Return-Path: <braydon@purse.io>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id B661616F5
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri,  4 Oct 2019 00:38:38 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pg1-f182.google.com (mail-pg1-f182.google.com
	[209.85.215.182])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5A3E034F
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri,  4 Oct 2019 00:38:38 +0000 (UTC)
Received: by mail-pg1-f182.google.com with SMTP id d26so2733268pgl.7
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu, 03 Oct 2019 17:38:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=purse.io; s=google;
	h=to:from:subject:openpgp:autocrypt:message-id:date:user-agent
	:mime-version:content-transfer-encoding:content-language;
	bh=Ao/1XEWlQiiQA82lkUQFwpUgzFSbqIf57rvxc2XL4Pw=;
	b=TQ7icnhXDwo+x0iOxVRIINgoMUOsMvuLW31i+5GLDARqM1Yt+cO/AIjUwZmGlEJYH6
	BuZ7yHmOZVeW4c/k6Ldl8kZZqB4JLTlntpsH27daUtbaq7SMbk5hGq+wFLEc6HfDw4Ol
	jAo3EjLg/1j21j0G3UrQ1+5qFWX8i2wD/9nQM=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:to:from:subject:openpgp:autocrypt:message-id
	:date:user-agent:mime-version:content-transfer-encoding
	:content-language;
	bh=Ao/1XEWlQiiQA82lkUQFwpUgzFSbqIf57rvxc2XL4Pw=;
	b=MTCQXbqz8+dHLWY+6X6rHitHoylyXjTb39TTqLBzaj33w6GQYuaFQjo10OSRgJ7op2
	6pCRYhLLIlaM2k2RcQZjImhIy5AZy/f7Tm3Q/v8rftZpuV/cMgNEpPuxDkdZbs0xz3Cq
	z1uyrCIUzP/CZhCMYNdpQ/AbP8NNj9vl4qeeBYJDPfGVE//xAOGJWQB3Pkx07MsPddxX
	715e+L0LLaPdg2YgEvb+vS3j/X1D46prfBvakMv3As+JUGZY5LPSu244oykkf/+1dwT2
	drNkMFy2JzeMe2DaENIp+L6J1o/KfzgnFDBQoH8TdazbaLIofWeMn5ktWnUp5EzGgwbg
	FUsQ==
X-Gm-Message-State: APjAAAXYV0jpZZ/YD6z+o0weGcpfOQnZPro8esR+tvRpndnp6iahC+W8
	YbN0FF5mYlqCIhqJvwLEQOoYoQTf+xY=
X-Google-Smtp-Source: APXvYqyjW003irdLqAx8oxzxkptbk2zj1poPsPwr/bs5CTS114p1dOb06m3J22S4w3BA9oychXnulw==
X-Received: by 2002:aa7:818a:: with SMTP id g10mr14160759pfi.41.1570149517582; 
	Thu, 03 Oct 2019 17:38:37 -0700 (PDT)
Received: from [10.0.0.199] ([198.244.101.193])
	by smtp.gmail.com with ESMTPSA id w10sm1972326pjq.3.2019.10.03.17.38.36
	for <bitcoin-dev@lists.linuxfoundation.org>
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Thu, 03 Oct 2019 17:38:36 -0700 (PDT)
To: bitcoin-dev@lists.linuxfoundation.org
From: Braydon Fuller <braydon@purse.io>
Openpgp: preference=signencrypt
Autocrypt: addr=braydon@purse.io; keydata=
	xsFNBFsEkasBEAC4oPJQsFWAM0OjNJlYUxJbTV8bo1TgXwZdNZWewG6fvQQ+iGGImy/a5h10
	/9V+/Ctio8ayAfpk6V3z/vxq8IdPVcsWccHLnguaAEEhYnKdGZfsohcQMO4LR63R6vPrUYUJ
	ehVzt2YZ5F495iRDKwbQLXbmXF9vLtaKuf/6hbVmlG7bM59eVKcvpE8EKm95Lpw+CBE3uKc3
	RxTcKHgo6QrkClm19GNDDkmHxM/k+hGT3M+sXGhgpL2940AGKsXuTPghgLQ+5seBWtzuWV31
	Uf0ltHx6Ks1w0mlgZZ+u4wlljMHIBKLr4cYDOF8AYxyVcPzuQLdRjIIKEgpMDQW7ftbgGM/q
	hgGg2mN036KTUfT1HkmT82Z3D3z4ACJ/bY/J+mJw0baqcJpezndd1M6dnDNF9Slst2Mr+Loe
	JdN1tY5kk6/OWwAI5L15hmdiRWUBryJqun7sy23cmVPSOrtaIfl7/SEFJ+MuXbK53+mFGT2P
	CpdRzV4MrKr9qbBaXkkhvEfoL2z6VwIFBprqZjthPHcHR8r6QSTpZdsD+7+qoq2o4MDUqP54
	5a3kGI3l6VW767VE/NUIocyO7Z9D/EZOCk22ElTLTCzWm0JvxxGJoalebLQcGey/A9WWGOv/
	ydwvTry3PWAzrrXNt43McHHwZXU4vSLnAtAxQy06Nt9wsWo+2QARAQABzSFCcmF5ZG9uIEZ1
	bGxlciA8YnJheWRvbkBwdXJzZS5pbz7CwZcEEwEIAEECGwMFCwkIBwIGFQgJCgsCBBYCAwEC
	HgECF4ACGQEWIQRbfcWNkP7B6ZCjELryTyMtEIs61AUCXL9UPwUJA5v2FAAKCRDyTyMtEIs6
	1HOwEACedBLpkYrFeLANxD25USZunMt4KA58ZkY7Ap2m7KFcxjZD07YIjtxJyMLhHhMz6pR7
	fF5BFHbl8CtAhpTuz5Sj9X3K0eilNsXvdx18+3RMUpFVAwlEEev707q6zNqKsRd1CG7e0k4o
	28YAgwbt42UIPUoKTcEpT4C51sDa5d4NZsGnFcXeEdpBSQVi56vap0eJrQTSFpV0sG497HNN
	p96ErrGpqlOkTofcBeytpQbhH9kbP58PMABwU3tmoMFhT0kklPPZatv7RDLmC8cra5muXEwd
	wv7ggauHbMbV3U1xZ/BNPwHm7jO1ygqR6Q4Y98miRUP4yH9SJsnr+q7bpD4yOUy/qP0Ve0Y0
	jFgX4e4DrnckO/2rG4lB2SbKiAWAOW5aGTnUAZt6agegXY62kHpuUHGcgYkeQqDWKLZWjFAA
	vj8Gm5f+1thWk+4I0rFQBtaAoitd+qKPWFYSojjvKH4PLqoOV413qxZbrRlGxZb2TkJnxYpO
	imOq/H6bHCnJUA8NI1v5rXmGQXfwhofMX9dHpGK864G+i59AX9L0EEQngDXZPlSEkyISaBY7
	JFBhuIPcY8MrhUkNWl1G2RcssjHeexmo2qNrKH4bWFF7xCCTmdGUSoHzaHDe/cIqmI0aRkqf
	HQ4MpadD8flLLMqV/ODYfpSD3AuwM/m8Uj9nvfnMRs7BTQRbBJGrARAA3+SVdBJUThjPx/J5
	G4A1dd2vKVRRprW+pyJ0XDbNrRVOEnxr3okz2F4Htg72oULwsNcuCmgFxDlxIFMitzZAWbuL
	fq9FR7snaW3PMlkj44eezq3emYXVv3C3lc6MudAOqkQKNzakyaA/6cNVlQnVmrpctpFHtUNi
	oeivM9IeCP52scTH84qeRZofmnedc3FAxKMJ9OZi4Miigsd/DhzhUqbAePrCMlQQsM/HXSNs
	2qoMK3Bo6lcHzV7qyI9w19tmFouX06ULnAAM1dJZcCUL31FLtaIrGbcXA+99a8dlOUb68rj9
	9H3V3zDjJscDBgJ2mziuuS/naG/NK+RVhVh3KqtViC62nGgA1tS1aLKZ7KDeyzu4FiE2bCPh
	6b4IlIQijzqwTyPJt+0Muf2FYxir9GwgMnVqJ/fYaT671RCcUrkq2krVzdHq/HX7A8Hyfftc
	BMEt4yZJt/bZ7ryyWJ8PlQJP3HGqz+hpHmwrwmJgj5RbmktVMw3RAEipJrEHD1Q7wIhPNYpy
	6FIwFlDxwpUQOUYGEZYww9LRZiapN0FeDcFp6CUMRgJH24ZQzFk8J5N4PAzZrIZfQba71bDA
	z3902PDt66qiIiG2muTbd8eIeCzx9RxWhDmQclzXn5WxfPU6l0E9NgLNFoNCppLaTz2S/Gxw
	ZzrSduMLfVlhKPDjv2EAEQEAAcLBZQQYAQIADwUCWwSRqwIbDAUJAeEzgAAKCRDyTyMtEIs6
	1MLqD/9vMXLRhe5w6oBKuL0tj+ChLhkQEM66Q7O4urWmvl8yf/ThNi0/LydGAYawCUWud2ph
	aOg4vH0IUvUhlLDRcYc2MdfwJi8aj8G7YC/OUKwwFDfYyY9zIk1C5yXn6LigkjOL0PyYI0MM
	2gk64t/PK+Rny8jz6QjwZ4AMsoTpo698LSYS7LcvOETp+3yz0LYtkPP36FqoG2hudjh015Gk
	DSIHWckot4TJXK8OOHOuKwUz2fteGsFeM4bmTiArCRXsAkRWo0VbA6hPinK0Zr/xLNSYIx94
	IXe5q9ISZc6ceuWyisVsUZxUgJJGyNSvXXwx4zoSS7BXyTo7syjpKd09nhCL3QGfuHugJ/1/
	DCaNtKUu2C+rUe1Ux6/qteCVUsAM+bDfDBQ/vS1tnyn9OVBTOZqXvChL4f+MAN2Wws/+Llxw
	DqGMX6YC/ZBWM56XGApL1zj93nygxbN8s8yXqqMQNghTjwj9IqyaNQcKO/AslSmFlW6RXz1Y
	RDT4mSKdAogbdDqmguGc05kUaOSkqSb0bL34iQ/dm4PyVxjSGSDRr8TQOjQGz0rSEh6Q+LZ9
	zRltkmEMkdkyWQZ4tYsBbQv2TU+tCfKMIUCZ7xEHuvjAKZIms9Ers3zVS+PcRr9i6mvMtbNM
	ufP9MwSx7PqsHuv/PWdoI3uwanxYzk1GTLALMsy2icLBfAQYAQIAJgIbDBYhBFt9xY2Q/sHp
	kKMQuvJPIy0QizrUBQJcv1RFBQkDm/YaAAoJEPJPIy0QizrUjvoP/R6Wi8Ol1QiOWrxLZyL9
	NYtU1Q+P46R8Q0d6gFRkrC9MKJlzaTRzPxdaWyJURnh1pXHbykB3/b6Bg/WN7o7Wips8KIhL
	PzrNUiCZIsrBxUR29no7NzU6o7rSuu/9j5OfiyW/jViRJ3oi1jdYdFx7qx/56j1I54q6NHAk
	i2AoG07RbXsRsh0x5vv4VIEFNwRRHmn/d185NTDeoVj9IanVhF6zna9M2iX3AgUOLovF7PiM
	d/oF5XDwuzEDiBIorGi4WTqiCDjl7menb657af1DsPV68gKCiVFQNwfbawtUzUBasfaCFkR5
	NuXWFqYN/305vlK/IN2GDPrwwOFsQK9pG4fYDDC5Pi9fy9wLrwtlebRuraLCHsiho8mYtEhM
	QTU7oQwWga9Ax6BXbnStmX1kEev41CEEvnaVtqzuT0VKJjnre/7z8+bRC1tbqvN5CKTQ1k3d
	5uwFqCBOxtoY6NLmYT37zFq34etKgpqCri6lEMtM57icMd4SPaADSXly/EyUTPbb/iGvQVOS
	NFPpY30rTBA8rJJ5Iawe1OjG2dcYwKkFfGjGU7bbHp9ClG1d3YM7kDxVkgdIVAWhEY905HB4
	KXQZd0eW19JjNwLVMNzgBh07BiaXl16tWY+P7pQdPrbLctiIVqsYx+IU74M7riDEMTGjsosr
	lL56VCOJffiN9F1L
Message-ID: <42cd5ffd-63e8-b738-c4ea-13d0699b1268@purse.io>
Date: Thu, 3 Oct 2019 17:38:36 -0700
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101
	Thunderbird/60.8.0
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
Content-Language: en-US
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU,
	RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Mailman-Approved-At: Fri, 04 Oct 2019 02:03:45 +0000
Subject: [bitcoin-dev] Chain width expansion
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Oct 2019 00:38:38 -0000

Hi everyone,

We would like to share a paper for broad discussion, it is titled
"Bitcoin Chain Width Expansion Denial-of-Service Attacks".

From the abstract: The attacks leverage unprotected resources for a
denial-of-service by filling the disk and exhausting the CPU with
unnecessary header and block data. This forces the node to halt
operation. The attack difficulty ranges from difficult to easy. There
are currently limited guards for some of the attacks that require
checkpoints to be enabled. This paper describes a solution that does not
require enabling or maintaining checkpoints and provides improved security.

As the checkpoints in Bitcoin Core have not been maintained or updated
since mid 2014, this is especially relevant. Bitcoin Core implements
headers-first synchronization, since 2014, that provides the base for
the further improvements upon that design.

The paper is available at:
https://bcoin.io/papers/bitcoin-chain-expansion.pdf

The proposed solution has been implemented in Bcoin and is available at:
https://github.com/bcoin-org/bcoin/tree/chain-expansion

Best,
Braydon Fuller