Topic: What to do in case of an attack on Bitcoin? (Read 1409 times)

Thanks mate. 

Poll the getinfo "errors" field. Alerts (and other problems) will be put there.

Is it possible to pull error messages/alerts from RPC or out side the Bitcoin network?
I'd like to have a website where people can go to check up on the alerts?

Great, thank you - this is exactly what I had in mind! Can't believe I missed that page when I was searching for it...

It is very reassuring to know that such a document already exists!

https://en.bitcoin.it/wiki/Contingency_plans
https://en.bitcoin.it/wiki/Alerts


They can poll getinfo.errors to receive alerts. If there are any alerts, then the network is almost certainly broken. Alerts will only ever be sent for very serious issues.

I'm not a programmer, so I can't really address the threats you mention, but I'm sure that for every person looking for a way to exploit the code, there are many more looking to make it more secure. That's why it is open source. A 51% attack is temporary at best and hopefully it will happen soon so we can learn from it.

There are a number of possible attacks (as I mentioned in my first sentence).
What if there is a bug in the client? What if somebody detects a flaw in the protocol? What if some cancerous nodes try to isolate a part of the network? What if somebody attempts a 51% attack (maybe after a DDoS on the pools)?

In each of these cases there are things that can be done to mitigate the damage, but the longer it takes to inform the right people, implement the necessary changes and roll them out, the more damage will be done to Bitcoin's reputation.

If there is a certain bug in the client, the devs might want to get the fix implemented at the pool servers as quickly as possible. Maybe merchants/exchanges would want to be informed that the Bitcoin network is currently in an unsafe condition and might want to temporarily stop processing Bitcoin transactions. If a hot-fix could result in a chain-split - who decides if this is the best/only way to fix the issue? What if some of the core devs are unavailable? A 51% attack could likely be prevented by activating stand-by hashing power but you'd quickly need a way to contact people willing to contribute their unused hashing power for this.
...
There simply are a lot of issues that could come up and might be dealt with sub-optimal when under time pressure.

Of course, a serious attack on Bitcoin may seem unlikely, but I think a kind of emergency protocol could really be useful in a crisis and certainly speed up the process of getting everything back on track.

I don't see the threat. How can anyone attack the Bitcoin network. Sure, some mining pools can be dd, but going solo mining or pool hopping will secure the integrity of the network.

Agreed.

I see you point about a some kind of massive alert system but who has the power to alert.

What kind of indicators should declare these alerts should be broadcasted....

One interesting thing I'd like to see is some how have the Bitcoin client itself detect time attacks and other vulnerabilities somehow then encode an alert codes into the block chain which each code could represent possible attack warnings but maybe 1 block is 1 too many, maybe somekind of IRC relay signal.... idk....

That's a valid point and I also don't think that all parts of such a plan should necessarily be public. On the other hand I didn't think of it as a defense plan either - just a protocol of operation in case of an emergency (like a plan for the fire exits, not a fire extinguisher).

While I fully acknowledge the power of decentralization, I also think that Bitcoin is about openness and we should not start to rely on some details about Bitcoin being hidden. I don't think public knowledge about some basic emergency protocols would be of much help to a possible attacker.

As dumb as this might sound maybe a public defense plan isn't the best plan of defense. As they will just counter your counter before you get the opportunity to counter their attacks and defend our selves.
Anyone else get that feeling that attackers will just use our own knowledge against us?

Maybe we should all educate each other amongst are selves... that way the flow of information is more distributed and impossible from any outside(or inside) influence to know the true depth of the knowledge the community has as a whole about how the blockchain and bitcoins work.


(edited)

Suppose the Bitcoin blockchain or network is under attack (maybe because of a flaw in the protocol, a bug in the client, malicious miners, DDoS on nodes, attempts to isolate parts of the network, ...). What would be the emergency steps for counteracting the attack or mitigating the harm? Who is in charge? Have Bitcoin devs and mining pool operators (possibly others) worked out a plan on what to do in case of an emergency?

Just a few ideas of what I think such a plan could cover (feel free to disregard any or all of them):

• list of possible attack scenarios with rough guidelines for countermeasures
• ensure that key people have each others phone numbers and GPG keys
• decide on a voting mechanism in case of possibly controversial hot-fixes for the client
• a way to activate standby hashing power (inform cooperative owners of unused capacities)
• make sure that mining pool operators can quickly implement blockchain checkpoints
• a blueprint for a signed public announcement
• an efficient way to inform the community
• a documented format for messages over the alert system
• a secure information channel over which merchants/exchanges could be informed so that they can (automatically) suspend accepting Bitcoin payments for the time of the attack

I understand that some of those things might seem to go against Bitcoin's decentralized nature, but in case of an attack it could make a big difference for the whole Bitcoin ecosystem, if a few people know what to do and cooperate efficiently.

With more and more people and businesses relying on the operation of the Bitcoin network, an emergency plan would be somewhat reassuring - especially since some attacks might require quick action to prevent major turmoil.

Your thoughts?