[Bitcoin-development] Discovery/addr packets (was: Service bits for pruned nodes)

Gregory Maxwell gmaxwell at gmail.com
Mon May 6 18:25:50 UTC 2013

On Mon, May 6, 2013 at 11:04 AM, Adam Back <adam at cypherspace.org> wrote:
> bitcoins primary
> vulnerability IMO (so far) is network attacks to induce network splits,
> local lower difficulty to a point that a local and artificially isolated
> area of the network can be fooled into accepting an orphan branch as the
> one-true block chain,

Uh.  It currently costs about 2016*25*$120 = six million dollars to
reduce the difficulty in your isolated fork by a factor of 4.

To reduce it by a factor of 1000 (what would be required to make a
parallel fork that you could maintain in realtime with a single avalon
device) the cost is  sum(2016*25/4^n*120,n,0,ceil(log4(1000))) or
about eight million dollars.

Surely you can think of attacks on Bitcoin which are less expensive
than eight million dollars. :P

> maybe even from node first install time.

Protecting against that— making sure any such attack has to start from
a high difficulty— is, in my opinion, the biggest continued
justification for checkpoints.

> (btw I notice most of the binaries and tar balls are not signed, nor served
> from SSL - at least for linux).

They are signed.

> With ToR, it has a similar bootstrap problem to bitcoin.  So while that may
> help it is also passing the buck, not necessarily solving the problem.  And

No, it doesn't. It has centrally controlled directories that publish
an official Truth of the Network. Someone can isolate you and thus DOS
you, but they can't put you on a fantasy tor network.  But ...

> as I said I think its possible bitcoin has a higher assurance need in that
> the attackers motivated my $$ might put more effort in than the odd

It does, and we also consider decentralization a core value. But even
the tor project would like to decentralize more.

More information about the bitcoin-dev mailing list