statute (18 U.S.C.A. § 1963) ?

so basically the US gov and its bankers  Wink
sonysasankan
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile WWW
March 09, 2014, 04:25:01 AM
 #164

there is nothing that will stop even a small cartel from wrecking the coin.  

By cartel, I assume you mean an organization of people subject to the RICO criminal statute (18 U.S.C.A. § 1963) ?
Depending on where you live, US federal code may or may not apply to your activity.  

By cartel i mean a group of people that follow an agreement to follow the same market strategy in the manipulation of an asset.  members of a cartel engage in price fixing, manipulating output, manipulating market share, rigging bids, and division of profits.  the aim of a cartel, whether in industry, stock market, or cryptocurrency, is to increase the members' profits by reducing competition.  if you research the current pump-and-dump groups and the recent pump and dump of auroracoin, you can observe a cartel in operation.  



I would have to call BS on that.... a cartel always requires the power of the govt to function. To act upon their agenda, they will require favourable laws (aka blocking fair competition), the muscle of the state (cops, legislative threats, etc) and many other "favours" from a central agency. It is simply uneconomical for a cartel to block competition with their own money. Now in the freemarket world of Crypto, a cartel cannot exist. There may be whales and sardines, but in all fairness, they are whales because they invested their time and resources (brains, skills) to get there. Pump and dump is a completely fair process. What would be unfair is a central authority who is brought in to control this method (aka threaten the whales with violence for non compliance) so that the horde can enjoy artificial stability.

Pinkcoin Donations Address ---> PINK: PB9TmJXZTqzLroz9cLzCQe2cNWzEwJeq5g | BTC: 14Yxxxxko19qtLi3k2yvtWQ54vSQg2mLjB <---
Rent Mining rigs for cheap
kalus
Sr. Member
****
Offline Offline

Activity: 420
Merit: 263

let's make a deal.


View Profile
March 09, 2014, 05:38:50 AM
 #165

I would have to call BS on that.... a cartel always requires the power of the govt to function.

DeBeers is the diamond cartel controlling 50% of the world's inventory, and does this without the power of the government to function.

Sinaloa Cartel is a group of criminal drug organisations that operates worldwide, and functions in direct opposition to the government.

three incumbent Canadian wireless companies collude together in a cartel to maintain some of the highest prices in the world for phone plans, and actively attack new market entrants.  this is done despite the efforts of the government regulator.

cartels don't always require the power of government.  it does help when the government is involved, but not essential.

Pump and dump is a completely fair process.

a pump and dump is more fair to the people within the circle i.e. cartel.

pump and dump relies on market manipulation and the cartel maintaining its strategy (i.e. "hodl") until the pre-determined signal.  this is contrary to free market where everyone would be acting as independent agents.  the precise timing to provide optimal payout relies on maintaining information asymmetry over the competition unfairly through collusion.  if you're in the cartel, you make money, and if you're out, you get to be bagholder.  that's not an even playing field.  

DC2ngEGbd1ZUKyj8aSzrP1W5TXs5WmPuiR wow need noms
Nite69
Sr. Member
****
Offline Offline

Activity: 477
Merit: 500


View Profile
March 09, 2014, 06:14:35 AM
Last edit: March 09, 2014, 07:37:19 AM by Nite69
 #166

We can allow new blocks to travel 1 block back in time, so I'd modify my earlier fix:

Code:
diff --git a/src/main.h b/src/main.h
index 830e451..b7a7570 100644
--- a/src/main.h
+++ b/src/main.h
@@ -1142,7 +1142,7 @@ public:
         return true; // CheckProofOfWork(GetBlockHash(), nBits);
     }
 
-    enum { nMedianTimeSpan=11 };
+    enum { nMedianTimeSpan=3 };
 
     int64 GetMedianTimePast() const
     {
This should be in effect after the block 5400. Wheather or not that is the flaw BCX is planning to use, this should be fixed anyway.

lo, didn't think about it earlier; but now it is not only one byte fix, it is one bit fix  :-D

Sync: ShiSKnx4W6zrp69YEFQyWk5TkpnfKLA8wx
Bitcoin: 17gNvfoD2FDqTfESUxNEmTukGbGVAiJhXp
Litecoin: LhbDew4s9wbV8xeNkrdFcLK5u78APSGLrR
AuroraCoin: AXVoGgYtSVkPv96JLL7CiwcyVvPxXHXRK9
sonysasankan
Sr. Member
****
Offline Offline

Activity: 280
Merit: 250


View Profile WWW
March 09, 2014, 07:05:03 AM
 #167

I would have to call BS on that.... a cartel always requires the power of the govt to function.

DeBeers is the diamond cartel controlling 50% of the world's inventory, and does this without the power of the government to function.

Sinaloa Cartel is a group of criminal drug organisations that operates worldwide, and functions in direct opposition to the government.

three incumbent Canadian wireless companies collude together in a cartel to maintain some of the highest prices in the world for phone plans, and actively attack new market entrants.  this is done despite the efforts of the government regulator.

cartels don't always require the power of government.  it does help when the government is involved, but not essential.

Pump and dump is a completely fair process.

a pump and dump is more fair to the people within the circle i.e. cartel.

pump and dump relies on market manipulation and the cartel maintaining its strategy (i.e. "hodl") until the pre-determined signal.  this is contrary to free market where everyone would be acting as independent agents.  the precise timing to provide optimal payout relies on maintaining information asymmetry over the competition unfairly through collusion.  if you're in the cartel, you make money, and if you're out, you get to be bagholder.  that's not an even playing field.  

Are you telling me De Beers controlls the diamond market and rose to the top without any aid from the South African / Zimbabwe government? They just set up shop, and every other business minded person turned a blind eye on to the opportunity of making money from diamonds... for no apparent reason... ran it like that for like the last 100+ years, and thus got in control of the market? And by government, I mean any entity that has a monopoly on power and is "authorized" to use force without any repurcussion for their actions. That can include other rebels who are anti govt and want to overthrow the current govt and put someone favourable to them.

As for teh Pump n dump, you are talking like that is an external event "happening to people". If someone is selling, it means that someone is buying at that price.... voluntarily. That's teh key word there... voluntarily. So what if a group of people take a stand and say they will not purchase at a price higher than so much and together decide they will all sell it at this price or higher? You are taking accountability away from them when you say they are "left holding the bag". If a person chooses to invest in something where he knows a lot of teh other buyers are prone to panic and can fluctuate the prices based on their collective panic, he is choosing to take that risk by not considering that dynamic while parting with his money.

Pinkcoin Donations Address ---> PINK: PB9TmJXZTqzLroz9cLzCQe2cNWzEwJeq5g | BTC: 14Yxxxxko19qtLi3k2yvtWQ54vSQg2mLjB <---
Rent Mining rigs for cheap
illodin
Hero Member
*****
Offline Offline

Activity: 966
Merit: 1003


View Profile
March 09, 2014, 07:47:37 AM
 #168

the thread discussions here are déjà vu with previous BCX threads, so you should at least read up on what's happened in the past.  

If it's the same discussion as in this thread then there's no point. There are cities that offer free legal services to their residents, and I suggest anyone who will suffer any damages due to OP's actions will use them. And if their opinion is that nothing illegal has happened then that's it then. But I suspect they might have differing views as well.


Depending on where you live, US federal code may or may not apply to your activity.   

There are likely AUR holders who will suffer damages and live in a country where whatever OP is planning on doing will be illegal. Doesn't matter where OP lives. The amount of damages then dictate whether it makes sense to pursue it further.
Starlightbreaker
Legendary
*
Offline Offline

Activity: 1764
Merit: 1006



View Profile
March 09, 2014, 05:37:36 PM
Last edit: March 09, 2014, 06:03:02 PM by Starlightbreaker
 #169


I will sandbox test this during the coming work week and let you know the results.

I happen to agree with you on this.

~BCX~



bitch, its about goddamn time for you to put up some fireworks.

hit me up once you're about to light up your shit.

i want to be in the front line, watching

Nite69
Sr. Member
****
Offline Offline

Activity: 477
Merit: 500


View Profile
March 09, 2014, 09:43:11 PM
 #170

I am interested in this as well. So far I've only seen incorrectly implemented KGW's get attacked.

Please see also this:
https://bitcointalk.org/index.php?topic=505243.msg5567450#msg5567450

Sync: ShiSKnx4W6zrp69YEFQyWk5TkpnfKLA8wx
Bitcoin: 17gNvfoD2FDqTfESUxNEmTukGbGVAiJhXp
Litecoin: LhbDew4s9wbV8xeNkrdFcLK5u78APSGLrR
AuroraCoin: AXVoGgYtSVkPv96JLL7CiwcyVvPxXHXRK9
kalus
Sr. Member
****
Offline Offline

Activity: 420
Merit: 263

let's make a deal.


View Profile
March 09, 2014, 10:28:44 PM
Last edit: March 10, 2014, 01:51:59 AM by kalus
 #171

Are you telling me De Beers controlls the diamond market and rose to the top without any aid from the South African / Zimbabwe government?
yes.  that's the whole point of a multinational company with worldwide influence:  capital flight.  Russia, Australia, Botswana, DRC, Canada, Angola, ghana, and Brazil are alternate places to do business if South Africa doesn't.  and Zimbabwe produces fewer diamonds than any of those countries:  why would DeBeers give a shit?

And by government, I mean any entity that has a monopoly on power and is "authorized" to use force without any repurcussion for their actions. That can include other rebels who are anti govt and want to overthrow the current govt and put someone favourable to them.
so basically, you're arguing against my point by redefining the word 'government'.

As for teh Pump n dump, you are talking like that is an external event
interesting, but we disagree.

DC2ngEGbd1ZUKyj8aSzrP1W5TXs5WmPuiR wow need noms
brother3
Hero Member
*****
Offline Offline

Activity: 980
Merit: 500



View Profile
March 10, 2014, 01:46:03 AM
 #172



I don;t think you have the balls to test Mazacoin.  You still haven't prove you can 51% attack any coin.  I keep asking for blockchain proof and yo never produce it.  Well, I'm calling you out.  You have a change to once and for all prove you can 51% attack a coin with Mazacoin,  if you can't do it in the next 24 hours, hell 48 hours then I will reply to every post you do on bitcointalk about how you can't 51% attack any coin even though you say to can.  Jackass.


I have no reason to attack Mazacoin.

The devs of GME as well as several other coins know different. You might want to actually check before you post.

Let's put some skin in this challenge since I know you're a self proclaimed high roller.

Lets find a trusted escrow, I propose maybe Saltyspitoon and each deposit 100 BTC, hell make it 250 BTC if you have the nut.

If I don't pull off the Auroracoin KGW Time Warp, you keep it all. If I do and I will, I will keep it all.

(please note, I'm mocking you in the next sentence)
If you can't do it in 24 hours, hell 48 hours then I will reply to every post you make on Bitcointalk on exactly how BCX punked your ass.

So either put up or shut the fuck up.


~BCX~


FYI, I really don't give a flying fuck what you post about me. You're just another bcx obsessed fan as far as I am concerned LOL






This actually sounds fair!!!!
anderl
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500



View Profile
March 10, 2014, 01:54:30 AM
 #173

You do realize I"m out of popcorn.  WTH am I supposed to do now???

Zisef
Member
**
Offline Offline

Activity: 118
Merit: 10


View Profile
March 10, 2014, 04:27:58 AM
 #174

Hmmm tissues, and toothpaste odd combination. Is that your substitute for hand lotion? Grin
BorisTheSpider
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
March 10, 2014, 04:32:29 AM
 #175

I am interested in this as well. So far I've only seen incorrectly implemented KGW's get attacked.

A bit of pen-and-paper (plus spreadsheet) work indicates that BCX will indeed do this - it's an interesting vulnerability, so thanks BCX for exposing it. I agree with Nite69 about the 3 block median - I'd already considered that after he posted yesterday about disallowing _all_ earlier timestamps (ie. taking median timestamp of 1 block), since it opens up another rather nasty vulnerability if you fix it that way.
Nite69
Sr. Member
****
Offline Offline

Activity: 477
Merit: 500


View Profile
March 10, 2014, 08:09:28 AM
 #176

disallowing _all_ earlier timestamps (ie. taking median timestamp of 1 block), since it opens up another rather nasty vulnerability if you fix it that way.

Interesting. Can you tell more?
Another question; Currently it does not allow block timestamp <= median time.. ie eventually the timestamp has to increase. Is there any reason for that, so could it be < mediantime, which would allow same timestamps?

Sync: ShiSKnx4W6zrp69YEFQyWk5TkpnfKLA8wx
Bitcoin: 17gNvfoD2FDqTfESUxNEmTukGbGVAiJhXp
Litecoin: LhbDew4s9wbV8xeNkrdFcLK5u78APSGLrR
AuroraCoin: AXVoGgYtSVkPv96JLL7CiwcyVvPxXHXRK9
Nite69
Sr. Member
****
Offline Offline

Activity: 477
Merit: 500


View Profile
March 10, 2014, 04:15:05 PM
 #177

I'm quite sure this has been discussed before, but why clients does not make automatic checkpoints? I understand that transactions which are at least 6 blocks old, are considered valid. There should be no reason to re-arrange the blockchain after that, for any reason.

So I'd like to hear what is the reasoning behind the fact that there are no automatic checkpoints? Maybe manually overrideable?

Sync: ShiSKnx4W6zrp69YEFQyWk5TkpnfKLA8wx
Bitcoin: 17gNvfoD2FDqTfESUxNEmTukGbGVAiJhXp
Litecoin: LhbDew4s9wbV8xeNkrdFcLK5u78APSGLrR
AuroraCoin: AXVoGgYtSVkPv96JLL7CiwcyVvPxXHXRK9
BorisTheSpider
Full Member
***
Offline Offline

Activity: 210
Merit: 100


View Profile
March 10, 2014, 04:54:32 PM
 #178

disallowing _all_ earlier timestamps (ie. taking median timestamp of 1 block), since it opens up another rather nasty vulnerability if you fix it that way.

Interesting. Can you tell more?
Another question; Currently it does not allow block timestamp <= median time.. ie eventually the timestamp has to increase. Is there any reason for that, so could it be < mediantime, which would allow same timestamps?


Re the first question, if you disallow all earlier timestamps - what happens when I start mining and publishing blocks with timestamps 2 hours ahead? I now have another 2 hours in which to mine the next one - during this time, no honest nodes can mine (_no_ earlier timestamps than my block are considered valid), and as soon as the timestamp for my most recent DoS block rolls by, I have another one ready and mined (I have 2 hours to prepare it) to publish, so I can keep denying the rest of the network service while I mine the chain with the most work in it, even though I don't have much hashrate.

For example, if your chain has 1 minute blocks, but I have 2 hours in which to mine my next DoS block, I need less than 1% of the hashrate to do it.

What about if we take the median of the past 3 blocks as the lowest acceptable timestamp?

Now:

1. Attacker mines a block (with a timestamp 2 hour in future). Consider this a random occurence, and evaluate probabilities _after_ this happens, because the attacker is going to keep getting blocks randomly, and each time he gets one, he gets an opportunity.

Currently, honest nodes can mine - 2 of the last 3 blocks have "normal" timestamps, so the median is low enough that everyone can mine. Our attacker needs to accomplish (2).

2. Attacker mines a second block with a timestamp 2 hours in the future. His chance to do this before the rest of the network (once (1) has already occured) is exactly his proportion of nethash.

For example, an attacker with 10% of nethash, on a chain with 1 minute blocks, achieves (1) every 10 minutes, and once in every 10 times he does (1) he manages to do (2).  Ie. he can DoS the network every 100 minutes on average.

But once he's managed to achieve (2), he can keep doing it, even with very little hashrate, because the mainnet can't mine anything, or rather all their efforts are wasted - all their blocks with honest timestamps are invalid, so the attacker can keep mining blocks with timestamps that will be valid when he releases them, while everyone else keeps trying to mine blocks with timestamps that won't be valid. Immediately the most recent DoS block timestamp rolls around, our mainnet should, on average, take another minute to get a block with a valid timestamp and break the cycle, yet our attacker is ready to release his pre-prepared block right away, before they get a chance to do so.

In fact, it gets worse, because once he has 3 in a row, the honest nodes now need to mine 2 valid timestamped blocks in a row in order to unfreeze the network. Good luck doing that with our attacker continually releasing his pre-prepared blocks. You'd either have to fix the problem and roll the whole chain back, or get the honest miners also trying to generate timestamps immediately after the most recent DoS block (eg. the honest nodes intentionally generating future timestamps) which would turn it back to a 51% attack.

Note that our attacker can not only deny mining to the honest nodes, he can also achieve the chain with the highest total work, without needing a majority of the hashrate to do it, because he can keep working whilst stopping everyone else from doing so.

So, the median of 3 blocks alone isn't the fix, since on chains with short blocktimes the 2 hour window in the future where blocks are accepted as valid is also an issue.

I actually suspect the 11 block median isn't random or any kind of arbitrary choice, and that Satoshi made it that way for a reason. If our attacker has to get 6 future timestamped blocks in a series of 11, rather than just 2 out of 3, his job of beginning the attack is much harder.

About your second question, I haven't considered why that is. Maybe it's related - it's interesting, and I'll ponder it.
niothor
Hero Member
*****
Offline Offline

Activity: 826
Merit: 501


in defi we trust


View Profile
March 10, 2014, 05:02:07 PM
 #179

You do realize I"m out of popcorn.  WTH am I supposed to do now???

no popcorn image below


Still at block  4544 .. more popcorn needed:)


             ▄          ▄▄▄▄    ▄
            ███      ▄██████▀  ▀█▀
            ███     ▄██▀
            ███     ███        ▄█▄   ▄█▄ ▄█████▄▄         ▄▄██████▄      ▄█▄ ▄█████▄▄         ▄▄█████▄▄        ▄▄█████▄▄
    ▄▄▄▄▄▄  ███     ███        ███   ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ██████▀▀▀▀███▄     ▄███▀▀▀▀▀███▄    ▄███▀▀▀▀▀███▄
  ▄████████▄███  ▄█████████▄   ███   ████▀      ▀███   ▄██▀       ▀██▄   ████▀      ▀███   ▄██▀       ▀█▀   ▄██▀       ▀██▄
▄███▀    ▀█████   ▀▀███▀▀▀▀    ███   ███         ███   ███         ███   ███         ███   ███              ███████████████
███   ▄▄   ▀███     ███        ███   ███         ███   ███         ███   ███         ███   ███              ███▀▀▀▀▀▀▀▀▀▀▀
███   ▀▀   ▄███     ███        ███   ███         ███   ███         ███   ███         ███   ███         ▄    ███         ▄
▀███▄    ▄█████     ███        ███   ███         ███    ███▄▄   ▄▄████   ███         ███    ███▄▄    ▄███    ███▄▄   ▄▄███
  ▀████████▀███     ███        ███   ███         ███     ▀████████▀███   ███         ███     ▀█████████▀      ▀█████████▀
    ▀▀▀▀▀▀   ▀       ▀          ▀     ▀           ▀         ▀▀▀▀▀   ▀     ▀           ▀         ▀▀▀▀▀            ▀▀▀▀▀

       ▄▄▄▄▄▄▄
   ▄▄▀▀       ▀▀▄▄
  █               █ ▄
 █   █▀▄ ▀█▀ ▀█▀   █ ▀▄
 █   █▀▄  █   █    █  ▀▄
  █  ▀▀   ▀   ▀   █    █
▄▀ ▄▄           ▄▀    ▄▀
 ▀▀  ▀▀▄▄▄▄▄▄▄▀▀      ▀▄
        ▀▄▄      ▄▄▀▀▄▄▀
           ▀▀▀▀▀▀

                      ▄▄▄
  ▄█▄              ▄███████▄
  ▀████▄▄         ██████▀██████▀
    ▀▀▀████▄▄     ███████████▀
    ▀██▄███████▄▄███████████
     ▄▄▄▀██████████████████
      ▀████████████████████
▀█▄▄     ▀████████████████
  ▀████████████████▀█████
    ▀████████████▀▄▄███▀
       ▀▀██████████▀▀
           ▀▀▀▀▀

               ▄▄   ▄▄
              ▄▀ ▀▀█  █
             ▄▀     ▀▀
         ▄▄▄▄█▄
     ▄█▀▀▀▀▀▀▀▀▀▀█▄
 ▄▀▄▀              ▀▄▀▄
█  █   ▄█▄    ▄█▄   █  █
 ▀█    ▀█▀    ▀█▀    █▀
  █                  █
   █   ▀▄      ▄▀   █
    ▀▄   ▀▀▀▀▀▀   ▄▀
      ▀▀▄▄▄▄▄▄▄▄▀▀
New Age of DEFI
A Non-Code Platform for
Decentralized Trading Instruments

   ▄▄███████████████▄▄
 ▄█████████████████████▄
▄██████████████▀▀███████▄
████████████▀▀    ███████
█████████▀▀   ▄   ███████
██████▀▀     █    ███████
████▀       █     ███████
█████▄▄   ▄█      ███████
████████ ██▄      ███████
▀████████ ▀▄███▄▄███████▀
 ▀█████████████████████▀
   ▀▀███████████████▀▀

     ▄              ▄
   ▄███▄          ▄███▄
   █████▄  ▄▄▄▄  ▄█████
  ▄████████████████████▄
 ▄██████████████████████▄
 ████████████████████████
██████▀▀          ▀▀██████
█████▀   ▄      ▄   ▀█████
 ████   ███    ███   ████
  ████   ▀      ▀   ████
   ▀████▄▄▄▄▄▄▄▄▄▄████▀
     ▀▀████████████▀▀

   ▄▄████████████████▄▄
 ▄█████▀▀▀██████▀▀▀█████▄
▄████▀  ▀▀▀    ▀▀▀  ▀████▄
████▀                ▀████
███▀                  ▀███
███       ▄    ▄       ███
██▀      ███  ███      ▀██
██       ▀█▀  ▀█▀       ██
██▄     ▄        ▄     ▄██
▀██▄     ▀▀▄▄▄▄▀▀     ███▀
 ▀███▄▄▄▄▄▄████▄▄▄▄▄▄███▀
   ▀▀████████████████▀▀
Nite69
Sr. Member
****
Offline Offline

Activity: 477
Merit: 500


View Profile
March 10, 2014, 06:13:28 PM
 #180

No, I think it is not a vulnerability. See below.

disallowing _all_ earlier timestamps (ie. taking median timestamp of 1 block), since it opens up another rather nasty vulnerability if you fix it that way.

Interesting. Can you tell more?
Another question; Currently it does not allow block timestamp <= median time.. ie eventually the timestamp has to increase. Is there any reason for that, so could it be < mediantime, which would allow same timestamps?


Re the first question, if you disallow all earlier timestamps - what happens when I start mining and publishing blocks with timestamps 2 hours ahead? I now have another 2 hours in which to mine the next one - during this time, no honest nodes can mine (_no_ earlier timestamps than my block are considered valid), and as soon as the timestamp for my most recent DoS block rolls by, I have another one ready and mined (I have 2 hours to prepare it) to publish, so I can keep denying the rest of the network service while I mine the chain with the most work in it, even though I don't have much hashrate.
If you mine a block and publish it, let's say 2 hour 10 minute to the future; other nodes just considers it as non-valid block and they can continue mining with the earlier block. They won't even relay it to other nodes. If they find a block before your block becomes valid, your block will never survive. If others does not find a block, the moment your block is in the 2-hour window it can be accepted (but you must 'publish it again') and others restart mining it as a new head.

By mining to the future, you take a risk that you lose the hashes you have used to the block, and I guess you lose in the long run. If you have mined also the next block, you just risk to lose coinbases from 2 blocks, with no benefit.

For example, if your chain has 1 minute blocks, but I have 2 hours in which to mine my next DoS block, I need less than 1% of the hashrate to do it.

What about if we take the median of the past 3 blocks as the lowest acceptable timestamp?

Now:

1. Attacker mines a block (with a timestamp 2 hour in future). Consider this a random occurence, and evaluate probabilities _after_ this happens, because the attacker is going to keep getting blocks randomly, and each time he gets one, he gets an opportunity.

Currently, honest nodes can mine - 2 of the last 3 blocks have "normal" timestamps, so the median is low enough that everyone can mine. Our attacker needs to accomplish (2).

2. Attacker mines a second block with a timestamp 2 hours in the future. His chance to do this before the rest of the network (once (1) has already occured) is exactly his proportion of nethash.

For example, an attacker with 10% of nethash, on a chain with 1 minute blocks, achieves (1) every 10 minutes, and once in every 10 times he does (1) he manages to do (2).  Ie. he can DoS the network every 100 minutes on average.

But once he's managed to achieve (2), he can keep doing it, even with very little hashrate, because the mainnet can't mine anything, or rather all their efforts are wasted - all their blocks with honest timestamps are invalid, so the attacker can keep mining blocks with timestamps that will be valid when he releases them, while everyone else keeps trying to mine blocks with timestamps that won't be valid. Immediately the most recent DoS block timestamp rolls around, our mainnet should, on average, take another minute to get a block with a valid timestamp and break the cycle, yet our attacker is ready to release his pre-prepared block right away, before they get a chance to do so.

In fact, it gets worse, because once he has 3 in a row, the honest nodes now need to mine 2 valid timestamped blocks in a row in order to unfreeze the network. Good luck doing that with our attacker continually releasing his pre-prepared blocks. You'd either have to fix the problem and roll the whole chain back, or get the honest miners also trying to generate timestamps immediately after the most recent DoS block (eg. the honest nodes intentionally generating future timestamps) which would turn it back to a 51% attack.

Note that our attacker can not only deny mining to the honest nodes, he can also achieve the chain with the highest total work, without needing a majority of the hashrate to do it, because he can keep working whilst stopping everyone else from doing so.

So, the median of 3 blocks alone isn't the fix, since on chains with short blocktimes the 2 hour window in the future where blocks are accepted as valid is also an issue.

I actually suspect the 11 block median isn't random or any kind of arbitrary choice, and that Satoshi made it that way for a reason. If our attacker has to get 6 future timestamped blocks in a series of 11, rather than just 2 out of 3, his job of beginning the attack is much harder.

About your second question, I haven't considered why that is. Maybe it's related - it's interesting, and I'll ponder it.

A block outside of the 2 hour window will not make any DoS, it won't even be relayed throught your neighbor nodes.
And the moment it is accepted and relayed, everyone can start mining subsequent blocks equallly.

Sync: ShiSKnx4W6zrp69YEFQyWk5TkpnfKLA8wx
Bitcoin: 17gNvfoD2FDqTfESUxNEmTukGbGVAiJhXp
Litecoin: LhbDew4s9wbV8xeNkrdFcLK5u78APSGLrR
AuroraCoin: AXVoGgYtSVkPv96JLL7CiwcyVvPxXHXRK9
Pages: « 1 2 3 4 5 6 7 8 [9] 10 11 12 13 14 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!