Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Wxj7L-0000h7-FT for bitcoin-development@lists.sourceforge.net; Thu, 19 Jun 2014 20:39:31 +0000 Received: from mail-pb0-f48.google.com ([209.85.160.48]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Wxj7J-0000so-Eg for bitcoin-development@lists.sourceforge.net; Thu, 19 Jun 2014 20:39:31 +0000 Received: by mail-pb0-f48.google.com with SMTP id rq2so2290064pbb.21 for ; Thu, 19 Jun 2014 13:39:23 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:organization:user-agent :mime-version:to:cc:subject:references:in-reply-to:content-type :content-transfer-encoding; bh=cg+Q11S4AhEv43hE7O6UQLUjGAcOWYsApweq9qBq7GA=; b=ccYjBXlQzLQIIGzaL3JDJT2lJvlt62qNXBUAfFhcdTb3P++WH1HkTr7GApScdwgA1T U4Qk9Lgkh9LZNxW8nJdrrrbIe0v6Dzp9QN9eNqjwG3gssV2pz+bxKoyHKR81CH2dnU2d D5x6VAIiJgVuNZlnIEOrMnUKTzCnpBr8JPonte+kVzNBP+QNz38DYy4CCang0UP/nE/m P4tP3zD0eeH4JWxddBc4klvMtbogdJW1PjdZDMIdO4/3gThIW/5mtSs9yJw5ZN+lPhzh NLrd1MZFi1KIFfDiZ/vl3lDWxGiN291tJHPn3YAgIVGUOV9mOfgcnp+YkRe06c8spknQ oLaA== X-Gm-Message-State: ALoCoQkSC6NVXNCLso0+0lNNV2Aluaq/4bTGu5+Aq2V30puuCehKY5yHE8lnl6/wSlpCfoheGzFo X-Received: by 10.68.229.36 with SMTP id sn4mr8450786pbc.51.1403210363345; Thu, 19 Jun 2014 13:39:23 -0700 (PDT) Received: from [192.168.127.236] (50-0-36-179.dsl.dynamic.sonic.net. [50.0.36.179]) by mx.google.com with ESMTPSA id vy5sm31870588pac.13.2014.06.19.13.39.16 for (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 19 Jun 2014 13:39:22 -0700 (PDT) Message-ID: <53A34A71.2090106@monetize.io> Date: Thu, 19 Jun 2014 13:39:13 -0700 From: Mark Friedenbach Organization: Monetize.io Inc. User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:24.0) Gecko/20100101 Thunderbird/24.5.0 MIME-Version: 1.0 To: slush , Mike Hearn References: <53A316BE.5040508@certimix.com> <53A31B3E.7020906@monetize.io> In-Reply-To: X-Enigmail-Version: 1.6 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: 7bit X-Spam-Score: 0.0 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. X-Headers-End: 1Wxj7J-0000so-Eg Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] BlockPow: A Practical Proposal to prevent mining pools AND reduce payoff variance: X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Jun 2014 20:39:31 -0000 Do you need to do full validation? There's an economic cost to mining invalid blocks, and even if that were acceptable there's really no reason to perform such an attack. The result would be similar to a block withholding attack, but unlike block withholding it would be trivially detectable if/when full validation was performed. To protect yourself and to detect incorrect mining software you could stochastically validate a randomly selected sample of shares, as your hardware requirements allow. On 06/19/2014 01:26 PM, slush wrote: > With GBT, simply hashing the block header is not enough, because pool > cannot rely on anything provided by the client. Its not only about > things like withdrawal attacks, but more about hidden bugs in various > miners. It is extremely hard to do full validation for *every* of > submitted shares.