CD-RW (OP)
Jr. Member
Offline
Activity: 56
Merit: 22
|
|
May 21, 2011, 01:38:26 PM Last edit: May 21, 2011, 09:41:02 PM by Jeroenz0r |
|
Currently there are 10,000 Bitcoin clients on the IRC server, in the main channel. Since you don't need to see all clients quit/join or get a 10k client list there is now the new system called 'split channel'. This means a client will not join #bitcoin, but it will join #bitcoin xx, where xx is a random number between 00 and 99. It is a great idea and will cut down bandwidth usage a lot for the server and the client! There is one (major) downside for this. What if an attacker would make bots join #bitcoin00 till #bitcoin99, and has OP (@) in all channels? He could lock the channel with a limit of one (+l 1), set a key (+k ywebnxs), or he could even ban everyone (+b *!*@*). This would not work if all the channels would already have people in them, since OP would only be given once to the first one joining. At the moment there are only 6 clients in the #bitcoinxx channels, so it's vulnerable and could be exploited any moment. Possible fix: get some sort of IRC module/script to take control over these channels before an attacker does. This could either by joining the channel and let it de-OP itself, or never give OP in a #bitcoinxx channel. Not fully working but to give you an idea, here is a bit of python script... channel = "#bitcoin" + random.randint(00,99)
# Joins the channel ircsock.send("JOIN "+ channel +"\n")
# Set channel limit to 1 (clients can't join because it is full) ircsock.send("MODE "+ channel +" :+l 1\n")
# Send a message that it has taken over the channel # ircsock.send("PRIVMSG BadDude :I just took "+ channel +"\n) I see you guys found a quick fix: Join channels manually and de-OP yourself there.
|
|
|
|
Matt Corallo
|
|
May 21, 2011, 02:33:37 PM |
|
Ok, so easy fix...people who won't break the chans join now until they have a ton of nodes in them, Ive got 75-99, someone want to grab the rest?
|
|
|
|
Pieter Wuille
|
|
May 21, 2011, 02:39:21 PM |
|
I've got 00-24.
|
I do Bitcoin stuff.
|
|
|
CD-RW (OP)
Jr. Member
Offline
Activity: 56
Merit: 22
|
|
May 21, 2011, 04:26:49 PM |
|
Great! I got 25-49, and 50-74. I would ask you guys to de-OP yourself, and not become OP again.
|
|
|
|
theymos
Administrator
Legendary
Offline
Activity: 5334
Merit: 13301
|
|
May 22, 2011, 02:17:54 AM |
|
Maybe laszlo can set it up so that no one can be an op in those channels.
|
1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1134
|
|
May 22, 2011, 08:24:28 AM |
|
It'll take a long time for people to move across to the new channels. We might as well just switch to DNS instead.
|
|
|
|
CD-RW (OP)
Jr. Member
Offline
Activity: 56
Merit: 22
|
|
May 22, 2011, 09:28:03 AM |
|
Maybe laszlo can set it up so that no one can be an op in those channels.
This would be even better! It'll take a long time for people to move across to the new channels. We might as well just switch to DNS instead.
IRC will be fine, people just need to update faster. Need something like update notice in about window?
|
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1134
|
|
May 22, 2011, 10:02:07 AM |
|
IRC isn't a sustainable discovery protocol anyway. It has lots of problems beyond startup time.
|
|
|
|
Matt Corallo
|
|
May 22, 2011, 10:19:46 AM |
|
IRC isn't a sustainable discovery protocol anyway. It has lots of problems beyond startup time.
Very true. DNSSeed is a much more appealing option, and there are some cool potentials there for faster startup as well.
|
|
|
|
CD-RW (OP)
Jr. Member
Offline
Activity: 56
Merit: 22
|
|
May 22, 2011, 11:05:07 AM |
|
How would one publish his availably to a DNS record then?
|
|
|
|
Matt Corallo
|
|
May 22, 2011, 11:48:16 AM |
|
How would one publish his availably to a DNS record then?
My idea: People still log into the IRC channel as now (so many in the community are so against centralization that they might wish to keep using this for bootstrapping connections, and they have every right to that) and then the DNS Seeds use the list from IRC to check which IPs accept incoming connections. They keep a list and serve DNS records from that list. That way DNS Seeds always have the most up-to-date list of nodes accepting incoming connections to give out to new clients.
|
|
|
|
wumpus
|
|
May 22, 2011, 11:53:20 AM |
|
IRC isn't a sustainable discovery protocol anyway. It has lots of problems beyond startup time.
+1 I think the final straw is that it sets of botnet detectors for some ISPs. The last thing we want is for bitcoin to be classified as botnet
|
Bitcoin Core developer [PGP] Warning: For most, coin loss is a larger risk than coin theft. A disk can die any time. Regularly back up your wallet through File → Backup Wallet to an external storage or the (encrypted!) cloud. Use a separate offline wallet for storing larger amounts.
|
|
|
CD-RW (OP)
Jr. Member
Offline
Activity: 56
Merit: 22
|
|
May 22, 2011, 01:02:26 PM |
|
IRC isn't a sustainable discovery protocol anyway. It has lots of problems beyond startup time.
+1 I think the final straw is that it sets of botnet detectors for some ISPs. The last thing we want is for bitcoin to be classified as botnet Botnets don't have be malicious, think of distributed computing? Matt, what are these DNSSeeds your talking about? Can these be implemented by resolving a DNS record?
|
|
|
|
Pieter Wuille
|
|
May 22, 2011, 01:19:16 PM |
|
Matt, what are these DNSSeeds your talking about? Can these be implemented by resolving a DNS record?
See the -dnsseed option. It uses DNS records that resolve to many IP addresses as seed.
|
I do Bitcoin stuff.
|
|
|
Mike Hearn
Legendary
Offline
Activity: 1526
Merit: 1134
|
|
May 22, 2011, 02:04:19 PM |
|
IRC is also centralized, it just puts control of the network into the hands of the LFnet admins instead of community members who are incentivized to see Bitcoin succeed.
With DNS discovery a few well known domain names resolve to a set of listening IP addresses. The set might be fixed or it might be recalculated every so often based on addr broadcasts. No matter what happens after you bootstrap your node will have its own address list that it will use to get back onto the network, you only need DNS the first time you run it or if all the addresses you heard about previously have gone away.
|
|
|
|
Matt Corallo
|
|
May 22, 2011, 02:06:02 PM |
|
IRC is also centralized, it just puts control of the network into the hands of the LFnet admins instead of community members who are incentivized to see Bitcoin succeed.
Yep, dont remind the community at large . Also, LFnet is just lazslo, though I think most people dont know that which is partially why people don't seem to care about the centralization of the IRC bootstrapping stuff.
|
|
|
|
Pieter Wuille
|
|
May 22, 2011, 02:20:26 PM |
|
IRC is also centralized, it just puts control of the network into the hands of the LFnet admins instead of community members who are incentivized to see Bitcoin succeed.
With DNS discovery a few well known domain names resolve to a set of listening IP addresses. The set might be fixed or it might be recalculated every so often based on addr broadcasts. No matter what happens after you bootstrap your node will have its own address list that it will use to get back onto the network, you only need DNS the first time you run it or if all the addresses you heard about previously have gone away.
Exactly, DNS seeding differs from IRC seeding, since the addresses in it can be edited by the maintainer. But the P2P protocol exchanges IP addresses internally as well, so you could say that the node(s) whose address the DNS seed resolves to plays the role of what used to be the IRC server. Maybe we could make a specialized/simplified P2P node that only tracks accessible addresses (not necessarily keeping addresses open), instances of which could populate the DNS seeds.
|
I do Bitcoin stuff.
|
|
|
Gareth Nelson
|
|
May 22, 2011, 03:16:22 PM |
|
How about a mix of protocols? IRC - across different servers AND channels HTTP - REST API to publish your own IP and get other nodes DNS - do A lookups, dynamic DNS updates Bittorrent - create a torrent that doesn't actually transfer files but serves to hookup bitcoin peers and also helps confuse people with the name
|
|
|
|
Matt Corallo
|
|
May 22, 2011, 04:26:24 PM |
|
How about a mix of protocols?
Why make it so complicated? We already have 3 methods to bootstrap, and if we just do a bit of tweaking on the DNS seed servers, it should solve all the slow-to-bootstrap problems.
|
|
|
|
1bitc0inplz
Member
Offline
Activity: 112
Merit: 10
|
|
May 22, 2011, 04:44:54 PM |
|
IRC isn't a sustainable discovery protocol anyway. It has lots of problems beyond startup time.
+1 I think the final straw is that it sets of botnet detectors for some ISPs. The last thing we want is for bitcoin to be classified as botnet True. My ISP just blocked something yesterday, no connections I setup Tor last night just so I could proxy Bitcoin through it so it could connect. Bitcoin needs to NOT use IRC, IMHO. It's too prone to being taken down by ISPs. I don't know what to tell you guys, but I do know that it's unfortunate that my ISP did what they did. On the bright side, I found out about the wonders of Tor yesterday and am proudly running a relay
|
|
|
|
|