Idea to help prevent transaction spam

theymos

administrator

Activity: 5222

Merit: 13032

Quote from: Mike Hearn on April 11, 2011, 05:12:33 AM

100% agreed with Gavin. I've said this several times before but please let's kill the "spam" meme. Small transactions are not spam in any traditional usage of the word.

The only reason this problem exists is because of the artificial limits placed on the system to work around its scalability limitations. The solution is not to try and suppress usage of BitCoin, even if you suspect that usage is pointless or malicious. The solution is to make a few thousand transactions per minute not a problem for anyone to process.

Today that means finishing off the client mode work in the main client, or, having most users move to an alternative implementation that is client mode only (like BitCoinJ). It'd be better to do the first one but nobody seems to be working on it right now.

I'm not talking about small transactions, but free transactions of any size. Anything that is free will be completely used. If free transactions could fill blocks to 100 GB, I have no doubt that many blocks would be 100 GB. Even when Bitcoin has a client mode, the network will only be able to handle so many transactions.

This topic is about allowing minimal use of free transactions for as long as possible by preventing individuals from sending dozens of free transactions per second at no cost. "limitfreerelay" increases the cost, but I don't think the way it does this is effective in prioritizing users who send only a few free transactions over those who send many.

Another way of improving limitfreerelay would be to randomly drop free transactions at an automatically-adjusting probability. High-priority transactions could have lower drop probability.

Mike Hearn

legendary

Activity: 1526

Merit: 1136

How do you know the transactions are bogus?

Nodes are probably capable of verifying somewhere in the region of 50 to 80 transactions per second. No "spam" attack has reached anywhere near that level yet. The only reason it can cause backups and delays is the block size limitations.

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: MoonShadow on April 11, 2011, 06:59:40 PM

Quote from: marcus_of_augustus on April 11, 2011, 06:32:08 PM

what if there was some kind of some proof-of-work required by the sending client? It would not need to be large but enough of a drag to discourage large numbers of sends from a node with an intent on attacking the network.

There already is, to some extent, as the signing and hashing process involved in sending a transaction does put some weight on the sending cpu. More would be a burden for collective wallet systems like mybitcoin.

So increasing the difficulty of this signing process is a possible solution to discouraging bogus transaction prevention.

Collective wallet systems shouldn't really be a consideration in this though since they are secondary user in the sense they are centralising pools of users, so they should be prepared to do the same amount of work as the equivalent number of distributed nodes. User pays.

MoonShadow

legendary

Activity: 1708

Merit: 1011

Quote from: marcus_of_augustus on April 11, 2011, 06:32:08 PM

what if there was some kind of some proof-of-work required by the sending client? It would not need to be large but enough of a drag to discourage large numbers of sends from a node with an intent on attacking the network.

There already is, to some extent, as the signing and hashing process involved in sending a transaction does put some weight on the sending cpu. More would be a burden for collective wallet systems like mybitcoin.

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: Mike Hearn on April 11, 2011, 09:39:04 AM

Quote from: marcus_of_augustus on April 11, 2011, 05:47:37 AM

Why would 'most users' move to client mode only (like BitCoinJ)?
Most users are on PC sized devices at present I'd guess.

Because the initial block chain download/indexing process takes ages. People don't want to wait 30 minutes+ to get started with BitCoin. That's a serious brake on adoption.

I'm not saying everyone should switch to a different implementation (no such implementation exists anyway). But rather that finishing one off is the solution to these 'spam' issues, as then the block size limit could be lifted significantly without hurting initial setup time so much people stop entering the community.

Oh ok.

But lifting the block size limit to accommodate bogus transactions seems wrong, although it may have merits for other reasons ... what if there was some kind of some proof-of-work required by the sending client? It would not need to be large but enough of a drag to discourage large numbers of sends from a node with an intent on attacking the network.

If the miners are expected to pick up the work and not get paid maybe a commitment from the clients that transactions are valid, in the way of some proof-of-work, from them is needed? Kind of like a proof-of-work handshake to the veracity of the send transaction. If it would make the network more robust also having the clients do some more work there are none actively mining anymore (are there?) so all that CPU power can add up to a lot if they do a little bit each time they send. As a bonus maybe the client work could be put towards anonymising the send in some way, coin selection?, blind-sign?, dunno still thinking about it, but some clients definitely already have an incentive to do this anyway.

Mike Hearn

legendary

Activity: 1526

Merit: 1136

Quote from: marcus_of_augustus on April 11, 2011, 05:47:37 AM

Why would 'most users' move to client mode only (like BitCoinJ)?
Most users are on PC sized devices at present I'd guess.

Because the initial block chain download/indexing process takes ages. People don't want to wait 30 minutes+ to get started with BitCoin. That's a serious brake on adoption.

I'm not saying everyone should switch to a different implementation (no such implementation exists anyway). But rather that finishing one off is the solution to these 'spam' issues, as then the block size limit could be lifted significantly without hurting initial setup time so much people stop entering the community.

Darknight1360

newbie

Activity: 1

Merit: 0

Quote

Miners have an economic incentive to accelerate the implementation of fees ... not saying that anyone is doing that just that it is a possibility ... either way it is a mild form of attack, like an annoying rash you might get from a lap dance ...

hahaha +1 for that. I lurk here on the forums but that comment made me actually register an account!

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote

Today that means finishing off the client mode work in the main client, or, having most users move to an alternative implementation that is client mode only (like BitCoinJ). It'd be better to do the first one but nobody seems to be working on it right now.

Why would 'most users' move to client mode only (like BitCoinJ)?
Most users are on PC sized devices at present I'd guess.

Mike Hearn

legendary

Activity: 1526

Merit: 1136

100% agreed with Gavin. I've said this several times before but please let's kill the "spam" meme. Small transactions are not spam in any traditional usage of the word.

The only reason this problem exists is because of the artificial limits placed on the system to work around its scalability limitations. The solution is not to try and suppress usage of BitCoin, even if you suspect that usage is pointless or malicious. The solution is to make a few thousand transactions per minute not a problem for anyone to process.

Today that means finishing off the client mode work in the main client, or, having most users move to an alternative implementation that is client mode only (like BitCoinJ). It'd be better to do the first one but nobody seems to be working on it right now.

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: Littleshop on April 10, 2011, 10:52:54 PM

So why would someone send transaction spam? What do they get out of it?

Miners have an economic incentive to accelerate the implementation of fees ... not saying that anyone is doing that just that it is a possibility ... either way it is a mild form of attack, like an annoying rash you might get from a lap dance ...

nster

full member

Activity: 126

Merit: 100

Quote from: Littleshop on April 10, 2011, 10:52:54 PM

So why would someone send transaction spam? What do they get out of it?

Have fun killing the bitcoin network? perhaps if the problem gets big enough, BTC value goes down? Someone who hates someone else that is in the btc community who would be affected by this?

Littleshop

legendary

Activity: 1386

Merit: 1004

So why would someone send transaction spam? What do they get out of it?

Gavin Andresen

legendary

Activity: 1652

Merit: 2317

Chief Scientist

Transaction spam is not a high-priority issue, in my humble opinion, and I don't think we need to do anything more right now.

We were running into big free-transaction backlogs because of the rise in popularity of the mining pools, but with the big pools now using the new sendmany feature to pay (with a transaction fee) their users that issue has gone away.

The improved -limitfreerelay and sendmany will both be in the next release, which should further improve the situation. And I think in the next few months lightweight download-headers-only clients will start to appear.

I would much rather see work on optimizing the network protocol so that hashed of already-spent transactions deep in the block chain aren't sent to (or stored on) new nodes joining the network.

jav

sr. member

Activity: 249

Merit: 251

An additional thought: I think it's fairly hard to judge for a sender how much fee is appropriated and needed for a timely procession. Maybe there should be a standard way for the _receiver_ to pay a transaction fee as well. So as a receiver I would monitor the network for transactions to one of my addresses and when I see such a transaction T, I send out a special "bounty transaction" that basically says: "if you include transaction T in your block, you can additionally collect my bounty".

This way senders could just send out transactions without a fee, and if they risk getting lost in a sea of free transactions, the receiver could "fish them out" for a small fee.

jav

sr. member

Activity: 249

Merit: 251

Quote from: ?? on ??

Miners set minimal transaction to 0.01 , here we go the problem solved. Moreover, I bet this will happen rather sooner than later.

Indeed, problem solved, but usefulness of Bitcoin greatly diminished. I know that Bitcoin is ultimately not a micro-payment solution, but while it still is, it has great potential to catch market-share in that area. I would hope we are able to keep that up as long as possible.

jav

sr. member

Activity: 249

Merit: 251

A naive question: what problems does transaction spam cause? besides blocking other free transactions? Is there any other harm to the network that would be a big problem at the current time?

Because I don't consider it such a big problem. There was a lot of spamming going on a few weeks ago, which has seemed to calm down again. During that time you couldn't really send a free transaction, which was unfortunate, for sure. But if we now employ a complicated policy which basically boils down to not being able to send free transactions anymore, then we are kind of in the same situation, aren't we? Might as well keep it simple then and don't have such a policy.

I would rather be able to send out a free transaction and hope it gets through, then having to worry about some complicated fee-structure to figure out if that will get me banned or not. This is mostly speaking from the point of someone interested in running Bitcoin services.

ribuck

donator

Activity: 826

Merit: 1060

A transaction fee of around a US cent ($0.01) is never going to be a problem. Just compare it with all of the alternative payment systems!

I favor a transaction fee of BTC 0.01 on every transaction. Sure, it's more expensive than "free", but human psychology is a funny thing. Something purchased can be more highly valued than something being given away for free.

marcus_of_augustus

legendary

Activity: 3920

Merit: 2349

Eadem mutata resurgo

Quote from: Gavin Andresen on April 08, 2011, 06:00:49 PM

Quote from: marcus_of_augustus on April 08, 2011, 05:41:36 PM

What about an infinitesimal, but non-zero transaction fee on all transactions?

Is anyone but the spammers going to notice that they just got 0.00000001 clipped off their transaction?

The problem with that idea is if the transaction fee is that low spammers won't notice it either. They can just invest 0.01 BTC and send millions of "non-free" transactions.

Yep, good point. It's a thorny one alright .... the problem there is the relative size of the fee to the size of the transacted amount, but if you have a fixed 'tiny' but non-zero percentage fee then anything that is prohibitive to spammers will also be noticed by legitimate users.

E.g: a 0.001% fee (BTC 0.01 on a BTC 100) would still get spammer a large number of transactions and any higher it'll get noticed I guess ...

nster

full member

Activity: 126

Merit: 100

Quote from: NghtRppr on April 08, 2011, 09:11:42 PM

Quote from: nster on April 08, 2011, 08:56:56 PM

Quote from: ?? on ??

Quote from: theymos on April 08, 2011, 07:15:04 PM

With 0.001, a spammer can send 10,000 transactions with just 10 BTC, which seems too cheap. I think 0.01 is fine for now.

In any case, keeping transactions completely free for as long as possible is desirable. A 0.0000001 fee will seem much more expensive than "free" to people considering using Bitcoin.

Agreed. One of the biggest problems with just the current 0.01 transaction fee as optional, is when the bitcoin faucet adds a 0.01 transaction fee to a 0.05 freebie, that's a 20% fee to send out coins. The faucet is probably one of the largest contributors to the transaction fees, benefiting the miners, not the new users testing out the coins.

Maybe we should encourage pool operators to take the transaction fees and send them back to the faucet Wink

RE: the spam problem... I dunno. Free transactions are awesome. But when you start doing IP restrictions or limiting, or something like that, the majority of people you end up effecting are the legitimate users. Spammers or exploiters simply look at the open source code, and figure a way around it be it their botnet, proxies, or whatever.

0.01 fee for transactions under 0.05 then lol

In which case attackers will just keep passing the same 0.06 back and forth. Since they are never losing any BTC, the attacks can be performed with any denomination. It just requires them to have a larger bankroll to begin.

yes but most of the time, spammer have low amounts of BTC. Therefore, it would limit how many simutaneous spams they can do

NghtRppr

sr. member

Activity: 504

Merit: 252

Elder Crypto God

Quote from: nster on April 08, 2011, 08:56:56 PM

Quote from: ?? on ??

Quote from: theymos on April 08, 2011, 07:15:04 PM

With 0.001, a spammer can send 10,000 transactions with just 10 BTC, which seems too cheap. I think 0.01 is fine for now.

In any case, keeping transactions completely free for as long as possible is desirable. A 0.0000001 fee will seem much more expensive than "free" to people considering using Bitcoin.

Agreed. One of the biggest problems with just the current 0.01 transaction fee as optional, is when the bitcoin faucet adds a 0.01 transaction fee to a 0.05 freebie, that's a 20% fee to send out coins. The faucet is probably one of the largest contributors to the transaction fees, benefiting the miners, not the new users testing out the coins.

Maybe we should encourage pool operators to take the transaction fees and send them back to the faucet Wink

RE: the spam problem... I dunno. Free transactions are awesome. But when you start doing IP restrictions or limiting, or something like that, the majority of people you end up effecting are the legitimate users. Spammers or exploiters simply look at the open source code, and figure a way around it be it their botnet, proxies, or whatever.

0.01 fee for transactions under 0.05 then lol

In which case attackers will just keep passing the same 0.06 back and forth. Since they are never losing any BTC, the attacks can be performed with any denomination. It just requires them to have a larger bankroll to begin.

Topic: Idea to help prevent transaction spam (Read 4896 times)