|
Dusty
|
 |
March 31, 2012, 09:48:52 AM |
|
@eleuthria
I'm unable to follow all of your explication, can you please try to be more schematic?
I would like to be able to completely understand what's happened.
For example, when you say "those transactions" you are referring to which ones? (in the previous part of the sentence you refer to two blocks)
Thanks for any help
|
|
|
|
eleuthria
Legendary
 Offline
Activity: 1750
Merit: 1007
|
|
March 31, 2012, 09:55:02 AM
Last edit: March 31, 2012, 10:25:10 AM by eleuthria |
|
@eleuthria
I'm unable to follow all of your explication, can you please try to be more schematic?
I would like to be able to completely understand what's happened.
For example, when you say "those transactions" you are referring to which ones? (in the previous part of the sentence you refer to two blocks)
Thanks for any help
There was about a 1 hour gap on the network finding any blocks, between block 173691 and 173692. Eventually two blocks were found, 173692 and 173693, by 24.215.140.209 and 176.9.142.163 respectively. These were "legit" blocks, at least as far as the 1tx miner is concerned. Each block included transactions that had taken place on the network. Roughly 20 minutes after 173693 was found, 3 new blocks appeared, starting with 173692, and ending in 173694, all from 71.123.170.150. These blocks only contained 1tx each. Since this was the new longest chain, it orphaned the two "legit" blocks found earlier, removing the confirmations that transactions received in those two blocks [since the new chain doesn't have any confirmations on those transactions]. Because of this, there was an almost 2 hour gap where no transactions received any confirmations, due to the 1tx miner orphaning legit blocks with their chain. EDIT/UPDATE: My real problem with this is that it appears to be a deliberate orphaning of the chain. 173692 and 173693 were found roughly 20 minutes before 71.123.170.150's blocks showed up on the network. |
RIP BTC Guild, April 2011 - June 2015
|
|
|
phelix
Legendary
Offline
Activity: 1708
Merit: 1020
|
|
March 31, 2012, 10:04:38 AM |
|
from blockchain.info: 173695 2012-03-31 09:03:10 00000000000005d0694f4e54fd2daad79706a5e358ea3cdd851a633f60ff11e1 Deepbit 135 48.97
173694 2012-03-31 08:51:39 00000000000005f522ef55d886f7d3079b9dac8ccf308f39efb661296500f131 71.123.170.150 1 0.21
173693 2012-03-31 08:04:02 000000000000094fc1141678a449d024cd92d2c2274b375a18653d518fb44b37 71.123.170.150 1 0.21
173693* 2012-03-31 08:25:36 00000000000003ce2c7d3a00f85052813e0eee410718d4d76c76760bb24b5636 176.9.142.163 46 26.25
173692* 2012-03-31 08:24:11 000000000000033dac27e334fb75a408ae9031524d26a80210a24b6825010b33 24.215.140.209 127 53.36
173692 2012-03-31 08:02:19 000000000000075b07cedb3d847b4f03b15099adc132a183b47a9996bee4cb62 71.123.170.150 1 0.21
173691 2012-03-31 07:16:08 000000000000092071db660d2d35ac1885467502dcc58580c61bc7a00818e9c2 78.47.187.252 1 0.21
173690 2012-03-31 07:08:10 0000000000000403d626ab4fd0566aef040ce45f01ea2cde6dad8e698e8f7b37 Polmine 79 34.34
this does not look so good |
|
|
|
|
eleuthria
Legendary
Offline
Activity: 1750
Merit: 1007
|
|
March 31, 2012, 10:20:11 AM |
|
from blockchain.info: 173695 2012-03-31 09:03:10 00000000000005d0694f4e54fd2daad79706a5e358ea3cdd851a633f60ff11e1 Deepbit 135 48.97
173694 2012-03-31 08:51:39 00000000000005f522ef55d886f7d3079b9dac8ccf308f39efb661296500f131 71.123.170.150 1 0.21
173693 2012-03-31 08:04:02 000000000000094fc1141678a449d024cd92d2c2274b375a18653d518fb44b37 71.123.170.150 1 0.21
173693* 2012-03-31 08:25:36 00000000000003ce2c7d3a00f85052813e0eee410718d4d76c76760bb24b5636 176.9.142.163 46 26.25
173692* 2012-03-31 08:24:11 000000000000033dac27e334fb75a408ae9031524d26a80210a24b6825010b33 24.215.140.209 127 53.36
173692 2012-03-31 08:02:19 000000000000075b07cedb3d847b4f03b15099adc132a183b47a9996bee4cb62 71.123.170.150 1 0.21
173691 2012-03-31 07:16:08 000000000000092071db660d2d35ac1885467502dcc58580c61bc7a00818e9c2 78.47.187.252 1 0.21
173690 2012-03-31 07:08:10 0000000000000403d626ab4fd0566aef040ce45f01ea2cde6dad8e698e8f7b37 Polmine 79 34.34
this does not look so good 71.123.170.150's reported timestamp on 173692 is 8:02:19. But it wasn't received [per Blockchain.info] until 8:51:50. 71.123.170.150's reported timestamp on 173693 is 8:04:02. But it also wasn't received [per Blockchain.info] until 8:51:50. Basically, neither block was seen on the network until after they had enough blocks to orphan the 173692 & 173693 blocks. The 1tx miner's blocks have had "altered" timestamps in the past [quite frequently actually]. |
RIP BTC Guild, April 2011 - June 2015
|
|
|
Omni
Newbie
Offline
Activity: 42
Merit: 0
|
|
March 31, 2012, 10:27:16 AM |
|
Has the identity of this individual been revealed?
|
|
|
|
|
|
Clipse (OP)
|
|
March 31, 2012, 10:41:04 AM |
|
from blockchain.info: 173695 2012-03-31 09:03:10 00000000000005d0694f4e54fd2daad79706a5e358ea3cdd851a633f60ff11e1 Deepbit 135 48.97
173694 2012-03-31 08:51:39 00000000000005f522ef55d886f7d3079b9dac8ccf308f39efb661296500f131 71.123.170.150 1 0.21
173693 2012-03-31 08:04:02 000000000000094fc1141678a449d024cd92d2c2274b375a18653d518fb44b37 71.123.170.150 1 0.21
173693* 2012-03-31 08:25:36 00000000000003ce2c7d3a00f85052813e0eee410718d4d76c76760bb24b5636 176.9.142.163 46 26.25
173692* 2012-03-31 08:24:11 000000000000033dac27e334fb75a408ae9031524d26a80210a24b6825010b33 24.215.140.209 127 53.36
173692 2012-03-31 08:02:19 000000000000075b07cedb3d847b4f03b15099adc132a183b47a9996bee4cb62 71.123.170.150 1 0.21
173691 2012-03-31 07:16:08 000000000000092071db660d2d35ac1885467502dcc58580c61bc7a00818e9c2 78.47.187.252 1 0.21
173690 2012-03-31 07:08:10 0000000000000403d626ab4fd0566aef040ce45f01ea2cde6dad8e698e8f7b37 Polmine 79 34.34
this does not look so good 71.123.170.150's reported timestamp on 173692 is 8:02:19. But it wasn't received [per Blockchain.info] until 8:51:50. 71.123.170.150's reported timestamp on 173693 is 8:04:02. But it also wasn't received [per Blockchain.info] until 8:51:50. Basically, neither block was seen on the network until after they had enough blocks to orphan the 173692 & 173693 blocks. The 1tx miner's blocks have had "altered" timestamps in the past [quite frequently actually]. What I find amazing, the mystery miner is closing in on 51% each day, he is allready approaching stable 30+% whereas a month ago he was at 15-20% network hashrate. Look at the poolstats here: http://blockchain.info/pools , most of unknown is him and he is also listed under nmcbit,parts of eligius, most of donate@home, and quite possibly under deepbit,slush and the other bigger pools. This could get ouf of hand real fast. |
...In the land of the stale, the man with one share is king... >> ClipseWe pay miners at 130% PPS | Signup here : Bonus PPS Pool (Please read OP to understand the current process)
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
March 31, 2012, 10:53:09 AM |
|
EDIT/UPDATE: My real problem with this is that it appears to be a deliberate orphaning of the chain. 173692 and 173693 were found roughly 20 minutes before 71.123.170.150's blocks showed up on the network.
Is it deliberate? Is is possible the blocks where actually found by bots at the given time and where actually distributed among the p2p network of the botnet. Maybe the node/server that bridges botnet-p2p to bitcoin-exit-node was down and coincidentally not many blocks where found real bitcoin network so the longest chain could taken over by publishing these blocks when that bridge node came back up? Does this make sense at all? |
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
March 31, 2012, 11:04:51 AM |
|
What I find amazing, the mystery miner is closing in on 51% each day, he is allready approaching stable 30+% whereas a month ago he was at 15-20% network hashrate.
My data doesn't support that:  The percentage of 1-tx blocks (measure on a daily basis) hasn't surpassed 20%. EDIT: data since 3/07 2012: chain_id | blocks | mystery_blocks | long_mystery_blocks | txcount
---------+--------+----------------+---------------------+---------
1 | 3768 | 548 | 486 | 160704
so the average is 548.0 / 3768 = 14.5% (or 486.0 / 3768 = 12.9% if we exclude blocks <30s) |
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
jamesg
VIP
Legendary
Offline
Activity: 1358
Merit: 1000
AKA: gigavps
|
|
March 31, 2012, 11:12:29 AM |
|
Sorry for coming in late on this thread, but ... is there some
sort of BIP in the works to enforce stricter rules on block validity ?
This is the first time we have seen anything that could be considered malicious from the Mystery Miner. Most have not considered the 1tx blocks to be malicious in anyway as they help further secure transactions further back in the chain. |
|
|
|
|
|
Bigpiggy01
|
|
March 31, 2012, 11:13:57 AM |
|
Is is possible the blocks where actually found by bots at the given time and where actually distributed among the p2p network of the botnet. Maybe the node/server that bridges botnet-p2p to bitcoin-exit-node was down and coincidentally not many blocks where found real bitcoin network so the longest chain could taken over by publishing these blocks when that bridge node came back up? Does this make sense at all? The way I understand it yes sure. However this is still becoming a real worry for users who'll end up facing unreasonable transaction times compared with the norm and will cause worries about the fundamental architecture of the network and its underlying code. Personally I don't give a toss about who's actually doing the mining even though botnets (if this is one) raise "moral" issues. However not including transactions in the blockchain is just plain fucked up. Maybe a patch or something similar to reject this type of blocks ought to be included in the code as it's A slowing down the system and B apparently also destroying legitimate work, which is in no ones legitimate interest. Some people may start screaming "this is the wild west and we don't want no stinking "regulations"" just think of it as going to a gun fight you can only bring a .22 while several of the other parties arrive carrying assault weapons. All I'm asking for here is that everybody gets to buy a nice piece of whoopass and bring it along if they are so inclined. Would Gavin or any of the other developers care to comment on these recent events? |
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
March 31, 2012, 11:19:58 AM |
|
Is is possible the blocks where actually found by bots at the given time and where actually distributed among the p2p network of the botnet. Maybe the node/server that bridges botnet-p2p to bitcoin-exit-node was down and coincidentally not many blocks where found real bitcoin network so the longest chain could taken over by publishing these blocks when that bridge node came back up? Does this make sense at all? The way I understand it yes sure. However this is still becoming a real worry for users who'll end up facing unreasonable transaction times compared with the norm and will cause worries about the fundamental architecture of the network and its underlying code. What's the norm? It is generally suggested to accept transaction at 6 confirmations. It is also generally known a secure tx can easily take longer than 1 hour. Personally I don't give a toss about who's actually doing the mining even though botnets (if this is one) raise "moral" issues. However not including transactions in the blockchain is just plain fucked up.
Maybe a patch or something similar to reject this type of blocks ought to be included in the code as it's A slowing down the system and B apparently also destroying legitimate work, which is in no ones legitimate interest.
This has been discussed: It can not be done in a safe way, afaik. The problem is identifying such "illegitimate" blocks. There are legitimate 1-tx-blocks (eligius is mining them every day, as luke says). The grey data-series in my chart above reflects possibly legitimate 1-tx-blocks.
Some people may start screaming "this is the wild west and we don't want no stinking "regulations"" just think of it as going to a gun fight you can only bring a .22 while several of the other parties arrive carrying assault weapons. All I'm asking for here is that everybody gets to buy a nice piece of whoopass and bring it along if they are so inclined.
* molecular arming with whoopass |
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
|
Revalin
|
|
March 31, 2012, 11:47:59 AM |
|
Can someone link me to the how to fix this problem thread? Thanks is there some sort of BIP in the works to enforce stricter rules on block validity ? https://bitcointalk.org/index.php?topic=69423.0;alltl;dr: There are two current proposals: 1) change the protocol to require that miners prove they have a copy of the blockchain; 2) change the relay policy to require that miners include a minimum quota of transactions. #1 would probably solve the immediate problem and boot Mystery from the network. #2 is a broader approach which prevents Mystery from just getting a copy of the blockchain and then still not including any transactions. The major objection to #2 is it limits the miners' ability to reject transactions they deem unworthy, eg, insufficient fees paid. Since the network does not appear to be in immediate danger we're still considering solutions. |
War is God's way of teaching Americans geography. --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics. --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g |
|
|
phelix
Legendary
Offline
Activity: 1708
Merit: 1020
|
|
March 31, 2012, 11:58:22 AM |
|
What I find amazing, the mystery miner is closing in on 51% each day, he is allready approaching stable 30+% whereas a month ago he was at 15-20% network hashrate.
My data doesn't support that: The percentage of 1-tx blocks (measure on a daily basis) hasn't surpassed 20%. EDIT: data since 3/07 2012: chain_id | blocks | mystery_blocks | long_mystery_blocks | txcount
---------+--------+----------------+---------------------+---------
1 | 3768 | 548 | 486 | 160704
so the average is 548.0 / 3768 = 14.5% (or 486.0 / 3768 = 12.9% if we exclude blocks <30s) thanks for this fud stopper what about ddosing (unknown) IPs outputting 1TX blocks? I realize the IP changed before. where is bitcoinEXpress with his LOICs ? |
|
|
|
|
nedbert9
Sr. Member
Offline
Activity: 252
Merit: 250
Inactive
|
|
March 31, 2012, 12:05:05 PM |
|
Can someone link me to the how to fix this problem thread? Thanks is there some sort of BIP in the works to enforce stricter rules on block validity ? https://bitcointalk.org/index.php?topic=69423.0;alltl;dr: There are two current proposals: 1) change the protocol to require that miners prove they have a copy of the blockchain; 2) change the relay policy to require that miners include a minimum quota of transactions. #1 would probably solve the immediate problem and boot Mystery from the network. #2 is a broader approach which prevents Mystery from just getting a copy of the blockchain and then still not including any transactions. The major objection to #2 is it limits the miners' ability to reject transactions they deem unworthy, eg, insufficient fees paid. Since the network does not appear to be in immediate danger we're still considering solutions. So, you are saying that if participating botnets modify their operation to never present a threat, but only to leech a significant amount of bitcoin for almost no expense, that developers will never consider this a problem? Hmmmm. |
|
|
|
|
|
Bigpiggy01
|
|
March 31, 2012, 12:07:30 PM |
|
This has been discussed: It can not be done in a safe way, afaik. The problem is identifying such "illegitimate" blocks. There are legitimate 1-tx-blocks (eligius is mining them every day, as luke says). The grey data-series in my chart above reflects possibly legitimate 1-tx-blocks. True, my memory isn't the best at times. It should however be possible to require that all blocks include more than one transaction as per one of the BIP proposals however then we are starting to move into the kind of regulation territory that I believe could quickly become detrimental to the project as a whole (and if this isn't workable with the current code feel free to spank me, I might even enjoy it  ), so this needs handling with extreme care. However I think that most peeps involved in this project as either miners, traders, users or whatever can more or less agree that the playing field has to be level for everyone and that sudden gaps in network service caused by incidents similar to what Eleuthria outlined a few posts back aren't acceptable unless they are caused by network luck, which this one clearly wasn't. Stuff like this is also one of the huge barriers barring bitcoins wider adoption as people should be able to have fairly accurate ideas on when their BTC are where they're supposed to be. Atm I believe that the rule of thumb for transactions reaching 6 confirmations is 45-90min with rare spikes of up to about two hours, clearly that wouldn't have been the case last night which is imo fairly massive theoretical failcake for the project. One of the corner stones in this whole project is it not relying on any kind of central authority apart from "the code". However in order for people to take this as a serious alternative to bank/payment-processor transactions there has to be an extremely consistent "level of service" for lack of a better term. Seeing as one of the worst possible situations with any kind of money/value is not knowing where it is or when it is supposed to arrive. |
|
|
|
molecular
Donator
Legendary
Offline
Activity: 2772
Merit: 1019
|
|
March 31, 2012, 12:15:30 PM |
|
thanks for this fud stopper
your welcome what about ddosing (unknown) IPs outputting 1TX blocks? I realize the IP changed before.
sounds like ostracism or vigilantism to me. that would force people to register their ip with some central authority. not a good idea. |
PGP key molecular F9B70769 fingerprint 9CDD C0D3 20F8 279F 6BE0 3F39 FC49 2362 F9B7 0769
|
|
|
|
finway
|
|
March 31, 2012, 12:34:22 PM |
|
I think the true solution is:
RALLY THE PRICE UP,
BRINGING IN MORE MINERS,
OR WE ARE DEAD.
|
|
|
|
|
bulanula
|
|
March 31, 2012, 12:35:20 PM |
|
I say there is nothing wrong with this guy. Nothing wrong with the code, nothing wrong with the protocol, nothing wrong with anything. Move on folks, the system is perfect ... You know how they say, if it ain't broke then don't fix it !  |
|
|
|
|
|
Revalin
|
|
March 31, 2012, 12:36:03 PM |
|
So, you are saying that if participating botnets modify their operation to never present a threat, but only to leech a significant amount of bitcoin for almost no expense, that developers will never consider this a problem? I'm trying to ensure that miners have to actually perform the work they are paid to do - verify transactions, rather than slow down the whole network as Mystery is doing. It's a solvable problem. Preventing miners from using unethically-sourced compute power is a different problem. I'm sure plenty of people will have a problem with it, but I don't see any way to solve it. If you know a way to distinguish botnets (once they are properly supporting the blockchain) from ethical miners, let us know. |
War is God's way of teaching Americans geography. --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics. --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g |
|
|
|
Revalin
|
|
March 31, 2012, 12:41:39 PM |
|
what about ddosing (unknown) IPs outputting 1TX blocks? I realize the IP changed before. Aside from the ethical problems with attacking someone who is probably not working for Mystery and is just a properly-operating relay node, it's not helpful in the long run. Mystery can just start sending blocks through multiple relays. |
War is God's way of teaching Americans geography. --Ambrose Bierce
Bitcoin is the Devil's way of teaching geeks economics. --Revalin 165YUuQUWhBz3d27iXKxRiazQnjEtJNG9g |
|
|
|
