Pages:
Author

Topic: Cheap way to attack blockchain (Read 28257 times)

newbie
Activity: 14
Merit: 0
January 31, 2016, 08:27:25 AM
This attack can be made more effective by exploiting this.  That is, instead of a vanilla OP_RETURN you use the script:

Code:
    OP_RETURN OP_CHECKMULTISIG

This counts as a extra 20 sigOps.  This bug is fixed in 0.12.0 (by making this script non-standard).

Will have a read of this.
hero member
Activity: 784
Merit: 1000
January 26, 2016, 05:25:29 PM
Isn't transaction selection already a NP-hard knapsack problem? What kind of a beast it will become if we throw....computational complexity itself into the mix? "Hmmm, let me  estimate  if I am gonna spend more time processing these transactions or more time doing the estimation..." Roll Eyes
legendary
Activity: 1260
Merit: 1019
sr. member
Activity: 318
Merit: 260
December 19, 2015, 08:17:01 PM
WOW,The day bitcoin starts blacklisting will be the end.

Never blacklist. Just whitelist. I'm not sure why basic reputation scares people here so bad..

There is nothing built in to the block-chain that says a bank is a bank and again, BTC is a currency not a profit system..
newbie
Activity: 1
Merit: 0
December 16, 2015, 10:00:01 PM
WOW,The day bitcoin starts blacklisting will be the end.
sr. member
Activity: 318
Merit: 260
December 15, 2015, 09:58:58 PM
Problem is fees are already arbritrary creating usability issues.. Add more add more problems..

Oh cool I just put my savings in to bitcoin!! Hey what happen to 0.005% of it or why does it get no confirmations.. No refunds wtf?

Bitcoin is suppose to be a currency not a quick-profit-scheme for people who buy the hardware or learn the internals..
full member
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
December 04, 2015, 01:19:51 AM
This attack can be made more effective by exploiting this.  That is, instead of a vanilla OP_RETURN you use the script:

Code:
    OP_RETURN OP_CHECKMULTISIG

This counts as a extra 20 sigOps.  This bug is fixed in 0.12.0 (by making this script non-standard).

interesting thing to see here. i trying to get this script lang down lol
member
Activity: 60
Merit: 10
December 01, 2015, 11:03:04 PM
This attack can be made more effective by exploiting this.  That is, instead of a vanilla OP_RETURN you use the script:

Code:
    OP_RETURN OP_CHECKMULTISIG

This counts as a extra 20 sigOps.  This bug is fixed in 0.12.0 (by making this script non-standard).
legendary
Activity: 2702
Merit: 1261
December 01, 2015, 05:18:59 PM
Do you have a github commit for me to look at?
this link have been posted a number of times in this topic
https://github.com/bitcoin/bitcoin/pull/7081

I use a hard coded limit but this pull request will be more flexible.
full member
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
December 01, 2015, 01:35:32 PM
Do you have a github commit for me to look at?
this link have been posted a number of times in this topic
https://github.com/bitcoin/bitcoin/pull/7081

much simpler then expected :0
legendary
Activity: 1260
Merit: 1019
December 01, 2015, 01:21:22 PM
Do you have a github commit for me to look at?
this link have been posted a number of times in this topic
https://github.com/bitcoin/bitcoin/pull/7081
full member
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
December 01, 2015, 12:47:44 PM
It's not limited to the miners. I operate several relay nodes and patched my nodes to reject those transactions before they are stored in the mempool. With this change my nodes no longer forward transactions with a high number of SIGOPS.

With a mining node I would not reject those transactions but require a high fee.


Do you have a github commit for me to look at?
legendary
Activity: 2702
Merit: 1261
December 01, 2015, 12:45:31 PM
It's not limited to the miners. I operate several relay nodes and patched my nodes to reject those transactions before they are stored in the mempool. With this change my nodes no longer forward transactions with a high number of SIGOPS.

With a mining node I would not reject those transactions but require a high fee.
full member
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
December 01, 2015, 11:29:47 AM
So this will be able to have a fix but requires convincing of the largest pools.

Yes. Miners are able to immediately require higher fees for these transactions or to ignore these transactions when they create blocks.

To me this means it is not a problem with bitcoin concept, but a problem with certain versions of the wallet/mining wallet systems.
legendary
Activity: 2702
Merit: 1261
December 01, 2015, 01:51:52 AM
So this will be able to have a fix but requires convincing of the largest pools.

Yes. Miners are able to immediately require higher fees for these transactions or to ignore these transactions when they create blocks.
legendary
Activity: 3878
Merit: 1193
December 01, 2015, 12:02:19 AM
This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0.  Any miner that does not adopt this policy will still be vulnerable.

A fee per sigop sounds like a good plan too.
member
Activity: 60
Merit: 10
November 30, 2015, 10:23:47 PM
Is fixing of this issue requiring a full 'hard forking'

Fixing the broken sigOp counting method is indeed a hardfork.  It can be fixed when (if?) there is a block-size hardfork, e.g. this is one proposal.

This specific attack can also be mitigated by enforcing a bytes-per-sigop limit (policy change), as was merged into 0.12.0.  Any miner that does not adopt this policy will still be vulnerable.
full member
Activity: 462
Merit: 100
Viarium.io - DECENTRALIZED VR WORLD
November 30, 2015, 04:23:31 PM
Nice security research. Can this attack be made profitable, or is it just DoS?

This "attack" is a nuisance just like the HighS malleability.

Is fixing of this issue requiring a full 'hard forking'

No. As trout already wrote the miners can just take a higher fee for transactions with a large number of SIGOPS.

1) You are missing that miners are interested in fees. They have a right to include/exclude any transaction.

They might be interested in the BTC value, too. So it's interesting for them to include all transactions to preserve the value of their BTC.


So this will be able to have a fix but requires convincing of the largest pools.
hero member
Activity: 900
Merit: 1014
advocate of a cryptographic attack on the globe
November 30, 2015, 12:04:09 PM
Nice security research. Can this attack be made profitable, or is it just DoS?
yes
Aside from someone paying you to DoS. Wink
legendary
Activity: 1260
Merit: 1019
November 30, 2015, 11:59:42 AM
Nice security research. Can this attack be made profitable, or is it just DoS?
yes
Pages:
Jump to: