[Bitcoin-development] More denial-of-service prevention code to review

Gavin Andresen gavinandresen at gmail.com
Tue Sep 27 17:12:09 UTC 2011


Pull request:
  https://github.com/bitcoin/bitcoin/pull/534

Denial-of-service prevention: orphan blocks

The attack this prevents: Generate valid "orphan" blocks and send them
to a bitcoin node. Orphan blocks are blocks that are not in the main
blockchain, and before this patch the bitcoin client would store an
arbitrary number of them in memory, in case they later became part of
the main chain.

Two checks are added:

1) Orphan blocks before the last blockchain lock-in are rejected, and
if the node sends enough of those obviously-not-part-of-the-main-chain
blocks it will be disconnected and banned.

2) Orphan blocks must have a plausible proof-of-work. It is impossible
for a difficulty 1.0 block to follow a difficulty 1-million block (it
would take at least 19 months for difficulty to drop from 1-million to
1). Orphan blocks with too-low proof-of-work are ignored, and if a
node sends ten of them it is disconnected/banned.

Requiring plausible proof-of-work for orphan blocks will make this
attack too expensive to attempt (you would have to generate valid
blocks at current difficulty).

-- 
--
Gavin Andresen




More information about the bitcoin-dev mailing list