Jorge Timón [ARCHIVE] on Nostr: 📅 Original date posted:2011-12-15 🗒️ Summary of this message: Using a ...
📅 Original date posted:2011-12-15
🗒️ Summary of this message: Using a publicly available alias system for Bitcoin addresses could be vulnerable to a DOS attack, consuming considerable resources over time. A solution is suggested to limit address changes.
📝 Original message:2011/12/15, Jordan Mack <jordanmack at parhelic.com>:
> I believe it is also worth mentioning the possible susceptibility of a
> DOS attack on a publicly available alias system. Assuming that an alias
> lookup triggers the creation of a new Bitcoin address, the private key
> would need to be retained indefinitely. If gone unnoticed, this could
> consume considerable resources over time. Unlike system logs and such,
> this is not something that can be so easily pruned.
You're right. Then servers should not use a different address with
every lookup. Maybe don't change it more than once per
min/hour/whatever, maybe wait to see a payment to that address to
start giving another one...
🗒️ Summary of this message: Using a publicly available alias system for Bitcoin addresses could be vulnerable to a DOS attack, consuming considerable resources over time. A solution is suggested to limit address changes.
📝 Original message:2011/12/15, Jordan Mack <jordanmack at parhelic.com>:
> I believe it is also worth mentioning the possible susceptibility of a
> DOS attack on a publicly available alias system. Assuming that an alias
> lookup triggers the creation of a new Bitcoin address, the private key
> would need to be retained indefinitely. If gone unnoticed, this could
> consume considerable resources over time. Unlike system logs and such,
> this is not something that can be so easily pruned.
You're right. Then servers should not use a different address with
every lookup. Maybe don't change it more than once per
min/hour/whatever, maybe wait to see a payment to that address to
start giving another one...