From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 67400A88 for ; Fri, 24 Mar 2017 03:38:23 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-qk0-f172.google.com (mail-qk0-f172.google.com [209.85.220.172]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 6D812AD for ; Fri, 24 Mar 2017 03:38:22 +0000 (UTC) Received: by mail-qk0-f172.google.com with SMTP id v127so2097076qkb.2 for ; Thu, 23 Mar 2017 20:38:22 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=achow101-com.20150623.gappssmtp.com; s=20150623; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to; bh=XR7R4zt3rQgyt3Bn8/MYilygVxKjYCYJUvAxj0odxqY=; b=n+rrowQAAlOeTbMEvDc0WMOBifmH9CKtmooWYI4QPL8aN4I++f1vBo52LAS5yCIz5Z Xkt+mj10JRQaFBcKec0KX5LKpG5RbqkpBIvnUts9R4ACYAz4wuQFaqj60jeoE9oEskJe Bpq817KVAAhLceFrkjGQ5CgSzbM1Y+z42IL5CRs0JsjGzcK63TQjYjSZFzawrYZeQKPt HllUfFVDzpoVEhekGsdlkvxoNZusj36jFKwgG1E1kyNC2vtciwMWf+fRD+6f9SHBB6eC 8QGc0xbnTjh7/APEkXQUA0SszZWI6O1XAQR2IbScY/xebJoR+Xx4WVwgCGCXW8rJs+4L 529g== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to; bh=XR7R4zt3rQgyt3Bn8/MYilygVxKjYCYJUvAxj0odxqY=; b=CpMsRhcGWzYKxaNPJyXlOQ/HuLjmtLrRL0AKHCmNC4LtG9AkpDVKkcTR+jXGxM3l5m drnK2vbzDA9iTAO3N6oBn+ACnM0Tz3Bjq/YMQIxyJk7GcZUaecilaMi9GCcBHeIIOrGh drWllrlS6TYTHu4GnEMb5fnmV9KNLTPIMPBUpeUDtGr2vjbPdgq2VODRwB592+Cqj553 bGLU0JLvRBzth+1JPpJVp63FAvndfeLD6tAYVgQBUv9oHggMM2HXiI97W3k90uwpaA+y zQkBZxzCIGDL/i1hgVFwhvxRTnf84g3Bc6jBduPgEUBisgmo3OTRSHk+VyhUmeruvpdo Bexg== X-Gm-Message-State: AFeK/H2AAJkBD9y6NEwW8lG29yXEyAwZcuZgL/dknRJ1hN5J2ctvOn2y5WhG/tNJE0lQHw== X-Received: by 10.55.49.70 with SMTP id x67mr5108732qkx.186.1490326701370; Thu, 23 Mar 2017 20:38:21 -0700 (PDT) Received: from ?IPv6:2601:45:8200:e070:cdd4:fd6a:c2b2:a135? ([2601:45:8200:e070:cdd4:fd6a:c2b2:a135]) by smtp.gmail.com with ESMTPSA id w63sm717519qte.38.2017.03.23.20.38.20 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 23 Mar 2017 20:38:20 -0700 (PDT) To: Juan Garavaglia , Bitcoin Protocol Discussion References: <3fd9846c-6c57-9b57-0b6e-e5958e644e1d@achow101.com> From: Andrew Chow Message-ID: <2caa270f-9feb-4720-9b68-eff458cdc956@achow101.com> Date: Thu, 23 Mar 2017 23:38:21 -0400 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: <3fd9846c-6c57-9b57-0b6e-e5958e644e1d@achow101.com> Content-Type: multipart/alternative; boundary="------------FEC3CC8897C04E05CE3D2D12" X-Spam-Status: No, score=-1.4 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, HTML_MESSAGE, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Issolated Bitcoin Nodes X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Mar 2017 03:38:23 -0000 This is a multi-part message in MIME format. --------------FEC3CC8897C04E05CE3D2D12 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit A correction to my previous email (because people are quoting me on r/btc and what I wrote was wrong) This statement is incorrect: > Given that Testnet has a smaller number of nodes and less difficulty, this could result in some miners using 0.13.0+ mining blocks which do not propagate well and thus causing multiple chain splits and reorgs as other miners find blocks for the same height before receiving a block for that height. Miners using 0.13.0+ will produce blocks that propagate well. This is because 0.12.x- nodes will accept those blocks, and so will 0.13.0+. Furthermore Core 0.13.0+ will use its outbound connections to connect to segwit enabled peers so that it will be relaying segwit blocks to someone. However Bitcoin Core 0.13.0+ will not request blocks from peers that are not segwit enabled (because with segwit, they will be receiving blocks without witnesses which are invalid to a segwit node), so they will not receive blocks mined by a 0.12.x- node. This means that 0.12.x- mined blocks propagate poorly, even though are valid. Because of the poor propagation, a 0.13.0+ miner can find a block at the same height which is more likely to get built upon. However, the poorly propagated block can still reach other 0.12.x- miners who can build upon it due to the low difficulty and difficulty resets, thus causing multiple chains to exist, particularly among pockets of 0.12.x- nodes. The reorgs happen when either the 0.12.x- nodes hear of the segwit blockchain that is presumably longer because it has the majority hashrate, or when people run bridges which allow 0.12.x- nodes relay blocks to 0.13.0+ nodes. On 3/23/2017 7:14 PM, Andrew Chow wrote: > > The issue is due to Segwit blocks since Testnet has already activated > Segwit. 0.12.x- nodes will receive a Segwit block with all of the > witnesses stripped. When they relay this block to a 0.13.0+ node, the > block will be rejected because those have Segwit functionality and > require the witnesses to be in the block. Given that Testnet has a > smaller number of nodes and less difficulty, this could result in some > miners using 0.13.0+ mining blocks which do not propagate well and > thus causing multiple chain splits and reorgs as other miners find > blocks for the same height before receiving a block for that height. > > > On 3/23/2017 6:37 PM, Juan Garavaglia via bitcoin-dev wrote: >> >> We notice some reorgs in Bitcoin testnet, while reorgs in testnet are >> common and may be part of different tests and experiments, it seems >> the forks are not created by a single user and multiple blocks were >> mined by different users in each chain. My first impression was that >> the problem was related to network issues but some Bitcoin explorers >> were following one chain while others follow the other one. >> Nonetheless, well established explorers like blocktrail.com or >> blockr.io were following different chains at different heights which >> led to me to believe that it was not a network issue. After some >> time, a reorg occurs and it all comes to normal state as a single chain. >> >> We started investigating more and we identified that the fork occurs >> with nodes 0.12; in some situations, nodes 0.12 has longer/different >> chains. The blocks in both chains are valid so something must be >> occurring in the communication between nodes but not related with the >> network itself. >> >> Long story short, when nodes 0.13+ receive blocks from 0.13+ nodes >> all is ok, and those blocks propagate to older nodes with no issues. >> But when a block tries to be propagated from bitcoind 0.12.+ to newer >> ones those blocks are NOT being propagated to the peers with newer >> versions while these newer blocks are being propagated to peers with >> older versions with no issues. >> >> My conclusion is that we have a backward compatibility issue between >> 0.13.X+ and older versions. >> >> The issue is simple to replicate, first, get latest version of >> bitcoind, complete the IBD after is at current height, then force it >> to use exclusively one or more peers of versions 0.12.X and older, >> and you will notice that the latest version node will never receive a >> new block. >> >> Probably some alternative bitcoin implementations act as bridges >> between these two versions and facilitate the chain reorgs. >> >> I have not yet found any way where/how it can be used in a malicious >> way or be exploited by a miner but in theory Bitcoin 0.13.X+ should >> remain compatible with older ones, but a 0.13+ node may become >> isolated by 0.12 peers, and there is not notice for the node owner. >> >> >> >> >> >> _______________________________________________ >> bitcoin-dev mailing list >> bitcoin-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --------------FEC3CC8897C04E05CE3D2D12 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit

A correction to my previous email (because people are quoting me on r/btc and what I wrote was wrong)

This statement is incorrect:

> Given that Testnet has a smaller number of nodes and less difficulty, this could result in some miners using 0.13.0+ mining blocks which do not propagate well and thus causing multiple chain splits and reorgs as other miners find blocks for the same height before receiving a block for that height.

Miners using 0.13.0+ will produce blocks that propagate well. This is because 0.12.x- nodes will accept those blocks, and so will 0.13.0+. Furthermore Core 0.13.0+ will use its outbound connections to connect to segwit enabled peers so that it will be relaying segwit blocks to someone. However Bitcoin Core 0.13.0+ will not request blocks from peers that are not segwit enabled (because with segwit, they will be receiving blocks without witnesses which are invalid to a segwit node), so they will not receive blocks mined by a 0.12.x- node. This means that 0.12.x- mined blocks propagate poorly, even though are valid. Because of the poor propagation, a 0.13.0+ miner can find a block at the same height which is more likely to get built upon. However, the poorly propagated block can still reach other 0.12.x- miners who can build upon it due to the low difficulty and difficulty resets, thus causing multiple chains to exist, particularly among pockets of 0.12.x- nodes. The reorgs happen when either the 0.12.x- nodes hear of the segwit blockchain that is presumably longer because it has the majority hashrate, or when people run bridges which allow 0.12.x- nodes relay blocks to 0.13.0+ nodes.

On 3/23/2017 7:14 PM, Andrew Chow wrote:

The issue is due to Segwit blocks since Testnet has already activated Segwit. 0.12.x- nodes will receive a Segwit block with all of the witnesses stripped. When they relay this block to a 0.13.0+ node, the block will be rejected because those have Segwit functionality and require the witnesses to be in the block. Given that Testnet has a smaller number of nodes and less difficulty, this could result in some miners using 0.13.0+ mining blocks which do not propagate well and thus causing multiple chain splits and reorgs as other miners find blocks for the same height before receiving a block for that height.


On 3/23/2017 6:37 PM, Juan Garavaglia via bitcoin-dev wrote:

We notice some reorgs in Bitcoin testnet, while reorgs in testnet are common and may be part of different tests and experiments, it seems the forks are not created by a single user and multiple blocks were mined by different users in each chain.  My first impression was that the problem was related to network issues but some Bitcoin explorers were following one chain while others follow the other one.  Nonetheless, well established explorers like blocktrail.com or blockr.io were following different chains at different heights which led to me to believe that it was not a network issue. After some time, a reorg occurs and it all comes to normal state as a single chain.

We started investigating more and we identified that the fork occurs with nodes 0.12; in some situations, nodes 0.12 has longer/different chains. The blocks in both chains are valid so something must be occurring in the communication between nodes but not related with the network itself.

Long story short, when nodes 0.13+ receive blocks from 0.13+ nodes all is ok, and those blocks propagate to older nodes with no issues. But when a block tries to be propagated from bitcoind 0.12.+ to newer ones those blocks are NOT being propagated to the peers with newer versions while these newer blocks are being propagated to peers with older versions with no issues.

My conclusion is that we have a backward compatibility issue between 0.13.X+ and older versions.

The issue is simple to replicate, first, get latest version of bitcoind, complete the IBD after is at current height, then force it to use exclusively one or more peers of versions 0.12.X and older, and you will notice that the latest version node will never receive a new block.

Probably some alternative bitcoin implementations act as bridges between these two versions and facilitate the chain reorgs.

I have not yet found any way where/how it can be used in a malicious way or be exploited by a miner but in theory Bitcoin 0.13.X+ should remain compatible with older ones, but a 0.13+ node may become isolated by 0.12 peers, and there is not notice for the node owner.

 



_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev


--------------FEC3CC8897C04E05CE3D2D12--