Pages:
Author

Topic: Flood attack 0.00000001 BC - page 2. (Read 41114 times)

full member
Activity: 158
Merit: 100
August 11, 2010, 02:37:23 AM
#57
BTW, let's test the network someday?
It is trivial to automate the process of sending small transactions to the list of known addresses.
Let's abuse the network and know the effect precisely.

I suppose, we should caution the other users...

You should use the Test network
Test network have test scale.

Hmm, I think the other guys may not ask your permission to abuse the real network next time.
They will just do it.

I'm sure, the Bitcoin is useless if it is vulnerable to such a simple intrusion.
We should prove, that it is sustainable to real world threats. Like me  Grin

Perhaps somebody just experimented already?
sr. member
Activity: 294
Merit: 252
Firstbits: 1duzy
August 10, 2010, 09:53:41 AM
#56
BTW, let's test the network someday?
It is trivial to automate the process of sending small transactions to the list of known addresses.
Let's abuse the network and know the effect precisely.

I suppose, we should caution the other users...

You should use the Test network
full member
Activity: 158
Merit: 100
August 10, 2010, 05:13:30 AM
#55
Does that mean, that my abilities to DDoS the entire Bitcoin network are only limited by my BTC
bying power? And not by the number of my network connections, nodes, etc?

BTW, let's test the network someday?
It is trivial to automate the process of sending small transactions to the list of known addresses.
Let's abuse the network and know the effect precisely.

I suppose, we should caution the other users...
sr. member
Activity: 294
Merit: 252
Firstbits: 1duzy
August 09, 2010, 04:18:42 AM
#54
Are:
1) The transaction fees charged entirely up  to the block processing node?
Or
2) The transaction fees enforced by the network, which would mean that any block that contains an 'invalid' transaction because it did not include the correct fee would be rejected?

lfm
full member
Activity: 196
Merit: 104
August 07, 2010, 12:36:13 AM
#53
Sending 1 BTC back and forth a million times creates a single transaction chain, sending a million transactions of 0.000001 BTC makes a million nearly independant transactions which all must be remembered. Due to the way bitcoin can drop old deeply confirmed transactions the first is far less overhead than the second in the long run. There may be similar network cost but the disk space cost can be greatly reduced for the single chain.

Only if the "dust" is combined back together and confirmed deeply enough again only then can the dust space be dropped.

Does sending 0.1 BTC a million times also create a single transaction? Where is the line when it goes from a single transaction to independent transactions?
Can the line be moved down slightly? Any bad side-effects if it was?

I don't think you understood, it's nothing to do with the size of the transaction. it's the way transactions get split up. If you start with 1 BTC and send 100 x 0.01 transactions to your friend thats 100 transaction chains one step long. He may or may not combine them back together into a single 1BTC transaction but untill he does the net must keep all 100 transactions stored.

If you start with the same 1BTC or 0.01BTC or any single amount and pass it back and forth to your friend 100 times. Its a similar amount of traffic and storage at first but once the last one gets deeply confirmed (ie 6 blocks/1 hr later) you can forget/delete from your disk database all the transactions but the last one. It's the Merkle hash tree pruning stuff in the white paper.
legendary
Activity: 1652
Merit: 2311
Chief Scientist
August 05, 2010, 07:32:49 PM
#52
So I send a transaction of .001 BTC from me to Fred and .000001 BTC from me to A.   I send a different one to B and C.   

Now A, B, and C cannot make a profit by sending that transaction for anyone else to crunch on so if they want to collect they have to process it.

The trick is enforcing the rule that 0.001 only flows from me to fred once and not in each block.
I'm thoroughly confused on what, exactly, you're proposing.

I want to make a 100 Bitcoin transaction to you.

You're proposing that I need to pay a "transmit fee" ... which is paid to who and does what, exactly?

If I pay it to A, B, and C, does that mean they rebroadcast the transaction to everybody they're connected to?  Do they, in turn, pay transmit fees to the nodes they're rebroadcast it to?  What stops them from saying "Thank you very much for the transmit fee" and cheating (drop my transaction on the floor)?

Satoshi's proposal that all transaction carry a minimum fee to cover network overhead makes sense; whoever generates the block with the transaction gets the fee.
sr. member
Activity: 308
Merit: 258
August 05, 2010, 02:43:02 PM
#51
Sending 1 BTC back and forth a million times creates a single transaction chain, sending a million transactions of 0.000001 BTC makes a million nearly independant transactions which all must be remembered. Due to the way bitcoin can drop old deeply confirmed transactions the first is far less overhead than the second in the long run. There may be similar network cost but the disk space cost can be greatly reduced for the single chain.

Only if the "dust" is combined back together and confirmed deeply enough again only then can the dust space be dropped.

Does sending 0.1 BTC a million times also create a single transaction? Where is the line when it goes from a single transaction to independent transactions?
Can the line be moved down slightly? Any bad side-effects if it was?
hero member
Activity: 770
Merit: 566
fractally
August 05, 2010, 01:12:02 PM
#50
The assumption is that you would send variations of the same transaction to different nodes with a tip for working to integrate your transaction.  In order for that node to collect their tip they eventually have to generate a block, but they eventually will anyway.  The tip would be below the amount that would allow said user to "rebroadcast" their transmit fee.  So you don't get recursive transmit fees. 

Say I want to send .001 BTC to Fred.   The cluster is operating at 1billion k/hash/second, then I need to distribute my transactions to enough nodes so that the k/hash/second % of the total is acceptably high for the transaction to get logged within the next N blocks.   

So generating nodes A, B, and C each price their transmit fee proportional to their khash rate.  (how do they prove their khash rate?  total blocks generated over time?)

So I send a transaction of .001 BTC from me to Fred and .000001 BTC from me to A.   I send a different one to B and C.   

Now A, B, and C cannot make a profit by sending that transaction for anyone else to crunch on so if they want to collect they have to process it.

The trick is enforcing the rule that 0.001 only flows from me to fred once and not in each block.



founder
Activity: 364
Merit: 7423
August 05, 2010, 12:49:43 PM
#49
Right now the transaction fee address is left "blank" and the block generator fills it out.
Now you would fill it in with the address of the person you are asking to build the block.  
If you're only going to have one person work on building the block, that could take days.  Oh, do you mean send a different variation to each node with the tx fee written to them?

The way it is now, it's whoever builds this gets it.

If we needed to, we could have a BitTorrent-esque tit-for-tat for transaction broadcast.  Relay paying transactions to me, or I won't relay them to you.  It probably won't be an actual problem though.  It only takes one node relaying like it should to cancel out 7 others greedily not relaying.
hero member
Activity: 770
Merit: 566
fractally
August 05, 2010, 11:46:52 AM
#48
Right now the transaction fee address is left "blank" and the block generator fills it out.
Now you would fill it in with the address of the person you are asking to build the block.  

If the transmit fee <= block integration fee no one could profitably forward the transaction and thus must generate a block themselves.
sr. member
Activity: 416
Merit: 277
August 05, 2010, 11:45:58 AM
#47
If there was a transaction for each transaction fee, then what about the transactions fees for the transaction fee's transaction?

The transaction fee transaction would be designed to be a completely predictable consequence of the main transaction and hopefully any fee for processing the main transaction would also take into account the need for a fee transaction too. In other words the fee transaction would contain its own fee. This therefore seems to be a manageable aspect of the problem.

ByteCoin
founder
Activity: 364
Merit: 7423
August 05, 2010, 11:39:58 AM
#46
The only solution to this problem is to make broadcasting of a transaction "non free".  Namely, if you want me to include it you have to pay me.  The net (no pun intended) result is that each client would need to pay other clients to whom they even send their transaction, not just the individual who gets it in a block.   In this way the laws of economics take over and no one gets a free ride on the transaction broadcast system.  
I don't know a way to implement that.  The transaction fee to the block creator uses a special trick to include the transaction fee without any additional size.  If there was a transaction for each transaction fee, then what about the transactions fees for the transaction fee's transaction?
Activity: -
Merit: -
August 05, 2010, 11:37:53 AM
#45

Sending 1 BTC back and forth a million times creates a single transaction chain, sending a million transactions of 0.000001 BTC makes a million nearly independant transactions which all must be remembered. Due to the way bitcoin can drop old deeply confirmed transactions the first is far less overhead than the second in the long run. There may be similar network cost but the disk space cost can be greatly reduced for the single chain.

Only if the "dust" is combined back together and confirmed deeply enough again only then can the dust space be dropped.


Improved attack would be : start with 1BTC then transfer 0.999999999BTC, then 0.999999998BTC, ...
It results 1 million accounts (minus 10000) with 0.000000001BTC each.
founder
Activity: 364
Merit: 7423
August 05, 2010, 11:30:20 AM
#44
Quote from: bytemaster
Payments would generally be advanced, say 1 BTC at a time and when the connection closes any "change" would be returned.  This rule makes it impossible to pay for a simple "search query" with no further transactions.
One alternative is to use a round-up system.  You pay for, say, 1000 pages or images or downloads or searches or whatever at a time.  When you've used up your 1000 pages, you pay for another 1000 pages.  If you only use 1 page, then you have 999 left that you may never use, but it's not a big deal because the cost per 1000 is still small.

Or you could pay per day.  The first time you access the site on a given day, you pay for 24 hours of access.

Per 1000 or per day may be easier for consumers to get their heads around too.  They worry about per item because it's harder to figure if it might add up too fast.  Unlimited for 24 hours they know what the cost will be.  Or if 1000 seems like plenty, they're not worrying that it's costing more with each click if they figure 1000 is more than they'll probably use.
founder
Activity: 364
Merit: 7423
August 05, 2010, 11:03:21 AM
#43
Forgot to add the good part about micropayments.  While I don't think Bitcoin is practical for smaller micropayments right now, it will eventually be as storage and bandwidth costs continue to fall.  If Bitcoin catches on on a big scale, it may already be the case by that time.  Another way they can become more practical is if I implement client-only mode and the number of network nodes consolidates into a smaller number of professional server farms.  Whatever size micropayments you need will eventually be practical.  I think in 5 or 10 years, the bandwidth and storage will seem trivial.

I am not claiming that the network is impervious to DoS attack.  I think most P2P networks can be DoS attacked in numerous ways.  (On a side note, I read that the record companies would like to DoS all the file sharing networks, but they don't want to break the anti-hacking/anti-abuse laws.)

If we started getting DoS attacked with loads of wasted transactions back and forth, you would need to start paying a 0.01 minimum transaction fee.  0.1.5 actually had an option to set that, but I took it out to reduce confusion.  Free transactions are nice and we can keep it that way if people don't abuse them.

That brings up the question: if there was a minimum 0.01 fee for each transaction, should we automatically add the fee if it's just the minimum 0.01?  It would be awfully annoying to ask each time.  If you have 50.00 and send 10.00, the recipient would get 10.00 and you'd have 39.99 left.  I think it should just add it automatically.  It's trivial compared to the fees many other types of services add automatically.

Does including more slow down your hashing rate?  
No, not at all.
hero member
Activity: 770
Merit: 566
fractally
August 05, 2010, 10:39:19 AM
#42
I think the current system works fine.  If someone wants to implement a micro-payment system then they will have to host enough nodes and contribute enough processing power to include their small transactions.   I see no reason to require any node to accept or forward micro-payment transactions if said nodes does not wish to.  

The real issue is that even a simple legitimate automated micro-payment system could overload bitcoin by introducing more transactions than the credit card system currently uses.   The net result is that block sizes could become HUGE.

In my use case you have a P2P system where they pay for priority downloads.   Assume you have a single "torrent" file with 100,000 people all seeding and downloading.  That could easily generate 100,000 micro-payments per minute.  Now clearly, the program would only have to use BTC in the event that upload != download between two clients.  

It would be distributed and thus there would be no easy way to identify "spam" from legitimate usage.    Even using my solution of transferring 1+ BTC at a time and giving change if the balance is greater than 0.01 could cause a transaction bloat writ large.

I suspect that the "cost" of handing individual transactions may be low (.00001 BTC) but the cost of handling ALL of those little transactions from millions of users using automated payment negotiation/bidding systems would quickly make it impossible to even listen for all incoming transactions.  

The only solution to this problem is to make broadcasting of a transaction "non free".  Namely, if you want me to include it you have to pay me.  The net (no pun intended) result is that each client would need to pay other clients to whom they even send their transaction, not just the individual who gets it in a block.   In this way the laws of economics take over and no one gets a free ride on the transaction broadcast system.  

The implication is that you may not even receive notice of payment until a node that you paid to receive your transaction and *attempt* to integrate it into a block manages to do so.  This means that you would not even see 0/unconfirmed and that a transaction must make it into a block before anyone that wasn't paid to *attempt* to integrate it even knows it exists.

This structure would encourage pay-to-ip systems because that make the receiver of the payment responsible for paying to get it integrated.   Either they run their own bitcoin generators *or* they pay to send the transaction to someone who is.  

  
full member
Activity: 210
Merit: 105
August 05, 2010, 10:11:10 AM
#41
Bitcoin isn't currently practical for very small micropayments.  Not for things like pay per search or per page view without an aggregating mechanism, not things needing to pay less than 0.01.  The dust spam limit is a first try at intentionally trying to prevent overly small micropayments like that.

Bitcoin is practical for smaller transactions than are practical with existing payment methods.  Small enough to include what you might call the top of the micropayment range.  But it doesn't claim to be practical for arbitrarily small micropayments.
Why isn't it practical? I agree that a good micropayment system would avoid generating thousands of transactions (e.g. one per packet), but that doesn't mean that bytemaster's change idea is wrong:
Quote from: bytemaster
Payments would generally be advanced, say 1 BTC at a time and when the connection closes any "change" would be returned.  This rule makes it impossible to pay for a simple "search query" with no further transactions.
That seems like a great use case. Furthermore, as llama said, the fixed component of a transaction fee should always represent the real cost of including that transaction in a block. So, are there any more intelligent and less painful ways of implementing anti-dust spam systems?
lfm
full member
Activity: 196
Merit: 104
August 05, 2010, 09:59:51 AM
#40
Well, right now nothing stops someone from creating a system where:

A sends  1.00000001 to B
B sends  1.00000000 back to A

Net result is a micro-payment and no processing fee.

... unless B started with zero bitcoins.  Then B is stuck; she can't send 1.0 back, because doing that would cause a 0.00000001 bitcoin 'change' transaction, which would trigger the 0.01BTC fee, which they can't pay (because they only have 1.0000000001).



ok if a and b both start out with 1 BTC and agree to transfer 0.0001 using two inputs and two outputs on a single transaction can change a to 0.9999 and b to 1.0001. The rest of the network it would seem would accept the transaction.

The only stumbling block is whoever creates the transaction needs the private keys for both inputs which would come from different wallets normally. The one who creates the transaction could cheat.
lfm
full member
Activity: 196
Merit: 104
August 05, 2010, 09:52:32 AM
#39
What exactly is this 'dust spam' that this 0.01BTC transaction fee "solving"?
Someone with only one Bitcoin could send 100,000,000 transactions, which might overload the network. This isn't a good solution, though -- the vulnerability will still exist when the limit is lowered because someone will certainly be saving a bunch of Bitcoins.

Someone with one Bitcoin can already send 100,000,000 transactions, by repeatedly sending the coin to themselves. How is it any different if the value of the transaction is 1 or 0.00000001 ?

I'd like to repeat that question. Why could someone with 1 bc, not just send it back and forth between accounts a billion times? No fees would be charged.

Sending 1 BTC back and forth a million times creates a single transaction chain, sending a million transactions of 0.000001 BTC makes a million nearly independant transactions which all must be remembered. Due to the way bitcoin can drop old deeply confirmed transactions the first is far less overhead than the second in the long run. There may be similar network cost but the disk space cost can be greatly reduced for the single chain.

Only if the "dust" is combined back together and confirmed deeply enough again only then can the dust space be dropped.
legendary
Activity: 1246
Merit: 1016
Strength in numbers
August 04, 2010, 02:30:32 PM
#38
Can the fee rules be arbitrarily complicated? And is the size limit hard wired or completely up to the node?

Does including more slow down your hashing rate? 
Pages:
Jump to: