Pages:
Author

Topic: Fake block timestamps can cause a temporary fork? (Read 2375 times)

legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
Why would a miner want only half the network to build on their block?

That makes no sense... what is the +2hr timestamp miner trying to accomplish?


It would create a temporary fork and perhaps some confusion. Maybe even break some badly coded bitcoin applications if they do not handle forks well.

No, it really wouldn't, any more than a business-as-usual temporary blockchain race/fork creates confusion or breaks applications. Like the one-block fork we had today.

I wonder if this report is only orphaned blocks that blockchain's nodes had to abandon, or if they are receiving external data to augment this.
legendary
Activity: 1652
Merit: 2311
Chief Scientist
Why would a miner want only half the network to build on their block?

That makes no sense... what is the +2hr timestamp miner trying to accomplish?


It would create a temporary fork and perhaps some confusion. Maybe even break some badly coded bitcoin applications if they do not handle forks well.

No, it really wouldn't, any more than a business-as-usual temporary blockchain race/fork creates confusion or breaks applications. Like the one-block fork we had today.
legendary
Activity: 1120
Merit: 1160
Why would a miner want only half the network to build on their block?

That makes no sense... what is the +2hr timestamp miner trying to accomplish?


It's been known for awhile now that if a miner wishes to find more blocks than their competition - equally get more fees - they have no incentive to broadcast their blocks to more than ~30% of the hashing power. Re-deriving that number from first principles is a nice exercise in applying some basic highschool math to miner incentives. The well-known selfish mining is another example of this principle, albeit in a more advanced - active - context.
member
Activity: 78
Merit: 10
Every block includes a timestamp as set by the miner who mined the block. There is a rule that other nodes reject the block if its timestamp is more than 2 hours in the future. It is a hard limit: if the timestamp is 2:00:01 in the future relative to node time, the node rejects it; if it's only 1:59:59 in the future, the node accepts it.

What happens if a miner finds a block and sets its timestamp exactly 2 hours in the future relative to some accurate time source? Since the clocks of all other nodes are never perfectly synchronized and distributed somewhere around the true time, I would expect that approximately half of the nodes (whose clock is slightly ahead of the true time) accept the block, while the other half will reject and forget it. Half of the miners will accept the block and start building a new block on top of it (with half of the original hash power), the other half will continue working on the previous block. We've got a blockchain fork caused by misbehavior of just one node. One of the two forks will eventually win but, before that, transaction confirmations might be delayed. Did I get anything wrong?

I think when designing a distributed consensus system, such as Bitcoin, one should be cautious about making a decision based on node time. Node time is different at different nodes and this a source of disagreement that potentially destroys consensus. Hopefully just temporarily.



there is a very strong incentive to keep the time relatively precise and well within the two hour timeframe.
legendary
Activity: 3472
Merit: 4801
I like the dice example, there is one small difference though.
If the controversial block was block number 1001 then the miners who initially rejected it (segment B) will continue working on another version of block 1001 while the miners who accepted it will switch to block 1002. That means, for segment B to win, it'll have to produce 2 blocks (1001 and 1002) faster than equally powerful segment A produces one block 1002. This probability is low, and segment B is probably wasting its resources.

There is no long term damage anyway.

If there isn't a second block solved within a few seconds of the first block being broadcast, then within a few seconds nearly all nodes will be within the 2 hour time limit and will accept the new block 1001.  The only way that the network will "split" is if during that small window of time in which some nodes see the new block timestamp as more than 2 hours in the future, another block is broadcast.
legendary
Activity: 965
Merit: 1033
I like the dice example, there is one small difference though.
If the controversial block was block number 1001 then the miners who initially rejected it (segment B) will continue working on another version of block 1001 while the miners who accepted it will switch to block 1002. That means, for segment B to win, it'll have to produce 2 blocks (1001 and 1002) faster than equally powerful segment A produces one block 1002. This probability is low, and segment B is probably wasting its resources.

There is no long term damage anyway.

legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
you're right... was somehow thinking that only Segment "A" would
be the one to successfully extend the chain.  Not sure why I
had that in my head.  Tongue
legendary
Activity: 3472
Merit: 4801
- snip -
If successful, it would split miner resources and cause the next block to be mined at half speed.
- snip -
No, it wouldn't cause the next block to be mined at half speed.
I think he means if a 1 block fork was in fact generated
and split the network 50/50...

I am aware that is what he meant.

Then in that case, I think it would cause the next block to be mined at half speed.

No.

Imagine rolling dice. I give 1 person 2 dice and ask them to roll the dice once per second until they roll at least one '6'. Will it take twice as long (half the speed), if I instead "split the network" and give two people each 1 die, asking then to roll their die once per second until either one of them roll at least one '6'?

Same number of total dice, same target, same average time to success.

With bitcoin: Same total hashes per second, same target hash value, same average time between blocks.
legendary
Activity: 4228
Merit: 1313
- snip -
If successful, it would split miner resources and cause the next block to be mined at half speed.
- snip -

No, it wouldn't cause the next block to be mined at half speed.

I think he means if a 1 block fork was in fact generated
and split the network 50/50... Then in that case, I think
it would cause the next block to be mined at half speed.
 

No.

Both forks would be mining and the total hash rate would remain the same for the sum of the two forks.  So the next block would be mined at the same speed.

It would just be that each fork only had a 50% chance of finding the next block, so if you were looking at just one fork with half the hash rate, it might take an average of double the time for that side of the fork to find the next block.  The other side would also have the same chance.  He is neglecting that there are two forks.


legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political
- snip -
If successful, it would split miner resources and cause the next block to be mined at half speed.
- snip -

No, it wouldn't cause the next block to be mined at half speed.

I think he means if a 1 block fork was in fact generated
and split the network 50/50... Then in that case, I think
it would cause the next block to be mined at half speed.
 
legendary
Activity: 3472
Merit: 4801
- snip -
If successful, it would split miner resources and cause the next block to be mined at half speed.
- snip -

No, it wouldn't cause the next block to be mined at half speed.

legendary
Activity: 1792
Merit: 1111
Every block includes a timestamp as set by the miner who mined the block. There is a rule that other nodes reject the block if its timestamp is more than 2 hours in the future. It is a hard limit: if the timestamp is 2:00:01 in the future relative to node time, the node rejects it; if it's only 1:59:59 in the future, the node accepts it.

What happens if a miner finds a block and sets its timestamp exactly 2 hours in the future relative to some accurate time source? Since the clocks of all other nodes are never perfectly synchronized and distributed somewhere around the true time, I would expect that approximately half of the nodes (whose clock is slightly ahead of the true time) accept the block, while the other half will reject and forget it. Half of the miners will accept the block and start building a new block on top of it (with half of the original hash power), the other half will continue working on the previous block. We've got a blockchain fork caused by misbehavior of just one node. One of the two forks will eventually win but, before that, transaction confirmations might be delayed. Did I get anything wrong?

I think when designing a distributed consensus system, such as Bitcoin, one should be cautious about making a decision based on node time. Node time is different at different nodes and this a source of disagreement that potentially destroys consensus. Hopefully just temporarily.



No rational miner would do this as that will increase the risk of being orphaned.

As an attack, this is also not effective as 1-block fork is already very common.
legendary
Activity: 965
Merit: 1033
Why would a miner want only half the network to build on their block?

That makes no sense... what is the +2hr timestamp miner trying to accomplish?


No obvious benefit to the miner, just a short lived disruption of the network (I don't think it is big enough to qualify for a DoS). If successful, it would split miner resources and cause the next block to be mined at half speed.

The main point here is that relying on node current time is dangerous for consensus. Even if it doesn't cause major trouble, it complicates things. Fortunately the 2h rule is the only place in bitcoin protocol that instructs node to make a decision based on its own clock.
legendary
Activity: 965
Merit: 1033
Yes, it's done in CheckBlockHeader called from CheckBlock preventing the block from being cached.


Great. That means the chances of quick recovery are high.
sr. member
Activity: 467
Merit: 267
Yes, it's done in CheckBlockHeader called from CheckBlock preventing the block from being cached.
hero member
Activity: 572
Merit: 506
Would a node accept once rejected block (as being e.g. 2:00:01 to the future) if another node sends that block again to our node 2 seconds later?
If yes, it looks like this situation will likely be resolved without even orphaning anything. If no, it's much graver, part of the network which initially rejected the controversial block will never accept a fork built on than block.
donator
Activity: 1218
Merit: 1079
Gerald Davis
Orphan blocks are a different case than an 2hr shift. When dealing with bitcoin edge cases are very common and sometimes not very well handled. What if half of the miners rejected the block and half accepted the block due to different local times? Then you would have different parts of the network contributing to different forks which is not as cut and dried as an orphan block. It would not be impossible, though highly unlikely.

That is exactly like an orphan block.

Some of the miners will be working on one block, some on another.   A miner from one group or the other will solve the next block and when they do the network will reorg to a consensus again.   It would do absolutely nothing other than the bad timestamps block may (or may not) become orphaned.   The most direct loser would be the creator of the block as there is a good chance he will lose the mining reward.


There are attacks that can be node with timestamps but they require the victim to be (mostly) isolated from the majority of the network.   Being poorly connected and getting isolated is always an attack vector though.
legendary
Activity: 1302
Merit: 1008
Core dev leaves me neg feedback #abuse #political


Orphan blocks are a different case than an 2hr shift. When dealing with bitcoin edge cases are very common and sometimes not very well handled. What if half of the miners rejected the block and half accepted the block due to different local times? Then you would have different parts of the network contributing to different forks which is not as cut and dried as an orphan block. It would not be impossible, though highly unlikely.

Don't see how its any different than 2 miners finding blocks at the same time and broadcasting them to the network.  Segment "A" and Segment "B" are now forks.  If Segment A is first to find the next block, then the tip of Segment B becomes an orphan and convergence happens. 
sr. member
Activity: 467
Merit: 267
Orphan blocks are a different case than an 2hr shift. When dealing with bitcoin edge cases are very common and sometimes not very well handled. What if half of the miners rejected the block and half accepted the block due to different local times? Then you would have different parts of the network contributing to different forks which is not as cut and dried as an orphan block. It would not be impossible, though highly unlikely.
It's even harder to accomplish because the 2h are relative to the client's current time. As time passes by, a previously rejected block has a higher chance to get accepted.
sr. member
Activity: 349
Merit: 250
Why would a miner want only half the network to build on their block?

That makes no sense... what is the +2hr timestamp miner trying to accomplish?
It would create a temporary fork and perhaps some confusion. Maybe even break some badly coded bitcoin applications if they do not handle forks well.

Temporary forks happen every day (they are often called "orphan" blocks).  Every time two miners (or pools) solve a block at close to the same time, some of the network hears about one block first, while some of the network hears about the other block first.  Bitcoin is designed to work this way, and to adapt properly to the longest fork once another block is found.

Any "badly coded bitcoin applications" are already broken if they don't handle this daily occurrence properly.


Orphan blocks are a different case than an 2hr shift. When dealing with bitcoin edge cases are very common and sometimes not very well handled. What if half of the miners rejected the block and half accepted the block due to different local times? Then you would have different parts of the network contributing to different forks which is not as cut and dried as an orphan block. It would not be impossible, though highly unlikely.
Pages:
Jump to: