Author

Topic: Random Block Reward Vulnerability (Read 707 times)

full member
Activity: 196
Merit: 100
★Bitvest.io★ Play Plinko or Invest!
March 05, 2014, 04:39:37 PM
#9
Yeah, doing it manually would be impossible lol!

But, a script could check in milliseconds.

There's always the possibility that I have no idea what the hell I'm talking about...if that's the case, just tell me the STFU and I'll do so Wink

If the hash is in the block previous to the one whose reward is in question, how would anyone have time to adjust between blocks?  They come every 30 seconds or so.

By the time one sees the hash, determines the reward of the next block, etc., wouldn't that next block already be found?

I figured a script could quickly run through it, but I didn't necessarily think it'd be quick enough to determine the reward, calculate profitability vs. LTC (or another alt) and switch all in a matter of 30 sec.

Gotcha...thanks for the reply Smiley 

member
Activity: 98
Merit: 10
March 05, 2014, 03:48:45 PM
#8
Yeah, doing it manually would be impossible lol!

But, a script could check in milliseconds.

There's always the possibility that I have no idea what the hell I'm talking about...if that's the case, just tell me the STFU and I'll do so Wink

If the hash is in the block previous to the one whose reward is in question, how would anyone have time to adjust between blocks?  They come every 30 seconds or so.

By the time one sees the hash, determines the reward of the next block, etc., wouldn't that next block already be found?
member
Activity: 98
Merit: 10
March 05, 2014, 03:22:14 PM
#7
Not quite true because it depends on the Protocol specification: https://en.bitcoin.it/wiki/Protocol_specification

And the Protocol specification can be modified for any particular coin.

For example, I could set the block reward to vary from 1 to 1 million.

There is no such thing as "random" in bitcoin. The network must agree on all variables.
sr. member
Activity: 392
Merit: 265
March 05, 2014, 03:20:36 PM
#6
Where do you check reward of past blocks? The is no such factor in the blockchain: http://dogechain.info/block/1e6d62dcdd59d5f3af1612071a7b5c33dbcf62de182142ce0156b6e81973c279
legendary
Activity: 980
Merit: 1000
March 05, 2014, 03:17:16 PM
#5
There is no such thing as "random" in bitcoin. The network must agree on all variables.
member
Activity: 98
Merit: 10
March 05, 2014, 03:16:01 PM
#4
I doubt many coders would genuinely consider a vulnerability a "design feature", unless they did it deliberately :-)

But, if done properly, I love the idea of random rewards. But as you suggest, making them truly random without the possibility of exploitation is not easy.

One coin, which I shall not name, is vulnerable as hell!

If you study the generation transaction - covered in the video below - you can imagine some ways it may be possible to exploit random rewards.

https://www.youtube.com/watch?v=QzDO44oZWtE

It's not a vulnerability. It's by design.

"Random" rewards are literally the worst idea integrated into cryptocurrency.
legendary
Activity: 980
Merit: 1000
March 05, 2014, 02:55:55 PM
#3
It's not a vulnerability. It's by design.

"Random" rewards are literally the worst idea integrated into cryptocurrency.
full member
Activity: 196
Merit: 100
★Bitvest.io★ Play Plinko or Invest!
March 05, 2014, 02:50:23 PM
#2
There's always the possibility that I have no idea what the hell I'm talking about...if that's the case, just tell me the STFU and I'll do so Wink

If the hash is in the block previous to the one whose reward is in question, how would anyone have time to adjust between blocks?  They come every 30 seconds or so.

By the time one sees the hash, determines the reward of the next block, etc., wouldn't that next block already be found?
member
Activity: 98
Merit: 10
March 05, 2014, 02:18:38 PM
#1
When Bitcoin was launched, the idea of random block rewards was not considered because the block reward was fixed (although halving at predetermined blocks).

Since then a number of alt coins have been launched that include random block rewards. Unfortunately, some of the coders have implemented the random block rewards in a rather sloppy way, leaving it vulnerable to exploitation by miscreants like myself ;-) and others.

Rather name the coins that are vulnerable, let’s just consider one.

Here’s a great post by DisappointedShibe

Quote
The "random" DOGE rewards per block are not random. In fact, the value of each block is predetermined by a simple equation applied to the hash of the previous block. A creative miner can take advantage of this fact to mine dogecoin when the potential reward is high, and switch to litecoin when the potential reward is low. During some rounds, the reward is so small it isn't worth the electricity spent finding it; during more rounds, the reward is less than can be earned mining LTC; in a few rounds, the reward is spectacular. Honest miners mine with the expectation of earning an average of 500,000 DOGE per block, but when people are selectively mining the high-profit DOGE rounds, the average reward falls for honest miners.

http://www.reddit.com/r/dogemining/comments/1x1p76/something_is_rotten_in_the_state_of_doge_mining/

I’ve not checked if the Dogecoin vulnerability has been fixed yet, but coders of other coins with random block rewards should consider if their coin is vulnerable to exploitation too.
Jump to: