Author

Topic: Altcoins developed to avoid GPU/ASICs equates to being simpler for botnets? (Read 1170 times)

legendary
Activity: 2940
Merit: 1090
The problem is that POS is a centralised system, one guy or one gang has its hand on the lever ready to pull off their heist the moment doing so looks more profitable to them than letting more suckers crowd in...

It is even worse than Solidcoin, which is pretty amazing considering how bad Solidcoin is/was.

Instead of just one trusted node, Solidcoin had 12. Big deal, it is still the same centralised model.

-MarkM-
newbie
Activity: 56
Merit: 0
It is true. QUARK and QUARK-based clones will have no future because they are extremely insecure and vulnerable to such attacks which is very popular and easy to perform. Invest in CPU only: NO

I pay more attention to PoW+PoS coins like Diamond, NovaCoin because they are more secure in the long term
sr. member
Activity: 405
Merit: 250
Well thanks guys for reading my post and telling me what you thought.

I think the coin would be more a POS instead of POW coin. 

I also suppose that I am more interested in what would make a coin "take off" and be adopted widely, but I also realize how robust and unexploitable such a thing needs to be for longterm success.

The only thing that I can think of is to make the coin become popular is by making it more egalitarian.  When everyone has a closer to even stake in the mining of the coin, and not just those with existing capital, it seems like maybe the coin would have something to make it take off/become more adopted.  So many coins seem destined to fail, not just because the # of different coins out there, but because they lack any real innovation.  That and they are frontloaded to help early adopters who already have 15 khash of GPU, or a server farm ready to load up with compiled CPU miners, etc.  This turns a lot of people off.

So I like my idea, I just realize it is a bot-netters dream and I don't think that it problem that is solvable except that luckily botnets infect mainly firewalled systems.  So the stage in my coin where the IP address is verified on the mining of a block would likely kill botnets.  That, or the botnet would have to create a proxy system.

OH well, I'll likely keep the thought in the back of my head, but I realize how much of a project it would be write such a thing.  If anyone ever heads in this direction on a coin, send me a message please.
legendary
Activity: 2940
Merit: 1090
Really though, it seems near impossible to make a coin that could not be run over by throwing more resources at it.  

That is the core of it.

Read up on "51% attack" also known as "50+ % attack".

First you need over half of the CPUs or GPUs or FPGAs securing your chain, or a specialised ASIC that can mine your chain (with other types of ASIC that were designed for other coins not being use-able for your chain.)

That is why it is only recently that Bitcoin started to look secure enough to potentially be able to maybe be secured.

By late 2014 hopefully enough bitcoin-mining ASICs will be deployed defending the Bitcoin blockchain that it might seem reasonable to hope that it should be reasonably unlikely that anyone will be able to mount a successful 51% aka 50+% attack against it.

Until then the sheer lack of security of the blockchain might well explain why Bitcoin's price has managed to keep getting crushed for so many years: it is just too easy to believe that it is still too vulnerable to be a secure store of wealth/value.

Blockchains are insanely, horribly expensive. If you don't have hundreds of millions, maybe billions, to devote to securing them they are simply too impractical for serious use.

You need to be massively higher in hashing power than all the general purpose hardware in the world, so that only special purpose hardware designed specifically for your blockchain can possibly hope to succeed in a 51% aka 50+% attack, and even then you have to worry about how easy it would be for some attacker to gain control of, or build/deploy, as much hashing power specialised to your chain as your chain's devoted defenders can.

-MarkM-
newbie
Activity: 42
Merit: 0
I don't think it's a very good idea.
"Old" miners have no incentive to mine as the reward decreases over time; on the other hand "New" miners will come in and go as the reward decreases.
The result is that there is no incentive to mine and secure the network. It's a bit weird.
Botnet are not always running on servers (usually static ip), they might well run on consumer pcs (usually dynamic ip)
So I don't see how this solution can make a coin botnet resistant and I don't think any project currently uses this strategy.
member
Activity: 70
Merit: 10
I think this is a good path to explore. IP address ranges are maintained by the central authority of IANA and are a very rough proxy for geo-location. Perhaps there might be mechanisms in the future to use geolocation in a reliable way to prevent centralization. Centralization either in terms of control or location. Botnets however are distributed. So the two problems are somewhat perpendicular.
hero member
Activity: 784
Merit: 500
So people would then begin to proxy onto little-used subnets.

Anyway, if foocoin were to make it out into space via satellite or radio transmitting the blockchain the IP address would lose any and all significance.
sr. member
Activity: 405
Merit: 250
IP based coins are retarded because most (both home and business) IP addresses are dynamic. It's very easy for one user to reserve all the coins for his ISP's IP range.

No, thats not the idea.  The idea is that the coin stores every originating/mining IP in the blockchain.  Yes, you can get a new IP address but (at least it used to be) you'll get an IP address in the same 256 IP block typically.  If not, it would typically be something close.  

So when a coin is mined, the block reward is based on however many similar IPs have also mined a coin recently.

The idea would hurt the profitability of cloud mined coins and pool mined coins.  That is because a large amount of coins would come from a similar IP space, and thus be penalized.  Unfortunately it would *HELP* botnets.  Thus, that is why I am trying to bring about discussion that might give me some insight.  When I was running this idea through my head, I hadn't even considered botnets.

Storing a big list of IPs to sort through to calculate the weight problem is not an issue.  If you managed to mine a block and wanted to change your IP, then ok but you'd need to find one away from other miners or your previous subnet. 

There is no 1-to-1 coin-to-IP anywhere in my idea.  My idea would be more like, "well this is the 16th block mined from this subnet in the past 10k blocks, so instead of receiving 200 coins, this will be a 100 coin block."  (as an example)

thoughts?
legendary
Activity: 2058
Merit: 1452
IP based coins are retarded because most (both home and business) IP addresses are dynamic. It's very easy for one user to reserve all the coins for his ISP's IP range.
sr. member
Activity: 405
Merit: 250

I was toying around with the idea of writing yet another coin.  I had a couple of ideas rolling around in my head, one being that the block size is dependent on the uniqueness (for lack of better word) of the originating IP address.  So if you find a block in Amazon cloud, it will be diluted with fewer coins because presumably a lot of other blocks have been found in the corresponding address space.  It would do this by reading a long list of previous IP addresses in the blockchain to calculate a factor.  Since this would depend on the blockchain, I assume it could be enforced algorithmically in code.

This approach has a ton of problems, the biggest one being that the ip4 address space is large and very incongruous.  People have 256 IP blocks all over the place now, so the approach would not work without taking in a large history of originating IPs.  (Not to mention I was not able to come up with a way to insure the originating IP addresses are correct, except by having the network check directly with that IP address..)  I could add DNS records to the algorthm, but that is so easily worked around.

The above approach could work on a theoretical level, except that it would be an invitation for botnets.  We store the miner IP in our blockchain, so we can go back however far to determine locality/incongruity. So we hurt cloud computing, but invite botnets. The one upside is that most home systems are firewalled, so the originating IP verification process would fail when portions of the network try to connect to the host that just mined a block.  Really though, it seems near impossible to make a coin that could not be run over by throwing more resources at it. 

I think having a coin mined by a wider group of people would help greatly with adoption.  A more egalitarian coin. Thoughts ?

I would also like the block to be "claimed" and then reserve a window for the transaction portion to be filled.  This eliminates the orphaned/stale problems we see.  THat 50k/s outbound so many American's (and others?) are stuck with would not be near the problem if a simple packet to claim the block was initially sent on block discovery.  Then the transactions are routed directly to the IP addr and it fills out the block during the allotted window.  Once filled, it propagates the block across the network.

Are there coins that implement anything like this ?  Thoughts ?  I started thinking about it then thought about all the DOS type attacks and so forth.  If you want to use my ideas, please just leave me a message so I can follow your progress/coin.
Jump to: