Pages:
Author

Topic: Taking Down Bitcoin - page 3. (Read 8574 times)

legendary
Activity: 1652
Merit: 2301
Chief Scientist
April 29, 2012, 04:24:23 PM
#24
If a 51% attacker stopped including all broadcast transactions in blocks "we" would quickly figure out a rule or rules to reject their blocks.

Something like "ignore a longer chain orphaning the current best chain if the sum(priorities of transactions included in new chain) is much less than sum(priorities of transactions in the part of the current best chain that would be orphaned)" would mean a 51% attacker would have to have both lots of hashing power AND lots of old, high-priority bitcoins to keep up a transaction-denial-of-service attack. And they'd pretty quickly run out of old, high-priority bitcoins and would be forced to either include other people's transactions or have their chain rejected.

I'm tempted to code that up and run some tests on a testnet-in-a-box, but there are much higher priority things on my TODO list; I don't think a 51% attack is likely. You'd spend a lot of time and money on an attack that "we" would neuter within a day or two.


legendary
Activity: 2618
Merit: 1007
April 29, 2012, 02:58:26 PM
#23
Just to make sure you got the idea right:

In order to get the difficulty lower (to make a 51% attack easier), you need to make sure it takes longer than 2 weeks for 2016 blocks to be assembled. Difficulty can change max. by a factor of 4 (so it can grow to max. 4 times current diff. and shrink to >=1/4th).

This means you need to DDoS a lot of pools over the course of 1-2 months to manipulate the difficulty and then still DDoS them while 51% attacking the network. It might be cheaper/more feasible to hack them or some people on the pool's staff, upload some evil stuff (depending on your legislation: child porn or music) and call the police. Or simply dig a bit beyond the forum pseudonyms or forum identity - see Bruce Wagner.

The easiest thing to attack is neither the blockchain nor the code itself - it's the people using it.
full member
Activity: 195
Merit: 100
April 29, 2012, 02:14:51 PM
#22
Who is we?

I meant the party which in the above scenario wants to defend Bitcoin against the mentioned attack.

Of cause you can start several btc chains. But this weakens the system.
Each chain can be attacked individually, being smaller drowning it is much easier.

I do not know. Maybe it depends on the exact attack and defense modes and all the remaining assumptions we make on the attacks.

For example: Let us assume we have 100 different chains and a centralized attacker (let's say the Fed) owning 51% of the hash and attempting an attack where he never adds transactions to the chain. Initially, the chains are all exact copies. With 49% of the hash and with 100 different chains there is a non-negligible chance that the good guys might at least in 1 or 2 of these chains win the block earlier than the attacker. So - under these assumptions - I am not sure if this claim is correct. I would agree, if attack modes also comprise double spending attacks (but still, I do not know - for lack of an appropriate model).

AFAIK we do not have the proper abstract models in place yet to be able to calculate and derive all the answers...
sr. member
Activity: 420
Merit: 250
bool eval(bool b){return b ? b==true : b==false;}
April 29, 2012, 11:21:03 AM
#21
... We open up a second block chain ...
Who is we?
The block chain knows about ones and zeros but it has no concept of good and bad.

Of cause you can start several btc chains. But this weakens the system.
Each chain can be attacked individually, being smaller drowning it is much easier.
full member
Activity: 195
Merit: 100
April 29, 2012, 10:21:39 AM
#20
The "brainstorming" is simple: stop adding any transactions to blocks once you have 51% of the hash power, and ignore any other validly mined blocks. If you can't even move BTC, it is effectively toast.

This is a very interesting attack and similar to scenarios I had in mind as well. May I brainstorm on a defense?

We open up a second block chain with a fresh genesis block. We build the genesis block with lots of coinbase transactions which restore the account values as they were in the old block chain. Now we have a copy of the block chain. If the good guys have 49% and the attacker has 51% of hash power on ONE chain, the attacker wins. With two chains and hash power switching back and forth between two chains, there probably once in a while will be the chance to be head on at least in one of the chains for the good guys. However, I am not sure whether a disrupting attacker still is in the same situation as with a single block chain.

Now assume we have a large number of parallel chains, competing with each other (if we use chain identification codes, this could even be done as part of the same software and the same data structure). I have some hope that there are scenarios where an attacker cannot stop all chains from progressing.

Let me compare this to PirateBay and email. Stopping filesharing in the PirateBay model is easy, in the email model it cannot be stopped. So: Could a world with a large number of parallel Bitcoin chains be more resilient than a world with a single Bitcoin chain?

Well if they don't call you out for spreading FUD and try to marginalize your points, it would make it harder for newbies to throw cash into the bitcoin black hole.

Never saw it that way. It could be a valid point.
full member
Activity: 195
Merit: 100
April 29, 2012, 10:01:38 AM
#19
You are confusing this thread with your thread. Is this confusion intentional?

What you're talking about is getting people to replace their Bitcoin software with software the validates some other rules.  This is totally orthogonal to attacks involving large amounts of hash power.

I do not see a confusion and it is not intentional. The OP asked about how bitcoin could be destroyed and how we could protect it against it; attacks involving large amounts of hash power IMHO are only one of the possibilities; I see others, which is the reason I contribute to this thread.

They have _all_ been 'beneficial' to their users in that by participating in them you're one of a much smaller set of miners, and thus getting a far larger percentage of the total produced coin than in Bitcoin.

This is true when you measure payoff in number of coins. The argument probably does not apply when you measure it in USD or EURO, since the coins of the other chains have much lower exchange rates or smaller acceptance or less trust due to smaller community and so on.

you just keep continuing the boring debate. Please don't spread it to other threads.

Sorry. Is this your thread? Did the OP ask me to leave? Where? Should I be violating some rule of the board, I apologize. Please point out the rule, so I can follow it. Part of my interaction here is exactly the attempt to reach your level of expertise so that my contributions are less boring ;-) Why are you making it more difficult to learn?
sr. member
Activity: 392
Merit: 250
April 29, 2012, 05:28:49 AM
#18
The biggest threat would be closing down mtgox. It would not stop bitcoin but cripple trading and the price. We need more exchange sites to open.
The whole 51% attack seems a bit silly to me. It would take a huge investment to even do it. It's never going to be done with regular servers. I would take something like the worlds top 5 servers farms working together to do it.
hero member
Activity: 798
Merit: 1000
April 29, 2012, 04:00:42 AM
#17
Admittedly this IS exactly what I'm doing.  Its in the OP.  I"m asking for some brainstorming to take down bitcoin.  Thats the point.  

1)  Construct an attack that greatly reduces the hash rate.  I suggested DDoS all the miners simultaneously.
2)  Use opportunity to make changes to the block chain (2x spend, whatever)
3) Huh?
4) Profit

You see, i am talking about a malicious attacker.  One who wants to destroy Bitcoin and has a budget.

The "brainstorming" is simple: stop adding any transactions to blocks once you have 51% of the hash power, and ignore any other validly mined blocks. If you can't even move BTC, it is effectively toast.

inane arguments as to why this is impossible: lol there aren't enough gpus, lol everyone would know when some government or bank bought lots of gpus, lol early adopters would lead the way and mine unprofitably for the first time in their lives even though they did not invest anything into gpu hardware, and the best one: lol nobody would do this it's more profitable to play nice

Quote
As per FUD, ENOUGH accusing every one of doing something wrong when they question the system.   Its becoming standard practice on message board to declare a post a FUD post as soon as the poster touches a nerve.  No one has answered what happens if this attack were launched yet, we need to think about all this and thats the point of my post.  Stop with the black helicopter stuff, i'm not some double agent.  I'm just doing my due diligence before i commit more of MY money to BTC.  Why is that so hard to get?

Well if they don't call you out for spreading FUD and try to marginalize your points, it would make it harder for newbies to throw cash into the bitcoin black hole.
hero member
Activity: 531
Merit: 505
April 29, 2012, 03:31:18 AM
#16
1. Study the source code.
2. Find a buffer overrun.
3. Destroy everybodies wallet.
alternatively in case wallet backups were made:
4. Send all bitcoins to non-existing accounts.
for maximum effect do it slowly so the block chain slowly gets corrupted so it cannot be reverted back easily.

Its not that easy. Most *sane* people have wallets both backed up and encrypted, so without the passphrase you cannot send any BTC out.

I suggest if Bitcoin will be attacked, it would be this way:

1. Put it out of law in major countries (US, EU, etc.)
2. Actively ban all financial services allowing to supply fiat money into exchanges
3. As result, most exchanges will dry out (no way how to get USD in or out of MtGox)
4. The price of BTC will plumet
5. The miners will slowly stop mining, as they have no guarantee they will be able to cover mining expenses
6. The Bitcoin network gets weak
7. Put large pools out of work (Megaupload style)
8. Do some doublespends to put final nail into the BTC coffin

full member
Activity: 385
Merit: 110
April 28, 2012, 08:38:04 PM
#15
1. Study the source code.

2. Find a buffer overrun.

3. Destroy everybodies wallet.

alternatively in case wallet backups were made:

4. Send all bitcoins to non-existing accounts.

for maximum effect do it slowly so the block chain slowly gets corrupted so it cannot be reverted back easily.
staff
Activity: 4284
Merit: 8808
April 28, 2012, 07:00:27 PM
#14
Not so sure. People are greedy. I think the attack would work (although I guess we will not see such an attack in the near future).

For example: Upload a modified Bitcoin client which accepts a bounty of 500000 BTC per block starting from a specific block. Rent Amazon and Google hashing power and produce some 20 blocks faster than the Bitcoin community does. During this time, produce 500000 BTC per fresh block and pay a large number of bitcoin addresses some extra Bitcoins (as a kind of bribery...). Then reduce the bounty again to 100 BTC per block (or, different approach, 50 BTC) and distribute the information on what you just have done to many forums.

Now there is this interesting dilemma: If a user/miner adopts your software and the new block chain...he gets a share of the extra coins. If he does not...he will not get a share of the extra coins. Of course you will also get a big share of extra coins. I am not so sure how many users will stick with the old block chain and not be tempted by the extra share they might get ... if they switch. (Of course, getting the modified software to accept the modified blocks is not a trivial engineering task - but it can be done).

You are confusing this thread with your thread. Is this confusion intentional?

What you're talking about is getting people to replace their Bitcoin software with software the validates some other rules.  This is totally orthogonal to attacks involving large amounts of hash power.

The alternative chains we saw thus far were based, to the degree I know and IMHO, on changes which did not produce visible benefits to the user and thus were not able to activate the greed reflex.

They have _all_ been 'beneficial' to their users in that by participating in them you're one of a much smaller set of miners, and thus getting a far larger percentage of the total produced coin than in Bitcoin. This is more extreme in some chains than others— for example LQC had block rewards starting at 1000 coins and then  dropping 4% every 1000 blocks or so, while Litecoin has payout's much more similar to Bitcoin but a single person could pretty easily be 1% of litecoin's total hashrate.



I have intentionally not responded to your thread because other clueful people have responded and you just keep continuing the boring debate. Please don't spread it to other threads.
full member
Activity: 195
Merit: 100
April 28, 2012, 04:48:41 PM
#13
Economically speaking, as long as your blockchain fork doesn't cause the technical death of Bitcoin, few people will accept your inflationary coins. Sure, free money is nice but would you give someone a silver or gold coin in exchange for currency designed to hyperinflate?

That's certainly true for one version of the attack (the one which continues with 100BTC). It is not true for the version which continues with the 50BTC. And: I trust more in the greed of the people than in their rationality. No, I am not happy about this. 

As far as network effects, obviously this has no effect on Bitcoin other than as an attempt to siphon users to your blockchain fork and away from the main chain. That hasn't worked so well for most of the alt currencies and there's no reason to believe it would work for an inflationary fork of Bitcoin based on the paragraph above this one.

The alternative chains we saw thus far were based, to the degree I know and IMHO, on changes which did not produce visible benefits to the user and thus were not able to activate the greed reflex.
full member
Activity: 225
Merit: 101
April 28, 2012, 04:12:53 PM
#12
This ignores both economics and network effects.

Economically speaking, as long as your blockchain fork doesn't cause the technical death of Bitcoin, few people will accept your inflationary coins. Sure, free money is nice but would you give someone a silver or gold coin in exchange for currency designed to hyperinflate?

As far as network effects, obviously this has no effect on Bitcoin other than as an attempt to siphon users to your blockchain fork and away from the main chain. That hasn't worked so well for most of the alt currencies and there's no reason to believe it would work for an inflationary fork of Bitcoin based on the paragraph above this one.
full member
Activity: 195
Merit: 100
April 28, 2012, 03:54:15 PM
#11
Thanks for providing (2).  You did not provide that before.  The attack you're suggesting doesn't work.

Difficulty adjustments require 2016 blocks and can only change the difficulty by a factor of 4 per cycle of 2016 blocks.  Your DOS attack, if effective, would slow down block creation while in effect but it would not substantially change the computational power required to rewrite any of the existing chain.

Not so sure. People are greedy. I think the attack would work (although I guess we will not see such an attack in the near future).

For example: Upload a modified Bitcoin client which accepts a bounty of 500000 BTC per block starting from a specific block. Rent Amazon and Google hashing power and produce some 20 blocks faster than the Bitcoin community does. During this time, produce 500000 BTC per fresh block and pay a large number of bitcoin addresses some extra Bitcoins (as a kind of bribery...). Then reduce the bounty again to 100 BTC per block (or, different approach, 50 BTC) and distribute the information on what you just have done to many forums.

Now there is this interesting dilemma: If a user/miner adopts your software and the new block chain...he gets a share of the extra coins. If he does not...he will not get a share of the extra coins. Of course you will also get a big share of extra coins. I am not so sure how many users will stick with the old block chain and not be tempted by the extra share they might get ... if they switch. (Of course, getting the modified software to accept the modified blocks is not a trivial engineering task - but it can be done).
staff
Activity: 4284
Merit: 8808
April 28, 2012, 03:09:58 PM
#10
Admittedly this IS exactly what I'm doing.  Its in the OP.  I"m asking for some brainstorming to take down bitcoin.  Thats the point.  

1)  Construct an attack that greatly reduces the hash rate.  I suggested DDoS all the miners simultaneously.
2)  Use opportunity to make changes to the block chain (2x spend, whatever)
3) Huh?
4) Profit

You see, i am talking about a malicious attacker.  One who wants to destroy Bitcoin and has a budget.

Thanks for providing (2).  You did not provide that before.  The attack you're suggesting doesn't work.

Difficulty adjustments require 2016 blocks and can only change the difficulty by a factor of 4 per cycle of 2016 blocks.  Your DOS attack, if effective, would slow down block creation while in effect but it would not substantially change the computational power required to rewrite any of the existing chain.

(It's perhaps also worth pointing out that pools are constantly under DOS attack— and many have have been successful DOSed before without much impact, most miners now autoswitch to backup pools... — and the rise of p2pool closes that particular issue ::shrugs:: )
full member
Activity: 195
Merit: 100
April 28, 2012, 02:44:32 PM
#9
Could be the profit is just to destroy it.

Agree completely.

Assume, Amazon or Google would want to disrupt the Bitcoin network...if they joined forces in their cloud and produced some 10 or 20 new blocks Bitcoin could be severely damaged within a few hours...depending on the transactions they would place into the block, of course. 
full member
Activity: 195
Merit: 100
April 28, 2012, 02:39:10 PM
#8
As per FUD, ENOUGH accusing every one of doing something wrong when they question the system.    Why is that so hard to get?

I made similar observations Smiley and suggest an explanation. Most people here have already decided that Bitcoin is their hobby or investment - wouldn't you be afraid to see your hobby fall apart and much more your investment?

In https://bitcointalksearch.org/topic/resisting-the-completely-open-source-attack-or-swarm-social-dynamics-78374 I have been pursuing similar thoughts, though not with the intent of attacking the block chain or modifying the protocol. The discussion there might be of interest for you as well, since I am presenting some possible, though highly unrealistic attacks, which could lead to similar effects than those you are studying here.
sr. member
Activity: 420
Merit: 250
bool eval(bool b){return b ? b==true : b==false;}
April 28, 2012, 02:34:45 PM
#7
Could be the profit is just to destroy it.

Let me scratch a scenario out of the box:
A large organisation can put some effort in developing fpga miners and thus easily overpower all gpu miners.
But why would they?
Well .. oil traded with btc would drive usd in hyperinflation.

Yes and of cause a bit too much thinking out of the box.

My point is: Yes, it is possible. But why would they?
The solution is to grow slowly but steadily and be always ready to approach the dangers in sight.
sr. member
Activity: 364
Merit: 250
April 28, 2012, 02:04:24 PM
#6
Accomplish the mission.
Otherwise you're just waving your arms, spreading FUD, and really just forcing the people trying to correct your FUD to spend the time inventing hypothetical attacks which you might mean but haven't even invested enough time or thought into to come up on your own.

Admittedly this IS exactly what I'm doing.  Its in the OP.  I"m asking for some brainstorming to take down bitcoin.  Thats the point.  

1)  Construct an attack that greatly reduces the hash rate.  I suggested DDoS all the miners simultaneously.
2)  Use opportunity to make changes to the block chain (2x spend, whatever)
3) Huh?
4) Profit

You see, i am talking about a malicious attacker.  One who wants to destroy Bitcoin and has a budget.

As per FUD, ENOUGH accusing every one of doing something wrong when they question the system.   Its becoming standard practice on message board to declare a post a FUD post as soon as the poster touches a nerve.  No one has answered what happens if this attack were launched yet, we need to think about all this and thats the point of my post.  Stop with the black helicopter stuff, i'm not some double agent.  I'm just doing my due diligence before i commit more of MY money to BTC.  Why is that so hard to get?

What about another attack vector, such as leaning on Gox.  What if they got raided, had their domain seized and their accounts frozen.  What then?  We go back to OTC?  Doesn't sound like a good thing.
staff
Activity: 4284
Merit: 8808
April 28, 2012, 01:54:17 PM
#5
Accomplish the mission.

What mission. You need to speak completely and concretely. Give the series of steps that will be performed and what the harms or profits are.

Otherwise you're just waving your arms, spreading FUD, and really just forcing the people trying to correct your FUD to spend the time inventing hypothetical attacks which you might mean but haven't even invested enough time or thought into to come up on your own.
Pages:
Jump to: