concepter (OP)
Newbie
Offline
Activity: 14
Merit: 5
|
|
August 17, 2021, 05:46:49 AM |
|
I recently read a document entitled "Dissociative Blockchain Code".
There is talk of the fact that the blockchain was not initially designed to recognize the code that would have manipulated it. While the code that manipulates the blockchain contains within it the genesis block of the blockchain, so the code knows the blockchain. But if the blockchain does not know its code, it is possible that it can be manipulated by a code that does not conform to the one officially released!
Is it a correct reading of reality or is there something wrong?
|
|
|
|
pooya87
Legendary
Offline
Activity: 3570
Merit: 10858
|
Blockchain doesn't have any code, it is more like a database although not quite because it is "raw data". Then there is a code that uses this data. Since the start has to be the same for everyone and block 0 (aka genesis block) is a special block, it is hard-coded as part of the consensus rules of that cryptocurrency.
As for manipulating the blockchain, it is not possible because of the cryptography that was used. For example in bitcoin each block is mined by spending computing power and blocks are chained together by each block having a reference to the previous block's hash (hence creating a chain) using a strong hash algorithm. So if even a single bit in any block changes the chain breaks from that block.
|
|
|
|
concepter (OP)
Newbie
Offline
Activity: 14
Merit: 5
|
|
August 17, 2021, 06:16:33 AM Last edit: September 20, 2021, 07:26:48 PM by concepter |
|
post canceled due to lack of interest and support.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3570
Merit: 10858
|
I understand that cryptography protects against blockchain changes, but who guarantees that it is always the same code to manipulate the blockchain?
Peers who are participating in this decentralized network by running a full node ensure its security and the fact that the consensus rules (defined by the code you are talking about) can't change without them first accepting those changes ensures that these rules remain intact or only changed when majority of the network accept the change. If the blockchain does not know what the code that manipulates it must be, then that code can also be different from the official one released together with the blockchain.
There is no "official" release when we are talking about a decentralized system. There are only certain rules that everyone agrees on and there is a reference implementation of those rules. The blockchain is also not released with the code, the chain is downloaded and validated by the nodes from other peers. Unofficial software can behave like official software but at the same time it can do something different, undeclared, potentially dangerous.
Again there is no official/unofficial software in a decentralized system. Also all projects are and must be 100% open source or they have no place in this world. And when they are open source anyone can review the code and see what it does. If there is anything they don't like they simply won't run that software.
|
|
|
|
concepter (OP)
Newbie
Offline
Activity: 14
Merit: 5
|
|
August 17, 2021, 07:07:41 AM Last edit: September 20, 2021, 07:27:13 PM by concepter |
|
post canceled due to lack of interest and support.
|
|
|
|
pooya87
Legendary
Offline
Activity: 3570
Merit: 10858
|
|
August 17, 2021, 08:26:40 AM |
|
But now, however, I decide to modify that code to make it do something different, something malicious.
Nobody can prevent me, because I'm running a node, the important thing is that I don't have to change some fundamental points, but if I add extra code, nobody will be able to prevent me.
You are right, nobody can prevent you from doing that but also you can not force others to follow you either. So it is very simple actually, by introducing the malicious change you have effectively isolated yourself. In other words you have created an altcoin that nobody who wants "bitcoin" would follow. Lets use an actual example. Lets say you decide to modify block 696,200 (an existing block) for example change a transaction in it. My node that doesn't have this block connects to your node and requests it, but as soon as the modified block is received by my node (running the correct code) that block is rejected. If you continue feeding bad blocks, my node will ban your IP address for malicious behavior. Now lets say you change a consensus rule, like increasing the block weight to 10 MB (it is currently 4 MB) and then mine a new block that is 10 MB. Again the same scenario as above occurs. As soon as my node (or any other bitcoin node) receives this block that breaks the consensus rules it will be rejected and your IP address will be banned for being an altcoin. P.S. Keep in mind that anything that is not part of the consensus rule (eg. using RFC6979 when signing transactions, using BIP39 for the wallet, how the blockchain is stored on disk, ...) can be changed without a problem.
|
|
|
|
NeuroticFish
Legendary
Offline
Activity: 3794
Merit: 6509
Looking for campaign manager? Contact icopress!
|
|
August 17, 2021, 08:36:12 AM |
|
And here is the conceptual mistake: thinking that actions on the blockchain are uniform and certified, when these actions can differ due to programs altered or manipulated in a predetermined way.
Not at all. The code doesn't expect at all the actions be "uniform and certified". That's why the code contains consensus rules. Since the others have the proper code, their code will simply reject your block if it didn't follow the rules. This means that whatever malicious you do, it will either remain local if you altered the consensus rules, either it will be dropped too when the correct blockchain will become longer than yours. Keep in mind that you cannot really alter older blocks...
|
|
|
|
concepter (OP)
Newbie
Offline
Activity: 14
Merit: 5
|
|
August 17, 2021, 08:55:56 AM Last edit: September 20, 2021, 07:27:39 PM by concepter |
|
post canceled due to lack of interest and support.
|
|
|
|
HCP
Legendary
Offline
Activity: 2086
Merit: 4318
<insert witty quote here>
|
|
August 18, 2021, 03:32:15 AM |
|
You seem to be speaking of "the blockchain"™... as if there is only a singular instance of it which a malicious actor can alter and thereby affect everyone. In reality, any malicious actor will be able to do whatever they like to their copy of the blockchain data... with whatever code they want to use. However, as illustrated by pooya87 illustrated, any "non valid" data created by this malicious actor will be rejected by everyone else running "non modified" nodes. Also, you keep talking about manipulating the blockchain... the data is not manipulated... it is "created" (ie. transactions are created, blocks are mined)... the entire concept of the blockchain rests on the fact that it is immutable... so the data cannot be "manipulated". So, I am thinking I am not understanding what you actually mean when you say: The blockchain itself is not doing any checks on the code that must manipulate it and therefore it can be manipulated in many possible ways, apparently conforming to the shared protocol.
In what ways is "the blockchain" being manipulated?
|
|
|
|
concepter (OP)
Newbie
Offline
Activity: 14
Merit: 5
|
|
August 18, 2021, 09:34:21 AM Last edit: September 20, 2021, 07:28:02 PM by concepter Merited by NotATether (1) |
|
post canceled due to lack of interest and support.
|
|
|
|
NotATether
Legendary
Offline
Activity: 1722
Merit: 7259
In memory of o_e_l_e_o
|
There is talk of the fact that the blockchain was not initially designed to recognize the code that would have manipulated it. While the code that manipulates the blockchain contains within it the genesis block of the blockchain, so the code knows the blockchain. But if the blockchain does not know its code, it is possible that it can be manipulated by a code that does not conform to the one officially released!
It's basic software engineering. This is similar to any other large-scale program using a versioned file format for storage. Search index "databases" (mostly just sqlite files or some proprietary "lite" database as a file) for example, usually have a version written at the top of the file and the indexing program is coded to understand versions up to a specific one. But newer file versions running on older software are oftentimes incompatible because they often remove fields read by the older versions. You don't see this happening with Bitcoin Core though, because developers update the local block[chain] database format versions in such a way that they are backward-compatible with older client versions by never removing any fields. So it all depends on the program whether the developers are careless and don't make backward-compatible changes to file formats. If this is true then the older programs will flat-out fail when they encounter a newer format (this includes third-party "new" formats that are unknown to the public for the purposes of this post). A backward-compatible change will cause older programs to continue to work normally, including in the face of these private, unknown new versions.
|
|
|
|
concepter (OP)
Newbie
Offline
Activity: 14
Merit: 5
|
|
August 18, 2021, 11:08:45 AM Last edit: September 20, 2021, 07:28:22 PM by concepter |
|
post canceled due to lack of interest and support.
|
|
|
|
NotATether
Legendary
Offline
Activity: 1722
Merit: 7259
In memory of o_e_l_e_o
|
|
August 18, 2021, 11:45:09 AM |
|
If well-camouflaged software can intervene undisturbed on a blockchain without raising suspicions, then that blockchain is not secure. Today we are in this situation: thousands of non-certified and controlled software can manipulate blockchains in an undisturbed way. It is already possible today, we do not have to wait for time, we are already in this scenario.
So we're talking about arbitrary blockchain software now, not Bitcoin Core. The thing about those is that many of them have a weakness in that they are not properly audited as well as they should be for a digital currency consensus enforcer. This is usually due to a lack of manpower and resources (they'd rather audit bigger projects. These projects usually have small download sites making it easy for some random person with their own modifications to masquerade as the official download site. Unfortunately, other manipulators will come, and there will be no remedy without transforming DBC-type blockchains into their more secure ABC model.
That would be better for most of those one-release, never work on upgrading again kind of cryptocurrencies.
|
|
|
|
concepter (OP)
Newbie
Offline
Activity: 14
Merit: 5
|
|
August 18, 2021, 12:07:49 PM Last edit: September 20, 2021, 07:28:42 PM by concepter |
|
post canceled due to lack of interest and support.
|
|
|
|
ymgve2
|
I skimmed the "paper" that describes this and it seems like the idea is to add a virtual machine, and the bytecode that handles the blockchain validation itself is embedded in the blocks. This leaves me with a major question.
Who decides what updates to the bytecode should be added?
Anyone with the power to push updates to the bytecode (and therefore changing how ALL blockchain nodes process data, instantly) has tremendous power over the network, making it basically a centralized network.
In contrast, in the current Bitcoin ecosystem, any node operator is free to run any code they want, and refuse updates they disagree with. This could result in forks, as with BCH, but I see this as a feature and not a flaw - the Bitcoin core devs do not have absolute power to decide what code runs the network.
Remember how the DAO code (equivalent to your "ABC" blockchain's bytecode) running on Ethereum was flawed, and it allowed hackers to take over everything? What stops a similar scenario from happening with an "ABC" blockchain?
|
|
|
|
garlonicon
Legendary
Offline
Activity: 861
Merit: 2095
Pawns are the soul of chess
|
|
August 18, 2021, 07:15:22 PM |
|
it seems like the idea is to add a virtual machine, and the bytecode that handles the blockchain validation itself is embedded in the blocks No, blocks contain just raw data, you can see who owns what, but it can be executed in any way, using any Turing-complete language you want. It has to be compatible with the rest of the network, that's the only required thing to reach consensus. Who decides what updates to the bytecode should be added? There is no official "bytecode", you just have some data in the chain and that data can be accepted or rejected by your node. If you ask about the format of the data in the chain, then all users running full nodes. You can release new version, but you have to convince people to install that version to bring your changes into reality. If developers will start doing some things that people don't like, then they can always switch to another coin (or simply stick with the old version). For some coins, the blockchain is identical to some point in time, that's probably the easiest way to see that there is no single version matching the blockchain. Also, many miners use their own custom software (and hardware) to mine blocks more efficiently, using "generatetoaddress" will work, but using specially optimized software is better. stop being a Dissociative Blockchain Code and become an Associative Blockchain Code I don't agree with that. If the blockchain is disconnected from the binary code, it can be updated and changed easier than if it is connected, because you don't have to stick to some processor architecture or some programming language. Also, if you have self-upgradeable blockchain, then you can force some unwanted update just by pushing some data into the chain. That gives too much power for miners and changes them into semi-developers by letting them auto-update other nodes, which can be dangerous. Even versions released by Core are not auto-upgradeable, you have to upgrade it yourself.
|
|
|
|
ymgve2
|
|
August 18, 2021, 08:29:34 PM |
|
it seems like the idea is to add a virtual machine, and the bytecode that handles the blockchain validation itself is embedded in the blocks No, blocks contain just raw data, you can see who owns what, but it can be executed in any way, using any Turing-complete language you want. It has to be compatible with the rest of the network, that's the only required thing to reach consensus. I'm not talking about Bitcoin, I'm talking about the stupid "associative blockchain code" idea the original poster is pushing, which explicitly wants to have validation code in the blocks themselves: https://medium.com/@mocciaro.smz/associative-blockchain-code-f84f385c45ec
|
|
|
|
NotFuzzyWarm
Legendary
Online
Activity: 3752
Merit: 2667
Evil beware: We have waffles!
|
|
August 18, 2021, 10:01:08 PM Last edit: August 20, 2021, 12:08:05 AM by NotFuzzyWarm Merited by vapourminer (1) |
|
To me, the only way a bad-actor node could even possibly inject a corrupted block into the chain is: a) submit a corrupted block it claims has been solved to the network. b) have a confirmation of the corrupted block because a pool (or one helluva private solo farm) used SPV mining and so did not check that it is a valid block with results that matches the inputs to it. c) have that first 'confirmation' validated by several other SPV nodes in a row lengthening the now corrupted chain.
With 'c' therein lies the biggest hurdle: By The Book a block is not considered 100% validated until it has 101 confirmations by the network. IF at any time a node that properly validates the block data tags it as invalid it can and most likely WILL be kicked out the the blockchain and treated as the start of an invalid fork. More than enough nodes do that and even the pools like Poolin, ViaBTC, etc that are known for pushing empty (SPV) blocks do do full block validations often enough to catch bad-actors.
|
|
|
|
NotATether
Legendary
Offline
Activity: 1722
Merit: 7259
In memory of o_e_l_e_o
|
|
August 18, 2021, 10:22:12 PM |
|
It is the original document of Satoshi Nakamoto who introduced the blockchain as we know it today, and has been taken up and copied by others without much reasoning.
OK, I kind of get your idea. But usually, when someone makes a consensus change to the Bitcoin client that affects how they create blocks, transactions, etc, the honest nodes are programmed to reject these items of data. This makes the rebelling node orphaned from the rest of the network so the blockchain can't be manipulated from this avenue. I'm definitely not saying it's not possible but perhaps with more subtle consensus rule changes that don't directly alter the blockchain content the blockchain could be manipulated, but it's usually a researcher that discovers these first and it becomes a CVE.
|
|
|
|
NotFuzzyWarm
Legendary
Online
Activity: 3752
Merit: 2667
Evil beware: We have waffles!
|
|
August 18, 2021, 10:42:57 PM Last edit: August 19, 2021, 01:55:38 AM by NotFuzzyWarm |
|
It is the original document of Satoshi Nakamoto who introduced the blockchain as we know it today, and has been taken up and copied by others without much reasoning. Apparently the OP and friend think that in all the time Bitcoin has existed no one has tried attacking it in every way possible both in theory and actual attempts? It is a very safe bet that probably hundreds if not thousands of bad actors including no doubt more than a few State-sponsored players have tried and to-date, all failed. As I said earlier, it is the constant self-checking of results from the massively distributed mining process that ensures corrupt blocks do not make it very far before the bad fork is terminated. It would take a prolonged 51% attack based on the corrupt block(s) lasting through the full 101 block confirmation rule to have any chance of working. That would very soon be caught by the rest of the network and in one of the rare moments of all the major players acting together - stopped. It has been done a few times before. Just google "billion bitcoin bug" or refer to here for a short description of what happened when someone tried it. That said, I wonder if there any tools to look at the 'fuzz' of failed blocks/chains that branched off the main chain before being terminated?
|
|
|
|
|