Gavin Andresen [ARCHIVE] on Nostr: 📅 Original date posted:2011-09-13 🗒️ Summary of this message: Bitcoin's ...
📅 Original date posted:2011-09-13
🗒️ Summary of this message: Bitcoin's "timejacking" vulnerability allows miners to manipulate block timestamps, leading to difficulty adjustment issues. Fixing it requires addressing the "what time is it" code.
📝 Original message:Background:
Timejacking:
http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html
And a recent related exploit launched against the low-difficulty
alternative chains:
https://bitcointalk.org/index.php?topic=43692.msg521772#msg521772
Seems to me there are two fundamental problems:
1) Bitcoin should be overlapping the ranges of block timestamps that
it uses to calculate difficulty adjustments.
2) Bitcoin's "what time is it" code is kind of a hack.
Fixing (1) would mean a potential block-chain split; before
considering doing that I'd like to consider second-best solutions.
Fixing (2) is easier; incorporating a ntp library and/or simply
removing the bitcoin mining code from the client but requiring pools
and miners to have accurate-to-within-a-minute system clocks (or their
blocks will be "discouraged") seems reasonable to me. If you want to
produce blocks that the rest of the network will accept, run ntp on
your system.
I THINK that fixing (2) will make (1) a non-issue-- if miners can't
mess around with block times very much then it will be very difficult
for them to manipulate the difficulty for their benefit.
--
--
Gavin Andresen
🗒️ Summary of this message: Bitcoin's "timejacking" vulnerability allows miners to manipulate block timestamps, leading to difficulty adjustment issues. Fixing it requires addressing the "what time is it" code.
📝 Original message:Background:
Timejacking:
http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html
And a recent related exploit launched against the low-difficulty
alternative chains:
https://bitcointalk.org/index.php?topic=43692.msg521772#msg521772
Seems to me there are two fundamental problems:
1) Bitcoin should be overlapping the ranges of block timestamps that
it uses to calculate difficulty adjustments.
2) Bitcoin's "what time is it" code is kind of a hack.
Fixing (1) would mean a potential block-chain split; before
considering doing that I'd like to consider second-best solutions.
Fixing (2) is easier; incorporating a ntp library and/or simply
removing the bitcoin mining code from the client but requiring pools
and miners to have accurate-to-within-a-minute system clocks (or their
blocks will be "discouraged") seems reasonable to me. If you want to
produce blocks that the rest of the network will accept, run ntp on
your system.
I THINK that fixing (2) will make (1) a non-issue-- if miners can't
mess around with block times very much then it will be very difficult
for them to manipulate the difficulty for their benefit.
--
--
Gavin Andresen