[uncensored-r/Bitcoin] Here we go. B2X starts Sybil attacking Bitcoin. Suddenly 300 btc1 nodes appeared.
The following post by Bitcoin_Bug is being replicated because some comments within the post(but not the post itself) have been silently removed. The original post can be found(in censored form) at this link: np.reddit.com/ Bitcoin/comments/77koi3 The original post's content was as follows:
AT2, a fairly new unknown tech to create a decentralized asset transfer system without blockchain. This week there was an article @ www.computing.co.uk. See below. link: https://www.computing.co.uk/feature/4017118/at2-answer-cryptocurrency-energy-performance AT2 paper: https://arxiv.org/pdf/1812.10844.pdf Could AT2 be the answer to cryptocurrency's energy and performance problems? Blockchains are slow, wasteful and ill-suited for digital currencies, say researchers who believe they've found a better way Blockchains solve a hard problem: how to ensure consensus across a distributed, decentralised network, where messages arrive out of order if at all, where individual nodes may fail, and where a certain proportion may be actively malicious. The original blockchain, bitcoin, was designed to support a novel digital currency, and the issue its consensus algorithm solved was preventing double-spend. It also successfully introduced game theory for security: adversaries would have to spend more money on an attack than they could expect to gain financially. All this and the original protocol was just a few hundred lines of code. But this achievement came at a high cost in terms of energy use and performance. With bitcoin, a new leader is required to verify each block of transactions, that leader being the first device to complete a computationally heavy challenge (Proof of Work, PoW). As a result, the blockchain's throughput is painfully slow at around seven transactions per second (Visa claims it can do 56,000) and the whole process is massively wasteful of energy. These drawbacks have been surmounted, to some degree, in newer blockchain designs using overlay networks, sharding and different types of "proofs of" and by non-blockchain directed acyclic graphs (DAGs), but each requires tradeoffs in terms of centralisation, complexity or security. A group of researchers led by computer scientist Professor Rachid Guerraoui of Swiss University Ecole Polytechnique Fédérale de Lausanne (EPFL) decided to look afresh at the problem. Is this gargantuan security apparatus, in which every node in a network of thousands or millions must come to a consensus about the ordering of events, really necessary everytime someone makes a purchase? Could a leaderless mechanism be applied to the problem instead? If so, could it be guaranteed to be reliably consistent, even when a certain number of nodes are malicious or faulty (Byzantine)? The headline answer, published in an initial paper last year, is that network-wide consensus is overkill for simple asset transfers. If cryptocurrencies could be rebooted, all the fossil fuels burned by miners of bitcoin and its clones could be left in the ground and Visa-level transaction speeds could be achieved without any loss of security or reliance on centralised control. As compact as Satoshi's original bitcoin protocol itself, the few hundred lines of code that make up their Asynchronous Trusted Transfers (AT2) algorithm could solve some of the tricky problems that have plagued decentralised token-based networks from the off. AT2 can be used to validate transactions within two different decentralised networking scenarios: (1) permissioned or small unpermissioned networks, and (2) global scale unpermissioned networks. In the first case, the algorithm uses quorum for validating actions, whereby a certain proportion of the network's nodes must agree an action is correct before it can take place. The second scenario, networks made up of very large number of machines (nodes), uses probabilistic sampling. Instead of asking all nodes it checks a number of randomly selected nodes for their viewpoint. This is much more efficient and scalable than the deterministic quorum but carries a tiny (ca. 10-15) possibility of failure. Doing away with network-wide consensus means AT2 sidesteps the bane of decentralised networks, the FLP Impossibility - the theory that in a fully asynchronous system, a deterministic consensus algorithm cannot be safe, live and fault-tolerant. Computing caught up with Matteo Monti, who worked on the statistical aspects of AT2, and by email with Guerraoui to find out more. We also spoke to David Irvine of networking firm MaidSafe, which has adopted AT2 to simplify its consensus process. Incentivising improvements We asked Monti (pictured) to summarise the innovation that AT2 brings to the table. "What we noticed is that there's a specific subclass of problems that can be solved on a decentralised, distributed network without requiring consensus," he said. "The main use for consensus at the moment, cryptocurrency transactions, is part of that class. We can solve this using a weaker abstraction and in doing so you gain the ability to work in a completely asynchronous environment." Bitcoin doesn't even solve consensus well. It solves eventual consensus which an even weaker abstraction, he added, whereas AT2 can guarantee strong eventual consistency. Another issue it tackles is PoW's incentivization model which means that improvements in technology do not translate into a better performing network. "With bitcoin, the bottleneck is always electricity. If everyone doubles their computational speed it's not going to change the efficiency of the network. Everyone's competing not to compute but to waste energy." In place of PoW, AT2 uses ‘Proof of Bandwidth', i.e. evidence of recent interaction, to verify that a node is real. Since it doesn't rely on consensus, the performance of AT2 should allow messaging speeds across the network that approach the theoretical maximum, and improvements in hardware will translate into better overall performance. Security measures Blockchains like bitcoin are extremely resilient against Sybil attacks; bitcoin is still running after all, in the face of unwavering opposition from powerful nation states and bankers. Sybil attacks are a major vulnerability in permissionless decentralised networks where anyone can join anonymously, but there are others too. Monti said the most challenging aspect of designing the AT2 algorithm was distilling all the potential types of dangerous Byzantine behaviour into a manageable set so they could be treated using probability theory. As a result of studying many possible failure scenarios, including Sybil, the algorithm is able to quickly react to deviations from the norm. Other security features flow from the fact that each network node needs to know only a limited amount about its counterparts for the system to function. For example, the randomness used in sampling operations is generated locally on the calling device rather than on the network, making this vector hard to utilise by an attacker looking to influence events. Signals are passed across the network via a messaging system called Byzantine Reliable Broadcasting (BRB) a gossip-based method by which nodes can quickly and reliably come to an agreement about a message even if some are Byzantine. As a result of these features, AT2 does not rely on economic game theory for security, said Monti. "I'd go as far as saying that the moment you need to implement an economic disadvantage to attacking the system, it means that you failed to make it impossible to attack the system. We don't care about your interests in attacking the system. What we want to achieve is a proof that no matter what you do, the system will not be compromised." ‘Crypto-Twitter' AT2 starts with the simple idea that rather than requiring the whole network to maintain a time-ordered record of my transactions (as with a blockchain or DAG), the only person who needs to keep that tally is me. If I decide to spend some money, I merely announce that fact to the network over BRB and this request will be held in a memory snapshot escrow. Depending on the network type, a representative sample or a quorum of other nodes then check my balance and inspect my ordered transaction history to ensure that the funds haven't already been spent (each transaction has a unique sequential ID) and provided all is correct the transaction is guaranteed to go through, even if up to a third of those validators are malicious. If I try to cheat, the transaction will be blocked. Monti likens a wallet on an AT2 network to a social media timeline. "What we've proved, essentially, is that you can have a cryptocurrency on Twitter," he explained. "A payment works in two steps. First, there's a withdrawal from my account via a tweet, then the second step is a deposit, or a retweet. I tweet a message saying I want to pay Bob. Bob then retweets this message on his own timeline, and in the act of retweeting he's depositing money in his account. "So everyone has their own independent timeline and while the messages - my tweets - are strictly ordered, that's only in my own timeline; I don't care about ordering relative to other timelines. If I try to pay someone else, it will be obvious by the sequence of tweets in my account, and my account only, whether I can perform that payment. "In contrast, consensus effectively squeezes all of the messages into a unique timeline on which everybody agrees. But this is overkill, you don't need it. We can prove that it still works even if the ordering is partial and not total, and this enables us to switch from consensus to reliable broadcast." But of course, nothing comes for free. AT2 can verify exchanges of tokenised assets, but aside from arrangements between a small number of opted-in parties, it does not have the ability to support smart contracts of the type that are viable on ethereum and other blockchains, because this does require network-wide consensus. Guerraoui said his team is working on "refinements and extensions" to support such functionality in the future. Early adopters AT2 is still pretty ‘cutting edge'. Three papers have been accepted for peer review the latest published in February, but it provides the sort of efficiencies and simplifications that could bring real progress. Guerraoui said AT2 has "received interest from many groups including companies ‘selling' blockchain approaches, as well as companies and organisations using such approaches". One organisation that has already picked up on the potential of AT2 is Scotland's MaidSafe, creator of the SAFE Network. MaidSafe is already using AT2 to replace its Parsec consensus algorithm, which testing showed was indeed overkill for many network operations. CEO David Irvine said he and his colleagues came across AT2 while working on another way of propagating changes to data without consensus, conflict-free data replicated types (CRDTs), promptly forked the code and started to apply it. SAFE, currently in Alpha, is a sharded network, meaning it's subdivided into small semi-autonomous sections. On a network level, the way it works is that trusted 'elder' nodes vote on a requested action then pass instructions to other sections to carry it out. AT2 allows the initial task of accumulating the votes for an action, which had been done by the elders using a consensus algorithm, to be moved off the network and onto the requesting client which is much more lightweight and efficient. Once a quorum of votes has been gathered, the client simply resubmits the request and the elders will ensure it's carried out. The system is much simpler and should be more secure too. "It's 200 lines of logic compared to 15,000 for a start," Irvine said. AT2 is not just used to validate token transfers. By the same mechanism, it can also be used to authorise requests to store or change data. Together with CRDTs, which guarantee that such changes cannot fail, this makes for a very tight and efficient ship, said Irvine. "AT2 is for us a missing link. The difficulty of several nodes agreeing is simplified by the initiator taking on the effort of accumulating quorum votes. It seems so simple but in fact, it's an amazing innovation. It certainly falls into the category of 'why didn't I think of that?'."
Decentralization: A Necessary but Not Sufficient Condition for Maximum Robustness
Network decentralization is a sacred property of cryptocurrencies because a centralized system is vulnerable to attack by governments, hackers, scammers, status-seekers, and other opportunists. It can easily be censored, regulated, co-opted, or shut down. However, simply having no single point of failure is only part of what makes a network difficult to attack. Sybils that can masquerade as legitimate nodes, for example, can destroy a network despite it being as decentralized as one could ever hope for. In Bitcoin and Bitcoin Cash, which are mining networks, the nodes are all miners (despite Core's word games about "full nodes"). Thus the standard form of would-be Sybil attack requires hashpower investment, rather than merely "allocating many IP addresses," a Sybilability hazard of non-mining networks mentioned right in the whitepaper. Bitcoin is nearly impossible to Sybil attack. The closest thing would be a glut of non-mining clients that sit on the network and never end up producing a block (since they aren't hashing). These fake miners will trick some real miners into expending network resources connecting to them in hopes that they produce a block, until enough time passes that these connections get deprioritized. Ironically enough, the only way to even slightly Sybil attack Bitcoin or Bitcoin Cash would be to spin up millions of what Core calls "full nodes" (and which they claim we need more of at all costs - quite literally at all costs, even to the point of completely killing adoption while popping champagne). Okay, most here may already agree that Core has the wrong model of the network and a pathological view of how to make the network robust against attack, but what is the right way to design it? Could there be something that drives robustness such that decentralization is merely an early stopping point along a much larger spectrum? Yes, but before I answer that, I should point out that the question of how to design the network is sort of a flawed question. Core tries to design the network top-down as a loose mesh, posting the famous centralized/decentralized/distributed network diagram and pointing to the "distributed" screendoor-shaped mesh almost reflexively when asked about why Bitcoin is decentralized. This diagrammed shape is actually very easy to attack. Disabling just a few nodes would partition that network. This is not at all how the BCH and BTC mining networks look; they are far, far more immune to attack. (No wonder Core thinks Bitcoin is so fragile and needs microscopic blocksizes, Layer 2 (3, 4, 5...), and a bunch of "full node" miner-mimics to survive.) Not only do they have the wrong model for network shape, but Core wants to ensure that network shape by design. They ignore how economic incentives shape the network, in both Bitcoin and Lightning. (They further compound this by thinking non-mining clients have any role in governance.) The semantics get a bit funny here, but Satoshi designed Bitcoin so that incentives determine the network topography; the incentives have been designed, which lead to the network being shaped the way it is, not directly designed as a certain shape. This is a crucial difference, as I'll explain below. In BCH and BTC, the incentives are such that miners are highly motivated financially to set up fast connections to every node that demonstrates significant hashpower. This results in a nearly all-to-all configuration among the nodes (i.e., the mining pools and non-pool solo miners). My thesis in this post is threefold: 1) The point where centralization is no longer a worry is merely the first pitstop on the way to maximum robustness, which is the real goal people had in mind originally when talking about decentralization. 2) The same process of dense interconnection that turns a network from centralized to hub-and-spoke to a decentralized loose mesh, if allowed to proceed, will continue maximizing robustness until the network forms a complete all-to-all graph - that is, one where every node is connected directly to every other node by a single hop (like this, but with way more nodes and too many connections to even try to draw). Bitcoin and Bitcoin Cash are nearly complete graphs, despite Core's attempts to change this by elevating "full nodes" into the governance structure (Segwit being their biggest step in this direction). 3) The incentives that drive the shift to a densely interconnected network shape are thanks to the financial incentives in mining, and apply only to miners (not to non-mining clients, nor to LN hubs). The incentives that drives decentralization also drive the other aspects that ensure robustness. Taken together, and understanding that greater success in adoption is the only way to ensure decentralization and general robustness, as more and more miners enter the industry and the networking costs become a vanishingly small proportion of the rewards on offer for mining pools, ensuring that thousands of mining pools have no problem keeping up with gigabyte or even terabyte blocks - far more decentralized than BTC, and far more robust than the loose mesh network it aims to be (not to mention ongoing co-option of BTC made possible by the single-point-of-failure model in the single Core repo and implementation monoculture viciously defended by the current Core developers, a failure many predicted back in 2012). As a bonus, these observations shed light on why the Lightning Network is centralizing. It was hoped to form as a loose mesh, which as I said is only the very beginning of being difficult to attack, but it is quickly turning into a hub-and-spoke topology. The reason is of course those pesky economic incentives again. The ones Core likes to dismiss. Despite any designs or hopes, the shape of a network in a free-to-join economic system will always be shaped by the financial incentives at play. In Bitcoin and even moreso in Bitcoin Cash, the incentives are for maximum robustness. In LN they are for central hubs. Trying to design the network otherwise will not work unless you can design the incentives such that the network decentralizes on its own. This is the trick Satoshi pulled off, and it has been a (very) tough act to follow. People object that anyone can set up a Lightning hub and anyone can use it, just like anyone can start a mining pool or solo mining operation and choose not to connect to most of the other miners directly, but statements like this are a strong hint that the person speaking them has no clue how Bitcoin works any why it is an invention in the first place. One might as well say that anyone can mine extra coins above the inflation rate, or refuse to include transactions in their blocks. Bitcoin works because of incentives. You can always go against incentives. At the risk of stating the obvious, incentives work because even though people can go against them, they don't. As long as random acts of incentive-incompatible (non-profit-seeking) malevolence are prevented by requiring larger and larger amounts of capital to pull off the really big acts of money-losing vandalism, the system works remarkably as the last 9 years have demonstrated. Conversely, if the incentives are not very specifically and ingeniously designed that way, as we know LN isn't as not even the claim of such a design goal is ever made and in fact the entire problem is actively handwaved by talking, as above, about what people could do (but won't), the system will inevitably centralize in the best case, or just fall useless in the worst case. To be fair, multiple hubs to choose from is better than a single hub, but it's an utter joke to compare this to BCH/BTC when you realize the incentive design originated by Bitcoin results in something that is not just one step better than LN (a loose mesh where taking down a few key nodes can partition the network, instead of multi-hub where taking out or co-opting just one key node will cause total carnage - especially with full blocks like Core wants), but many steps better (a fully connected network, where knocking out even 90% of the nodes leaves the rest exactly as interconnected as they were before).
TonicPow on Twitter: "Social media a type of sybil attack designed to reshape your mind. TonicPow helps replace the subversive ad model with proof of work. The end game is that we replace it with #bitcoin. Learn to advertise and promote the way Satoshi envisioned. https://t.co/DZbamsmvCR"
UASF is by every definition a Sybill attack on Bitcoin. Here's why:
First, a description of a sybill attack: In a Sybil attack, the attacker subverts the reputation system of a peer-to-peer network by creating a large number of pseudonymous identities, using them to gain a disproportionately large influence. Definitions: "Attacker" = Non-mining node operator(s) "Reputation system of a peer to per network" = Mining nodes voting with their hash power "Large # of pseudonymous identities" = Bunch of non-mining full nodes spinning up "Using them to gain a disproportionally large influence" = Non-mining nodes attempting to "veto" miners, or change POW, etc. Since Non-mining nodes by default have NO power in the system, attempting to give them any power at all can be considered "disproportionally large" because they are supposed to have exactly none. This is where the attack comes from. It's an attack because it's a bunch of nodes that are not supposed to have any power, attempting to gain control of the system. The Bitcoin system is designed so that the power you have in the system is directly proportional to how much you have invested into the system. If you have invested nothing, you are supposed to have no power. However if you invest a large amount, and have a lot of hash power, THEN you have a vote. Investing in hash power secures the network, that's where your right to vote comes from...securing the network. The more you secure the network the more vote you have. It specifically says in the white paper, miners vote by extending blocks. No hash power = No vote. So THIS ^ is where the attack comes from. The UASF movement is a sybill attack because non-mining nodes have no hash power and thus NO VOTE. However, they are REALLY trying to make their non-mining nodes have a vote by talking about "POW changes" and "keeping miners in check." LMAO. It's a bunch of people who are not supposed to have any control in the system, attempting to gain control in the system. Sorry boys, you didn't invest anything, your non-mining node is worthless and you have no power in this system. It costs $10 to spin up a non-mining node on an Amazon cloud instance. THAT is NOT investing in the security of the network. Think about it - These UASF guys are trying to alter consensus and change the rules of the network by spinning up non-mining nodes. They're trying to have a vote in a system they're not supposed to have a vote in. That's what UASF is, a bunch of dudes who are butt hurt that they have no power in the system, attempting to gain control of the system without investing in hash power. TL, DR; If you guys want a vote, get some hashpower. Until then, UASFers need to accept the fact that they have no vote in the system because they haven't invested anything in it's security.
I'm right now connected to the following BitcoinABC nodes:
When I broadcast transactions (2sat/byte) they will not be relayed to any mining node nor any blockexplorer. It's a weird coincidence that of 8 nodes (did not add any manually) non will reliably relay my transaction. Also I did not receive any error message from these nodes.. my BitcoinABC client assumes that these tx were just relayed fine.
Setting a Precedent with UASF: The Cost of a User Activated Sybil Attack on the Bitcoin Network
In February, Shaolinfry raised the discussion of whether Segwit should be activated with a User Activated Soft Fork (UASF). Alarmingly, Shaolinfry is now suggesting a flag day for activation to the effect that "If a large part of the economic majority publicly say that they will adopt this new client, miners will have to signal bip9 segwit activation in order for their blocks to be valid." The BIP submitted describes the enforcement mechanism as: "all blocks must set the nVersion header top 3 bits to 001 together with bit field (1<<1) (according to the existing segwit deployment). Blocks that do not signal as required will be rejected [by the economic majority nodes]." With less than 6300 total listening nodes (core, BU, other), this idea leaves Bitcoin in a very vulnerable position for malicious sybil attacks against the network. If the core developers begin encouraging a Sybil Attack against the network to achieve their goal--ultimately undermining the security of the Bitcoin network--they're doing three things:
Proving that Sybil Attacks are effective against the network;
Encouraging malicious parties to do the same.
Highlighting just how vulnerable the network is, reducing the perceived value of such a network.
It's relatively cheap to create 10,000 listening Bitcoin nodes on any of the Big 3 cloud providers. In fact, at less than $1.20 per node a day on each AWS, Google Cloud, and Azure, one could launch 10,000 nodes, download the full blockchain, launch an attack for 12 hours straight, orphan all blocks they didn't agree with, and cripple the network. For $12,000. The incentives exist for a malicious player to do this too: short Bitcoin and profit off the panic dump. Furthermore, a botnet could achieve this at a lower cost, and it wouldn't be as easy to identify the malicious nodes as they'd be geographically dispersed. While it's great that this weakness has come to the forefront, core are actively discussing the launch of an attack that could cripple the Bitcoin network under the premise of "protecting" it from a much lesser threat of transaction malleability. Yet, somehow, people still don't see core as a threat to Bitcoin as we know it. I'll repeat that to let it sink in: Core are actively discussing the launch of an attack that could cripple the Bitcoin network under the premise of "protecting" it from the much lesser threat of transaction malleability. This isn't a blocksize debate, this is a struggle for power. Desperate times call for desperate measures, and core has shown their hand as desperate. It's a very dangerous road they're walking down, and it's going to be very interesting to see where we end up.
Sybil attack to Bitcoin Network: How can we block choopa nodes?
It seems that we are under sybil attack to Bitcoin network and especially from Classic nodes and their server provider. Is a very danger situation if a big part of the bitcoin network controlled from only one server provider and this happen with Classic nodes that runs to Choopa server provider. You can see details for the problem here https://twitter.com/sysmannet/status/712320018659155968 and here https://twitter.com/sysmannet/status/712320429239603200 The question is how can we block to our nodes the connections from choopa server nodes? What is their ip range? We have done this before when we blocked connections from chainalysis nodes before some months.
Three Bitcoin Core builders, Wladimir van der Laan, Peter Todd and Gregory Maxwell, say Chainalysis’ actions quantity to a so-called Sybil attack on the bitcoin community, one thing CEO Grønager denies. A Sybil attack is an online security breach where a hacker utilizes multiple accounts, nodes, or systems to take over a particular network. Blockchain Sybil attacks of cryptocurrencies are carried out by running numerous nodes on a network to achieve majority, at least 51%, control over the network. Once this is achieved, bad actors can carry out an array of mischievous and fraudulent ブロックチェーンの観点から説明です。 (数分で書いているのでかなり適当です。) 簡単にざっくり説明すると、基本的な用語の意味は 攻撃者が沢山のid(ユーザ)を作り、攻撃すること ブロックチェーンでは インターネット上の誰が誰だかわからない環境下で、複数のコンピュータで同意を得る It seems that we are under sybil attack to Bitcoin network and especially from Classic nodes and their server provider. Is a very danger situation if a big part of the bitcoin network controlled from only one server provider and this happen with Classic nodes that runs to Choopa server provider. A Sybil attack is an attack where a single adversary is controlling multiple nodes on a network. It is unknown to the network that the nodes are controlled by the same adversarial entity. For example, an adversary can spawn up multiple computers, virtual machines, and IP addresses.
A Sybil Attack in a peer-to-peer network happens when one person uses many, many nodes for a malicious end. ... Eclipse Attacks on Bitcoin’s Peer-to-Peer Network (USENIX 2015) - Duration: 27:15. Why Dash is the Most Sybil Attack-Resistant Cryptocurrency -- By Far - Duration: 8:05. ... Eclipse Attacks on Bitcoin’s Peer-to-Peer Network (USENIX 2015) - Duration: 27:15. Eclipse Attacks on Bitcoin’s Peer-to-Peer Network (USENIX 2015) - Duration: ... Sybil Attack Prevention and Detection in Vehicular AD Hoc Network Projects - Duration: 3:20. While fungibility is an essential property of good money, Bitcoin has its limitations in this area. Numerous fungibility improvements have been proposed; however none of them have addressed the ...