A lucrative attack on bitcoin?

[im3w1l]

1. Acquire access of large botnet
2. Have bots join bitcoin.
3. Speculate against bitcoin somehow
4. Have all of you clients transfer huge amount of bitcoin to an account controlled by you using bogus blocks
Now either two of these will happen
*Massive loss of trust in bitcoin
  5. Profit from speculation
*Little or no loss of trust
  5. Profit from theft

Works?

[1714809536]

1714809536

[1714809536]

1714809536

[im3w1l]

Doing it my way should be able to give you around 10% of the value of all bitcoins in a short amount of time = more efficient

[Quantumplation]

1. Acquire access of large botnet
2. Have bots join bitcoin.
3. Speculate against bitcoin somehow
4. Have all of you clients transfer huge amount of bitcoin to an account controlled by you using bogus blocks
Now either two of these will happen
*Massive loss of trust in bitcoin
  5. Profit from speculation
*Little or no loss of trust
  5. Profit from theft

Works?

Bogus blocks? o_O

[knightmb]

1. Acquire access of large botnet
2. Have bots join bitcoin.
3. Speculate against bitcoin somehow
4. Have all of you clients transfer huge amount of bitcoin to an account controlled by you using bogus blocks
Now either two of these will happen
*Massive loss of trust in bitcoin
  5. Profit from speculation
*Little or no loss of trust
  5. Profit from theft

Works?

It would take a botnet larger than the current CPU pool (which might be possible), but it takes 100% CPU to make it happen, even if it's running on idle CPU time.

So first, someone will have to take the source code AND compile a version that will remain hidden AND produce bogus blocks AND be able to be remotely controlled AND be able to restart itself after a system reboot/shutdown AND coordinate this properly to have *all* bots online at the same time AND be able to funnel those fake blocks to a central fake client AND be compile another client that will accept those fake blocks AND it will have to be setup to only work as private/local nodes AND you'll need another compile for a client that will connect to the public network AND the fake network to start loading up the fake blocks AND, AND, AND...

I think getting the botnet will be the easiest part of this attack before one could move forward with it. 

[NewLibertyStandard]

Botnets would ideally attack the network while the difficulty is low, stop while the difficulty is high and repeat. I would imagine that botnet operators value their botnets enough to not risk many nodes being discovered from the computers running full blast all day everyday while producing bitcoins, but I might be wrong. I suppose they could run all the clients on half their cores, which would cut down on visibility. Anyway, bitcoins may be worth a lot right now, they're only worth that much because no one is flooding the market with bitcoins. They would have to withdraw only a small amount of money each day by only selling their bitcoins when someone offers to buy a small amount of them at a good price. If you were to look at the confirmed volume of trades occurring and adjust for possibly fake traders trading with themselves to alter people's impressions, I think you'd be surprised how few people are actually spending their hard earned cash on bitcoins each day.

[SEN-5241]

So first, someone will have to take the source code AND compile a version that will remain hidden AND produce bogus blocks AND be able to be remotely controlled AND be able to restart itself after a system reboot/shutdown AND coordinate this properly to have *all* bots online at the same time AND be able to funnel those fake blocks to a central fake client AND be compile another client that will accept those fake blocks AND it will have to be setup to only work as private/local nodes AND you'll need another compile for a client that will connect to the public network AND the fake network to start loading up the fake blocks AND, AND, AND...

Huh?  Are these things supposed to be difficult?  You make it sound like it would take years of development to do this.  I've developed software for 10+ years, and in my estimation it'd take a skilled programmer perhaps a month or two to do this from scratch.  Possibly much less.  Anyone that has created botnets has already created the remote control libraries, so that's just a matter of linking them in.

Someone else mentioned a botnet hearder not wanting individual nodes to be discovered because of the CPU usage.  Well, most people don't EVER bring up a CPU usage meter, so the risks of that are minimal.  If you REALLY cared about that sort of thing, just stick in some code to shut down the usage whenever you detect keyboard/mouse activity. 

These are not difficult problems to solve at all.

[knightmb]

So first, someone will have to take the source code AND compile a version that will remain hidden AND produce bogus blocks AND be able to be remotely controlled AND be able to restart itself after a system reboot/shutdown AND coordinate this properly to have *all* bots online at the same time AND be able to funnel those fake blocks to a central fake client AND be compile another client that will accept those fake blocks AND it will have to be setup to only work as private/local nodes AND you'll need another compile for a client that will connect to the public network AND the fake network to start loading up the fake blocks AND, AND, AND...

Huh?  Are these things supposed to be difficult?  You make it sound like it would take years of development to do this.  I've developed software for 10+ years, and in my estimation it'd take a skilled programmer perhaps a month or two to do this from scratch.  Possibly much less.  Anyone that has created botnets has already created the remote control libraries, so that's just a matter of linking them in.

Someone else mentioned a botnet hearder not wanting individual nodes to be discovered because of the CPU usage.  Well, most people don't EVER bring up a CPU usage meter, so the risks of that are minimal.  If you REALLY cared about that sort of thing, just stick in some code to shut down the usage whenever you detect keyboard/mouse activity.  

These are not difficult problems to solve at all.

Are these things suppose to be easy? People don't operate botnets because they are hard, but because it makes them money for the amount effort they are going to put into it. I read in the news from time to time about botnet operators getting busted. They weren't doing it for the *rush* of the challenge, but to make a living.

2 months of dev work is like not getting paid for 2 months. The investment would have to be worth it to someone with that much free time. Plus there is a movement out there to root out botnets. So all your work could go up in a electron should someone shut you down or wipe our/take control of your botnet.

Risk vs Reward, right now there really isn't a reward for a Botnet operator.

[SEN-5241]

Are these things suppose to be easy? People don't operate botnets because they are hard, but because it makes them money for the amount effort they are going to put into it. I read in the news from time to time about botnet operators getting busted. They weren't doing it for the *rush* of the challenge, but to make a living.

2 months of dev work is like not getting paid for 2 months. The investment would have to be worth it to someone with that much free time. Plus there is a movement out there to root out botnets. So all your work could go up in a electron should someone shut you down or wipe our/take control of your botnet.

Yes, those things are easy.

I'm not a botnet creator, so I really have no idea on the economics of it.  I also wouldn't assume you're not being paid for 2 months, as you'd likely have income from whatever previous scams you've created.  The two month estimate was an extremely conservative one.  The other end of the spectrum is something like a couple weeks to get out Version 1.

The point being, listing out a bunch of AND AND AND's proves nothing.  You're quite right that it has to be economical, we just simply disagree that something like this isn't potentially extremely economical.  The biggest hurdle is likely that bitcoin is just too small for a serious botnet guy to make any money off of and do anything with.  As it grows the profit potential only grows larger.

[knightmb]

The point being, listing out a bunch of AND AND AND's proves nothing.  You're quite right that it has to be economical, we just simply disagree that something like this isn't potentially extremely economical.  The biggest hurdle is likely that bitcoin is just too small for a serious botnet guy to make any money off of and do anything with.  As it grows the profit potential only grows larger.

The ANDS aren't meant to prove anything. They are milestones for a plan that give a probable difficulty in reach each milestone in anecdotal form. Meaning, if my goal was to buy up the world's gold supply. The plan would be as simple as step 1, buy all the gold, step 2, I have all the gold. But we know there would be a lot of steps in between to achieve that goal.

This topic had a 5 step plan for the goal on how to profit from a Bit Coin attack using a Bot Network and filling in the in-between stuff just further documents the difficulty in it, that's all. 

But I know what you mean and I agree, the botnet guys are making enough money not to really care about a Bit Coin scam at the moment.

[grondilu]

Why does it seem to me that botnets would do nothing but improving the security of the network ??

I mean those guys controlling those botnets would earn money by mining, but I doubt they could steal anyone.

[kiba]

Compromising the bitcoin network is the fastest way to make your investment in a botnet worthless. Better to just mine it and sell it for bitcoins.

[ByteCoin]

Bitcoin currently provides excellent security guarantees against forgery or other tampering but no effective countermeasures against spamming or other denial of service attacks. Spamming the network with valid transactions at 1MB per second results in a disc usage of at least 2TB per month.  This would cause probably all hash generation to stop after a couple of months. What would happen subsequently is less certain.

Possibly if the attackers ramped their spamming up slowly then people would sell their Bitcoins just before they stopped their client and deleted the transaction data taking up all their disc space. This would drive the price of Bitcoins down and the attackers could buy them cheaply. Then a client more resistant to spamming is released (such as a client using "balance sheets" ). Harmony is restored and the value of Bitcoins soars to its normal level!

ByteCoin

[MoonShadow]

Bitcoin currently provides excellent security guarantees against forgery or other tampering but no effective countermeasures against spamming or other denial of service attacks.

Sure it does, the transaction fee schedule is written with the purpose of limiting DOS attacks upon the network by making compunding transactions increasingly expensive, without actually prohibiting them.  Not only does this make DOS/spamming the network prohibitively expensive for the attacker, it also provides an incentive for honest clients to throttle their transactions whenever the network is loaded down (delaying additions to blockchain, not preventing them) as well as provide an additional incentive for generators to accept the burdens.

Kids these days, always thinking that their revelations are original.

[ByteCoin]

Sure it does, the transaction fee schedule is written with the purpose of limiting DOS attacks upon the network by making compunding transactions increasingly expensive, without actually prohibiting them. 

The current fee structure is acknowledged to be tentative and I had assumed that in order for the system to work properly as the transactions ramp up, the fees would mostly be scrapped. The current fee system for example actually encourages abuse by block hash generators as follows:

People trying to earn money hashing blocks have an incentive to spam the network with enough small transactions (1 in and 1 out) to fill up the 50kb "small transactions are free" limit. If any real users of Bitcoin want their transactions to go confirmed then they have to pay the 0.01 fee to get them included in the next block in preference to the spam transactions. The cumulative fees reward the block hashers for their spamming.

When fees start to be effectively mandatory under the above scheme, some interesting cases need to be handled. For example, if someone tries to buy something expensive that they need urgently with bitcoin but they don't include a fee, can they then reissue the transaction with the fee, using the same coins or will the network regard the original unfeed transaction as having already spent them?

ByteCoin

[caveden]

People trying to earn money hashing blocks have an incentive to spam the network with enough small transactions (1 in and 1 out) to fill up the 50kb "small transactions are free" limit. If any real users of Bitcoin want their transactions to go confirmed then they have to pay the 0.01 fee to get them included in the next block in preference to the spam transactions. The cumulative fees reward the block hashers for their spamming.

The only reason why you can make free transactions so far is because the only client that exists doesn't allow the user to specify transaction fee rules.
If people generating could specify their own rules regarding fees, they wouldn't accept transactions with no fees (ok, there are always the exceptions, but they would be few...)

So, in the future, we may expect that all transactions will have to pay fees anyway.

[MoonShadow]

Sure it does, the transaction fee schedule is written with the purpose of limiting DOS attacks upon the network by making compunding transactions increasingly expensive, without actually prohibiting them. 

The current fee structure is acknowledged to be tentative and I had assumed that in order for the system to work properly as the transactions ramp up, the fees would mostly be scrapped.

I doubt it, more likely it will just be extended as neccessary.

The current fee system for example actually encourages abuse by block hash generators as follows:

People trying to earn money hashing blocks have an incentive to spam the network with enough small transactions (1 in and 1 out) to fill up the 50kb "small transactions are free" limit. If any real users of Bitcoin want their transactions to go confirmed then they have to pay the 0.01 fee to get them included in the next block in preference to the spam transactions. The cumulative fees reward the block hashers for their spamming.

This assumes a static fee schedule.  If such a thing started to become a problem, the fee schedule could be altered to deal with it; perhaps even in an automatic fashion like the difficulty level.

When fees start to be effectively mandatory under the above scheme, some interesting cases need to be handled. For example, if someone tries to buy something expensive that they need urgently with bitcoin but they don't include a fee, can they then reissue the transaction with the fee, using the same coins or will the network regard the original unfeed transaction as having already spent them?

Interesting situation, but it's not likely to matter.  If a transaction needs to be included in a block, the design allows the client to issue a fee anyway, which encourages that transaction to be included in any generator's block that sees it.  And unfeed transactions might have to wait until a less busy block to be included, but don't disappear.  Re-issuing a transaction with a fee would be another transaction.  If you desperately need your transaction processed, in a Bitcoin future, you are likely to click the "add a fee" option.  If you are sending money to someone who trusts you, to someone for which you can wait for the processing, or as a gift/donation; there is no need to pay a fee.  This is a major advantage of Bitcoin over other methods of electronic payment.

[MoonShadow]

People trying to earn money hashing blocks have an incentive to spam the network with enough small transactions (1 in and 1 out) to fill up the 50kb "small transactions are free" limit. If any real users of Bitcoin want their transactions to go confirmed then they have to pay the 0.01 fee to get them included in the next block in preference to the spam transactions. The cumulative fees reward the block hashers for their spamming.

The only reason why you can make free transactions so far is because the only client that exists doesn't allow the user to specify transaction fee rules.
If people generating could specify their own rules regarding fees, they wouldn't accept transactions with no fees (ok, there are always the exceptions, but they would be few...)

So, in the future, we may expect that all transactions will have to pay fees anyway.

Yes, but that future is a long way off.  Likely we will all be long dead.

[ByteCoin]

You seem to be holding two mutually contradictory postions, creighto.

On the one hand, in response to my observation that hashers are rewarded for using up the free transaction quota, you reply that the fee schedule could be altered to discourage it. On the other hand in your response to caveden you imagine that fees will not be charged for all transactions until we're all long dead.

For this to be true one or more of the following would have to occur:

• Bitcoin ceases before fees are levied on all transactions.
• We all die rather sooner than we expect!
• Hashers will forever altruistically refrain from maximising their profit and nobody uses Bitcoin for data storage/distribution purposes.

Please explain.
Ok perhaps not all transactions would have fees but the free ones would immediately be used up by the hasher spam so effectively all transactions would need fees.

The point I was making about buying something expensive urgently is the following:
Suppose I have 90 BTC. My friend is in desperate need of 50 BTC so I send it to him without including a fee. All the "free" transactions in the block are taken and, as it doesn't include a fee it's not included in the block. I realize my mistake and would like to cancel the transaction and am willing to reissue it with a 10BTC fee payment to get it in the next block for sure. However, I don't think I can do that as I've already spent the 50BTC and I only have 40 left. There may be a workaround for this. What is it?

More fundamentally, let's say someone for whatever reason spams the network with lots of transactions with no fee at 1MB per second. Most of the transactions don't get into blocks because they don't have the necessary fee, but they are not forgotten! They have to persist in all the clients to try to get into the next block. Are they stored on disc? If they are stored in memory then the client consumes memory at 3.6 GB every hour! If they are stored on disc then it's the same problem as if they were hashed in the block chain.

Unless there is a scheme for forgetting transactions that have insufficient fee then it's still a big problem. I said that Bitcoin doesn't have effective countermeasures against spamming. I think I have shown that fees are not effective and that the current fee schedule make the problem worse, not better.


ByteCoin

[grondilu]

More fundamentally, let's say someone for whatever reason spams the network with lots of transactions with no fee at 1MB per second. Most of the transactions don't get into blocks because they don't have the necessary fee, but they are not forgotten! They have to persist in all the clients to try to get into the next block. Are they stored on disc? If they are stored in memory then the client consumes memory at 3.6 GB every hour! If they are stored on disc then it's the same problem as if they were hashed in the block chain.

Unless there is a scheme for forgetting transactions that have insufficient fee then it's still a big problem. I said that Bitcoin doesn't have effective countermeasures against spamming. I think I have shown that fees are not effective and that the current fee schedule make the problem worse, not better.

ByteCoin

I don't understand everything but somehow I have the feeling that what ByteCoin says is not completely rubish.

Could someone examin all this seriously and make a clear report ?  Ideally it would be Satoshi but I guess he can't be everywhere.


PS.  I think there is an intrinsic limit to the number of transactions per second.  I guess it was in order to resist this kind of attack.

[caveden]

The only reason why you can make free transactions so far is because the only client that exists doesn't allow the user to specify transaction fee rules.
If people generating could specify their own rules regarding fees, they wouldn't accept transactions with no fees (ok, there are always the exceptions, but they would be few...)

So, in the future, we may expect that all transactions will have to pay fees anyway.

Yes, but that future is a long way off.  Likely we will all be long dead.

Why?
That would happen as soon as there is a client that allows the user not to add transactions with no fees to the block it generates.