Bitcoin Forum
November 09, 2024, 10:17:23 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Manipulating the difficulty?  (Read 4147 times)
bittercoin (OP)
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
March 31, 2011, 04:49:11 AM
 #1

Hello.

What will happen if a node announces a block whose timestamp is false (i.e. earlier or later than the real creation time)? AFAIK, the difficulty is affected by the timestamps. If so, isn't it possible for an attacker to manipulate the difficulty if the network accepts such block?

Thank you.
nanotube
Hero Member
*****
Offline Offline

Activity: 482
Merit: 501


View Profile WWW
March 31, 2011, 04:57:00 AM
 #2

there are certain timestamp validity checks:
https://en.bitcoin.it/wiki/Block_timestamp

Join #bitcoin-market on freenode for real-time market updates.
Join #bitcoin-otc - an over-the-counter trading market. http://bitcoin-otc.com
OTC web of trust: http://bitcoin-otc.com/trust.php
My trust rating: http://bitcoin-otc.com/viewratingdetail.php?nick=nanotube
bittercoin (OP)
Newbie
*
Offline Offline

Activity: 12
Merit: 0


View Profile
March 31, 2011, 05:22:34 AM
 #3

there are certain timestamp validity checks:
https://en.bitcoin.it/wiki/Block_timestamp


Thank you. I forgot to check the wiki.
Jim Hyslop
Member
**
Offline Offline

Activity: 98
Merit: 20


View Profile
April 01, 2011, 12:35:44 AM
 #4

What will happen if a node announces a block whose timestamp is false (i.e. earlier or later than the real creation time)? AFAIK, the difficulty is affected by the timestamps.
Difficulty is based on the number of blocks created, and is adjusted every 2016 blocks.

Like my answer? Did I help? Tips gratefully accepted here: 1H6wM8Xj8GNrhqWBrnDugd8Vf3nAfZgMnq
nanotube
Hero Member
*****
Offline Offline

Activity: 482
Merit: 501


View Profile WWW
April 01, 2011, 04:18:55 AM
 #5

What will happen if a node announces a block whose timestamp is false (i.e. earlier or later than the real creation time)? AFAIK, the difficulty is affected by the timestamps.
Difficulty is based on the number of blocks created, and is adjusted every 2016 blocks.

no, difficulty is based on the number of blocks created /per unit of time/.

Join #bitcoin-market on freenode for real-time market updates.
Join #bitcoin-otc - an over-the-counter trading market. http://bitcoin-otc.com
OTC web of trust: http://bitcoin-otc.com/trust.php
My trust rating: http://bitcoin-otc.com/viewratingdetail.php?nick=nanotube
Jim Hyslop
Member
**
Offline Offline

Activity: 98
Merit: 20


View Profile
April 03, 2011, 04:31:39 AM
 #6

What will happen if a node announces a block whose timestamp is false (i.e. earlier or later than the real creation time)? AFAIK, the difficulty is affected by the timestamps.
Difficulty is based on the number of blocks created, and is adjusted every 2016 blocks.

no, difficulty is based on the number of blocks created /per unit of time/.

Thanks for the correction. However, I'm going to add a trivial correction to your correction Cheesy  Difficulty is based on how long it takes to generate the 2016 blocks. If it takes longer than expected (two weeks), the difficulty is reduced. If it takes less than two weeks, then the difficulty is increased.

Like my answer? Did I help? Tips gratefully accepted here: 1H6wM8Xj8GNrhqWBrnDugd8Vf3nAfZgMnq
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
April 03, 2011, 03:16:43 PM
 #7

What will happen if a node announces a block whose timestamp is false (i.e. earlier or later than the real creation time)? AFAIK, the difficulty is affected by the timestamps.
Difficulty is based on the number of blocks created, and is adjusted every 2016 blocks.

no, difficulty is based on the number of blocks created /per unit of time/.

Thanks for the correction. However, I'm going to add a trivial correction to your correction Cheesy  Difficulty is based on how long it takes to generate the 2016 blocks. If it takes longer than expected (two weeks), the difficulty is reduced. If it takes less than two weeks, then the difficulty is increased.

Without the constraints, though, if an attacker mined the 2016th block and put a timestamp a year in the future and that somehow got accepted, the difficulty would drop really low. Next thing to happen: the following 2016 blocks would be mined within a couple of hours and the difficulty would readjust to previous value after that.

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
April 03, 2011, 04:51:25 PM
 #8

What will happen if a node announces a block whose timestamp is false (i.e. earlier or later than the real creation time)? AFAIK, the difficulty is affected by the timestamps.
Difficulty is based on the number of blocks created, and is adjusted every 2016 blocks.

no, difficulty is based on the number of blocks created /per unit of time/.

Thanks for the correction. However, I'm going to add a trivial correction to your correction Cheesy  Difficulty is based on how long it takes to generate the 2016 blocks. If it takes longer than expected (two weeks), the difficulty is reduced. If it takes less than two weeks, then the difficulty is increased.

Without the constraints, though, if an attacker mined the 2016th block and put a timestamp a year in the future and that somehow got accepted, the difficulty would drop really low. Next thing to happen: the following 2016 blocks would be mined within a couple of hours and the difficulty would readjust to previous value after that.

In the end I'm not saying that would be  a huge problem in that it would basically just jump us ahead 2 weeks but how possible is that for someone to pull off? It seems like a pretty good sized vulnerability. Especially if a couple large miners all decided to do it.

moneyandtech.com
@moneyandtech @jeredkenna
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
April 03, 2011, 05:04:44 PM
 #9


In the end I'm not saying that would be  a huge problem in that it would basically just jump us ahead 2 weeks but how possible is that for someone to pull off? It seems like a pretty good sized vulnerability. Especially if a couple large miners all decided to do it.

Doesn't seem simple to pull off:

Quote from: wiki link=https://en.bitcoin.it/wiki/Block_timestamp
A timestamp is accepted as valid if it is greater than the median timestamp of previous 11 blocks, and less than the network-adjusted time + 2 hours. "Network-adjusted time" is the median of the timestamps returned by all nodes connected to you.

So to set a block's time considerably into the future one would have to control quite a portion of the network (>50%?), it seems. On the other hand, you don't seem to need to have a lot of compute power, if any.

Unfortunately for the attacker:

Quote from: wiki link=https://en.bitcoin.it/wiki/Block_timestamp
Network time is never adjusted more than 70 minutes from local system time, however.

So it seems quite impossible to pull off setting a block's timestamp into the future considerably.

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
April 03, 2011, 06:35:16 PM
 #10


In the end I'm not saying that would be  a huge problem in that it would basically just jump us ahead 2 weeks but how possible is that for someone to pull off? It seems like a pretty good sized vulnerability. Especially if a couple large miners all decided to do it.

Doesn't seem simple to pull off:

Quote from: wiki link=https://en.bitcoin.it/wiki/Block_timestamp
A timestamp is accepted as valid if it is greater than the median timestamp of previous 11 blocks, and less than the network-adjusted time + 2 hours. "Network-adjusted time" is the median of the timestamps returned by all nodes connected to you.

So to set a block's time considerably into the future one would have to control quite a portion of the network (>50%?), it seems. On the other hand, you don't seem to need to have a lot of compute power, if any.

Unfortunately for the attacker:

Quote from: wiki link=https://en.bitcoin.it/wiki/Block_timestamp
Network time is never adjusted more than 70 minutes from local system time, however.

So it seems quite impossible to pull off setting a block's timestamp into the future considerably.


Good, it seems like everytime I get a little worried there's a fix built in to the system.

moneyandtech.com
@moneyandtech @jeredkenna
molecular
Donator
Legendary
*
Offline Offline

Activity: 2772
Merit: 1019



View Profile
April 03, 2011, 08:27:36 PM
 #11

Good, it seems like everytime I get a little worried there's a fix built in to the system.

Yeah, same here. The more I learn about bitcoin, the more brilliant I think it is.

PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0  3F39 FC49 2362 F9B7 0769
Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
April 04, 2011, 02:21:17 PM
 #12

Good, it seems like everytime I get a little worried there's a fix built in to the system.

Yeah, same here. The more I learn about bitcoin, the more brilliant I think it is.

Yeah it still worries me a little because I feel like it's impossible to have thought of everything.

moneyandtech.com
@moneyandtech @jeredkenna
deadlizard
Member
**
Offline Offline

Activity: 112
Merit: 11



View Profile
April 04, 2011, 02:26:31 PM
 #13

Yeah it still worries me a little because I feel like it's impossible to have thought of everything.
A Multi-Terra hash miner entering the market while the difficulty is low and taking all the blocks until the difficulty rises then leaving until it falls again. rinse and repeat.

btc address:1MEyKbVbmMVzVxLdLmt4Zf1SZHFgj56aqg
gpg fingerprint:DD1AB28F8043D0837C86A4CA7D6367953C6FE9DC

Jered Kenna (TradeHill)
Sr. Member
****
Offline Offline

Activity: 420
Merit: 250



View Profile WWW
April 04, 2011, 03:48:54 PM
 #14

Yeah it still worries me a little because I feel like it's impossible to have thought of everything.
A Multi-Terra hash miner entering the market while the difficulty is low and taking all the blocks until the difficulty rises then leaving until it falls again. rinse and repeat.

Doesn't seem worth it to me like that.

moneyandtech.com
@moneyandtech @jeredkenna
deadlizard
Member
**
Offline Offline

Activity: 112
Merit: 11



View Profile
April 04, 2011, 03:57:36 PM
 #15

Yeah it still worries me a little because I feel like it's impossible to have thought of everything.
A Multi-Terra hash miner entering the market while the difficulty is low and taking all the blocks until the difficulty rises then leaving until it falls again. rinse and repeat.

Doesn't seem worth it to me like that.
It would shake out small miners and keep the difficulty lower in the long run than if you ran 24/7/365.
and if you where taking a majority of the blocks while online it would be more than worth it.

btc address:1MEyKbVbmMVzVxLdLmt4Zf1SZHFgj56aqg
gpg fingerprint:DD1AB28F8043D0837C86A4CA7D6367953C6FE9DC

MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
April 04, 2011, 06:37:55 PM
 #16

Good, it seems like everytime I get a little worried there's a fix built in to the system.

Yeah, same here. The more I learn about bitcoin, the more brilliant I think it is.

Yeah it still worries me a little because I feel like it's impossible to have thought of everything.

Even if this were a realistic exploit, the difficulty has an adjustment rule that prohibits an adjustment of greater than a factor of four in either direction.  So the difficulty couldn't be cut down to less than a quarter of the prior difficulty.  It's still something to consider, as this is one attack avenue I don't think that I've seen discussed on this forum before.  But before we consider how difficult the attack vector may be, we need to determine what the goal would be.  If the goal is simply to spoof the difficulty calculations in order to make it easier to capture some blocks in a short period of time, (perhaps someone decided to buy a couple of hours of mining capacity on Amazon's cloud?) then really no great harm done, and if such things were to become an ongoing thing, a tighter difficulty adjustment parameter could undercut such activities.  However, if the goal was to actually harm the network in some fashion, the impracticality of the attack may not be a great defense.  How might this harm the network. or introduce another fraud vector?  thoughts?

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
ryepdx
Hero Member
*****
Offline Offline

Activity: 714
Merit: 500


View Profile
April 04, 2011, 09:23:13 PM
 #17

It's still something to consider, as this is one attack avenue I don't think that I've seen discussed on this forum before.

Remember the Mystery Miner?

How might this harm the network. or introduce another fraud vector?

Well, there's that double-spend vector that keeps getting kicked about. Also...

It would shake out small miners...

...which could lead to a person eventually taking control of over 50% of the network with computing power equal to a value less than 50% of the network's power at the time of the attack's commencement.
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
April 04, 2011, 10:42:22 PM
 #18

It's still something to consider, as this is one attack avenue I don't think that I've seen discussed on this forum before.

Remember the Mystery Miner?

Are you implying that the 'Mystery Miner' was such an exploit? 
Quote
How might this harm the network. or introduce another fraud vector?

Well, there's that double-spend vector that keeps getting kicked about. Also...


Okay, so how would this attack vector aid in a double spend fraud? 

Quote
It would shake out small miners...

...which could lead to a person eventually taking control of over 50% of the network with computing power equal to a value less than 50% of the network's power at the time of the attack's commencement.

How?

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
PLATO
Sr. Member
****
Offline Offline

Activity: 493
Merit: 250


Don't trust "BBOD The Best Futures Exchange"


View Profile
April 04, 2011, 11:01:40 PM
 #19

Imagine Google can summon 5.4 TH/s of power. The current hashrate is .6 TH/s. For the sake of simplicity let's say difficulty adjusts every 2000 blocks.

Blocks 1-10000: Business as usual; network ends at .6 TH/s.
Block 10001: Difficulty resets. Google turns on their network; starts hashing.
Blocks 10001-12000: Google finds these blocks approximately 10 times faster than they should, or, approximately one per minute.
Block 12001: Difficulty spikes to approximately 10 times the last difficulty. Google shuts off their network; hashrates are now .6 TH/s again.
Block 12001-14000: The network finds these blocks approximately 10 times slower than they should; or, approximately, one block per hour. Instead of taking two weeks, the next difficulty reset takes five months.

All posts by me after 2012 were a compromised account. Probably by "BBOD The Best Futures Exchange". SORRY Y'ALL
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
April 04, 2011, 11:07:14 PM
 #20

Imagine Google can summon 5.4 TH/s of power. The current hashrate is .6 TH/s. For the sake of simplicity let's say difficulty adjusts every 2000 blocks.

Blocks 1-10000: Business as usual; network ends at .6 TH/s.
Block 10001: Difficulty resets. Google turns on their network; starts hashing.
Blocks 10001-12000: Google finds these blocks approximately 10 times faster than they should, or, approximately one per minute.
Block 12001: Difficulty spikes to approximately 10 times the last difficulty. Google shuts off their network; hashrates are now .6 TH/s again.
Block 12001-14000: The network finds these blocks approximately 10 times slower than they should; or, approximately, one block per hour. Instead of taking two weeks, the next difficulty reset takes five months.

Except that can't work.  As I mentioned earlier, there is a difficulty adjustment parameter rule that prohibits the difficulty from adjusting up or down by more than a factor of four.  So the max that can be expected is that the Google can do is move the difficulty by that factor of four, which may or may not actually be worthwhile, but if the attack cannot be repeated in consecutive cycles (maybe, but I would say that it would be very unlikely to work out that way) then it's probably not a worthwhile means of manipulation for profit motives alone.  What kind of harm to the system itself could such an attack cause?

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!