Tier Nolan [ARCHIVE] on Nostr: 📅 Original date posted:2015-05-13 📝 Original message:On Wed, May 13, 2015 at ...
📅 Original date posted:2015-05-13
📝 Original message:On Wed, May 13, 2015 at 1:26 PM, Alex Mizrahi <alex.mizrahi at gmail.com>
wrote:
> He tries to investigate, and after some time discovers that his router (or
> his ISP's router) was hijacked. His Bitcoin node couldn't connect to any of
> the legitimate nodes, and thus got a complete fake chain from the attacker.
> Bitcoins he received were totally fake.
>
> Bitcoin Core did a shitty job and confirmed some fake transactions.
>
I don't really see how you can protect against total isolation of a node
(POS or POW). You would need to find an alternative route for the
information.
Even encrypted connections are pointless without authentication of who you
are communicating with.
Again, it is part of the security model that you can connect to at least
one honest node.
Someone tweated all the bitcoin headers at one point. The problem is that
if everyone uses the same check, then that source can be compromised.
> WIthout checkpoints an attacker could prepare a fork for $10.
> With checkpoints, it would cost him at least $1000, but more likely
upwards of $100000.
> That's quite a difference, no?
Headers first mean that you can't knock a synced node off the main chain
without winning the POW race.
Checkpoints can be replaced with a minimum amount of POW for initial sync.
This prevents spam of low POW blocks. Once a node is on a chain with at
least that much POW, it considers it the main chain.,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150513/c0aa03e4/attachment.html>
📝 Original message:On Wed, May 13, 2015 at 1:26 PM, Alex Mizrahi <alex.mizrahi at gmail.com>
wrote:
> He tries to investigate, and after some time discovers that his router (or
> his ISP's router) was hijacked. His Bitcoin node couldn't connect to any of
> the legitimate nodes, and thus got a complete fake chain from the attacker.
> Bitcoins he received were totally fake.
>
> Bitcoin Core did a shitty job and confirmed some fake transactions.
>
I don't really see how you can protect against total isolation of a node
(POS or POW). You would need to find an alternative route for the
information.
Even encrypted connections are pointless without authentication of who you
are communicating with.
Again, it is part of the security model that you can connect to at least
one honest node.
Someone tweated all the bitcoin headers at one point. The problem is that
if everyone uses the same check, then that source can be compromised.
> WIthout checkpoints an attacker could prepare a fork for $10.
> With checkpoints, it would cost him at least $1000, but more likely
upwards of $100000.
> That's quite a difference, no?
Headers first mean that you can't knock a synced node off the main chain
without winning the POW race.
Checkpoints can be replaced with a minimum amount of POW for initial sync.
This prevents spam of low POW blocks. Once a node is on a chain with at
least that much POW, it considers it the main chain.,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150513/c0aa03e4/attachment.html>