[bitcoin-dev] Significant losses by double-spending unconfirmed transactions

Thu Jul 16 05:18:25 UTC 2015

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Personally, I hope more people develop on-chain microtransaction
systems (so long as open source, etc) ~ see
http://dev.blockcypher.com/#microtransaction-api ~ and I hope the
bitcoin community figures out ways to re-examine dust, rather than
viewing it as a "problem," but instead, to re-examine this and
interpret it as an "opportunity" for microgiving. (I won't claim there
aren't challenges there, but I'll just throw that out there again..)

- - Please see, my little project, http://abis.io

On 07/15/2015 05:08 PM, Matthieu Riou via bitcoin-dev wrote:
> On Wed, Jul 15, 2015 at 12:32 PM, Peter Todd <pete at petertodd.org 
> <mailto:pete at petertodd.org>> wrote:
> 
> 
> "In a Sybil attack the attacker subverts the reputation system of
> a peer-to-peer network by creating a large number of pseudonymous 
> identities, using them to gain a disproportionately large
> influence."
> 
> 
> Our "identities" aren't pseudonymous.
> 
> In the case of Bitcoin, there's something like 6,000 nodes, so if
> that 20% is achived via outgoing connections you'd have 600 to 1200
> active outgoing connections using up network resources.  Meanwhile,
> the default is 8 outgoing connections - you're using about two
> orders of magnitude more resources.
> 
> 
> You're not talking about a Sybil attack anymore, just resource use.
> We do know how to change default configurations to offer more
> connections.
> 
> If you are achieving that via incoming connections, you're placing
> a big part of the relay network under central control. As we've
> seen in the case of Chainalysis's sybil attack, even unintentional
> confirguation screwups can cause serious and widespread issues due
> to the large number of nodes that can fail in one go. (note how
> Chainalysis's actions were described(1) as a sybil attack by
> multiple Bitcoin devs, including Gregory Maxwell, Wladimir van der
> Laan, and myself)
> 
> 
> We're not Chainanalysis and we do not run hundreds of distinct
> nodes. Just a few well-tuned ones.
> 
> 
> What you are doing is inherently incompatible with
> decentralization.
> 
> 
> That's a matter of opinion. One could argue your actions and
> control attempts hurt decentralization. Either way, no one should
> play the decentralization police or act as a gatekeeper.
> 
> Question: Do you have relationships with mining pools? For
> instance, are you looking at contracts to have transactions mined
> to guarantee confirmations?
> 
> 
> No, we do not. We do not know anyone else having such contracts. As
> you know, Coinbase also denied having such contracts in place [1].
> But you seem to have more relationships with mining pools than we
> do.
> 
> Thanks, Matthieu CTO and Founder, BlockCypher
> 
> [1]
> http://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-June/00886
4.html
>
> 
> 
> _______________________________________________ bitcoin-dev mailing
> list bitcoin-dev at lists.linuxfoundation.org 
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
> 

- -- 
http://abis.io ~
"a protocol concept to enable decentralization
and expansion of a giving economy, and a new social good"
https://keybase.io/odinn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJVpz6hAAoJEGxwq/inSG8CdAMIAJfJcJaXyFjUVLi6iA03tpot
8e0SONC+kadLRTUn8GzAlpSgvKLcfqO5WvNKsjJenckrP+B6oSlT2e2u0QGehxl4
gGfTksOPzrBFCfWOZnVAaDr4uR7OAHM/AjXkpn1gQJsh+xBhyeUF1xapPeR/M+9e
yXFtV0itZve93sKrtlo+J/VShEi9mPBYrFrJBK9o17ir5chXW/xzqGm1Ny3fS72U
/g9zkdt+LBidaLXdPvfBjjmux18BM+IAifO41C9Q0eIN6x0zajvPd/Y3Mm5J/QUe
p8qvj2Px75AYSCV0qzgMhETZdwYFor04f2zJ8u3WUB+AbupM9hewqvfPGiUi1qU=
=S/aI
-----END PGP SIGNATURE-----