Random Block Reward Vulnerability | Bitcointalksearch.org

SlidingHorn

full member

Activity: 196

Merit: 100

★Bitvest.io★ Play Plinko or Invest!

Quote from: Crypto-t on March 05, 2014, 03:48:45 PM

Yeah, doing it manually would be impossible lol!

But, a script could check in milliseconds.

Quote from: SlidingHorn on March 05, 2014, 02:50:23 PM

There's always the possibility that I have no idea what the hell I'm talking about...if that's the case, just tell me the STFU and I'll do so Wink

If the hash is in the block previous to the one whose reward is in question, how would anyone have time to adjust between blocks? They come every 30 seconds or so.

By the time one sees the hash, determines the reward of the next block, etc., wouldn't that next block already be found?

I figured a script could quickly run through it, but I didn't necessarily think it'd be quick enough to determine the reward, calculate profitability vs. LTC (or another alt) and switch all in a matter of 30 sec.

Gotcha...thanks for the reply

Crypto-t

member

Activity: 98

Merit: 10

Yeah, doing it manually would be impossible lol!

But, a script could check in milliseconds.

Quote from: SlidingHorn on March 05, 2014, 02:50:23 PM

There's always the possibility that I have no idea what the hell I'm talking about...if that's the case, just tell me the STFU and I'll do so Wink

If the hash is in the block previous to the one whose reward is in question, how would anyone have time to adjust between blocks? They come every 30 seconds or so.

By the time one sees the hash, determines the reward of the next block, etc., wouldn't that next block already be found?

Crypto-t

member

Activity: 98

Merit: 10

Not quite true because it depends on the Protocol specification: https://en.bitcoin.it/wiki/Protocol_specification

And the Protocol specification can be modified for any particular coin.

For example, I could set the block reward to vary from 1 to 1 million.

Quote from: Hazard on March 05, 2014, 03:17:16 PM

There is no such thing as "random" in bitcoin. The network must agree on all variables.

bananahunter67

sr. member

Activity: 378

Merit: 265

Where do you check reward of past blocks? The is no such factor in the blockchain: http://dogechain.info/block/1e6d62dcdd59d5f3af1612071a7b5c33dbcf62de182142ce0156b6e81973c279

Hazard

legendary

Activity: 980

Merit: 1000

There is no such thing as "random" in bitcoin. The network must agree on all variables.

Crypto-t

member

Activity: 98

Merit: 10

I doubt many coders would genuinely consider a vulnerability a "design feature", unless they did it deliberately :-)

But, if done properly, I love the idea of random rewards. But as you suggest, making them truly random without the possibility of exploitation is not easy.

One coin, which I shall not name, is vulnerable as hell!

If you study the generation transaction - covered in the video below - you can imagine some ways it may be possible to exploit random rewards.

https://www.youtube.com/watch?v=QzDO44oZWtE

Quote from: Hazard on March 05, 2014, 02:55:55 PM

It's not a vulnerability. It's by design.

"Random" rewards are literally the worst idea integrated into cryptocurrency.

Hazard

legendary

Activity: 980

Merit: 1000

It's not a vulnerability. It's by design.

"Random" rewards are literally the worst idea integrated into cryptocurrency.

SlidingHorn

full member

Activity: 196

Merit: 100

★Bitvest.io★ Play Plinko or Invest!

There's always the possibility that I have no idea what the hell I'm talking about...if that's the case, just tell me the STFU and I'll do so Wink

If the hash is in the block previous to the one whose reward is in question, how would anyone have time to adjust between blocks? They come every 30 seconds or so.

By the time one sees the hash, determines the reward of the next block, etc., wouldn't that next block already be found?

Crypto-t

member

Activity: 98

Merit: 10

When Bitcoin was launched, the idea of random block rewards was not considered because the block reward was fixed (although halving at predetermined blocks).

Since then a number of alt coins have been launched that include random block rewards. Unfortunately, some of the coders have implemented the random block rewards in a rather sloppy way, leaving it vulnerable to exploitation by miscreants like myself ;-) and others.

Rather name the coins that are vulnerable, let’s just consider one.

Here’s a great post by DisappointedShibe

Quote

The "random" DOGE rewards per block are not random. In fact, the value of each block is predetermined by a simple equation applied to the hash of the previous block. A creative miner can take advantage of this fact to mine dogecoin when the potential reward is high, and switch to litecoin when the potential reward is low. During some rounds, the reward is so small it isn't worth the electricity spent finding it; during more rounds, the reward is less than can be earned mining LTC; in a few rounds, the reward is spectacular. Honest miners mine with the expectation of earning an average of 500,000 DOGE per block, but when people are selectively mining the high-profit DOGE rounds, the average reward falls for honest miners.

http://www.reddit.com/r/dogemining/comments/1x1p76/something_is_rotten_in_the_state_of_doge_mining/

I’ve not checked if the Dogecoin vulnerability has been fixed yet, but coders of other coins with random block rewards should consider if their coin is vulnerable to exploitation too.

Topic: Random Block Reward Vulnerability (Read 703 times)