Topic: Forking scenario - when border connections are closed (Read 1507 times)

The mining power of an isolated area would be much less than the rest of Bitcoin, they would only need to know to not trust payments in any locally mined blocks if they happen during isolation.

The blockchain would fit on a single USB memory stick.

All that is needed is a node that can read the data.  However, loss of external internet access would cause lots of problems with getting new clients.

Inside the country, the chain would tend to jump.  New transactions could be smuggled out too.

You only need to be able to reach one other node to mine, not some specific website in another country. The situation proposed here is a nation-scale partitioning, not a power outage.

This question is self-contradicting. How could one mine (in the normal sense) without any internet access?

Well text is a lot easier than streaming video, for example, and I did assume there was enough bandwidth available for SPV to work.  There's also word of mouth, telephone, etc.  Just a matter of not being lazy about it.  Of course this is less than ideal, though.

How is the miner checking forums if the internet doesn't work?

On the other hand, if forums aren't blocked, bitcoin is sufficiently low traffic that you can stegonographically hide the blockchain data in what parts of the internet aren't being blocked and thus there isn't a problem.

To the extent that a pooled miner is actively checking forums etc. to listen for claims that their pool is misbehaving, and switching pools in such an event, then I think they are contributing somewhat.  Re: redirecting hashpower, of course a state level actor can always come in guns blazing and take your mining rig if it knows you have it.  Certainly no way around that

Oh for sure.  Just arguing that a country here or there isolated from full validation mode isn't the end of the world.  Of course Bitcoin needs enough "free" countries acting as the backbone.  I mentioned the improved SPV mode as it would reduce the trust required of the backbone.

+Xists run satellites and microwaves that eliminate this risk plus BOB laughs at peeps who don't recognize TOR/bitcoin relationship to slackdom ! (=

I have discussed the solution for this problem at: https://bitcointalksearch.org/topic/m.2634208

Here are the relevant parts:

1. Partial validating node with web-of-trust. Currently, there are 3 major types of bitcoin clients: full clients (e.g. bitcoind), SPV clients (e.g. bitcoinj), server-trusting clients (e.g. electrum). We can implement the 4th type: partial validating clients (PVC).

User may assign certain amount of system resources (CPU power / bandwidth / storage space) to bitcoind. If the node is unable to verify a block before the next block arrives, it will automatically turn into a PVC. Instead of verifying every blocks, a PVC will skip some of them. When a block is verified, a PVC will publish a signature for the block. Through a web-of-trust, people will be reasonably confident that the longest chain is a valid chain.

This could even be extended to mobile device. For example, a smartphone, which is normally running as SPV, may turn into a PVC when it is connected to AC power and wifi. Even only one block is verified per day, the network is strengthened as a whole.

2. Mining pools and full nodes on trusted platform. As some people are advocating centralized "bitcoin bank" running on trusted platform (TP), I think mining pool and public full nodes can also use TP. A full node on TP will accept new blocks and new transactions through encrypted channel, so that the network administrator won't be able to censor any block/transaction. They will also answer queries like normal full nodes but also in an encrypted way. With remote-attestation and fidelity bond (https://bitcointalksearch.org/topic/purchasing-fidelity-bonds-by-provably-throwing-away-bitcoins-134827), it is very unlikely that the operator may cheat.

Based on TP full nodes, we can further establish TP mining pools. It's like a normal getblocktemplate mining pool so miners are free to construct their blocks, without doing any transaction validation themselves, assuming that the pool is trustworthy. Again, the integrity of the pool is secured by remote-attestation and fidelity bond. Therefore, mining will be decentralized even with huge block size. Mining over TOR is also possible.

Again, people will verify the integrity of TP full nodes with the partial validating nodes I described.

Thats not really contributing... I mean, they aren't validating anything. Presumably the same party isolating them could be redirecting their hashpower selfishly or maliciously.

In general SPV in isolation seems a bit odd except as a short term measure, it means you have to trust people who your communication with is restricted... they may even be the ones restricting you.

People in these dire circumstances have found ways to maintain some connectivity to the outside world, just at low bandwidth.

Running in SPV mode (block headers only) is pretty low bandwidth, so keeping this service up might be possible.  There are also improvements that can be made to the SPV trust model that would allow an SPV node to reject invalid blocks upon receiving a short fraud proof, so the loss of access in a few countries to most of the transaction data wouldn't pose much of a risk to the people there, or the network as a whole.

Pooled mining is also low bandwidth, so miners might still be able to contribute by connecting to a pool in another country.

Not every connection can be successfully cut-off. Even one node connected via satellite & local network can act as a bridge for everyone else. Miners should probably stop working (to eliminate double-spend risks) until such bridge is available. More of a concern is the bootstrapping process. I'm not sure how DNS seed method is actually implemented now, and I don't think we should rely on such centralized system.

You can analyse recent BarkleyDB nodes vs LevelDB nodes forking incident to see what are the risks of such event. I had really hard time to fully understand why there were some transactions reversed.

originally posted this a while back, bumping as i am still puzzled as to whether this vulnerability really is as large as it seems...?

This problem is real, but its solution lies not with Bitcoin, all internet protocols are vulnerable.

There's a glimmer of hope on the horizon (probably in the similar stage that Bitcoin was itself in early 2009), it's called Project Meshnet https://projectmeshnet.org/

It's a completely p2p low level encrypted routing protocol that's designed to operate without "internet providers" and therefore to actually be resistant to censorship, also provides privacy to all traffic, etc.

Cheers ...

I think in reality, whilst internet connections may be down, there will inevitably be exploitation of the double-spend opportunity.

As soon as an isolation event is discovered, people will rush to take advantage of the opportunity, wallet codes will cross borders and double spending will occur, both accidentally and deliberately.  There needs to be a solution to this potential problem.

Tea - are you saying the scenario below would not have caused a fork within the bitcoin network?

Stop! You're scaring the children!

I think cutting off a country's connection to the outside world is quite difficult to do--they can cut cables, shut down DNS servers etc., but as we saw in the recent Egypt uprising (1.0 against Mubarak) citizens still managed to connect via satellite, packet radio, creating their own ad-hoc DNS etc.

Hmm.

Let's say the Bitcoin network splits along national borders. You're either inside Country X, and you're on Country X's network + blockchain, or you're outside Country X, and you're on the world network + blockchain.

If you're inside Country X, you can't spend money on the world blockchain because you can't access the world network.

If you're outside Country X, you can't spend money on the Country X blockchain because you can't access the Country X network.

When the two networks merge again, the Country X blockchain will be invalidated by the world blockchain, but the transactions on the Country X blockchain will still be valid (because the people trapped in Country X could not contact the world blockchain to double-spend them there) and will, theoretically, be sooner or later processed and recorded by the world blockchain regardless.

Here are the problems that I can't figure out how to deal with:

• As long as Country X is cut off from the world, anyone in Country X who mines is a fool, because their mining rewards will vanish when the reorg hits.
• The ones perpetrating the blockade (e.g. the Country X government) has access to both networks and is free to double-spend at will.

Scenario:  Bitcoin has been widely and globally adopted as the primary trade currency.  But it didn't solve everything, and somewhere a country in the midst of some tumultuous situation is either voluntarily or forcibly severed from the wider internet (easier said than done, but let's assume it is possible).

Does this result in a forked blockchain within which all coins can effectively be spent twice (once in each zone)?

Assuming forks could eventually be re-merged with the larger overriding the smaller, am I correct that double-spent coins on the smaller fork would be invalidated, with recipients incurring the losses as received coins disappear?

How would/will such a scenario be managed?  

I'm sure this scenario will have already been raised so apologies if duplicating.