diff options
author | Marcel Jamin <marcel@jamin.net> | 2017-03-05 07:29:16 +0100 |
---|---|---|
committer | bitcoindev <bitcoindev@gnusha.org> | 2017-03-05 06:29:19 +0000 |
commit | aed01a0d0a1f287b3ba24b0bec5114c4b47205ad (patch) | |
tree | af04958b3960b0d644281ab2952f5a6de30fd266 | |
parent | 875833e53a479ebb5e6779c1d439559d0edfc1f5 (diff) | |
download | pi-bitcoindev-aed01a0d0a1f287b3ba24b0bec5114c4b47205ad.tar.gz pi-bitcoindev-aed01a0d0a1f287b3ba24b0bec5114c4b47205ad.zip |
Re: [bitcoin-dev] Unique node identifiers
-rw-r--r-- | 9e/7cae96c697a5a92ef97b01bb81f55cd13eb42d | 313 |
1 files changed, 313 insertions, 0 deletions
diff --git a/9e/7cae96c697a5a92ef97b01bb81f55cd13eb42d b/9e/7cae96c697a5a92ef97b01bb81f55cd13eb42d new file mode 100644 index 000000000..cbc50b867 --- /dev/null +++ b/9e/7cae96c697a5a92ef97b01bb81f55cd13eb42d @@ -0,0 +1,313 @@ +Return-Path: <marcel@jamin.net> +Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org + [172.17.192.35]) + by mail.linuxfoundation.org (Postfix) with ESMTPS id 1DB501276 + for <bitcoin-dev@lists.linuxfoundation.org>; + Sun, 5 Mar 2017 06:29:19 +0000 (UTC) +X-Greylist: whitelisted by SQLgrey-1.7.6 +Received: from mail-vk0-f51.google.com (mail-vk0-f51.google.com + [209.85.213.51]) + by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 0D765AC + for <bitcoin-dev@lists.linuxfoundation.org>; + Sun, 5 Mar 2017 06:29:17 +0000 (UTC) +Received: by mail-vk0-f51.google.com with SMTP id x75so21893739vke.2 + for <bitcoin-dev@lists.linuxfoundation.org>; + Sat, 04 Mar 2017 22:29:17 -0800 (PST) +DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=jamin-net.20150623.gappssmtp.com; s=20150623; + h=mime-version:in-reply-to:references:from:date:message-id:subject:to; + bh=EwQlRpfVkDJRQ/LeHgN3qj2GxslJZLQfXLVibNpO/Wk=; + b=FJ38dQiFrbYxmARt0WhG95GgBvsdBMxy4bMykwGHixGyt1UbEZ+FK8t12CjO7HCpoY + voDefx2wKbcMvTpULLEEt9o++42AJCRUVVPy0+kXpIF524musN+OtkOu+XL3BqAVR4Li + IuBodb9AKBWEv0gbppR5+yOV++r5rZuHKikog3+d37dQxysN6v8nvhXfWG9xEeaj0HxL + KfUCrTgZ0Mf5QWdnqSqrI+dyu3d2H/eGMXv/5LEoip1pyENd/feHXlpQRUzfY6brf/yU + UXaSUEIKJ1LDpu6vO9I87XnFH4OFou4pPPo2ask9HkgakS9UzINbthYaI7MBQWX4WASP + s9ZA== +X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; + d=1e100.net; s=20161025; + h=x-gm-message-state:mime-version:in-reply-to:references:from:date + :message-id:subject:to; + bh=EwQlRpfVkDJRQ/LeHgN3qj2GxslJZLQfXLVibNpO/Wk=; + b=jm7zB5DNNt18Q7K6M4YqdOesyj9NVBaDCjcwF8HUyz9J7IuPTblG0/2LVizOBA894N + Y4IdmL/FDCn/yFCb81eWQGFlWmsVoTIe+pk+kEMnVWmS2Qb53rLBdS2EJpmx4g7jbJtR + B5soDlAiEQPLVWRfC2gbS964BtvxuWB8eFd5rnUt7zCetYLCZjuEKWYSco0XlfWLpHn/ + sXvy/gVniC1DQrBWOvYNsXC+Ct+3fgnvLbmG9L+Iq/r51Vwq2VzC/N/OHcAz1hpbI4rN + udSeDCKog9HFZgJcPBLedd0xBANrA5KBFeLmHN2yQbgLFcmOQHmx9DcXNZ3OUxfJrGPB + UtwA== +X-Gm-Message-State: AMke39m919wjoq5aIcVFnMyRw+aTHrJteKPIGAL+g4C3Q7kvzxmZNchAkwtsx6NHOOilYbKb1QAd7g2GfQcWsQ== +X-Received: by 10.31.190.142 with SMTP id o136mr4544889vkf.73.1488695356892; + Sat, 04 Mar 2017 22:29:16 -0800 (PST) +MIME-Version: 1.0 +Received: by 10.103.30.194 with HTTP; Sat, 4 Mar 2017 22:29:16 -0800 (PST) +In-Reply-To: <BL2PR03MB435C5077E69D91D0A8092B6EE2A0@BL2PR03MB435.namprd03.prod.outlook.com> +References: <BL2PR03MB435C5077E69D91D0A8092B6EE2A0@BL2PR03MB435.namprd03.prod.outlook.com> +From: Marcel Jamin <marcel@jamin.net> +Date: Sun, 5 Mar 2017 07:29:16 +0100 +Message-ID: <CAAUq487S-rvt+fee4961ACyVYaHb=7f2TqppoVO=_WdHfYEExw@mail.gmail.com> +To: John Hardy <john@seebitcoin.com>, + Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org> +Content-Type: multipart/alternative; boundary=001a1143a674ed3b800549f5e542 +X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, + DKIM_VALID, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 +X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on + smtp1.linux-foundation.org +X-Mailman-Approved-At: Sun, 05 Mar 2017 13:12:41 +0000 +Subject: Re: [bitcoin-dev] Unique node identifiers +X-BeenThere: bitcoin-dev@lists.linuxfoundation.org +X-Mailman-Version: 2.1.12 +Precedence: list +List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> +List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> +List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> +List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> +List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> +List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, + <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> +X-List-Received-Date: Sun, 05 Mar 2017 06:29:19 -0000 + +--001a1143a674ed3b800549f5e542 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +> This could even come in the form of a Bitcoin address. + +Wouldn't this actually *need* to be a bitcoin address that is included in a +block to get any real assurances about the age if this node id? Otherwise +malicous nodes could lie and claim to have seen a brand new node id years +ago already. + +Even if included in a block, people could sell their aged IDs (if we were +to rely on those for anything). + +Also funding that ID address would might tie your economic activity (or +even identity) to a node. + +On 4 March 2017 at 17:04, John Hardy via bitcoin-dev < +bitcoin-dev@lists.linuxfoundation.org> wrote: + +> The discussion of UASF got me thinking about whether such a method might +> lead to sybil attacks, with new nodes created purely to inflate the node +> count for a particular implementation in an attempt at social engineering= +. +> +> I had an idea for an anonymous, opt-in, unique node identification +> mechanism to help counter this. +> +> This would give every node the opportunity to create a node +> =E2=80=98address=E2=80=99/unique identifier. This could even come in the = +form of a Bitcoin +> address. +> +> The node on first installation generates and backs up a private key. The +> corresponding public key becomes that node=E2=80=99s unique identifier. I= +f the node +> switches to a new software version or a new IP, the identifier can remain +> constant if the node operator chooses. +> +> Asking a node for its identifier can be done by sending a message the +> command =E2=80=98identify=E2=80=99 and a challenge. The node can then res= +pond with its +> unique identifier and a signature for the challenge to prove it. The node +> can also include what software it is running and sign this information so +> it can be verified as legitimate by third parties. +> +> Why would we do this? +> +> Well, it adds a small but very useful piece of data when compiling lists +> of active nodes. +> +> Any register of active nodes can have a record of when a node identifier +> was =E2=80=9Cfirst seen=E2=80=9D, and how many IPs the same identifier ha= +s broadcast from. +> Also, crucially, we could see what software the node operator has been se= +en +> running historically. +> +> This information would make it easy to identify patterns. For example if = +a +> huge new group of nodes appeared on the network with no history for their +> identifier they could likely be dismissed as sybil attacks. If a huge +> number of nodes that had been reporting as Bitcoin Core for an extended +> period of time started switching to a rival implementation, this would ad= +d +> credibility but not certainty (keys could be traded), that the shift was +> more organic. +> +> This would be trivial to implement, is (to me?) non-controversial, and +> would give a way for a node to link itself to a pseudo-anonymous identity= +, +> but with the freedom to opt-out at any time. +> +> Keen to hear any thoughts? +> +> Thanks, +> +> John Hardy +> +> john@seebitcoin.com +> +> +> _______________________________________________ +> bitcoin-dev mailing list +> bitcoin-dev@lists.linuxfoundation.org +> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev +> +> + +--001a1143a674ed3b800549f5e542 +Content-Type: text/html; charset=UTF-8 +Content-Transfer-Encoding: quoted-printable + +<div dir=3D"ltr"><div class=3D"gmail_default" style=3D"font-family:monospac= +e,monospace;font-size:small;color:rgb(12,52,61)">>=C2=A0<span style=3D"c= +olor:rgb(0,0,0);font-family:arial;font-size:14.6667px;white-space:pre-wrap"= +>This could even come in the form of a Bitcoin address.</span></div><div cl= +ass=3D"gmail_default" style=3D"font-family:monospace,monospace;font-size:sm= +all;color:rgb(12,52,61)"><span style=3D"color:rgb(0,0,0);font-family:arial;= +font-size:14.6667px;white-space:pre-wrap"><br></span></div><div class=3D"gm= +ail_default" style=3D"font-family:monospace,monospace;font-size:small;color= +:rgb(12,52,61)"><span style=3D"color:rgb(0,0,0);font-family:arial;font-size= +:14.6667px;white-space:pre-wrap">Wouldn't this actually *need* to be a = +bitcoin address that is included in a block to get any real assurances abou= +t the age if this node id? Otherwise malicous nodes could lie and claim to = +have seen a brand new node id years ago already.</span></div><div class=3D"= +gmail_default" style=3D"font-family:monospace,monospace;font-size:small;col= +or:rgb(12,52,61)"><span style=3D"color:rgb(0,0,0);font-family:arial;font-si= +ze:14.6667px;white-space:pre-wrap"><br></span></div><div class=3D"gmail_def= +ault" style=3D"font-family:monospace,monospace;font-size:small;color:rgb(12= +,52,61)"><span style=3D"color:rgb(0,0,0);font-family:arial;font-size:14.666= +7px;white-space:pre-wrap">Even if included in a block, people could sell th= +eir aged IDs (if we were to rely on those for anything).</span></div><div c= +lass=3D"gmail_default" style=3D"font-family:monospace,monospace;font-size:s= +mall;color:rgb(12,52,61)"><span style=3D"color:rgb(0,0,0);font-family:arial= +;font-size:14.6667px;white-space:pre-wrap"><br></span></div><div class=3D"g= +mail_default" style=3D"font-family:monospace,monospace;font-size:small;colo= +r:rgb(12,52,61)"><span style=3D"color:rgb(0,0,0);font-family:arial;font-siz= +e:14.6667px;white-space:pre-wrap">Also funding that ID address would might = +tie your economic activity (or even identity) to a node.</span></div></div>= +<div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On 4 March 2017 a= +t 17:04, John Hardy via bitcoin-dev <span dir=3D"ltr"><<a href=3D"mailto= +:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">bitcoin-dev@lists= +.linuxfoundation.org</a>></span> wrote:<br><blockquote class=3D"gmail_qu= +ote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex= +"> + + + + +<div dir=3D"ltr"> +<div id=3D"m_4495502098626100444divtagdefaultwrapper" style=3D"font-size:12= +pt;color:#000000;font-family:Calibri,Arial,Helvetica,sans-serif" dir=3D"ltr= +"> +<p><span id=3D"m_4495502098626100444docs-internal-guid-1be5245f-9a0e-19aa-b= +d44-cdeb0d05121c"></span></p> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">The discussion of UASF got = +me thinking about whether such + a method might lead to sybil attacks, with new nodes created purely to inf= +late the node count for a particular implementation in an attempt at social= + engineering.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">I had an idea for an anonym= +ous, opt-in, unique node identification + mechanism to help counter this.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">This would give every node = +the opportunity to create a + node =E2=80=98address=E2=80=99/unique identifier. This could even come in = +the form of a Bitcoin address.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">The node on first installat= +ion generates and backs up + a private key. The corresponding public key becomes that node=E2=80=99s un= +ique identifier. If the node switches to a new software version or a new IP= +, the identifier can remain constant if the node operator chooses.</span></= +p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">Asking a node for its ident= +ifier can be done by sending + a message the command =E2=80=98identify=E2=80=99 and a challenge. The node= + can then respond with its unique identifier and a signature for the challe= +nge to prove it. The node can also include what software it is running and = +sign this information so it can be verified as legitimate + by third parties.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">Why would we do this?</span= +></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">Well, it adds a small but v= +ery useful piece of data when + compiling lists of active nodes.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">Any register of active node= +s can have a record of when + a node identifier was =E2=80=9Cfirst seen=E2=80=9D, and how many IPs the s= +ame identifier has broadcast from. Also, crucially, we could see what softw= +are the node operator has been seen running historically.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">This information would make= + it easy to identify patterns. + For example if a huge new group of nodes appeared on the network with no h= +istory for their identifier they could likely be dismissed as sybil attacks= +. If a huge number of nodes that had been reporting as Bitcoin Core for an = +extended period of time started + switching to a rival implementation, this would add credibility but not ce= +rtainty (keys could be traded), that the shift was more organic.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">This would be trivial to im= +plement, is (to me?) non-controversial, + and would give a way for a node to link itself to a pseudo-anonymous ident= +ity, but with the freedom to opt-out at any time.</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">Keen to hear any thoughts?<= +/span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">Thanks,</span></p> +<br> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap">John Hardy</span></p> +<p dir=3D"ltr" style=3D"line-height:1.38;margin-top:0pt;margin-bottom:0pt">= +<span style=3D"font-size:11pt;font-family:Arial;background-color:transparen= +t;vertical-align:baseline;white-space:pre-wrap"><a href=3D"mailto:john@seeb= +itcoin.com" target=3D"_blank">john@seebitcoin.com</a></span></p> + +<p></p> +</div> +</div> + +<br>______________________________<wbr>_________________<br> +bitcoin-dev mailing list<br> +<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.= +<wbr>linuxfoundation.org</a><br> +<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" = +rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org= +/mailman/listinfo/bitcoin-<wbr>dev</a><br> +<br></blockquote></div><br></div> + +--001a1143a674ed3b800549f5e542-- + |