public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Dragi Bucukovski <dragi.b@icloud.com>
To: ZmnSCPxj <ZmnSCPxj@protonmail.com>,
	Bitcoin Protocol Discussion
	<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] PoW fraud proofs without a soft fork
Date: Mon, 9 Sep 2019 14:47:17 +1000	[thread overview]
Message-ID: <05D1AEA5-5374-4183-AE19-8E071C13AEA8@icloud.com> (raw)
In-Reply-To: <uVQNn9hhpqlQuS-RzrUkpClVtegMRUoyIL6ITaYfNkjd_XYyu9Fh9vdAeLguzOyOrNx5FtuHk7yyZAdivqCVR2PKzF_PsoWJlsSY9oJTF7s=@protonmail.com>

How much do I have in my account can you please tell me 

Sent from my iPhone

> On 9 Sep 2019, at 2:14 pm, ZmnSCPxj via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
> 
> Good morning Ruben,
> 
> 
>>    One might intuitively feel that the lack of a commitment is unsafe,
>>    but there seems to be no impact on security (only bandwidth). The only
>>    way you can be fooled is if all peers lie to you (Sybil), causing you
>>    to follow a malicious minority chain. But even full nodes (or the
>>    committed version of PoW fraud proofs) can be fooled in this way if
>>    they are denied access to the valid most PoW chain. If there are
>>    additional security concerns I overlooked, I’d love to hear them.
> 
> 
> I think it would be better to more precisely say that:
> 
> 1.  In event of a sybil attack, a fullnode will stall and think the blockchain has no more miners.
> 2.  In event of a sybil attack, an SPV, even using this style, will follow the false blockchain.
> 
> This has some differences when considering automated systems.
> 
> Onchain automated payment processing systems, which use a fullnode, will refuse to acknowledge any incoming payments.
> This will lead to noisy complaints from clients of the automated payment processor, but this is a good thing since it warns the automated payment processor of the possibility of this attack occurring on them.
> The use of a timeout wherein if the fullnode is unable to see a new block for, say, 6 hours, could be done, to warn higher-layer management systems to pay attention.
> While it is sometimes the case that the real network will be unable to find a new block for hours at a time, this warning can be used to confirm if such an event is occurring, rather than a sybil attack targeting that fullnode.
> 
> On the other hand, such a payment processing system, which uses an SPV with PoW fraud proofs, will be able to at least see incoming payments, and continue to release product in exchange for payment.
> Yet this is precisely a point of attack, where the automated payment processing system is sybilled and then false payments are given to the payment processor on the attack chain, which are double-spent on the global consensus chain.
> And the automated system may very well not be able to notice this.
> 
> Regards,
> ZmnSCPxj
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev



  reply	other threads:[~2019-09-09  4:47 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-09-08  3:39 [bitcoin-dev] PoW fraud proofs without a soft fork Ruben Somsen
2019-09-09  4:14 ` ZmnSCPxj
2019-09-09  4:47   ` Dragi Bucukovski [this message]
2019-09-09  6:53   ` Ruben Somsen
2019-09-09  6:58     ` ZmnSCPxj
2019-09-11  4:58       ` Ruben Somsen
2019-09-16 16:48 ` David A. Harding

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=05D1AEA5-5374-4183-AE19-8E071C13AEA8@icloud.com \
    --to=dragi.b@icloud.com \
    --cc=ZmnSCPxj@protonmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox