Author

Topic: Dust outputs redeemable with obvious brain wallet keys, for what? (Read 1097 times)

legendary
Activity: 1260
Merit: 1019
- further spend attempts will not be broadcasted by a node after one of the attempts is included into the mempool
Wrong. Some clients (BitcoinXT?) broadcast conflicting txs.

There are currently still > 5 BTC in the 100 most spammed addresses.  Cleaning them up takes about 70 MB.
1185868 utxo (11.85868000 btc) as for block #365041 according to my set of compromised private keys
(some addresses are compressed, some uncompressed)

There were several suggestion to penalize outputs over inputs when computing the required fee but AFAIK it was never done in the standard bitcoin client.
Miners think about their profits.
We can not force miners to include "normal" transactions and reject "faucet/spam" transactions, because it is economically unreasonable for them
full member
Activity: 217
Merit: 259
If that is the idea, it does not work for reasons:
- further spend attempts will not be broadcasted by a node after one of the attempts is included into the mempool
- people will figure soon that miner have advantage grabbing the outputs and stop trying.

Therefore the attack, if that is the purpose, is pretty lame.

Unfortunately, this attack is still quite successful.  One reason is that even miners spending the 1000 Satoshi outputs will get a lower fee (about 70 bits/kB) than with regular transactions.  So the spammer spent less for the outputs than cleaning them up costs. There are currently still > 5 BTC in the 100 most spammed addresses.  Cleaning them up takes about 70 MB.

The problem is that the dust limit is computed from the mintxfee and some miners have it still set to 10bits/kB.   Also it take much less space and therefore fee to send to 1000 Addresses than it takes to spend from 1000 Addresses.  There were several suggestion to penalize outputs over inputs when computing the required fee but AFAIK it was never done in the standard bitcoin client.
staff
Activity: 3458
Merit: 6793
Just writing some code
If that is the idea, it does not work for reasons:
- further spend attempts will not be broadcasted by a node after one of the attempts is included into the mempool
- people will figure soon that miner have advantage grabbing the outputs and stop trying.

Therefore the attack, if that is the purpose, is pretty lame.
I don't think that was the purpose of the attack. However, there are thousands of those dust transactions, all of them the same size, so the client can just select inputs that haven't already been spent. Even if it double spends, it is still spam that clogs the network, which might be the idea here. Also, why would miners grab the outputs? In order to spend all of those transaction, they need to create a transaction that is larger than 1 Mb and it wouldn't be worth that much. It would be more effective for them to mine other transactions that have higher fees and they can both earn more money and confirm and clear more of the backlog.

I tried to claim those BTC along with another address that was used for spamming but the transaction required a 2.4 BTC fee.
legendary
Activity: 1100
Merit: 1032
If that is the idea, it does not work for reasons:
- further spend attempts will not be broadcasted by a node after one of the attempts is included into the mempool
- people will figure soon that miner have advantage grabbing the outputs and stop trying.

Therefore the attack, if that is the purpose, is pretty lame.

People do not get rich from dollar bills thrown in a street, it does not prevent them from rushing and elbowing.

http://www.sott.net/article/290788-Shanghai-New-Year-stampede-kills-35-after-fake-dollar-bills-thrown-into-crowd
hero member
Activity: 836
Merit: 1030
bits of proof
If that is the idea, it does not work for reasons:
- further spend attempts will not be broadcasted by a node after one of the attempts is included into the mempool
- people will figure soon that miner have advantage grabbing the outputs and stop trying.

Therefore the attack, if that is the purpose, is pretty lame.
legendary
Activity: 1100
Merit: 1032
What is the purpose of creating tons of trivially redeemable outputs?

I see it as an attempt to multiply the spam effects, like throwing cash in the street to create a flash mob.

If many people see they can grab the spam, they will attempt to grab it, creating thousandths of dust collection transactions, which will further clog the network.

If the spammer was sending to a private address and collecting the dust, that would be just two tx.

By sending to a trivially redeemable output, he can expect many tx (1 for the dust creation, then many for the people attempting to grab the dust)

hero member
Activity: 836
Merit: 1030
bits of proof
What is the purpose of creating tons of trivially redeemable outputs?
 
See:
https://blockchain.info/address/162TRPRZvdgLVNksMoMyGJsYBfYtB4Q8tM

Anyone could claim the 0.04 BTC there (at the moment) with a key derivable as SHA256("cat").
Rational miner will claim them for themselves, that however leads to a block stuffed with a big transaction like:
https://blockchain.info/block/000000000000000003dd2fdbb484d6d9c349d644d8bbb3cbfa5e67f639a465fe
since the 0.04 is distributed to hundreds of outputs.

The redemption attempts of non-miner will be included into the mempool by nodes in some non-conflicting combination until they are purged as doublespend.

Is this a troll, a DoS, trying to prove some point or engineered to drive up fees?
Jump to: