Pages:
Author

Topic: Hacking Bitcoin - page 2. (Read 2936 times)

jr. member
Activity: 42
Merit: 11
March 20, 2013, 03:21:36 PM
#5
If it costs you money, it's not very feasible. It's one of the reasons why there are fees.
I think there is no way to tell legitimate transaction from flood (as long both follows the rules). Which rules it's whole other question.
Limiting bandwidth will hurt network in the long run. Propagation times will be high.
People can start to put dedicated bitcoin servers on VPS hostings (some of which are dirt-cheap now) to help network.
legendary
Activity: 1652
Merit: 2301
Chief Scientist
March 20, 2013, 03:17:11 PM
#4
Suggestion: instead of talking endlessly about possible attacks, try them out on the -testnet test network.

That is what it is for.

Oh:  except Sybil attacks, which just aren't very interesting on a network like testnet that has only a couple dozen peers on it.
sr. member
Activity: 444
Merit: 250
I prefer evolution to revolution.
March 20, 2013, 03:06:31 PM
#3
The best attack I can come up with right now is this:
  • Create two wallets (or two addresses)
  • Buy some bitcoin into one wallet
  • Transfer bitcoin back and forth as fast as possible to flood the network.
Set up as many machines as possible doing this.

I don't know if there's a throttling mechanism in the client but shouldn't the transaction fee make it relax?  So if there is, the attacker will still have to pay miners in order to make this attack.

Ultimately, the network communications required by Bitcoin can suffer from a Tragedy of the Commons.  Perhaps the answer to this (whether it's an attack or not) is the addition of a feature in the client that allows the user to set a bandwidth threshold.  So if a user sets the threshold, then any peer that wants to exceed it will be rejected unless the user added that peer to a whitelist.

Or is Bitcoin network flooding already impossible (even for entities that are legally permitted to print money)?
legendary
Activity: 3066
Merit: 1147
The revolution will be monetized!
March 20, 2013, 02:40:10 PM
#2
I also think this should be openly talked about. If bitcoin needed to keep a secret that would hurt, it then it would be doomed to fail.
sr. member
Activity: 444
Merit: 250
I prefer evolution to revolution.
March 20, 2013, 02:34:36 PM
#1
It seems foolish to believe that no one is trying to find a way to damage the bitcoin economy.  Governments, central banks, payment processors, credit card companies, ... the list goes on and on of entities whose bottom line is threatened by bitcoin.

So I wonder if it would be a good idea to start having open discussions about the same things that they are likely discussing in private.  For example, is there a way to exploit the vulnerability of the pre-0.8 clients to fork the chain?  Of course this seems dangerous.  Anyone who read the Hunger Games books remembers Gale's concern about a new kind of attack that was later exploited.

When I was in college I played chess and I always enjoyed discussing my moves and plans openly.  Part of the reason for this is that my ability to handle complexity was a bit stronger than that of others, so I got to help them see the fixes I was planning to put them in.  I imagine that everyone I played, along with myself, got much better at chess because of this openness.

Part of the reason I am comfortable openly discussing possible avenues for hacking our economy is that I have faith in humans.  For the most part, people are good.  The more we learn, the better we get along, generally.  The bitcoin community can win converts from those threatened by it at a rate much higher than they can win converts from us, simply because bitcoin respects individuals, places responsibility for their dealings squarely in their own hands, and does not rely on coercion of any kind.

Before those of us who have answers for the following question make them public, perhaps it would be a good idea to discuss whether or not publicizing them is wise.  I think it is, but that is based on a faith in human beings that I admit may be misplaced.  (If it is, my world will change, but it will be difficult to convince me.)

If you're comfortable letting the world know about Bitcoin's vulnerabilities, what are they and how should we expect those threatened by it to leverage them?  (And how will we therefore protect ourselves from them?)
Pages:
Jump to: