Denial-of-service prevention: low-difficulty blocks#534
Denial-of-service prevention: low-difficulty blocks#534gavinandresen merged 2 commits intobitcoin:masterfrom
Conversation
|
Testing: Unless somebody has already written a tool to generate low-difficulty valid-but-orphan blocks, I think we may have to rely on code review and unit tests (unit tests are part of this pull). (I am working on a tool to generate blocks and transactions for testing, but have more work to do on it) |
|
Would test-net-in-a-box allow me to create orphaned blocks to test this? |
|
You can't use testnet to test this, because testnet doesn't have block-chain lock-in points and there's no way to generate orphan blocks on purpose with too-low difficulty. |
|
What's the justification for having more checkpoints than just the latest? |
|
Justification for more than the last checkpoint is it makes it harder for an attacker to waste a newbie's time downloading a long-but-invalid chain. Pruning some of the checkpoints in the middle is probably a good idea. |
Denial-of-service prevention: low-difficulty blocks
Denial-of-service prevention: low-difficulty blocks
|
I would be curious to know if this network rule change is in line with the Satoshi White Paper on bitcoin. |
|
Why are you replying to two year old pulls? This doesn't make the node reject any blocks that it wouldn't already (ultimately) reject. |
|
Indeed, it's not a rule change. It just detects invalid blocks earlier. |
6 participants
The attack this prevents: Generate valid low-difficulty blocks (maybe built on top of an early part of the block chain) and send them to a bitcoin node. Before this patch the bitcoin client could store an arbitrary number of them in memory or on disk, in case they later became part of the main chain.
Two checks are added:
Blocks before the last blockchain lock-in are rejected, and the peer sending these obviously-not-part-of-the-main-chain blocks it will be disconnected and banned.
Blocks must have a plausible proof-of-work. It is impossible for a difficulty 1.0 block to follow a difficulty 1-million block (it would take at least 19 months for difficulty to drop from 1-million to 1). Blocks with too-low proof-of-work are ignored, and peers relaying them are disconnected/banned.
Requiring plausible proof-of-work for orphan blocks or alternate chains foils this attack (you would have to be able to generate valid blocks near current difficulty).