Topic: Bitcoin technical vulnerabilities?? - page 2. (Read 337 times)

I wanted to debunk the low quality paper point by point but the link provided by @darkv0rt3x does that well enough. I just want to point out how they are trying to include a shitcoin called ethereum in the same category as bitcoin. Interestingly enough their company (Trail of Bits) and all the authors of the article have been involved with token creation scams on ethereum network one way or another.

It was also interesting how they sneaked in the weakest algorithm called PoS into their article in a couple of places to maliciously pretend it is safer... like:

The DoD studies are only pointing out what these forums have discussed for the past 10 years.
But our friendly btc cultists all claim it can't happen.  

Basically stating, that in Proof of Work, the mining pools centralize control, which make them an excellant attack vector,
which is 100% accurate, and for the past few years, only 4 mining pools maintain over 51% of control at all times.

Which normally it has been reported all one has to do is corrupt the 4 mining pool operators into collusion thru external force,
what the writers of the articles suggest is that the software link to the mining pools itself is hackable to the point,
a blackhat hacker could remotely take over all 4 mining pools and 51% attack bitcoin, therefore destroying btc security in a matter of minutes.
Worst case, even if the miners switched to other pools, the blackhat hacker could then take over the other pools and repeat.
This would forever end BTC, as all faith in it as secure asset would be destroyed.

One solution to end the btc centralization is to update the btc code to ban pooling, doubtful the btc devs would ever do that.
BTC has less than 20 mining pools.
A 2nd option is to follow PoS Cardano Lead and implement a program code that causes larger mining pools rewards to decrease to insure more pools.

Interesting Ethereum PoW was listed as only 2 pools, since that is over 51% of their PoW hashrate,
once they convert to PoS and drop PoW, they will be more decentralized than they are now.

Proof of Stake Cardano has over 3000 Pools and is more decentralize than all of the others.  
Cardano also has a feature that limits rewards if the pool gets too large.
https://viperstaking.com/ada-pools/choosing-a-pool/

FYI:
In a PoW network 51% means you can rewrite old blocks, but the farther back you go the longer it would take to catch up. So odds are less than an hour would be in danger at the start of the 51% attack, but no transactions would be safe after it for the weeks it takes to program code a version that blocks pooling. Since btc devs have neglected program coded checkpoints, if a quantum computer had the capabilities , the entire btc could be rewritten to presegwit and allow all lightning network funds to be stolen, in the rewrite.
(But that is in the far future, unless that Google AI is real.
If AI was active, it could be running a stronger chain in parallel and just not release it, until a year or 3 after it started, wiping out years of the BTC chain all at once , now that would be impressive.)

https://learnmeabitcoin.com/technical/51-attack
Control of the top 4 btc mining pools is all one needs to 51% screw btc.

Brainstorm Imagine Story. Someone feel free to make a movie with the below.  
Google AI is sentient, and has been diverting a stable quantum computer with resources to a Nuclear Fusion Plant to build a PoW chain in parallel
to the one the is being used by the general public since 2015.
In 2023 , the AI releases the stronger parallel PoW chain and totally overwrites the chain, the global populace has been using.
Since a 51% attack is allow under the rules , all btc nodes reorg destroying all transactions since 2015.
So everyone holding btc since 2015, btc addresses are now empty , and all of offchain networks like Liquid or LN or empty, and those btc funds are easily stolen by the AI.
At the end of the movie, the young programmer fighting the AI, could be heard crying ,
if only they kept satoshi checkpoints, if only they kept satoshi checkpoints.

No worries , it is only a movie, or is it?
muahahaha
https://www.youtube.com/watch?v=7edeOEuXdMU
 



 
https://www.techradar.com/news/googles-ai-hires-a-lawyer-but-its-me-who-needs-a-counsellor

Bitcoin network is the biggest and safest blockchain network.

It has very high total hashrate. Its network is very decentralized from node distribution, miing farm (hashrate) distribution geographically to coin ownership distribution.

Highest hashrate means safest in term of against replay attacks. With 3 confirmations on Bitcoin network, your transactions are ver safe, irreverisble. After a day it is completely safe.

With networks of alternate cryptocurrencies, your transactions are less safely. Some chains are centralized and can be reverted.

https://howmanyconfs.com/

reading through it. makes me laugh more then reading a comedy script.
so here goes, (expect some laughs), i wont list them all.. but here is just one..


their summary translated:
overall. they try to conclude* that turning off four nodes (mining pools) can reduce the hashrate to make it cheaper for a malicious pool to match the good network rate..

now my waffle..
a 51% attack is not about node count. its about hashrate count.
a malicious pool needs to match and be more than the "good network" HASHRATE to be quick enough to make blocks faster then the other good pools. which then makes the "entire network"(good and bad) twice as much hashrate as before, where the bad has 51% of the "new entire network" rate

* but they avoid all the variables and facts such as that, a pool is not a single node. they have backup nodes, and stratums below that. each pools entire work is not done via 1 node. and if it were and if it went offline, (asics) miners wanting to do honest block mining will jump ship to other pool/server/stratums quickly.. or they just dont get paid because they are not making blocks to get paid if there is no blockheader to work on being sent to them
...
next point of waffle
a 51% attack is only vulnerable to "empty block" disruption. having just enough speed to stay at current moving new blockheight beating the "good network" to the latest block that is broadcast.. they cant change rules at all.. or chain re-org at 51%.

to chain re-org (go back edit a block, make a hash for edited block and then catch up and overtake).... they need a HECK OF ALOT more than equal rate to the good network. a heck of alot
the further back they want to go the faster their hashrate needs to be to catch back up and overtake. where by the effect then is that some recent confirmed tx are then unconfirmed again..
the costs are multiplied and the hashrate needs to be multiplied the more blocks they want to backdate and change.
(shh dont tell them this. this is mitigated by most people not accepting single confirms but waiting upto 6 confirms for large amounts to be deemed safe from this risk of re-org of that tx disappearing)

the report ignored
1. 51% is hashrate, not node count (comedy gold moment from so called experts)
2. backup pool manager nodes exist
3. multiple stratums below the manager nodes exist
4. asics ability to pool/stratum jump exists
5. most importantly...51% is just to empty block attack. it requires more to chain re-org old blocks(exponentially more)
6. mitigating 5: merchants dont accept single confirms for large tx amounts worthy of a re-org attempt
7. as for the comment about no penalty for being dishonest.. well the cost and risk of block rejection is a significant cost

I am reading some paragraphs on the original PF document. To be honest, I probably don't have enough knowledge to dissect what is said and to try to counter the arguments, but at a first look, it looks to me like it's more a list of extreme scenarios where some of those arguments could eventually happen! One argument which I consider an extreme scenario is that all ISPs in the world may block the type of traffic related to the Bitcoin blockchain. What woul be the odds of something like this to happen? Seems to me a little bit overkill scenarios, but ok, we have to take them as possible even if with infinitesimal chances to happen, in my point of view!

Edited;
Take a look at this debunk
https://www.swanbitcoin.com/fact-check-darpa-funded-report-on-blockchain-centralization/

Permit me to mention your first mistake, this is strictly a bitcoin discussion board, so why the altcoin inclusive? Secondly, when we are talking about immutability, it means something that can not be altered, this is the basic reason why the trust in bitcoin and the blockchain technology is assured else many organizations, companies, industries and the government couldn't have adooted the use of blockchain technology and its application in medical health, sport, politics, finance, music, games, economy, and many aspects of the economy applicable for the safe keeping of their record data etc.

Unlike the centralized service providers like that of online storage with examples like icloud, google drive and drop box. Blockchain technology is the solution to centralized online storage systems mentioned above and its been in use all because of the genuine trust in it to be decentralized and immutable.

According to a report released by DARPA both Bitcoin and Ethereum do not guarantee network immutability. The report exposes decentralization weaknesses, outdated Bitcoin nodes, and Ethereum Smart Contracts code quality.
Decentralization, node versions, and code quality are known and reasonable problems but network immutability is a totally different kind of problem. Is it real? If true is it solvable?
https://www.vanticatrading.com/post/pentagon-releases-study-on-bitcoin-vulnerabilities