markm
Legendary
Offline
Activity: 3010
Merit: 1121
|
|
January 06, 2012, 10:13:03 PM |
|
I am not sure why this thread claims it is dead, maybe it just means the original post author has given up on it.
As far as I know the only pool to have so far included it in its roster of merged-mined chains is still slugging away at it and simply does not yet have enough hashing power to defeat the attack. If more people mine it, or join pools that are merged-mining it, at some point possibly honest miners will out-hash the attacker, who can then either be regarded as just a more aggressive than usual and somewhat cuckoo-type ponzi scheme profiteer doing the usual massive initial mining that is already so familiar in other chains.
The option possibly also remains of actually restarting at the genesis block but at the reached difficulty once enough hashing power is aboard.
Luke claims not to have used Eligius hash power in his attack, it seems possible that the reason an entire pool appeared to give up the fight was thinking they were up against Eligius not just one religious fanatic's personal hashing rigs.
-MarkM-
|
|
|
|
Clipse
|
|
January 06, 2012, 10:16:48 PM |
|
I am not sure why this thread claims it is dead, maybe it just means the original post author has given up on it.
As far as I know the only pool to have so far included it in its roster of merged-mined chains is still slugging away at it and simply does not yet have enough hashing power to defeat the attack. If more people mine it, or join pools that are merged-mining it, at some point possibly honest miners will out-hash the attacker, who can then either be regarded as just a more aggressive than usual and somewhat cuckoo-type ponzi scheme profiteer doing the usual massive initial mining that is already so familiar in other chains.
The option possibly also remains of actually restarting at the genesis block but at the reached difficulty once enough hashing power is aboard.
Luke claims not to have used Eligius hash power in his attack, it seems possible that the reason an entire pool appeared to give up the fight was thinking they were up against Eligius not just one religious fanatic's personal hashing rigs.
-MarkM-
He had to use eligius pool because no way in hell does he have enough resources to outdo the blockchain since I combined 80gh onto it at one point and still couldnt compete and he sure as hell doesnt have the finances to top that hashrate albeit only 80gh.
|
...In the land of the stale, the man with one share is king... >> ClipseWe pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
|
|
|
bulanula
|
|
January 06, 2012, 10:20:44 PM |
|
I am not sure why this thread claims it is dead, maybe it just means the original post author has given up on it.
As far as I know the only pool to have so far included it in its roster of merged-mined chains is still slugging away at it and simply does not yet have enough hashing power to defeat the attack. If more people mine it, or join pools that are merged-mining it, at some point possibly honest miners will out-hash the attacker, who can then either be regarded as just a more aggressive than usual and somewhat cuckoo-type ponzi scheme profiteer doing the usual massive initial mining that is already so familiar in other chains.
The option possibly also remains of actually restarting at the genesis block but at the reached difficulty once enough hashing power is aboard.
Luke claims not to have used Eligius hash power in his attack, it seems possible that the reason an entire pool appeared to give up the fight was thinking they were up against Eligius not just one religious fanatic's personal hashing rigs.
-MarkM-
He had to use eligius pool because no way in hell does he have enough resources to outdo the blockchain since I combined 80gh onto it at one point and still couldnt compete and he sure as hell doesnt have the finances to top that hashrate albeit only 80gh. If you had the personal $$$ to get 80 ghash then how do you know he also doesn't have the $$$ needed as well ? Fail yet again. Please post concrete evidence next time before making random statements.
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
January 06, 2012, 10:32:24 PM |
|
I am not sure why this thread claims it is dead, maybe it just means the original post author has given up on it.
As far as I know the only pool to have so far included it in its roster of merged-mined chains is still slugging away at it and simply does not yet have enough hashing power to defeat the attack. If more people mine it, or join pools that are merged-mining it, at some point possibly honest miners will out-hash the attacker, who can then either be regarded as just a more aggressive than usual and somewhat cuckoo-type ponzi scheme profiteer doing the usual massive initial mining that is already so familiar in other chains.
The option possibly also remains of actually restarting at the genesis block but at the reached difficulty once enough hashing power is aboard.
Why not just use a checkpoint to reject his alternate chain? It still exists in your blockchain file afaik... Then on, experiment with rejecting reorgs deeper than 5 blocks as a default option (where the other manually-selectable choices are to shutdown on attempted reorg, or to just reorg as usual). Then Luke will be limited to rolling back no more than 5 blocks at a time, and you can consider any transaction 6 deep to be safe.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
Clipse
|
|
January 06, 2012, 11:55:46 PM |
|
I am not sure why this thread claims it is dead, maybe it just means the original post author has given up on it.
As far as I know the only pool to have so far included it in its roster of merged-mined chains is still slugging away at it and simply does not yet have enough hashing power to defeat the attack. If more people mine it, or join pools that are merged-mining it, at some point possibly honest miners will out-hash the attacker, who can then either be regarded as just a more aggressive than usual and somewhat cuckoo-type ponzi scheme profiteer doing the usual massive initial mining that is already so familiar in other chains.
The option possibly also remains of actually restarting at the genesis block but at the reached difficulty once enough hashing power is aboard.
Luke claims not to have used Eligius hash power in his attack, it seems possible that the reason an entire pool appeared to give up the fight was thinking they were up against Eligius not just one religious fanatic's personal hashing rigs.
-MarkM-
He had to use eligius pool because no way in hell does he have enough resources to outdo the blockchain since I combined 80gh onto it at one point and still couldnt compete and he sure as hell doesnt have the finances to top that hashrate albeit only 80gh. If you had the personal $$$ to get 80 ghash then how do you know he also doesn't have the $$$ needed as well ? Fail yet again. Please post concrete evidence next time before making random statements. The cat in the hat sat on the mat.
|
...In the land of the stale, the man with one share is king... >> ClipseWe pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
|
|
|
Schwede65
|
|
January 07, 2012, 12:02:47 AM |
|
Why not just use a checkpoint to reject his alternate chain? It still exists in your blockchain file afaik... Then on, experiment with rejecting reorgs deeper than 5 blocks as a default option (where the other manually-selectable choices are to shutdown on attempted reorg, or to just reorg as usual). Then Luke will be limited to rolling back no more than 5 blocks at a time, and you can consider any transaction 6 deep to be safe.
why not set the default-option to 1? then all mined blocks are irreversible and save
|
|
|
|
jojkaart
Member
Offline
Activity: 97
Merit: 10
|
|
January 07, 2012, 12:20:57 AM |
|
Why not just use a checkpoint to reject his alternate chain? It still exists in your blockchain file afaik... Then on, experiment with rejecting reorgs deeper than 5 blocks as a default option (where the other manually-selectable choices are to shutdown on attempted reorg, or to just reorg as usual). Then Luke will be limited to rolling back no more than 5 blocks at a time, and you can consider any transaction 6 deep to be safe.
why not set the default-option to 1? then all mined blocks are irreversible and save That would mean the chain would fork into 2 chains every few days spontaneously. Sometimes two different continuation blocks are found very close to each other and if everyone sticks to the one they got first, it means the network ends up split into two forks.
|
|
|
|
Schwede65
|
|
January 07, 2012, 12:45:18 AM |
|
Why not just use a checkpoint to reject his alternate chain? It still exists in your blockchain file afaik... Then on, experiment with rejecting reorgs deeper than 5 blocks as a default option (where the other manually-selectable choices are to shutdown on attempted reorg, or to just reorg as usual). Then Luke will be limited to rolling back no more than 5 blocks at a time, and you can consider any transaction 6 deep to be safe.
why not set the default-option to 1? then all mined blocks are irreversible and save That would mean the chain would fork into 2 chains every few days spontaneously. Sometimes two different continuation blocks are found very close to each other and if everyone sticks to the one they got first, it means the network ends up split into two forks. before the splitting: the networks has to decide: one is orphan and the other counts and is o.k. when there are three, then 2 orphans, 1 o.k., whats the prob?
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
January 07, 2012, 01:13:12 AM |
|
Why not just use a checkpoint to reject his alternate chain? It still exists in your blockchain file afaik... Then on, experiment with rejecting reorgs deeper than 5 blocks as a default option (where the other manually-selectable choices are to shutdown on attempted reorg, or to just reorg as usual). Then Luke will be limited to rolling back no more than 5 blocks at a time, and you can consider any transaction 6 deep to be safe.
why not set the default-option to 1? then all mined blocks are irreversible and save That would mean the chain would fork into 2 chains every few days spontaneously. Sometimes two different continuation blocks are found very close to each other and if everyone sticks to the one they got first, it means the network ends up split into two forks. before the splitting: the networks has to decide: one is orphan and the other counts and is o.k. when there are three, then 2 orphans, 1 o.k., whats the prob? There is no "THE NETWORK" just individual nodes. So if half the network (or some part of it) propogates block A and the protocol locks it and it can't change (the definition of a checkpoint). The other half of the network (or some part of it) propogates block B and the procotcol locks it and it can't be changed (the definition of a checkpoint). Now neither have of the network can reconcile w/ the other half. Part of the network considers block A canonical and part believes B is and neither will trust the other half. You can't have a system that checkpoints blocks after 1 block.
|
|
|
|
gmaxwell
Staff
Legendary
Offline
Activity: 4284
Merit: 8807
|
|
January 07, 2012, 01:58:18 AM |
|
Why not just use a checkpoint to reject his alternate chain? It still exists in your blockchain file afaik... Then on, experiment with rejecting reorgs deeper than 5 blocks as a default option (where the other manually-selectable choices are to shutdown on attempted reorg, or to just reorg as usual). Then Luke will be limited to rolling back no more than 5 blocks at a time, and you can consider any transaction 6 deep to be safe.
Please stop saying that he's rolling back blocks. He has not reversed any confirmed transactions or performed any double spends. He's just continually producing a longer chain that includes only his own blocks (and doesn't process transactions). You can't use a checkpoint to cut him out because he'll just mine from the top of whatever chain is new can out pace that one too.. not unless you plan on distributing a checkpoint for every block, which makes the system not decentralized at all. DeathAndTaxes is right about the automatic locking— but it's not just one block thats a problem. Say you lock after six. Say I'm mr. mischievous and your network locks the chain after 6 blocks. I get (beg, borrow, steal, build) a bunch of hash power and I mine 12 block— six forking left from some point, six forking right. then I pick a node in Denver and one in Sydney, and I give each one of the forks... what was one currency is now two, as the two halves (closer to denver nodes vs closer to sydney nodes) will never come to agreement— and any coins that existed before can be independently spent on each half. I can even target this attack to isolate single nodes or groups of nodes... and I can repeat it to fragment into ever smaller groups. Locking at one would just make it trivially easy to pull off, but there is no automatic locking height which is technically safe. You can invent fancier schemes, but they all fall to similar race attacks and allow devastating network partitioning.
|
|
|
|
Minor
Member
Offline
Activity: 85
Merit: 10
|
|
January 07, 2012, 02:41:44 AM |
|
In this case, Merged Mining was not a tool, BUT A WEAPON
Think what you wish of Luke-jr's actions, but we did learn something from the coiledcoin fiasco: You can no longer rely on free hashing power from merged mining to instantly make a new alt/scam coin resilient right from launch. Going forward, new alt-coins will have to use incompatible mining schemes, and maybe, just maybe, we'll start seeing some real innovation in alt-coins. BTW one thing that I have been wondering about for a long time is why has none of the alt-coins addressed the issue of the sudden halving of the mining reward after a year or two? Do they not expect their alt-coin to survive long enough to even reach the halving point? (I.e. they are intended as ponzi scams right from the start.) Just do a progressive diminution of reward at every difficulty adjustment, it's not that hard. Then we'll see what effect on mining the reduction of the reward might have. I would even argue that we should try to change bitcoin itself to start using a progressive reduction of the mining reward to avoid the looming discontinuity. We only need to convince the pool operators to switch, they collectively control more than half the hashing power.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
January 07, 2012, 02:45:50 AM |
|
In this case, Merged Mining was not a tool, BUT A WEAPON
Think what you wish of Luke-jr's actions, but we did learn something from the coiledcoin fiasco: You can no longer rely on free hashing power from merged mining to instantly make a new alt/scam coin resilient right from launch. Going forward, new alt-coins will have to use incompatible mining schemes, and maybe, just maybe, we'll start seeing some real innovation in alt-coins. BTW one thing that I have been wondering about for a long time is why has none of the alt-coins addressed the issue of the sudden halving of the mining reward after a year or two? Do they not expect their alt-coin to survive long enough to even reach the halving point? (I.e. they are intended as ponzi scams right from the start.) Just do a progressive diminution of reward at every difficulty adjustment, it's not that hard. Then we'll see what effect on mining the reduction of the reward might have. I would even argue that we should try to change bitcoin itself to start using a progressive reduction of the mining reward to avoid the looming discontinuity. We only need to convince the pool operators to switch, they collectively control more than half the hashing power. Well no you would need to convince 51% of users to update their clients. They would see the altered reward blocks as invalid and reject them and continue to look for valid blocks. You are talking about a breaking fork in the Bitcoin network. Those remaining on old clients would only see "old style" blocks as valid. Thus some miners would remain to continue that chain, support those users, and collect those rewards. The miners and users who switch would be on a seperate incompatible network than Bitcoin. You will never see breaking changes like that.
|
|
|
|
CoinHunter
|
|
January 07, 2012, 03:34:46 AM |
|
The sad thing is , the bitcoin proponents act like this exact thing can't happen to Bitcoin. It is simply a matter of scale. Someone hacks deepbit, someone gets upset at Gavin doing some changes (Luke already has threatened along these lines in developer chats) and expect your Bitcoins to be heading towards $0 USD.
Bitcoin is inherently insecure, all these altcoins (including SolidCoin) have pinpointed most of the flaws. Only one chain (SolidCoin 2) has done anything to address the most serious security issues and that is why we are the only alt chain which hasn't had a major attack on it. Luke and co continue to attempt to lie and attack SolidCoin and get nowhere. It's pretty funny all the fail.
No major investmest is going to happen in Bitcoin because it's inherently insecure. It's like a bank telling it's customers that their money is safe purely because they have 49 guards with guns. Then 51 criminals with guns get together and steals the money. With no other security in place it is just a matter of time before it is attacked. Anyone telling you otherwise is merely trying to scam you by selling security snake oil. The biggest scammers are the people like Luke-Jr and gmaxwell who imply this cannot happen in Bitcoin.
|
|
|
|
ineededausername
|
|
January 07, 2012, 03:37:24 AM |
|
The sad thing is , the bitcoin proponents act like this exact thing can't happen to Bitcoin. It is simply a matter of scale. Someone hacks deepbit, someone gets upset at Gavin doing some changes (Luke already has threatened along these lines in developer chats) and expect your Bitcoins to be heading towards $0 USD.
Bitcoin is inherently insecure, all these altcoins (including SolidCoin) have pinpointed most of the flaws. Only one chain (SolidCoin 2) has done anything to address the most serious security issues and that is why we are the only alt chain which hasn't had a major attack on it. Luke and co continue to attempt to lie and attack SolidCoin and get nowhere. It's pretty funny all the fail.
No major investmest is going to happen in Bitcoin because it's inherently insecure. It's like a bank telling it's customers that their money is safe purely because they have 49 guards with guns. Then 51 criminals with guns get together and steals the money. With no other security in place it is just a matter of time before it is attacked.
because everyone knows your centralized architecture is much better, right? Hey, it worked for the Fed. Your users must enjoy the lottery you built in to your shitcoin. I also heard that they're stealing money from the CPF. But whatever, it's not much worse than the Fed, right?
|
(BFL)^2 < 0
|
|
|
CoinHunter
|
|
January 07, 2012, 03:42:45 AM |
|
because everyone knows your centralized architecture is much better, right? Hey, it worked for the Fed. Your users must enjoy the lottery you built in to your shitcoin. I also heard that they're stealing money from the CPF. But whatever, it's not much worse than the Fed, right? Since you're not a programmer or network engineer you probably don't realize a few things. If you think SolidCoin is centralized then Bitcoin is even more centralized. Bitcoin has 3 pools which create 90+% of the blocks. SolidCoin has nowhere near this distribution of block creation being centralized. Game, set, match. I guess.
|
|
|
|
Minor
Member
Offline
Activity: 85
Merit: 10
|
|
January 07, 2012, 03:48:45 AM |
|
I would even argue that we should try to change bitcoin itself to start using a progressive reduction of the mining reward to avoid the looming discontinuity. We only need to convince the pool operators to switch, they collectively control more than half the hashing power.
Well no you would need to convince 51% of users to update their clients. They would see the altered reward blocks as invalid and reject them and continue to look for valid blocks. You are talking about a breaking fork in the Bitcoin network. Those remaining on old clients would only see "old style" blocks as valid. Thus some miners would remain to continue that chain, support those users, and collect those rewards. The miners and users who switch would be on a seperate incompatible network than Bitcoin. You will never see breaking changes like that. You need 51% of the hashing power, not 51% of the users. If you get that 51% from the pools, users that have not switched will see only "invalid" blocks and will soon switch to the new client.
|
|
|
|
casascius
Mike Caldwell
VIP
Legendary
Offline
Activity: 1386
Merit: 1140
The Casascius 1oz 10BTC Silver Round (w/ Gold B)
|
|
January 07, 2012, 04:37:02 AM Last edit: January 07, 2012, 05:04:21 AM by casascius |
|
DeathAndTaxes is right about the automatic locking— but it's not just one block thats a problem. Say you lock after six. Say I'm mr. mischievous and your network locks the chain after 6 blocks. I get (beg, borrow, steal, build) a bunch of hash power and I mine 12 block— six forking left from some point, six forking right. then I pick a node in Denver and one in Sydney, and I give each one of the forks... what was one currency is now two, as the two halves (closer to denver nodes vs closer to sydney nodes) will never come to agreement— and any coins that existed before can be independently spent on each half. I can even target this attack to isolate single nodes or groups of nodes... and I can repeat it to fragment into ever smaller groups.
Locking at one would just make it trivially easy to pull off, but there is no automatic locking height which is technically safe. You can invent fancier schemes, but they all fall to similar race attacks and allow devastating network partitioning.
One of the proposed criteria for deciding on the value of blocks is to favor blocks that have been seen by major stakeholders. That would include exchanges, known pools, operators of known services, who would sign and somehow distribute messages simply acknowledging having seen a block with hash X and that it is the first block it has seen at that height. (Such messages of course would have to be out-of-band of the p2p network as we know it.) An attack chain prepared in secret would never be able to get signed endorsements like this no matter how it was introduced into the network. "Coiled Coin" could try this out, with its creator adding a feature to the P2P protocol that passes around an "I saw this block" message if it's signed by a trusted person, and adding an option where trusted keys can be added. A threshold would be defined, where a block not seen by a percentage of trusted people cannot reorg and replace blocks seen by a percentage who have. Luke can still drive the difficulty of "Coiled Coin" to the moon with empty blocks, but won't be able to replace legitimate blocks mined by others that contain transactions.
|
Companies claiming they got hacked and lost your coins sounds like fraud so perfect it could be called fashionable. I never believe them. If I ever experience the misfortune of a real intrusion, I declare I have been honest about the way I have managed the keys in Casascius Coins. I maintain no ability to recover or reproduce the keys, not even under limitless duress or total intrusion. Remember that trusting strangers with your coins without any recourse is, as a matter of principle, not a best practice. Don't keep coins online. Use paper or hardware wallets instead.
|
|
|
ThiagoCMC
Legendary
Offline
Activity: 1204
Merit: 1000
฿itcoin: Currency of Resistance!
|
|
January 07, 2012, 04:39:50 AM |
|
because everyone knows your centralized architecture is much better, right? Hey, it worked for the Fed. Your users must enjoy the lottery you built in to your shitcoin. I also heard that they're stealing money from the CPF. But whatever, it's not much worse than the Fed, right? Since you're not a programmer or network engineer you probably don't realize a few things. If you think SolidCoin is centralized then Bitcoin is even more centralized. Bitcoin has 3 pools which create 90+% of the blocks. SolidCoin has nowhere near this distribution of block creation being centralized. Game, set, match. I guess. What's your point?! The blocks are of the users of the pools. You're nonsense.
|
|
|
|
DeathAndTaxes
Donator
Legendary
Offline
Activity: 1218
Merit: 1079
Gerald Davis
|
|
January 07, 2012, 04:47:50 AM |
|
I would even argue that we should try to change bitcoin itself to start using a progressive reduction of the mining reward to avoid the looming discontinuity. We only need to convince the pool operators to switch, they collectively control more than half the hashing power.
Well no you would need to convince 51% of users to update their clients. They would see the altered reward blocks as invalid and reject them and continue to look for valid blocks. You are talking about a breaking fork in the Bitcoin network. Those remaining on old clients would only see "old style" blocks as valid. Thus some miners would remain to continue that chain, support those users, and collect those rewards. The miners and users who switch would be on a seperate incompatible network than Bitcoin. You will never see breaking changes like that. You need 51% of the hashing power, not 51% of the users. If you get that 51% from the pools, users that have not switched will see only "invalid" blocks and will soon switch to the new client. No they wouldn't to the user running the legacy client they would see hashing rate falling 51% but still get blocks and confirmations by the remaining 49%. Miners who refused to switch would still sign blocks for the "old bitcoin" network, clients would see those blocks as valid and the network would continue on as "normal". It would be those who made a breaking change which were on their own alt-Bitcoin network. It would be no different than if today you updated miner code to produce a block w/ 100K BTC coinbase reward.
|
|
|
|
k9quaint
Legendary
Offline
Activity: 1190
Merit: 1000
|
|
January 07, 2012, 05:16:43 AM |
|
because everyone knows your centralized architecture is much better, right? Hey, it worked for the Fed. Your users must enjoy the lottery you built in to your shitcoin. I also heard that they're stealing money from the CPF. But whatever, it's not much worse than the Fed, right? Since you're not a programmer or network engineer you probably don't realize a few things. If you think SolidCoin is centralized then Bitcoin is even more centralized. Bitcoin has 3 pools which create 90+% of the blocks. SolidCoin has nowhere near this distribution of block creation being centralized. Game, set, match. I guess. You don't need to be an engineer to realize that Solidcoin2 is controlled by a single individual. There is nothing a user of Solidcoin2 can do about this. Nor do you need to be an engineer to realize that Bitcoin pools are comprised of many individuals. Those individuals can leave those pools at any time and the pool owners will be rendered powerless. Could the pool owners act in concert to disrupt the protocol? Yes. Does all the power in Bitcoin still lie with the users of Bitcoin? Yes. In theory, all bitcoin users can act in concert to change the blockchain any time they see fit. Users of Solidcoin2 exist at the whim of 1 man. P.S. You guessed wrong.
|
Bitcoin is backed by the full faith and credit of YouTube comments.
|
|
|
|