Matthieu Riou [ARCHIVE] on Nostr: 📅 Original date posted:2015-07-15 📝 Original message:On Wed, Jul 15, 2015 at ...
📅 Original date posted:2015-07-15
📝 Original message:On Wed, Jul 15, 2015 at 12:32 PM, Peter Todd <pete at petertodd.org> wrote:
>
> "In a Sybil attack the attacker subverts the reputation system of a
> peer-to-peer network by creating a large number of pseudonymous
> identities, using them to gain a disproportionately large influence."
>
Our "identities" aren't pseudonymous.
In the case of Bitcoin, there's something like 6,000 nodes, so if that
> 20% is achived via outgoing connections you'd have 600 to 1200 active
> outgoing connections using up network resources. Meanwhile, the default
> is 8 outgoing connections - you're using about two orders of magnitude
> more resources.
>
You're not talking about a Sybil attack anymore, just resource use. We do
know how to change default configurations to offer more connections.
If you are achieving that via incoming connections, you're placing a big
> part of the relay network under central control. As we've seen in the
> case of Chainalysis's sybil attack, even unintentional confirguation
> screwups can cause serious and widespread issues due to the large number
> of nodes that can fail in one go. (note how Chainalysis's actions were
> described(1) as a sybil attack by multiple Bitcoin devs, including
> Gregory Maxwell, Wladimir van der Laan, and myself)
>
We're not Chainanalysis and we do not run hundreds of distinct nodes. Just
a few well-tuned ones.
> What you are doing is inherently incompatible with decentralization.
>
That's a matter of opinion. One could argue your actions and control
attempts hurt decentralization. Either way, no one should play the
decentralization police or act as a gatekeeper.
Question: Do you have relationships with mining pools? For instance, are
> you looking at contracts to have transactions mined to guarantee
> confirmations?
>
No, we do not. We do not know anyone else having such contracts. As you
know, Coinbase also denied having such contracts in place [1]. But you seem
to have more relationships with mining pools than we do.
Thanks,
Matthieu
CTO and Founder, BlockCypher
[1]
http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-June/008864.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150715/d6778351/attachment.html>
📝 Original message:On Wed, Jul 15, 2015 at 12:32 PM, Peter Todd <pete at petertodd.org> wrote:
>
> "In a Sybil attack the attacker subverts the reputation system of a
> peer-to-peer network by creating a large number of pseudonymous
> identities, using them to gain a disproportionately large influence."
>
Our "identities" aren't pseudonymous.
In the case of Bitcoin, there's something like 6,000 nodes, so if that
> 20% is achived via outgoing connections you'd have 600 to 1200 active
> outgoing connections using up network resources. Meanwhile, the default
> is 8 outgoing connections - you're using about two orders of magnitude
> more resources.
>
You're not talking about a Sybil attack anymore, just resource use. We do
know how to change default configurations to offer more connections.
If you are achieving that via incoming connections, you're placing a big
> part of the relay network under central control. As we've seen in the
> case of Chainalysis's sybil attack, even unintentional confirguation
> screwups can cause serious and widespread issues due to the large number
> of nodes that can fail in one go. (note how Chainalysis's actions were
> described(1) as a sybil attack by multiple Bitcoin devs, including
> Gregory Maxwell, Wladimir van der Laan, and myself)
>
We're not Chainanalysis and we do not run hundreds of distinct nodes. Just
a few well-tuned ones.
> What you are doing is inherently incompatible with decentralization.
>
That's a matter of opinion. One could argue your actions and control
attempts hurt decentralization. Either way, no one should play the
decentralization police or act as a gatekeeper.
Question: Do you have relationships with mining pools? For instance, are
> you looking at contracts to have transactions mined to guarantee
> confirmations?
>
No, we do not. We do not know anyone else having such contracts. As you
know, Coinbase also denied having such contracts in place [1]. But you seem
to have more relationships with mining pools than we do.
Thanks,
Matthieu
CTO and Founder, BlockCypher
[1]
http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-June/008864.html
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150715/d6778351/attachment.html>