Peter Todd [ARCHIVE] on Nostr: š Original date posted:2013-11-04 š Original message:On Mon, Nov 04, 2013 at ...
š
Original date posted:2013-11-04
š Original message:On Mon, Nov 04, 2013 at 03:34:35PM +0100, Pieter Wuille wrote:
> > Mining strategy is now to mine to extend the first block you see, on the
> > assumption that the earlier one probably propagated to a large portion
> > of the total hashing power. But as you receive "near-blocks" that are
> > under the PoW target, use them to estimate the hashing power on each
> > fork, and if it looks like you are not on the majority side, switch.
>
> Doesn't that mean that by selective blocking these near-PoW headers,
> you can bias peers into preferring to mine on those with near-PoW
> headers, turning the attack around? Of course, because of their size,
> headers are likely much harder to slow down (in propagation speed)
> than full blocks...
Remember that the attack described in the paper *doesn't* depend on the
ability to selectively block or even just slow down anything - it works
even on a unlimited bandwidth jam-free network so long as latency is
non-zero.
As for other possible attacks, if you can selectively block or slow down
certain near-target headers you haven't achieved anything novel. Why not
use that ability to block or slow down blocks themselves? Even if you
did block some PoW headers for whatever reason the original purpose of
broadcasting them - getting all hashing power to work to extend the same
block - is still achieved.
--
'peter'[:-1]@petertodd.org
0000000000000001d7eb7fceb2e27f3dd1eb5f516464a6b6874fdf6debbd0227
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20131104/fc7ff294/attachment.sig>;
š Original message:On Mon, Nov 04, 2013 at 03:34:35PM +0100, Pieter Wuille wrote:
> > Mining strategy is now to mine to extend the first block you see, on the
> > assumption that the earlier one probably propagated to a large portion
> > of the total hashing power. But as you receive "near-blocks" that are
> > under the PoW target, use them to estimate the hashing power on each
> > fork, and if it looks like you are not on the majority side, switch.
>
> Doesn't that mean that by selective blocking these near-PoW headers,
> you can bias peers into preferring to mine on those with near-PoW
> headers, turning the attack around? Of course, because of their size,
> headers are likely much harder to slow down (in propagation speed)
> than full blocks...
Remember that the attack described in the paper *doesn't* depend on the
ability to selectively block or even just slow down anything - it works
even on a unlimited bandwidth jam-free network so long as latency is
non-zero.
As for other possible attacks, if you can selectively block or slow down
certain near-target headers you haven't achieved anything novel. Why not
use that ability to block or slow down blocks themselves? Even if you
did block some PoW headers for whatever reason the original purpose of
broadcasting them - getting all hashing power to work to extend the same
block - is still achieved.
--
'peter'[:-1]@petertodd.org
0000000000000001d7eb7fceb2e27f3dd1eb5f516464a6b6874fdf6debbd0227
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20131104/fc7ff294/attachment.sig>;