Topic: [Theoretical]The Short-Circuit 51% attack vulnerability in non Sha256 altcoins. - page 2. (Read 4171 times)
June 28, 2014, 10:55:29 PM
and it wouldn't make for a valid 51% attack because since your blocks will be rejected from the start your hashrate won't even register on the network thus you will not be able to attack anything.
June 28, 2014, 10:53:25 PM
ahmed_bodi just made a good point, even if you mod your client and submit a buttload of directly generated sha blocks, the other nodes on the network will still verify using the usual method and thus will reject your blocks and ultimately mark you as a doser.
June 28, 2014, 10:49:49 PM
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
You have a wrong premise. The main vulnerability is NOT bitcoin hardware, but the speed differential between sha256 and other hashes. If cryptonight hashes at a few hashes per second and you use a sha256 800 mhash GPU (7970), why would you need an ASIC hardware? You will already have 99.9% of the network.
Excuse me:
He writes
Quote
As you can see, these alternative hashing implementations are reliant on conversion back to uint256 then hashed as sha256, meaning that the entire hashing process can simply be shortcircuited back to sha256, bypassing these algorithms entirely, making the coin mineable by sha256 asics.
Why would the short-circuiting of the hash only work in ASICs and not in CPUs or GPUs (with SHA256 mining software)? Please explain this to me because I'm an idiot.
Yeah he didn't get that, your point is valid, you don't need asics to mine sha256, you can generate sha256 blocks with any mining hardware
Exactly. And GPU sha256 is orders of magnitude faster than many other algos (so bypassing the other algos ensures a tremendous speed advantage). Hence the "requirement" for ASIC sha256 to "test it" is bogus. So why doesn't he make a software mining client for cpu or gpu so that we can see it?
it's not the mining client that needs to be modified, it's the actual coin source from what I understand so that you skip the primary hash verification and go directly to the sha256 one. The network should see it as a valid hash since it's ultimately a sha256 hash.
Yes, that's what I actually meant (wrote it wrong). Even the wallet can mine with a cpu sha256 - and be quite fast at it (compared to slow algos running on GPUs).
June 28, 2014, 10:47:34 PM
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
You have a wrong premise. The main vulnerability is NOT bitcoin hardware, but the speed differential between sha256 and other hashes. If cryptonight hashes at a few hashes per second and you use a sha256 800 mhash GPU (7970), why would you need an ASIC hardware? You will already have 99.9% of the network.
Excuse me:
He writes
Quote
As you can see, these alternative hashing implementations are reliant on conversion back to uint256 then hashed as sha256, meaning that the entire hashing process can simply be shortcircuited back to sha256, bypassing these algorithms entirely, making the coin mineable by sha256 asics.
Why would the short-circuiting of the hash only work in ASICs and not in CPUs or GPUs (with SHA256 mining software)? Please explain this to me because I'm an idiot.
Yeah he didn't get that, your point is valid, you don't need asics to mine sha256, you can generate sha256 blocks with any mining hardware
Exactly. And GPU sha256 is orders of magnitude faster than many other algos (so bypassing the other algos ensures a tremendous speed advantage). Hence the "requirement" for ASIC sha256 to "test it" is bogus. So why doesn't he make a software mining client for cpu or gpu so that we can see it?
it's not the mining client that needs to be modified, it's the actual coin source from what I understand so that you skip the primary hash verification and go directly to the sha256 one. The network should see it as a valid hash since it's ultimately a sha256 hash.
June 28, 2014, 10:47:21 PM
shhh 
r3wt don't let reality get in the way of some good 'innovation' stories 
r3wt don't let reality get in the way of some good 'innovation' stories Quoting this, so it doesn't get edited and I can come back later for a story.
the checksum method only validates that a block is a valid sha256 hash less than or equal to the target described in the equation. this means, that at the hashing level there are nothing to verify how a hash was produced, only that it confirms all previous work and contains valid transaction data, satisfying the "Proof of Work" concept.
There is a check for the correct PoW hash in CheckBlock():
// Check proof of work matches claimed amount
if (!CheckProofOfWork(GetPoWHash(), nBits))
return DoS(50, error("CheckBlock() : proof of work failed"));
I don't see how you can get around this check.
He says his client can get around this CheckBlock
June 28, 2014, 10:44:28 PM
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
You have a wrong premise. The main vulnerability is NOT bitcoin hardware, but the speed differential between sha256 and other hashes. If cryptonight hashes at a few hashes per second and you use a sha256 800 mhash GPU (7970), why would you need an ASIC hardware? You will already have 99.9% of the network.
Excuse me:
He writes
Quote
As you can see, these alternative hashing implementations are reliant on conversion back to uint256 then hashed as sha256, meaning that the entire hashing process can simply be shortcircuited back to sha256, bypassing these algorithms entirely, making the coin mineable by sha256 asics.
Why would the short-circuiting of the hash only work in ASICs and not in CPUs or GPUs (with SHA256 mining software)? Please explain this to me because I'm an idiot.
Yeah he didn't get that, your point is valid, you don't need asics to mine sha256, you can generate sha256 blocks with any mining hardware
Exactly. And GPU sha256 is orders of magnitude faster than many other algos (so bypassing the other algos ensures a tremendous speed advantage). Hence the "requirement" for ASIC sha256 to "test it" is bogus. So why doesn't he make a software mining client for cpu or gpu so that we can see it?
June 28, 2014, 10:42:46 PM
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
You have a wrong premise. The main vulnerability is NOT bitcoin hardware, but the speed differential between sha256 and other hashes. If cryptonight hashes at a few hashes per second and you use a sha256 800 mhash GPU (7970), why would you need an ASIC hardware? You will already have 99.9% of the network.
Excuse me:
He writes
Quote
As you can see, these alternative hashing implementations are reliant on conversion back to uint256 then hashed as sha256, meaning that the entire hashing process can simply be shortcircuited back to sha256, bypassing these algorithms entirely, making the coin mineable by sha256 asics.
Why would the short-circuiting of the hash only work in ASICs and not in CPUs or GPUs (with SHA256 mining software)? Please explain this to me because I'm an idiot.
Yeah he didn't get that, your point is valid, you don't need asics to mine sha256, you can generate sha256 blocks with any mining hardware
June 28, 2014, 10:41:48 PM
Hmmm so you're saying get a modified client, rip out the part where the hash is verified on it's respective algo and just leave the part where the hash is verified after the sha256 final hashing thus if the submitted block was created using sha256 correctly the final check will pass it as good ... it's a very good question but I'm in no position to respond to it. I've messaged a trained coin dev with your thread as it seems very very interesting.
June 28, 2014, 10:41:18 PM
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
You have a wrong premise. The main vulnerability is NOT bitcoin hardware, but the speed differential between sha256 and other hashes. If cryptonight hashes at a few hashes per second and you use a sha256 800 mhash GPU (7970), why would you need an ASIC hardware? You will already have 99.9% of the network.
Excuse me:
He writes
Quote
As you can see, these alternative hashing implementations are reliant on conversion back to uint256 then hashed as sha256, meaning that the entire hashing process can simply be shortcircuited back to sha256, bypassing these algorithms entirely, making the coin mineable by sha256 asics.
Why would the short-circuiting of the hash only work in ASICs and not in CPUs or GPUs (with SHA256 mining software)? Please explain this to me because I'm an idiot.
June 28, 2014, 10:38:51 PM
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
You have a wrong premise. The main vulnerability is NOT bitcoin hardware, but the speed differential between sha256 and other hashes. If cryptonight hashes at a few hashes per second and you use a sha256 800 mhash GPU (7970), why would you need an ASIC hardware? You will already have 99.9% of the network.
you're both not understanding each other. your arguments have nothing to do with his and vice versa.
June 28, 2014, 10:37:15 PM
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
You have a wrong premise. The main vulnerability is NOT bitcoin hardware, but the speed differential between sha256 and other hashes. If cryptonight hashes at a few hashes per second and you use a sha256 800 mhash GPU (7970), why would you need an ASIC hardware? You will already have 99.9% of the network.
June 28, 2014, 10:37:07 PM
If I understand this correctly and it's a fesible scenario it wouldn't affect multi-pows like myriad because submitting a sha256 generated block directly will be assigned to the sha256 part of the chain and will not affect the other 4 algorithms even though their final hash is done via sha hashing.
June 28, 2014, 10:31:55 PM
Wouldn't it be easier to "make the point" by moding a mining program and raping non-sha altcoins?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
I'm seeking someone with a fairly large amount of Sha 256 asics to help me test the theory.
Some altcoin algos run at like 3-5 Mhs at some GPUs while SHA256 runs at like 500 MHs. It's already 100x+. Why do you need asics? Mod a client and have fun.
In the case of cryptonight which runs at like a few hashes per sec, you are orders of magnitude faster with 500 MHs of a GPU sha256.
You don't understand the premise at all. The hashes are always converted back to sha256, meaning theoretically you could short circuit the entire algorithms of these coins with bitcoin's sha 256 algorithm and still produce valid blocks on the network.
No I understand what you are saying. I do not understand why you "require" sha256 asics for "testing it". You can test it even with a cpu (or gpu).
The premise here is that this flaw could allow 51% attacks on alternate-algorithm coins with bitcoin hardware.
June 28, 2014, 10:31:00 PM
Wouldn't it be easier to "make the point" by moding a mining program and raping non-sha altcoins?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
I'm seeking someone with a fairly large amount of Sha 256 asics to help me test the theory.
Some altcoin algos run at like 3-5 Mhs at some GPUs while SHA256 runs at like 500 MHs. It's already 100x+. Why do you need asics? Mod a client and have fun.
In the case of cryptonight which runs at like a few hashes per sec, you are orders of magnitude faster with 500 MHs of a GPU sha256.
You don't understand the premise at all. The hashes are always converted back to sha256, meaning theoretically you could short circuit the entire algorithms of these coins with bitcoin's sha 256 algorithm and still produce valid blocks on the network.
No I understand what you are saying. I do not understand why you "require" sha256 asics for "testing it". You can test it even with a cpu (or gpu).
Yea, in theory one of the slow chained scrypts should be vulnerable, how about Franko? Mod a client and hit that shit hard, lets see if it will break.
June 28, 2014, 10:30:34 PM
the checksum method only validates that a block is a valid sha256 hash less than or equal to the target described in the equation. this means, that at the hashing level there are nothing to verify how a hash was produced, only that it confirms all previous work and contains valid transaction data, satisfying the "Proof of Work" concept.
There is a check for the correct PoW hash in CheckBlock():
// Check proof of work matches claimed amount
if (!CheckProofOfWork(GetPoWHash(), nBits))
return DoS(50, error("CheckBlock() : proof of work failed"));
I don't see how you can get around this check.
Well yes, thats the basics of proof of work. however the problem is, its only verifying a sha 256 hash. not the hashes that produced that hash, so my premise is that you can shortcircuit the entire process and just mine any of these coins with sha 256 ASIC.
June 28, 2014, 10:29:14 PM
Wouldn't it be easier to "make the point" by moding a mining program and raping non-sha altcoins?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
I'm seeking someone with a fairly large amount of Sha 256 asics to help me test the theory.
Some altcoin algos run at like 3-5 Mhs at some GPUs while SHA256 runs at like 500 MHs. It's already 100x+. Why do you need asics? Mod a client and have fun.
In the case of cryptonight which runs at like a few hashes per sec, you are orders of magnitude faster with 500 MHs of a GPU sha256.
You don't understand the premise at all. The hashes are always converted back to sha256, meaning theoretically you could short circuit the entire algorithms of these coins with bitcoin's sha 256 algorithm and still produce valid blocks on the network.
No I understand what you are saying. I do not understand why you "require" sha256 asics for "testing it". You can test it even with a cpu (or gpu).
June 28, 2014, 10:27:28 PM
Wouldn't it be easier to "make the point" by moding a mining program and raping non-sha altcoins?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
I'm seeking someone with a fairly large amount of Sha 256 asics to help me test the theory.
Some altcoin algos run at like 3-5 Mhs at some GPUs while SHA256 runs at like 500 MHs. It's already 100x+. Why do you need asics? Mod a client and have fun.
In the case of cryptonight which runs at like a few hashes per sec, you are orders of magnitude faster with 500 MHs of a GPU sha256.
You don't understand the premise at all. The hashes are always converted back to sha256, meaning theoretically you could short circuit the entire algorithms of these coins with bitcoin's sha 256 algorithm and still produce valid blocks on the network.
June 28, 2014, 10:27:10 PM
the checksum method only validates that a block is a valid sha256 hash less than or equal to the target described in the equation. this means, that at the hashing level there are nothing to verify how a hash was produced, only that it confirms all previous work and contains valid transaction data, satisfying the "Proof of Work" concept.
There is a check for the correct PoW hash in CheckBlock():
// Check proof of work matches claimed amount
if (!CheckProofOfWork(GetPoWHash(), nBits))
return DoS(50, error("CheckBlock() : proof of work failed"));
I don't see how you can get around this check.
June 28, 2014, 10:21:35 PM
Wouldn't it be easier to "make the point" by moding a mining program and raping non-sha altcoins?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
I'm seeking someone with a fairly large amount of Sha 256 asics to help me test the theory.
Some altcoin algos run at like 3-5 Mhs at some GPUs while SHA256 runs at like 500 MHs. It's already 100x+. Why do you need asics? Mod a client and have fun.
In the case of cryptonight which runs at like a few hashes per sec, you are orders of magnitude faster with 500 MHs of a GPU running sha256.
June 28, 2014, 10:19:48 PM
Wouldn't it be easier to "make the point" by moding a mining program and raping non-sha altcoins?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
Why expend energy in trying to convince others about the theory, instead of actually doing it and showing it? What is the obstacle?
I'm seeking someone with a fairly large amount of Sha 256 asics to help me test the theory.
Jump to: