|
|
|
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
|
|
BrewMaster
Legendary
 Offline
Activity: 2114
Merit: 1292
There is trouble abrewing
|
 |
March 04, 2021, 04:21:34 PM |
|
the whole point of storing UTXO is to store everything the client needs to verify transactions without having to look them up from the blocks. they store transaction hash, version, is coinbase or not, the output scripts, amounts and the block height the UTXO comes from.
|
There is a FOMO brewing...
|
|
|
|
bomberb17 (OP)
|
|
March 04, 2021, 04:25:32 PM |
|
Yes but what is the answer to my question? How does the client or a miner know the amount that corresponds to a UTXO? I dont see the amount stored in the leveldb.
|
|
|
|
|
BrewMaster
Legendary
Offline
Activity: 2114
Merit: 1292
There is trouble abrewing
|
Yes but what is the answer to my question? How does the client or a miner know the amount that corresponds to a UTXO?
the amount is stored alongside hash, index, script, etc in the UTXO database. the client has to search inside that database using the hash and index (found in each input of the transaction they are validating). each tx looks like this: version
input count
1) hash index signature
2) hash index signature
...
output count
1) amount script
2) amount script
...
witness
...(only when needed)
locktime the client uses the hash+index in the input list above. then updates the database with the UTXOs from this transaction using its hash and the output list, as you can see the output list contains amounts and scripts which are then stored as UTXO in that database for future looking up. |
There is a FOMO brewing...
|
|
|
|
bomberb17 (OP)
|
|
March 04, 2021, 04:41:36 PM |
|
Ok so the amount is indeed stored in the key:value pairs, the link above is missing that.
My next question:
How is a client or miner ensured that this amount is correct?
In other words, an attacker could compromise the majority of nodes storing the database and manipulate an amount for a specific UTXO he owns. Where would this discrepancy be detected exactly?
|
|
|
|
|
BrewMaster
Legendary
Offline
Activity: 2114
Merit: 1292
There is trouble abrewing
|
|
March 04, 2021, 04:50:54 PM |
|
How is a client or miner ensured that this amount is correct?
i believe that the node software trusts that the data it stored on disk is reliable and not manually modified. but i don't have enough information about this. In other words, an attacker could compromise the majority of nodes storing the database and manipulate an amount for a specific UTXO he owns.
it is nearly impossible to attack majority of nodes, even if they did that those nodes would be go on an invalid forked chain. if an attacker could attack nodes the node operators have to worry about much more serious matters such as losing their coins to the attacker. Where would this discrepancy be detected exactly?
the node has to construct the database from scratch by going through all blocks from block 1. it should be faster than initial download since there is no need to download and the node already has the block files on disk and there is no need for signature verification. |
There is a FOMO brewing...
|
|
|
|
bomberb17 (OP)
|
|
March 04, 2021, 05:01:55 PM |
|
it is nearly impossible to attack majority of nodes, even if they did that those nodes would be go on an invalid forked chain.
if an attacker could attack nodes the node operators have to worry about much more serious matters such as losing their coins to the attacker.
I don't think it is impossible. We are not talking about PoW here. Someone could just buy a *lot* of AWS instances and make them bitcoin nodes, then manipulate the leveldb. Expensive? Yes. Impossible? No. Still I'm curious on how such an attack would be prevented. |
|
|
|
|
BrewMaster
Legendary
Offline
Activity: 2114
Merit: 1292
There is trouble abrewing
|
|
March 04, 2021, 05:11:44 PM |
|
Someone could just buy a *lot* of AWS instances and make them bitcoin nodes, then manipulate the leveldb.
they can't attack other people's nodes this way. to perform the attack you described the attacker has to access the other person's hard disk remotely and then edit their database. then have to repeat it thousands of times successfully to affect "majority" of nodes. |
There is a FOMO brewing...
|
|
|
|
bomberb17 (OP)
|
|
March 04, 2021, 05:22:38 PM |
|
Someone could just buy a *lot* of AWS instances and make them bitcoin nodes, then manipulate the leveldb.
they can't attack other people's nodes this way. to perform the attack you described the attacker has to access the other person's hard disk remotely and then edit their database. then have to repeat it thousands of times successfully to affect "majority" of nodes. No need to attack other nodes. Right now there are about 10k nodes. Some could buy 20k AWS instances, turn them into nodes and have the majority. |
|
|
|
|
BrewMaster
Legendary
Offline
Activity: 2114
Merit: 1292
There is trouble abrewing
|
|
March 04, 2021, 05:29:04 PM |
|
No need to attack other nodes. Right now there are about 10k nodes. Some could buy 20k AWS instances, turn them into nodes and have the majority.
that won't affect bitcoin network. anybody is free to create an altcoin with an invalid chain at any time and their blocks will always be rejected immediately and their IP addresses banned by any node that receives their invalid chain. it doesn't matter how many of them are around. |
There is a FOMO brewing...
|
|
|
|
bomberb17 (OP)
|
|
March 04, 2021, 05:38:57 PM |
|
No need to attack other nodes. Right now there are about 10k nodes. Some could buy 20k AWS instances, turn them into nodes and have the majority.
that won't affect bitcoin network. anybody is free to create an altcoin with an invalid chain at any time and their blocks will always be rejected immediately and their IP addresses banned by any node that receives their invalid chain. it doesn't matter how many of them are around. So to get things into the right path: I don't think bitcoin's security is that weak, i.e. trusting 10k bitcoin nodes that will behave honestly. Scenarios like compromising a majority of these nodes or instantiating a greater number of malicious nodes are unlikely, but not impossible. There must be a safeguard somewhere and I'm looking for it. |
|
|
|
|
aliashraf
Legendary
Offline
Activity: 1456
Merit: 1174
Always remember the cause!
|
|
March 04, 2021, 10:53:59 PM
Last edit: March 04, 2021, 11:11:12 PM by aliashraf |
|
No need to attack other nodes. Right now there are about 10k nodes. Some could buy 20k AWS instances, turn them into nodes and have the majority.
that won't affect bitcoin network. anybody is free to create an altcoin with an invalid chain at any time and their blocks will always be rejected immediately and their IP addresses banned by any node that receives their invalid chain. it doesn't matter how many of them are around. So to get things into the right path: I don't think bitcoin's security is that weak, i.e. trusting 10k bitcoin nodes that will behave honestly. Scenarios like compromising a majority of these nodes or instantiating a greater number of malicious nodes are unlikely, but not impossible. There must be a safeguard somewhere and I'm looking for it. Suppose you got a zillion nodes pretending to be honest bitcoin nodes and there are just few people like me who run truly honest nodes. Your puppets claim that you got 1 bitcoin in some utxo BUT my node along with those few nodes doesn't approve it, it is why I won't pay a penny for your bitcoin as we are not on the same ledger obviously. You are free to do business with ... wait with whom? You! Back to your original issue: Implementation of the UTXO (blockchain state) is somehow complicated and not well documented, but it doesn't imply that it is bogus, actually amounts are stored properly in the chainstate key-value pair in leveldb for each output of each entry, it is not summed-up for the entries separately because it is not a recommended practice in software engineering and database design to maintain redundant data; besides being a waste of space, redundancy opens doors to consistency problems. |
|
|
|
|
franky1
Legendary
Offline
Activity: 4200
Merit: 4447
|
|
March 05, 2021, 07:15:40 AM |
|
10k honest nodes with their UTXO would only accept blocks that correspond to their UTXO list
any double spends would get rejected.
your 20k nodes with edited database would relay out a bad tx. and honest mining pools and node wont even bother looking at it. meaning no chance of even getting put into a block. and honest nodes wont even keep it in mempool
you would then need to also be a block minering to make a block with your bad spend in it.
if you then propagated that block, honest nodes would reject that too. and instead accept a good block elsewhere.
so YOUR 20k nodes would accept YOUR block. thus making your blockchain fork away from the blockchain of the honest nodes.
in short editing your database and making your own mining pool. is making an altcoin just for yourself to play in alone
..
the real risk. is if bitcoin devs programming the main bitcoin core nearly everyone downloads added in unnoticable code that made all users seed data from a certain source and that data was manipulated.
however an unknown guy making an unknown client and himself running thousands of them.. just forks him off by himself
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
BlackHatCoiner
Legendary
Offline
Activity: 1498
Merit: 7292
Farewell, Leo
|
|
March 05, 2021, 08:36:19 AM |
|
So to get things into the right path: I don't think bitcoin's security is that weak, i.e. trusting 10k bitcoin nodes that will behave honestly. Scenarios like compromising a majority of these nodes or instantiating a greater number of malicious nodes are unlikely, but not impossible. There must be a safeguard somewhere and I'm looking for it. It shouldn't be considered as "trust". It doesn't have to do with the majority, since the bitcoin nodes won't be manipulated by it. They work autonomously. The network doesn't "tell you what to do". Instead, your bitcoin client already knows what to do, and it makes it's own decisions. Everyone makes the same decisions, but even if the majority of nodes are malicious, it wouldn't bother the honest ones. They would keep validating the information they receive and reject anything invalid. That's why it is recommended to have a full node, instead of SPV. You don't have to trust any node, you know what is valid and what's not. But even if you do, the worst thing that can happen is simply broadcasting an invalid transaction. |
.
.HUGE. | | | | | | █▀▀▀▀
█
█
█
█
█
█
█
█
█
█
█
█▄▄▄▄ | ▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀▀
.
CASINO & SPORTSBOOK
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄ | ▀▀▀▀█
█
█
█
█
█
█
█
█
█
█
█
▄▄▄▄█ | | |
|
|
|
|
bomberb17 (OP)
|
|
March 05, 2021, 05:22:16 PM |
|
Ok so here is exactly the safeguard.
The miners have to run a full node themselves, and they have an honest view of the UTXO set. Any transaction that was created based on some malicious full node database would be rejected from the miner.
|
|
|
|
|
aliashraf
Legendary
Offline
Activity: 1456
Merit: 1174
Always remember the cause!
|
Ok so here is exactly the safeguard.
The miners have to run a full node themselves, and they have an honest view of the UTXO set. Any transaction that was created based on some malicious full node database would be rejected from the miner.
Nope, it is not just about the miners, beware! Exchanges, whales, explorers, devs, researchers, ... power users in general should run a full node, and they usually do so. Hence, miners are not in charge of the network security solely because other economically active nodes won't commit to any protocol breach, so they fork off in case of a compromised mining scene. |
|
|
|
|
|
