Wonder who this solominer is? 88.6.216.9

johnwoodworth598

member

Activity: 518

Merit: 10

Quote from: eleuthria on March 06, 2012, 05:16:14 PM

Very interested to find out what this IP is. Been looking at it, and the way the transactions work, paired with the size makes me fear it's a botnet. The easiest way to run a botnet without a pool: Make a special server that distributes a wallet address, a hash of the previous block, and the current difficulty, and let the bot do all its own work instead of the grabbing work from bitcoind.

It would be one hell of a botnet. Looking at blocks in last 24 hours unless it is on one monster lucky spree it would need to have ~1800 GH/s. Since average CPU is maybe 1 MH/s (unless it is a botnet which just targets i-7 nodes) we are talking 1.8 million active nodes.

Aseras

hero member

Activity: 658

Merit: 500

Key pair signing would also enable other things like enabling revocation of transactions. A method could be developed that would enable stolen coins to be recovered or made worthless.

Say a large amont of coins were stolen. If they had a private key assigned, an insurance transaction could be made for the same amount with a revocation key attached to invalidate the transfer after a lengthy confirmation period. As soon as the transaction hits the chain the addresses are block from transferring coins. This could also be challenged by doing another challenge transaction in the same way. You could add in some security features like requiring a public ip address to broadcast during the entire revocation period to dispute. In that way the source could be traced. For a thief they would not be able to "afford" the chargeback or hide anonymously. It's not free per se to do either so it's not readily abuseable.

Quote from: DeathAndTaxes on May 10, 2012, 05:00:37 PM

Quote from: pieppiep on May 10, 2012, 12:19:10 PM

You don't need a protocol change to do that if it's already possible to put your information in it.
Just change the extra information to
your name + previous block hash you've mined + sign(your name + previous block hash)
It should be possible to not insert this information so real anonymous mining stays possible.

That won't work but I wasn't suggesting a breaking protocol change but rather an agreed upon optional standard which is fully backwards compatible.

Instead something like pools (optionally) create a public private keypair used for signing (probably should have mechanism for revocation or replacement).
The pool would modify the getwork so that they hash some standardized identifer (should be specific to the block to avoid substitution attack) and sign it.

Yes I was indicating such a system should be optional but sites like blockchain.info could scan the block look for a signature and then verify it w/ the pool's public key. In cases where the block can't be verified (or no signature is present) blockchain.info and other sites could still try to guestimate the origin by IP address. As long as the signature is placed somewhere which isn't a breaking change uniformed clients would simply ignore it.

swissmate

sr. member

Activity: 364

Merit: 250

Might be the supercomputer at Granada's University, I went to see it and it is BIG AS HELL with loads of gpu's

R-

full member

Activity: 238

Merit: 100

Pasta

Did we figure this one out?

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: rjk on May 10, 2012, 12:21:30 PM

Quote from: pieppiep on May 10, 2012, 12:19:10 PM

You don't need a protocol change to do that if it's already possible to put your information in it.
Just change the extra information to
your name + previous block hash you've mined + sign(your name + previous block hash)
It should be possible to not insert this information so real anonymous mining stays possible.

Anyone can get the previous hash from your pool. It's in the blockchain, after all.

However, publishing some kind of signature based on the block number or hash, signed by a pool's private key would be ideal.

Except in a 51% attack.

The signature would need to contain something specific to the block (like merkle tree hash).

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: pieppiep on May 10, 2012, 12:19:10 PM

You don't need a protocol change to do that if it's already possible to put your information in it.
Just change the extra information to
your name + previous block hash you've mined + sign(your name + previous block hash)
It should be possible to not insert this information so real anonymous mining stays possible.

That won't work but I wasn't suggesting a breaking protocol change but rather an agreed upon optional standard which is fully backwards compatible.

Instead something like pools (optionally) create a public private keypair used for signing (probably should have mechanism for revocation or replacement).
The pool would modify the getwork so that they hash some standardized identifer (should be specific to the block to avoid substitution attack) and sign it.

Yes I was indicating such a system should be optional but sites like blockchain.info could scan the block look for a signature and then verify it w/ the pool's public key. In cases where the block can't be verified (or no signature is present) blockchain.info and other sites could still try to guestimate the origin by IP address. As long as the signature is placed somewhere which isn't a breaking change uniformed clients would simply ignore it.

rjk

sr. member

Activity: 448

Merit: 250

1ngldh

Quote from: pieppiep on May 10, 2012, 12:19:10 PM

You don't need a protocol change to do that if it's already possible to put your information in it.
Just change the extra information to
your name + previous block hash you've mined + sign(your name + previous block hash)
It should be possible to not insert this information so real anonymous mining stays possible.

Anyone can get the previous hash from your pool. It's in the blockchain, after all.

However, publishing some kind of signature based on the block number or hash, signed by a pool's private key would be ideal.

pieppiep

hero member

Activity: 1596

Merit: 502

You don't need a protocol change to do that if it's already possible to put your information in it.
Just change the extra information to
your name + previous block hash you've mined + sign(your name + previous block hash)
It should be possible to not insert this information so real anonymous mining stays possible.

rjk

sr. member

Activity: 448

Merit: 250

1ngldh

Quote from: Shadow383 on May 10, 2012, 12:15:29 PM

Quote from: rjk on May 10, 2012, 10:27:52 AM

Quote from: pieppiep on May 10, 2012, 10:23:35 AM

Quote from: DeathAndTaxes on May 10, 2012, 10:14:53 AM

Honestly we need strongly signed blocks. It can be optional but I imagine most pools would sign their blocks. Major farms (GBLSE) would sign blocks to prove their contract's hashing power. I think a majority of p2pool miners and even some solo miners would strongly sign their blocks.

While not everyone would sign blocks it would eliminate the false positives and reduce the amount of unknown to the truly unknown.

Strongly signed blocks can be the precursor for more complex pool based services (like 0-confirm surety contracts).

What is the benefit of signed blocks? So we can see who mined it?

Yes. Right now, anyone can put almost anything in the blockchain to "prove" who made a block, but that doesn't stop anyone from putting someone else's info in to masquerade as them. There isn't usually any incentive to do that though, except in the case of something such as a botnet.

And can you imagine the chaos if someone with a moderate sized botnet started posing as a popular pool? It could make it appear that a pool was scamming its miners by not reporting blocks.
I think the major pools should publish the IP addresses that they publish blocks on, so that we can get a handle on who is submitting which blocks even before we start looking at signing.

If they are going to always publish blocks from a specific IP as a way of identification, then they will need to disable relaying functionality, otherwise said botnet would just relay through them.

Shadow383

sr. member

Activity: 336

Merit: 250

Quote from: rjk on May 10, 2012, 10:27:52 AM

Quote from: pieppiep on May 10, 2012, 10:23:35 AM

Quote from: DeathAndTaxes on May 10, 2012, 10:14:53 AM

Honestly we need strongly signed blocks. It can be optional but I imagine most pools would sign their blocks. Major farms (GBLSE) would sign blocks to prove their contract's hashing power. I think a majority of p2pool miners and even some solo miners would strongly sign their blocks.

While not everyone would sign blocks it would eliminate the false positives and reduce the amount of unknown to the truly unknown.

Strongly signed blocks can be the precursor for more complex pool based services (like 0-confirm surety contracts).

What is the benefit of signed blocks? So we can see who mined it?

Yes. Right now, anyone can put almost anything in the blockchain to "prove" who made a block, but that doesn't stop anyone from putting someone else's info in to masquerade as them. There isn't usually any incentive to do that though, except in the case of something such as a botnet.

And can you imagine the chaos if someone with a moderate sized botnet started posing as a popular pool? It could make it appear that a pool was scamming its miners by not reporting blocks.
I think the major pools should publish the IP addresses that they publish blocks on, so that we can get a handle on who is submitting which blocks even before we start looking at signing.

rjk

sr. member

Activity: 448

Merit: 250

1ngldh

Quote from: pieppiep on May 10, 2012, 10:23:35 AM

Quote from: DeathAndTaxes on May 10, 2012, 10:14:53 AM

Honestly we need strongly signed blocks. It can be optional but I imagine most pools would sign their blocks. Major farms (GBLSE) would sign blocks to prove their contract's hashing power. I think a majority of p2pool miners and even some solo miners would strongly sign their blocks.

While not everyone would sign blocks it would eliminate the false positives and reduce the amount of unknown to the truly unknown.

Strongly signed blocks can be the precursor for more complex pool based services (like 0-confirm surety contracts).

What is the benefit of signed blocks? So we can see who mined it?

Yes. Right now, anyone can put almost anything in the blockchain to "prove" who made a block, but that doesn't stop anyone from putting someone else's info in to masquerade as them. There isn't usually any incentive to do that though, except in the case of something such as a botnet.

pieppiep

hero member

Activity: 1596

Merit: 502

Quote from: DeathAndTaxes on May 10, 2012, 10:14:53 AM

Honestly we need strongly signed blocks. It can be optional but I imagine most pools would sign their blocks. Major farms (GBLSE) would sign blocks to prove their contract's hashing power. I think a majority of p2pool miners and even some solo miners would strongly sign their blocks.

While not everyone would sign blocks it would eliminate the false positives and reduce the amount of unknown to the truly unknown.

Strongly signed blocks can be the precursor for more complex pool based services (like 0-confirm surety contracts).

What is the benefit of signed blocks? So we can see who mined it?

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Honestly we need strongly signed blocks. It can be optional but I imagine most pools would sign their blocks. Major farms (GBLSE) would sign blocks to prove their contract's hashing power. I think a majority of p2pool miners and even some solo miners would strongly sign their blocks.

While not everyone would sign blocks it would eliminate the false positives and reduce the amount of unknown to the truly unknown.

Strongly signed blocks can be the precursor for more complex pool based services (like 0-confirm surety contracts).

Clipse

hero member

Activity: 504

Merit: 502

Its deepbit.

P4man

hero member

Activity: 518

Merit: 500

Quote from: gr0bi42 on May 10, 2012, 06:19:16 AM

Maybe he's back, but with a different ip-adress: 85.17.27.234.

Look at blockchain:
http://blockchain.info/pools
http://blockchain.info/blocks/85.17.27.234

14 blocks in 24h (like BTC-Guild). This is around 1.5 TH/s.

I only checked a few of those, but they all seem deepbit blocks:
http://blockorigin.pfoe.be/blocklist.php

dizzy1

full member

Activity: 134

Merit: 100

Quote from: gr0bi42 on May 10, 2012, 06:19:16 AM

Maybe he's back, but with a different ip-address: 85.17.27.234.

Look at blockchain:
http://blockchain.info/pools
http://blockchain.info/blocks/85.17.27.234

14 blocks in 24h (like BTC-Guild). This is around 1.5 TH/s.

Reverse lookup for that ip places it in the leaseweb datacenter. If anyone has solid proof its a botnet, email it to [email protected].

gr0bi42

full member

Activity: 158

Merit: 100

Maybe he's back, but with a different ip-adress: 85.17.27.234.

Look at blockchain:
http://blockchain.info/pools
http://blockchain.info/blocks/85.17.27.234

14 blocks in 24h (like BTC-Guild). This is around 1.5 TH/s.

BinaryMage

hero member

Activity: 560

Merit: 500

Ad astra.

Quote from: MagicSata on May 09, 2012, 11:57:23 AM

Quote from: rjk on May 08, 2012, 03:27:56 PM

Quote from: MagicSata on May 08, 2012, 02:48:51 PM

I have managed to get my hands on iMine botnet thingy and all it does is connects to a specified pool.
Of course I will not be using it as a botnet as advertised.

Are you able to determine who's code it is based on? Ufasoft, cgminer, etc? Can you tell what language it is written in?

It would appear to be coded in vb6 and uses Ufasoft.

Visual Basic... Not exactly the programming language of choice I would have expected from a hacker.

MagicSata

newbie

Activity: 17

Merit: 0

Quote from: rjk on May 08, 2012, 03:27:56 PM

Quote from: MagicSata on May 08, 2012, 02:48:51 PM

I have managed to get my hands on iMine botnet thingy and all it does is connects to a specified pool.
Of course I will not be using it as a botnet as advertised.

Are you able to determine who's code it is based on? Ufasoft, cgminer, etc? Can you tell what language it is written in?

It would appear to be coded in vb6 and uses Ufasoft.

Gomeler

hero member

Activity: 697

Merit: 500

Quote from: Aseras on May 09, 2012, 09:36:30 AM

Current FPGA are high up front cost and no resale. Either you are doing it for long term and will perhaps break even in a year or two, or you were an early adopter and have a scrooge mcduck pile of coins to cash in to "waste" on them.

The real GPU killer will be when someone gets either super cheap FPGA or an ASIC developed.

So basically if you are in bitcoin for a quick buck then FPGAs, in your mind, make no sense. I agree there, you can't just peddle FPGA miners on eBay. But damn do those $500/month powerbills get scary real fast with GPUs Grin

Topic: Wonder who this solominer is? 88.6.216.9 (Read 60438 times)