1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <pete@petertodd.org>) id 1XBWqL-0004rw-4A
for bitcoin-development@lists.sourceforge.net;
Sun, 27 Jul 2014 22:23:01 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org
designates 62.13.148.99 as permitted sender)
client-ip=62.13.148.99; envelope-from=pete@petertodd.org;
helo=outmail148099.authsmtp.net;
Received: from outmail148099.authsmtp.net ([62.13.148.99])
by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1XBWqI-00065f-Pn for bitcoin-development@lists.sourceforge.net;
Sun, 27 Jul 2014 22:23:01 +0000
Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235])
by punt18.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s6RMMpRN089840;
Sun, 27 Jul 2014 23:22:51 +0100 (BST)
Received: from savin (75-119-251-161.dsl.teksavvy.com [75.119.251.161])
(authenticated bits=128)
by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s6RMMkp5028010
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
Sun, 27 Jul 2014 23:22:49 +0100 (BST)
Date: Sun, 27 Jul 2014 18:22:52 -0400
From: Peter Todd <pete@petertodd.org>
To: Mike Hearn <mike@plan99.net>
Message-ID: <20140727222252.GC14717@savin>
References: <53D1AF6C.7010802@gmail.com>
<CANEZrP2N6zf7RUtPzA+7-X5+UKBmrY-D_8Md+_=8nssoFNng9A@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="Md/poaVZ8hnGTzuv"
Content-Disposition: inline
In-Reply-To: <CANEZrP2N6zf7RUtPzA+7-X5+UKBmrY-D_8Md+_=8nssoFNng9A@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: 8af43b75-15dc-11e4-b396-002590a15da7
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
aQdMdAUUEkAYAgsB AmIbWVdeUl97XWo7 bA9PbARUfEhLXhtr
VklWR1pVCwQmQhpj e2NFEhxydQ1GeX4+ ZE9mW3IVVBUscUUv
RUtJFGhSNnphaTUb TRJbfgVJcANIexZF O1F6ACIKLwdSbGoL
NQ4vNDcwO3BTJTpY RgYVKF8UXXNDIj85 SnjL
X-Authentic-SMTP: 61633532353630.1023:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 75.119.251.161/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/,
no trust [62.13.148.99 listed in list.dnswl.org]
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1XBWqI-00065f-Pn
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>,
Ron OHara <ron.ohara54@gmail.com>
Subject: Re: [Bitcoin-development] Time
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sun, 27 Jul 2014 22:23:01 -0000
--Md/poaVZ8hnGTzuv
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Fri, Jul 25, 2014 at 12:30:11PM +0200, Mike Hearn wrote:
> >
> > Ok... 'time' on the blockchain could be 'gamed' ... but with great
> > difficulty.
>=20
>=20
> Unfortunately not: miners have in the past routinely gamed the timestamp =
in
> order to use it as an extra nonce and squeeze some more gigahashes out of
> their hardware/pool.
That's correct, but irrelevant for this application. The "gaming"
possible is only a few bits; gaming more bits than that either makes
blocks invalid due to being >2hr in the future, or < the median time in
the past. In addition doing the latter causes difficulty to rise.
Also see: "Re: [Bitcoin-development] 32 vs 64-bit timestamp fields" -
Peter Todd - 08 May 2013
http://www.mail-archive.com/bitcoin-development%40lists.sourceforge.net/msg=
02144.html
> > An application presented with a fake blockchain can use
> > quite a few heuristics to test the 'validity' of the block chain.
> >
>=20
> The app cannot tell if it was given a truncated chain. You could keep such
> an app stuck in the past forever. This is often a problem.
Only if the app is trying to use the blockchain non-interactively. The
right way to use the blockchain for determining the current time is to
create a nonce, timestamp it, wait for a confirmation, and get the
merkle path to the block header. This proves the attacker has spent at
least whatever resources it took to create a block considered valid by
your application. (you'll probably want to have a fairly high
min-difficulty)
> > Reliable 'time' has been impossible up until now - because you need to
> > trust the time source, and that can always be faked. Using the
> > blockchain as an approximate time source gives you a world wide
> > consensus without direct trust of any player.
> >
>=20
> Much though I hate to be a party pooper, you could currently get
> Bitcoin-level trusted time by just polling at least two or three
> independent servers e.g. google.com, baidu.cn, yandex.ru (they all ser=
ve
> time via HTTPS headers).
>
> If we crack the mining decentralisation problem then this argument becomes
> a lot stronger, but for now ......
See https://github.com/ioerror/tlsdate
Reminds me: anyone know if tlsdate is able to produce timestamp proofs
verifiable by third-parties? If it could in conjunction with the
blockchain as a random beacon you could at least show dishonesty by
showing that google.com/etc. signed a HTTPS header with a time prior to
when some block was created. Right now unlike the blockchain these
independent servers can easily get away with timestamp fraud,
particularly if they manage to target your specific application. (use
Tor!)
Equally, the blockchain has the advantage that it's easy to show that
invalid blocks are being created for the purpose of creating fake
timestamps; it'd be reasonable for the P2P network to relay any block
header seen with a difficulty > some anti-DoS threshold. Gavin already
did something similar with relaying invalid blocks in pull-req #3580.
It had the flaw of making network splits worse, but in conjunction with
a separate "invalid-block" inv type I think the issue goes away.
--=20
'peter'[:-1]@petertodd.org
0000000000000000201d505432d708aa2edb656f6fe34d686b37d4747e5ff389
--Md/poaVZ8hnGTzuv
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
iQGrBAEBCACVBQJT1Xu4XhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw
MDAwMDAwMDAwMDAwMDAyMDFkNTA1NDMyZDcwOGFhMmVkYjY1NmY2ZmUzNGQ2ODZi
MzdkNDc0N2U1ZmYzODkvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0
ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfsj/wgAmhWz18fnwJmwzk2xNzxevP+N
2/NbQcah+HGvV7oq8I9l0zj/Z4WErr/oOrrbvNNWmVWnScC4Ul3Cdow9bYGAcqeW
+dhPUuSD7Jz8Uh0SPvqT3E+zWKjsW93W/Sl1PoRGFFGBKCu7nvOkuVY/21vA471P
kM+Jwj8q3feQNBH2I9PyApwiUHEu6qF4fBv8vytQrovLOHPuosjt52kSVUhbwt6h
+qqHTwKLF4Uz28OKby3Hhhu+bsSeWuWYKe8DgeISMvHf7lQKVtyC4SQ3jC0GfTNm
cfhbHAsVZvIlD+opfh0tk3FLCoREz2CfExB0r709hsYjuZ8ICCWKjMdMZb39/w==
=EDM6
-----END PGP SIGNATURE-----
--Md/poaVZ8hnGTzuv--
|