Gavin Andresen [ARCHIVE] on Nostr: 📅 Original date posted:2012-01-31 📝 Original message:> Cool design. It seems ...
📅 Original date posted:2012-01-31
📝 Original message:> Cool design. It seems resilient to many attacks. A Sybil attack
> coming from a large botnet (which controls addresses in many ranges)
> can still fill all buckets in both tables, I think. As far as I can
> tell, that wasn't possible with the old design.
Given the randomness in Pieter's design, that seems extremely unlikely
/ difficult to do. Is it possible to do a back-of-the-envelope
calculation to figure out what percentage of nodes on the network an
attacker would have to control to have a (say) 1% chance of a
successful Sybil attack?
I like this change; I'd like to pull it for the 0.6 release.
I've also been wondering if it is time to remove the IRC bootstrapping
mechanism; it would remove a fair bit of code and we'd stop getting
reports that various ISPs tag bitcoin as malware. When testing the
list of built-in bootstrapping IP addresses I always connect fairly
quickly, and the DNS seeding hosts seems to be working nicely, too.
--
--
Gavin Andresen
📝 Original message:> Cool design. It seems resilient to many attacks. A Sybil attack
> coming from a large botnet (which controls addresses in many ranges)
> can still fill all buckets in both tables, I think. As far as I can
> tell, that wasn't possible with the old design.
Given the randomness in Pieter's design, that seems extremely unlikely
/ difficult to do. Is it possible to do a back-of-the-envelope
calculation to figure out what percentage of nodes on the network an
attacker would have to control to have a (say) 1% chance of a
successful Sybil attack?
I like this change; I'd like to pull it for the 0.6 release.
I've also been wondering if it is time to remove the IRC bootstrapping
mechanism; it would remove a fair bit of code and we'd stop getting
reports that various ISPs tag bitcoin as malware. When testing the
list of built-in bootstrapping IP addresses I always connect fairly
quickly, and the DNS seeding hosts seems to be working nicely, too.
--
--
Gavin Andresen