[Bitcoin-development] Possible Solution To SM Attack
Drak
drak at zikula.org
Tue Nov 5 23:44:15 UTC 2013
On 5 November 2013 23:06, Gregory Maxwell <gmaxwell at gmail.com> wrote:
> On Tue, Nov 5, 2013 at 2:15 PM, Drak <drak at zikula.org> wrote:
> > If I understand the issue properly, this seems like a pretty elegant
> > solution: if two blocks are broadcast within a certain period of
> eachother,
> > chose the lower target. That's a provable fair way of randomly choosing
> the
> > winning block and would seem like a pretty simply patch.
>
> uh. and so when my solution is, by chance, unusually low... I am
> incentivized to hurry up and release my block because?
Yes, I saw the flaw as pointed out by Quinn so I then suggested two step
solution:
1. Decide high or low by taking a the leading bytes from
hash(alice)+hash(bob): above certain number we the rule is "higher wins",
below a certain number the "lower hash wins"
2. Chose winner based on the higher or lower of hash(alice) or hash(bob)
based on the rule coming from 1
Now you have a situation where you don't know the rules of the game in
advance (whether high or low wins) until the hands are already dealt nor
have any idea about how high or low Bob's hash will be since it's not based
on target anymore, but on a hash of the blockhash so it makes it a guessing
game.
You might have an unusually high or low hash, but then you have no idea
whether higher or lower is going to win. So it is better for Alice to just
broadcast the block.
What do you think?
Drak
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20131105/8fa2d7da/attachment.html>
More information about the bitcoin-dev
mailing list