Bitcoin Forum
November 19, 2024, 08:31:57 AM *
News: Check out the artwork 1Dq created to commemorate this forum's 15th anniversary
 
   Home   Help Search Login Register More  
Pages: « 1 [2]  All
  Print  
Author Topic: A lucrative attack on bitcoin?  (Read 13277 times)
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5390
Merit: 13427


View Profile
October 26, 2010, 07:57:54 PM
 #21

Unless there is a scheme for forgetting transactions that have insufficient fee then it's still a big problem.

Transactions are forgotten over time, to prevent just this problem! Nodes delete transactions in their memory pool on shutdown, and they never rebroadcast transactions that they already know about. This causes most of the network to forget about a transaction in about a week. If your transaction isn't going through, you would restore from an old wallet backup, wait for the network to forget your transaction, and re-send.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
caveden
Legendary
*
Offline Offline

Activity: 1106
Merit: 1004



View Profile
October 26, 2010, 08:00:15 PM
 #22

Regarding the attack discussion, I don't know how the client behaves, but it has no reason to keep in the pool transactions that it wouldn't add to any block anyway. Actually, ByteCoin has just pointed a reason for not doing so. Smiley
The unacceptable transactions should be forwarded and forgotten. It's up to the stingy sender to retry if the transaction is completely forgotten by the network.
Those doing "charity work" (adding transactions with no fees) would be vulnerable to this sort of denial of service attack, yes. And if they ever generate a block - before running out of memory/disk space -, it will be a damn huge block! Cheesy
But I see no "lucrative incentive" for such an attack, though. If you want to forbid free transactions, just publish a free version of the client that allows its users to specify minimum transactions fees.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5390
Merit: 13427


View Profile
October 26, 2010, 08:15:06 PM
 #23

True.  Quoting Satoshi's white paper :

That's about transactions in blocks, which are further protected by transaction fees. I'm talking about transactions waiting to get into a block.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
jgarzik
Legendary
*
Offline Offline

Activity: 1596
Merit: 1100


View Profile
October 26, 2010, 08:32:56 PM
 #24


Large blocks are a valid DoS attack against bitcoin, presently.  Transaction fees kick in at higher block sizes, but it still remains quite inexpensive to flood the network, even if you are paying full TX fees right up to the 1MB (?) block limit.  I dunno about lucrative, but...

Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
grondilu
Legendary
*
Offline Offline

Activity: 1288
Merit: 1080


View Profile
October 26, 2010, 08:41:47 PM
 #25


Large blocks are a valid DoS attack against bitcoin, presently.  Transaction fees kick in at higher block sizes, but it still remains quite inexpensive to flood the network, even if you are paying full TX fees right up to the 1MB (?) block limit.  I dunno about lucrative, but...

Damned it.  Do you mean that Governments could harm the bitcoin network with this kind of DoS attack ?

MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
October 26, 2010, 08:48:16 PM
 #26

The only reason why you can make free transactions so far is because the only client that exists doesn't allow the user to specify transaction fee rules.
If people generating could specify their own rules regarding fees, they wouldn't accept transactions with no fees (ok, there are always the exceptions, but they would be few...)

So, in the future, we may expect that all transactions will have to pay fees anyway.

Yes, but that future is a long way off.  Likely we will all be long dead.

Why?
That would happen as soon as there is a client that allows the user not to add transactions with no fees to the block it generates.

Because not everyone will use such a client, there will always be some generation that is not entirely profit motivated.  Search for the thread about generation for heat.  Some will always be motivated in other ways, such as keeping the other major players honest.  This is an open source project after all, no one has produced such a client yet, thus far the reward is enough of an economic incentive to get people to generate honestly; the additional transaction fees are tears in the ocean compared to that reward.  All that added to the fact that the regular block reward doesn't expire for about 120 years, after which the competition will set the price for transaction fees.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5390
Merit: 13427


View Profile
October 26, 2010, 08:50:01 PM
 #27

Large blocks are a valid DoS attack against bitcoin, presently.  Transaction fees kick in at higher block sizes, but it still remains quite inexpensive to flood the network, even if you are paying full TX fees right up to the 1MB (?) block limit.  I dunno about lucrative, but...

Driving a block to 1MB costs 21 million BTC. I don't think attackers are going to pay...

Code:
if (nNewBlockSize >= MAX_BLOCK_SIZE_GEN)
                return MAX_MONEY;

Here's how much it would cost (estimates) to make the block size go to various levels:
-50 KB: Free
-250 KB: 2 BTC
-300 KB: 127 BTC
-350 KB: 293 BTC
-400 KB: 543 BTC
-450 KB: 1043 BTC
-490 KB: 3543 BTC
-495 KB: 8543 BTC
-499 KB: 33543 BTC

Attackers can feel free to pay 500 BTC every 10 minutes to make sending transactions expensive...

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
jgarzik
Legendary
*
Offline Offline

Activity: 1596
Merit: 1100


View Profile
October 26, 2010, 08:55:27 PM
 #28

Nice!  I stand corrected.

Jeff Garzik, Bloq CEO, former bitcoin core dev team; opinions are my own.
Visit bloq.com / metronome.io
Donations / tip jar: 1BrufViLKnSWtuWGkryPsKsxonV2NQ7Tcj
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
October 26, 2010, 09:04:40 PM
 #29

Ok perhaps not all transactions would have fees but the free ones would immediately be used up by the hasher spam so effectively all transactions would need fees.


This might be a valid attack at the moment, but it's not like it can't be handled by real people should the need arise.  There is nothing that says that a particular generating client can't be set to ignore transactions based on certian parameters beyond the current Bitcoin settings.  One particular client that ignores transactions over half a meg in size, for example, does nothing; but as other generating clients take take a similar approach that kind of attack becomes progressively less successful.  It's not like the rules are set in stone, this is a community.  The majority will rule.

That said, it's not a particular problem now because there is nothing that says that the spamming agent is the one to benefit from his efforts.  Classic game theory, so I don't think that it's ever going to be an issue, as that would imply collusion, or at least that one particular generator has begun to monopolize the network.

Quote


The point I was making about buying something expensive urgently is the following:
Suppose I have 90 BTC. My friend is in desperate need of 50 BTC so I send it to him without including a fee. All the "free" transactions in the block are taken and, as it doesn't include a fee it's not included in the block. I realize my mistake and would like to cancel the transaction and am willing to reissue it with a 10BTC fee payment to get it in the next block for sure. However, I don't think I can do that as I've already spent the 50BTC and I only have 40 left. There may be a workaround for this. What is it?


There is no way to cancel a transaction, nor should there be.

Quote

More fundamentally, let's say someone for whatever reason spams the network with lots of transactions with no fee at 1MB per second. Most of the transactions don't get into blocks because they don't have the necessary fee, but they are not forgotten! They have to persist in all the clients to try to get into the next block. Are they stored on disc? If they are stored in memory then the client consumes memory at 3.6 GB every hour! If they are stored on disc then it's the same problem as if they were hashed in the block chain.


Transactions are not persistent per se.  The client can be modified to clear the transactions older than an arbitrary time limit, or simply rebooted.

Quote

Unless there is a scheme for forgetting transactions that have insufficient fee then it's still a big problem. I said that Bitcoin doesn't have effective countermeasures against spamming. I think I have shown that fees are not effective and that the current fee schedule make the problem worse, not better.


Bitcoin doesn't have many countermeasure against spamming, because there is little real evidence of what kinds of attacks are effective against it.  Try and break it, you will help future users.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
ByteCoin
Sr. Member
****
Offline Offline

Activity: 416
Merit: 277


View Profile
October 26, 2010, 10:49:00 PM
Last edit: October 27, 2010, 12:02:24 AM by ByteCoin
 #30

Here's how much it would cost (estimates) to make the block size go to various levels:
-50 KB: Free
-250 KB: 2 BTC
-300 KB: 127 BTC
-350 KB: 293 BTC
-400 KB: 543 BTC
-450 KB: 1043 BTC
-490 KB: 3543 BTC
-495 KB: 8543 BTC
-499 KB: 33543 BTC

Nice!  I stand corrected.

I must correct you jgarzik when you said that you stood corrected! Wink

I believe that theymos has made a mistake in his calculations.
We're assuming that we can generate transactions as close as possible under 1000 bytes long.
The basic charge is 0.01 for 1KB which applies after the block size exceeds 50KB.
So the 200KB between the 50KB and 250KB block size would cost 0.01*200=2BTC. We agree!

After 250KB if the block size is x (in KB) then the charge is approximately multiplied by 500/(500-x)
This means that the charge jumps to 0.01 * 500/(500-250) = 0.02 BTC after 250KB ramping up to 0.01 * 500 /(500-300) = 0.025 BTC at 300K. For the fifty 1KB blocks between 250 and 300 the most expensive one only costs 0.025 BTC so the total can't possibly be more than 1.25 BTC so theymos is easily out by a factor of 100.


More detailed calculations (neglecting the real rounding used in the code and being somewhat cavalier about other details) give
Block SizeCumulative Cost
KBBTC
500.00
2502.00
3003.14
3504.58
4006.62
45010.12
49932.53
5005032

So the last transaction of 999 bytes to take the block size to 499999 bytes costs 5000BTC and the preceeding one costs just 5 BTC!

ByteCoin
MoonShadow
Legendary
*
Offline Offline

Activity: 1708
Merit: 1010



View Profile
October 26, 2010, 11:04:08 PM
 #31

True.  Quoting Satoshi's white paper :

That's about transactions in blocks, which are further protected by transaction fees. I'm talking about transactions waiting to get into a block.

Currently the client forwards transactions that it considers valid as long as it is the first time that it's seen it.  It doesn't have to.

"The powers of financial capitalism had another far-reaching aim, nothing less than to create a world system of financial control in private hands able to dominate the political system of each country and the economy of the world as a whole. This system was to be controlled in a feudalist fashion by the central banks of the world acting in concert, by secret agreements arrived at in frequent meetings and conferences. The apex of the systems was to be the Bank for International Settlements in Basel, Switzerland, a private bank owned and controlled by the world's central banks which were themselves private corporations. Each central bank...sought to dominate its government by its ability to control Treasury loans, to manipulate foreign exchanges, to influence the level of economic activity in the country, and to influence cooperative politicians by subsequent economic rewards in the business world."

- Carroll Quigley, CFR member, mentor to Bill Clinton, from 'Tragedy And Hope'
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5390
Merit: 13427


View Profile
October 26, 2010, 11:52:04 PM
 #32

Quote from: ByteCoin
so theymos is easily out by a factor of 100.

I forgot to move the decimal over for the fee per KB.  Embarrassed

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5390
Merit: 13427


View Profile
October 29, 2010, 01:48:43 AM
 #33

In any case, ArtForz controls 30%+ of the network's CPU, and he would immediately adjust his fee rates in response to a block flood. Eventually dedicated companies will own the network's CPU and will be able to do likewise.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
Pages: « 1 [2]  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!