Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <gavinandresen@gmail.com>) id 1R8bCa-0007rN-Ln
	for bitcoin-development@lists.sourceforge.net;
	Tue, 27 Sep 2011 17:12:16 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.161.47 as permitted sender)
	client-ip=209.85.161.47; envelope-from=gavinandresen@gmail.com;
	helo=mail-fx0-f47.google.com; 
Received: from mail-fx0-f47.google.com ([209.85.161.47])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-MD5:128)
	(Exim 4.76) id 1R8bCZ-0008Vv-Rj
	for bitcoin-development@lists.sourceforge.net;
	Tue, 27 Sep 2011 17:12:16 +0000
Received: by fxi1 with SMTP id 1so10388347fxi.34
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 27 Sep 2011 10:12:09 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.223.42.216 with SMTP id t24mr2698333fae.141.1317143529585;
	Tue, 27 Sep 2011 10:12:09 -0700 (PDT)
Received: by 10.152.25.105 with HTTP; Tue, 27 Sep 2011 10:12:09 -0700 (PDT)
Date: Tue, 27 Sep 2011 13:12:09 -0400
Message-ID: <CABsx9T24p5uP_jM4tsaDMsvQbM4tKnJ-wGHThVYeHiF7hdhecg@mail.gmail.com>
From: Gavin Andresen <gavinandresen@gmail.com>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Content-Type: text/plain; charset=ISO-8859-1
X-Spam-Score: -1.6 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(gavinandresen[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
	0.0 AWL AWL: From: address is in the auto white-list
X-Headers-End: 1R8bCZ-0008Vv-Rj
Subject: [Bitcoin-development] More denial-of-service prevention code to
	review
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 27 Sep 2011 17:12:16 -0000

Pull request:
  https://github.com/bitcoin/bitcoin/pull/534

Denial-of-service prevention: orphan blocks

The attack this prevents: Generate valid "orphan" blocks and send them
to a bitcoin node. Orphan blocks are blocks that are not in the main
blockchain, and before this patch the bitcoin client would store an
arbitrary number of them in memory, in case they later became part of
the main chain.

Two checks are added:

1) Orphan blocks before the last blockchain lock-in are rejected, and
if the node sends enough of those obviously-not-part-of-the-main-chain
blocks it will be disconnected and banned.

2) Orphan blocks must have a plausible proof-of-work. It is impossible
for a difficulty 1.0 block to follow a difficulty 1-million block (it
would take at least 19 months for difficulty to drop from 1-million to
1). Orphan blocks with too-low proof-of-work are ignored, and if a
node sends ten of them it is disconnected/banned.

Requiring plausible proof-of-work for orphan blocks will make this
attack too expensive to attempt (you would have to generate valid
blocks at current difficulty).

-- 
--
Gavin Andresen