Bitcoin Forum
December 14, 2024, 07:45:22 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1]
  Print  
Author Topic: What is an appropriate reaction to dealing with Well-Poisoning Attacks  (Read 273 times)
Hysmagus (OP)
Copper Member
Newbie
*
Offline Offline

Activity: 8
Merit: 23


View Profile
August 16, 2019, 04:42:28 AM
Merited by suchmoon (4), ABCbits (3), bones261 (2), o_e_l_e_o (1)
 #1

Hi All!

I've been having this problem chew around in my head for a while, and have been thinking of potential reactions in regards to dealing with it. I haven't been able to come up with any solutions, so I wanted to see if the internet had any ideas.

Problem Context:
Two individual network users on the Bitcoin Network exist on the same chain, Alice & Bob.

Alice is a full node on the network, keeping a copy of the full chain, doing her part to keep the chain decentralized.

Bob is a bad actor, who wants to negatively impact Alice and the rest of the honest individuals in the network using the cheapest and most expedient way.

To do this, Bob takes advantage of the functionality available on the chain currently to append data to a transaction. In doing so, he attaches illicit content to be uploaded to the chain, something that is almost universally illegal, such as child pornography or revenge porn.

Using a service like crypto graffiti (https://github.com/1Hyena/cryptograffiti), which is functional on forks of Bitcoin, as well as the reference implementation/main chain itself or by uploading a string of 40-80KB increments, Bob, a sufficiently motivated attacker can upload content to the chain at a reasonably affordable cost.

Now, if Bob's transactions are successful, Alice and the rest of the honest network, are now hosting content that could be considered legally dubious in their home jurisdictions. Of course, that's not to get into the moral implications of hosting said content.

Now at this point in time, the damage is done, this data cannot be easily removed, as for Bitcoin to retain the respect, trust and censorship resistance (of transactions) that it has, the chain cannot reorganize. At the same time, even if there is a will by a large number of users, it would be economically and financially unfeasible, as if the offending transactions were not detected fast enough, they could be past the natural reorganization window.

Problem Statement:
If all of the above is true, as an honest node, miner or general user of bitcoin, what should the course of action be? Additionally, with any course of action what are the long-ranging implications of having the well poisoned so to speak?

Personal Opinion:
While I may have interjected my personal opinion a bit in the last paragraph of the problem statement, stating that the network cannot be easily changed for it to retain the trust and reliability that it has. I'm at a loss on the appropriate path on how to properly react to something of this nature.

What are y'all's thoughts?
ABCbits
Legendary
*
Offline Offline

Activity: 3094
Merit: 8176


Crypto Swap Exchange


View Profile
August 16, 2019, 07:42:54 AM
Merited by HeRetiK (1), o_e_l_e_o (1), aliashraf (1)
 #2

That depends on the law on your country and whether malicious party only include link to illegal content or embed the illegal content on Bitcoin blockchain (which would be very expensive, without pool help & 0-fee transaction).

If the malicious party only include link to illegal content, report the link to the authority (unless it's link of P2P-based protocol) should solve the problem since the link would be useless (after it's taken down/blocked by authority).

Otherwise, you should hope there's law such as Section 230 of the Communications Act and Section 512 of the Digital Millennium Copyright which protect you.
See Why Porn on the Blockchain Won't Doom Bitcoin for more info.

Personally, it's worrying, but i doubt they'll go after individuals who run full node because there are many ways connect to bitcoin network or blockchain explorer.

█▀▀▀











█▄▄▄
▀▀▀▀▀▀▀▀▀▀▀
e
▄▄▄▄▄▄▄▄▄▄▄
█████████████
████████████▄███
██▐███████▄█████▀
█████████▄████▀
███▐████▄███▀
████▐██████▀
█████▀█████
███████████▄
████████████▄
██▄█████▀█████▄
▄█████████▀█████▀
███████████▀██▀
████▀█████████
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
c.h.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
▀▀▀█











▄▄▄█
▄██████▄▄▄
█████████████▄▄
███████████████
███████████████
███████████████
███████████████
███░░█████████
███▌▐█████████
█████████████
███████████▀
██████████▀
████████▀
▀██▀▀
Wind_FURY
Legendary
*
Offline Offline

Activity: 3136
Merit: 1948



View Profile
August 16, 2019, 08:38:27 AM
Merited by ABCbits (1)
 #3


Problem Statement:
If all of the above is true, as an honest node, miner or general user of bitcoin, what should the course of action be? Additionally, with any course of action what are the long-ranging implications of having the well poisoned so to speak?


Nothing. It wasn't the developers', miners', or node owners' intent to use Bitcoin as a storage for child-porn or other illegal data.

People run nodes with the intention of validating transaction data.

Quote

Personal Opinion:
While I may have interjected my personal opinion a bit in the last paragraph of the problem statement, stating that the network cannot be easily changed for it to retain the trust and reliability that it has. I'm at a loss on the appropriate path on how to properly react to something of this nature.

What are y'all's thoughts?


Did Bitcoin lose reliability of what it was intended to be? No.

I believe this topic should be in the legal sub.

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
Kakmakr
Legendary
*
Offline Offline

Activity: 3542
Merit: 1966

Leading Crypto Sports Betting & Casino Platform


View Profile
August 16, 2019, 09:48:18 AM
Merited by ABCbits (1)
 #4

This is the price we have to pay for using an immutable technology. Yes, authorities and regulators will have a field day with this and we do not even talk about the media frenzy that would happen, if they get wind of that.  Tongue  

If we start cherry picking to remove specific transactions from the Blockchain, then we will destroy one of the "best" features of this technology. I think the best comparison would be to say that people would require shutting down the Internet, because it is being used for illegal activities. You cannot destroy a technology that brings so much positive things to this world, because a small portion of the world are using it for illegal activities.  Tongue

DO NOT throw out the baby with the bath water.  Roll Eyes

..Stake.com..   ▄████████████████████████████████████▄
   ██ ▄▄▄▄▄▄▄▄▄▄            ▄▄▄▄▄▄▄▄▄▄ ██  ▄████▄
   ██ ▀▀▀▀▀▀▀▀▀▀ ██████████ ▀▀▀▀▀▀▀▀▀▀ ██  ██████
   ██ ██████████ ██      ██ ██████████ ██   ▀██▀
   ██ ██      ██ ██████  ██ ██      ██ ██    ██
   ██ ██████  ██ █████  ███ ██████  ██ ████▄ ██
   ██ █████  ███ ████  ████ █████  ███ ████████
   ██ ████  ████ ██████████ ████  ████ ████▀
   ██ ██████████ ▄▄▄▄▄▄▄▄▄▄ ██████████ ██
   ██            ▀▀▀▀▀▀▀▀▀▀            ██ 
   ▀█████████▀ ▄████████████▄ ▀█████████▀
  ▄▄▄▄▄▄▄▄▄▄▄▄███  ██  ██  ███▄▄▄▄▄▄▄▄▄▄▄▄
 ██████████████████████████████████████████
▄▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▄
█  ▄▀▄             █▀▀█▀▄▄
█  █▀█             █  ▐  ▐▌
█       ▄██▄       █  ▌  █
█     ▄██████▄     █  ▌ ▐▌
█    ██████████    █ ▐  █
█   ▐██████████▌   █ ▐ ▐▌
█    ▀▀██████▀▀    █ ▌ █
█     ▄▄▄██▄▄▄     █ ▌▐▌
█                  █▐ █
█                  █▐▐▌
█                  █▐█
▀▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▀█
▄▄█████████▄▄
▄██▀▀▀▀█████▀▀▀▀██▄
▄█▀       ▐█▌       ▀█▄
██         ▐█▌         ██
████▄     ▄█████▄     ▄████
████████▄███████████▄████████
███▀    █████████████    ▀███
██       ███████████       ██
▀█▄       █████████       ▄█▀
▀█▄    ▄██▀▀▀▀▀▀▀██▄  ▄▄▄█▀
▀███████         ███████▀
▀█████▄       ▄█████▀
▀▀▀███▄▄▄███▀▀▀
..PLAY NOW..
Hysmagus (OP)
Copper Member
Newbie
*
Offline Offline

Activity: 8
Merit: 23


View Profile
August 16, 2019, 04:05:15 PM
 #5

Otherwise, you should hope there's law such as Section 230 of the Communications Act and Section 512 of the Digital Millennium Copyright which protect you.
See Why Porn on the Blockchain Won't Doom Bitcoin for more info.
Awesome Link! This solves part of what I was looking into, I was hoping someone had a technical solution of some sort but I don't think that's the case in this scenario

Did Bitcoin lose reliability of what it was intended to be? No.

I believe this topic should be in the legal sub.
I was hoping there were some technical solutions we could look into, but I don't think that's the case after further research. Also to clarify my prior point, I wasn't trying to say having illicit content on the Bitcoin Blockchain would hamper reliability, but rather the act of rolling back the chain in order to remove said content would hamper reliability. Sorry for the miscommunication!

This is the price we have to pay for using an immutable technology. Yes, authorities and regulators will have a field day with this and we do not even talk about the media frenzy that would happen, if they get wind of that.  Tongue 

If we start cherry picking to remove specific transactions from the Blockchain, then we will destroy one of the "best" features of this technology. I think the best comparison would be to say that people would require shutting down the Internet, because it is being used for illegal activities. You cannot destroy a technology that brings so much positive things to this world, because a small portion of the world are using it for illegal activities.  Tongue

DO NOT throw out the baby with the bath water.  Roll Eyes
Absolutely, even attempting to create the ability to effect immutability would invalidate one of the key foundational points of bitcoin! Going on your point of both Authorities and Media having a field day with this issue. This could be the perfect media-focused attack against bitcoin if a coordinated effort was done to further attack the image of cryptocurrency.

Carlton Banks
Legendary
*
Offline Offline

Activity: 3430
Merit: 3080



View Profile
August 16, 2019, 07:34:53 PM
 #6

you're thinking of it the wrong way round


you've literally demonstrating that there's nothing anyone can do, this (and other) tech's anti-censorship properties are too strong, and that is intentional


so, "don't start a fight against a windmill", as they say. windmills won't even kick your ass, they'll stand there indifferently while you dance around them trying to look severe

let it go, there is no other choice

Vires in numeris
Wind_FURY
Legendary
*
Offline Offline

Activity: 3136
Merit: 1948



View Profile
August 17, 2019, 06:18:39 AM
 #7



Did Bitcoin lose reliability of what it was intended to be? No.

I believe this topic should be in the legal sub.


I was hoping there were some technical solutions we could look into, but I don't think that's the case after further research. Also to clarify my prior point, I wasn't trying to say having illicit content on the Bitcoin Blockchain would hamper reliability, but rather the act of rolling back the chain in order to remove said content would hamper reliability. Sorry for the miscommunication!


Listen to Carlton.

Plus the same narrative was already used by anti-Bitcoiners in one of their misinformation rampages in the community. Let it go.

██████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
█████████████████████████
██████████████████████
.SHUFFLE.COM..███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
█████████████████████
████████████████████
██████████████████████
████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
██████████████████████
██████████████████████
██████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
███████████████████████
.
...Next Generation Crypto Casino...
PrimeNumber7
Copper Member
Legendary
*
Offline Offline

Activity: 1666
Merit: 1901

Amazon Prime Member #7


View Profile
August 17, 2019, 04:42:33 PM
Merited by ABCbits (1)
 #8

That depends on the law on your country and whether malicious party only include link to illegal content or embed the illegal content on Bitcoin blockchain (which would be very expensive, without pool help & 0-fee transaction).

If the malicious party only include link to illegal content, report the link to the authority (unless it's link of P2P-based protocol) should solve the problem since the link would be useless (after it's taken down/blocked by authority).

Otherwise, you should hope there's law such as Section 230 of the Communications Act and Section 512 of the Digital Millennium Copyright which protect you.
See Why Porn on the Blockchain Won't Doom Bitcoin for more info.

Personally, it's worrying, but i doubt they'll go after individuals who run full node because there are many ways connect to bitcoin network or blockchain explorer.
The tool linked by the OP is designed to upload data onto the 'Bitcoin Satoshis Version' ("BSV") blockchain (despite its misleading name, this altcoin is NOT "satoshis version" nor implementation of bitcoin). BSV has the capability of handling very large transactions because of its large max individual block size. This means someone could potentially upload an actual file to a BSV transaction.

The DCMA will only protect against copyright violations, and includes a requirement that copyright content be removed upon request by the copyright holder. I don't think a copyright holder would go after full node operators if the blockchain of the coin of their node has copyrighted material because the damage would be negligible, and it would be technically difficult to remove said material.

Congress passed an exception to section 230 of the CDA recently, in that service providers no longer have protection from liability in cases of sex trafficking.  I don't think law enforcement would go after a node operator if the blockchain stored on his computer has unprotected communications or content because his intent is not clear. Law enforcement may go after whoever uploaded said content using blockchain analysis.

It would probably be best if congress were to pass a law explicitly protecting node operators.
PrimeNumber7
Copper Member
Legendary
*
Offline Offline

Activity: 1666
Merit: 1901

Amazon Prime Member #7


View Profile
August 17, 2019, 06:33:04 PM
 #9


Congress passed an exception to section 230 of the CDA recently, in that service providers no longer have protection from liability in cases of sex trafficking.  I don't think law enforcement would go after a node operator if the blockchain stored on his computer has unprotected communications or content because his intent is not clear. Law enforcement may go after whoever uploaded said content using blockchain analysis.

I don't see direct correlation between storing data on Bitcoin blockchain and sex trafficking since anyone can see the data.
Reddit and craigslist both closed subs on their platforms that allowed people to create listings that directed people to contact them via email or text to arrange a meeting. This was done in direct response to the law, and the law was intended to do this. From what I have read, some people offering their ‘services’ were actually being forced to do this, but it was not obvious on the fact of the advertisement. I’m not sure how prevalent this was, but it was apparently common enough so that Congress put a stop to it.

Quote
It would probably be best if congress were to pass a law explicitly protecting node operators.

It won't happen anytime soon, at least until congress made decision about law about cryptocurrency.
The CDA was passed when the internet was in its infancy. From the perspective of how widely used crypto is today, the crypto sphere is far past when the internet was when the CDA was passed.
HeRetiK
Legendary
*
Offline Offline

Activity: 3150
Merit: 2184


Playgram - The Telegram Casino


View Profile
August 17, 2019, 10:06:02 PM
 #10

Otherwise, you should hope there's law such as Section 230 of the Communications Act and Section 512 of the Digital Millennium Copyright which protect you.
See Why Porn on the Blockchain Won't Doom Bitcoin for more info.

I think this article assesses the situation fairly well. Hosting data that has the potential be converted into illegal content is not the same as hosting illegal content itself. The Bitcoin blockchain is just transaction data. There's no image or media files unless you willingly extract them.

▄▄███████▄▄███████
▄███████████████▄▄▄▄▄
▄████████████████████▀░
▄█████████████████████▄░
▄█████████▀▀████████████▄
██████████████▀▀█████████
████████████████████████
██████████████▄▄█████████
▀█████████▄▄████████████▀
▀█████████████████████▀░
▀████████████████████▄░
▀███████████████▀▀▀▀▀
▀▀███████▀▀███████

▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
 
Playgram.io
▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀

▄▄▄░░
▀▄







▄▀
▀▀▀░░
▄▄▄███████▄▄▄
▄▄███████████████▄▄
▄███████████████████▄
▄██████████████▀▀█████▄
▄██████████▀▀█████▐████▄
██████▀▀████▄▄▀▀█████████
████▄▄███▄██▀█████▐██████
█████████▀██████████████
▀███████▌▐██████▐██████▀
▀███████▄▄███▄████████▀
▀███████████████████▀
▀▀███████████████▀▀
▀▀▀███████▀▀▀
██████▄▄███████▄▄████████
███▄███████████████▄░░▀█▀
███████████░█████████░░
░█████▀██▄▄░▄▄██▀█████░
█████▄░▄███▄███▄░▄█████
███████████████████████
███████████████████████
██░▄▄▄░██░▄▄▄░██░▄▄▄░██
██░░░░██░░░░██░░░░████
██░░░░██░░░░██░░░░████
██▄▄▄▄▄██▄▄▄▄▄██▄▄▄▄▄████
███████████████████████
███████████████████████
 
PLAY NOW

on Telegram
[/
PrimeNumber7
Copper Member
Legendary
*
Offline Offline

Activity: 1666
Merit: 1901

Amazon Prime Member #7


View Profile
August 18, 2019, 04:29:23 PM
 #11

Reddit and craigslist both closed subs on their platforms that allowed people to create listings that directed people to contact them via email or text to arrange a meeting. This was done in direct response to the law, and the law was intended to do this. From what I have read, some people offering their ‘services’ were actually being forced to do this, but it was not obvious on the fact of the advertisement. I’m not sure how prevalent this was, but it was apparently common enough so that Congress put a stop to it.

I see, but using blockchain to message others is stupid idea for those who need privacy (either because good or bad reason).

If it's unencrypted, government/blockchain analyzer could analyze the content easily unless obfuscation is involved.
If it's encrypted, both participant must exchange public/private key before hand. Additionally, there's size overhead when use encryption which is "big" enough if participants use Bitcoin's blockchain.

My understanding is the craigslist and reddit subs were public and available to anyone with an internet connection. The subs were a way to advertise services and the ads requested those interested to contact them off site. Anyone potentially advertising their services on the blockchain would have the same amount of privacy as those who were advertising on craigslist and reddit before the subs were taken down.

Those offering their services can have privacy by using a throwaway email address or telephone number. Those consuming the services would have no transactions, and would only need to read the ads.
Pages: [1]
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!