Re: [Bitcoin-development] BIP proposal - patch to raise selfish mining threshold.
Thank you very much for your fair response, Sir; this means that anytime a bug is found in Bitcoin protocol, chances are that it would take a lot more time to get fixed 2013/11/5 Jeff Garzik > On Tue, Nov 5, 2013 at 1:07 PM, Alessandro Parisi > wrote: > > I agree with Ittay: when bugs are found, they must be fixed ASAP, > expecially > > when they affect a sensitive sw such as Bitcon; in IT security, every > flaw > > that is exploitable in abstract, is going to be exploited in real, > sooner or > > later, also taking into account the increasing parallel computing power; > > beware of false sense of security > > That is quite ignorant. Bitcoin is far more complex than standard IT > security "fix ASAP" mantra. Distributed consensus is a new field of > computer science, and blindly applying standard logic to bitcoin will > quickly result in large problems. > > Every fix has the chance of changing the game theory or economics of > bitcoin. A change to the core consensus protocol within bitcoin -- > mining -- is even more game-theory- and economically-critical to the > core system. Changes thus have more impact, where any change > potentially reduces bitcoin's value to zero in the worst case. > > Bitcoin is akin to medical device or avionics software. We cannot > just change at will, without significant research, analysis and > testing. "It is a bug, it must be fixed ASAP" is ignorant and > dangerous. > > Further, this is at present a THEORETICAL problem, and the solution > presented has some obvious flaws, that would make our current, WORKING > SYSTEM more fragile, and less secure. > > -- > Jeff Garzik > Senior Software Engineer and open source evangelist > BitPay, Inc. https://bitpay.com/ > -- November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] BIP proposal - patch to raise selfish mining threshold.
Patrick, could you please explain us why the solution proposed by Ittay would drop the actual honest miners ratio, becoming so backfire? Thanks a lot 2013/11/5 Patrick > The ratio of honest miners that mine the first block they see is > 0.5 > > Your proposed solution would reduce that ratio to 0.5 > > In other words your proposed change would make the attack you describe > easier not harder. > > > On 11/05/2013 09:26 AM, Ittay wrote: > > That sounds like selfish mining, and the magic number is 25%. That's the > minimal pool size. > Today the threshold is 0% with good connectivity. > > If I misunderstood your point, please elaborate. > > Ittay > > > > On Tue, Nov 5, 2013 at 12:05 PM, Peter Todd wrote: > >> On Tue, Nov 05, 2013 at 11:56:53AM -0500, Ittay wrote: >> > Hello, >> > >> > Please see below our BIP for raising the selfish mining threshold. >> > Looking forward to your comments. >> >> >> >> > 2. No new vulnerabilities introduced: >> > Currently the choice among equal-length chains is done arbitrarily, >> > depending on network topology. This arbitrariness is a source of >> > vulnerability. We replace it with explicit randomness, which is at the >> > control of the protocol. The change does not introduce executions that >> were >> > not possible with the old protocol. >> >> Credit goes to Gregory Maxwell for pointing this out, but the random >> choice solution does in fact introduce a vulnerability in that it >> creates incentives for pools over a certain size to withhold blocks >> rather than immediately broadcasting all blocks found. >> >> The problem is that when the pool eventually choses to reveal the block >> they mined, 50% of the hashing power switches, thus splitting the >> network. Like the original attack this can be to their benefit. For >> pools over a certain size this strategy is profitable even without >> investing in a low-latency network; Maxwell or someone else can chime in >> with the details for deriving that threshold. >> >> I won't get a chance to for a few hours, but someone should do the >> analysis on a deterministic switching scheme. >> >> -- >> 'peter'[:-1]@petertodd.org >> 0005e25ca9b9fe62bdd6e8a2b4527ad61753dd2113c268bec707 >> > > > > -- > November Webinars for C, C++, Fortran Developers > Accelerate application performance with scalable programming models. Explore > techniques for threading, error checking, porting, and tuning. Get the most > from the latest Intel processors and coprocessors. See abstracts and > registerhttp://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk > > > > ___ > Bitcoin-development mailing > listBitcoin-development@lists.sourceforge.nethttps://lists.sourceforge.net/lists/listinfo/bitcoin-development > > > > > -- > November Webinars for C, C++, Fortran Developers > Accelerate application performance with scalable programming models. > Explore > techniques for threading, error checking, porting, and tuning. Get the most > from the latest Intel processors and coprocessors. See abstracts and > register > http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk > ___ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > -- November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
Re: [Bitcoin-development] BIP proposal - patch to raise selfish mining threshold.
I agree with Ittay: when bugs are found, they must be fixed ASAP, expecially when they affect a sensitive sw such as Bitcon; in IT security, every flaw that is exploitable in abstract, is going to be exploited in real, sooner or later, also taking into account the increasing parallel computing power; beware of false sense of security WebSite: http://www.startithub.com Per rimanere aggiornato in merito a Startup, Innovazione e Normativa di settore, sottoscrivi la nostra newsletter: http://www.startithub.com/blog/sottoscrivi-newsletter/ 2013/11/5 Mike Hearn > On Tue, Nov 5, 2013 at 6:43 PM, Ittay wrote: > >> The attack can be easily hidden. And be sure that before today, today, >> and after today, very smart people are at their computer planning attacks >> on Bitcoin. Exploits must be published and fixed FAST. >> > > I think it would be helpful if you actually implemented and pulled off > this attack, by becoming the dominant miner capable of reversing spends at > will. Then we'd know how quickly it can be done. > > > > > > -- > November Webinars for C, C++, Fortran Developers > Accelerate application performance with scalable programming models. > Explore > techniques for threading, error checking, porting, and tuning. Get the most > from the latest Intel processors and coprocessors. See abstracts and > register > http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk > ___ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > -- November Webinars for C, C++, Fortran Developers Accelerate application performance with scalable programming models. Explore techniques for threading, error checking, porting, and tuning. Get the most from the latest Intel processors and coprocessors. See abstracts and register http://pubads.g.doubleclick.net/gampad/clk?id=60136231&iu=/4140/ostg.clktrk___ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
