From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1VdrW3-0006yX-66 for bitcoin-development@lists.sourceforge.net; Wed, 06 Nov 2013 01:02:39 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of astutium.com designates 80.76.216.60 as permitted sender) client-ip=80.76.216.60; envelope-from=rob.golding@astutium.com; helo=cpanel4.hosting.astutium.com; Received: from cpanel4.hosting.astutium.com ([80.76.216.60]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1VdrW2-0002b2-1F for bitcoin-development@lists.sourceforge.net; Wed, 06 Nov 2013 01:02:39 +0000 Received: from localhost ([127.0.0.1]:58464 helo=astutium.com) by cpanel4.hosting.astutium.com with esmtpa (Exim 4.80.1) (envelope-from ) id 1Vdr81-0002ny-G9 for bitcoin-development@lists.sourceforge.net; Wed, 06 Nov 2013 00:37:49 +0000 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit Date: Wed, 06 Nov 2013 00:37:49 +0000 From: rob.golding@astutium.com To: bitcoin-development@lists.sourceforge.net In-Reply-To: References: Message-ID: X-Sender: rob.golding@astutium.com User-Agent: Roundcube Webmail/0.9.3 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - cpanel4.hosting.astutium.com X-AntiAbuse: Original Domain - lists.sourceforge.net X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - astutium.com X-Get-Message-Sender-Via: cpanel4.hosting.astutium.com: authenticated_id: rob.golding@astutium.com X-Source: X-Source-Args: X-Source-Dir: X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record -0.0 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain X-Headers-End: 1VdrW2-0002b2-1F Subject: Re: [Bitcoin-development] Possible Solution To SM Attack X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Nov 2013 01:02:39 -0000 > The Problem: > Say Alice built a block, A1, from previous block 0. She doesn't let > other miners know about it. She then works on A2 with previous block > A1. Bob on the other hand is still working on B1 with previous block > 0. Bob now finds a block and he broadcasts it. The assumption here is > Alice will be the first miner to hear of this block and she will send > her previously mined block, A1, to all other miners. By the time Bobs > block arrives to other miners majority of them will already have > received Block A1 and Bobs block will most likely be orphaned. Alice > revealed her block, A1, only when Bob broadcast his block. This means > she has been mining on block A2 with previous block A1 for longer than > any other miner thus gaining an advantage without increasing her hash > rate. Unless A1 gets orphaned and B1 gets accepted, in which case all the work done on A2 is 'wasted'. The question is whether there is any 'real' advantage over time for A over B. > What We Know: > Alice has gained an advantage with time. She mines longer on the valid > block. She mines longer on *a* block which *may* become the valid block, yes. > In order for this attack to work Alice must reveal her previously > mined block as late as possible, gaining her the most time spent > working on the valid block. Since she has such good view of the > Bitcoin network she can wait until a miner finds a block to release > her previously mined block. Then the simple 'fix' would be for the block-acceptance to take into account either the total transactions or the total fees, and for the the 'accepted' block for mining the next block to be the one with the lowest hash of one of those values if 2 are released to the network at the same time That is of of course assuming there is really a problem to fix, currently I'm not convinced. Rob