1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
|
Return-Path: <pete@petertodd.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id C8776BA1
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 15 Jul 2015 19:33:08 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from outmail148109.authsmtp.co.uk (outmail148109.authsmtp.co.uk
[62.13.148.109])
by smtp1.linuxfoundation.org (Postfix) with ESMTP id DBD24E6
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 15 Jul 2015 19:33:07 +0000 (UTC)
Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237])
by punt18.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t6FJX5ib090486;
Wed, 15 Jul 2015 20:33:05 +0100 (BST)
Received: from muck (bas3-cooksville17-1176329344.dsl.bell.ca [70.29.92.128])
(authenticated bits=128)
by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t6FJX0Hn047146
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
Wed, 15 Jul 2015 20:33:03 +0100 (BST)
Date: Thu, 16 Jul 2015 04:32:59 +0900
From: Peter Todd <pete@petertodd.org>
To: Matthieu Riou <matthieu@blockcypher.com>
Message-ID: <20150715193259.GC3064@muck>
References: <24662b038abc45da7f3990e12a649b8a@airmail.cc>
<55A66FA9.4010506@thinlink.com>
<20150715151825.GB20029@savin.petertodd.org>
<CDB5FC27-F3F0-44F7-BBC6-670ACAE740D2@gmail.com>
<20150715155903.GC20029@savin.petertodd.org>
<55A68668.6@bitcoins.info>
<CAHUNwMp3-jNc9g0shCUCR76WEA5Qp+JpxZGPmAuK5wuy4p1yEw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="S1BNGpv0yoYahz37"
Content-Disposition: inline
In-Reply-To: <CAHUNwMp3-jNc9g0shCUCR76WEA5Qp+JpxZGPmAuK5wuy4p1yEw@mail.gmail.com>
X-Server-Quench: 4f9a7249-2b28-11e5-9f75-002590a135d3
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
aAdMdwcUEkAYAgsB AmMbWVReU157WWA7 bApPbwxDa0hQXgdi
T01BRU1TWkFud2Zp BmZAUh11dgFANn92 Y0NkEHQNVRV9d0J0
X0wGF2UbZGY1bX0W BkddagNUcgZDfk5E aVUrVz1vNG8XDSg5
AwQ0PjZ0MThBHWxu Qw4LLFwTSk8NAnY4 QAsZEC5nF1xNSyIu
JRgrb0UEEUAdM0M9 eUYnUlUePR4IDwBS fQlRGiZfPFAKWyss Cxgy
X-Authentic-SMTP: 61633532353630.1024:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 70.29.92.128/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Significant losses by double-spending unconfirmed
transactions
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 15 Jul 2015 19:33:08 -0000
--S1BNGpv0yoYahz37
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Jul 15, 2015 at 11:25:17AM -0700, Matthieu Riou via bitcoin-dev wro=
te:
> Hi,
>=20
> Thanks for the bug report Simon, "responsible" disclosure on public forums
> is always appreciated. We're working with ShapeShift to make sure we can
> protect them appropriately against this specific attack in the future. As
> "Me" and Adrian advised, I would also encourage you return the funds.
>=20
> Regarding Peter's accusations on Twitter/Reddit/listserve, we have no idea
> why we are his target. He has never met with our CEO, has no idea of our
> business model, nor our company objectives. All his comments about us are
> his speculations. I'm sure Peter knows what a Sybil attack actually is and
> making such claims on a public forum is completely unfounded and uncalled
> for. Stretching definitions beyond the point where they make sense is a
> common rhetoric and political tool, not necessarily appropriate in a
> professional or technical context.
"In a Sybil attack the attacker subverts the reputation system of a
peer-to-peer network by creating a large number of pseudonymous
identities, using them to gain a disproportionately large influence."
Quoting your API docs:
"[Blockcypher is] always connected to a statistically significant number
of nodes on the network - we target anywhere between 10 to 20% of the
active nodes on any given blockchain"
-http://dev.blockcypher.com/#confidence-factor
In the case of Bitcoin, there's something like 6,000 nodes, so if that
20% is achived via outgoing connections you'd have 600 to 1200 active
outgoing connections using up network resources. Meanwhile, the default
is 8 outgoing connections - you're using about two orders of magnitude
more resources.
If you are achieving that via incoming connections, you're placing a big
part of the relay network under central control. As we've seen in the
case of Chainalysis's sybil attack, even unintentional confirguation
screwups can cause serious and widespread issues due to the large number
of nodes that can fail in one go. (note how Chainalysis's actions were
described(1) as a sybil attack by multiple Bitcoin devs, including
Gregory Maxwell, Wladimir van der Laan, and myself)
Right now the P2P network has relatively weak protections against sybil
attacks, but efforts are being made to find ways to defend against them.
As anti-sybil attack technology improves, you'll be able to
simultaneously connect to a smaller and smaller % of the network, and
your confidence factor technology will degrade further.
Questions: How exactly does your monitoring network work? Do you make
incoming, outgoing, or both types of connections? What subnet(s) do the
connections come from? What software makes those connections?
> We offer useful services for many startups like ourselves. We are good
> actors in this space. As a startup we are also constrained by limited
> resources (we're funded but far from larger companies resources). Compani=
es
> aren't built in a single day and we hope to do more to help
> decentralization in the future as well. We're trying to further the
> ecosystem with our small team, so the pot shots are puzzling.
What you are doing is inherently incompatible with decentralization.
Your service simply doesn't scale; it's a server only a small number of
centralized entities can provide without causing the P2P network to
collapse due to resource exhaustion.
Question: Do you have relationships with mining pools? For instance, are
you looking at contracts to have transactions mined to guarantee
confirmations?
1) http://www.coindesk.com/chainalysis-ceo-denies-launching-sybil-attack-on=
-bitcoin-network/
--=20
'peter'[:-1]@petertodd.org
00000000000000000b675c4d825a10c278b8d63ee4df90a19393f3b6498fd073
--S1BNGpv0yoYahz37
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
iQGrBAEBCACVBQJVprVoXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw
MDAwMDAwMDAwMDAwMDAwYjY3NWM0ZDgyNWExMGMyNzhiOGQ2M2VlNGRmOTBhMTkz
OTNmM2I2NDk4ZmQwNzMvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0
ZUBwZXRlcnRvZC5vcmcACgkQwIXyHOf0udxMpAf/RAdgHy39EGVXmTINNwDAgnGY
OWXykDBrTTwBHJj1qP4FWjxmmAE71OoKQAcc7AUxSBVpNQHiTHrOMkAMo+jsd/HH
TBoNpzqt9cshXM3ASjeNIbmAdXufCpdKKsLRp7uA1I1ANzYdCQDmgT6xseFP9gTt
Vz0dMhDoQmKb9bP6p3lnPeriDZNP6GI0pSzulYdY6KshWXmmiapcCTJD0aXq3AMm
S00/bia3HhEFrF4894R+HEXiEv2yhDXXqfJBU1EqLE1WPMHgHeO9Obv/G7MbcFgX
OQGXAXdkcBJ/cSh/Imv487KSTmzWY98EB5OA61Qb5qsseDGtS7TT9WER+c1ncg==
=dMC/
-----END PGP SIGNATURE-----
--S1BNGpv0yoYahz37--
|