📅 Original date posted:2011-09-13
🗒️ Summary of this message: Bitcoin's "timejacking" vulnerability allows miners to manipulate block timestamps, leading to difficulty adjustment issues. Fixing it requires addressing the "what time is it" code.
📝 Original message:Background:
Timejacking:
http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html
And a recent related exploit launched against the low-difficulty
alternative chains:
https://bitcointalk.org/index.php?topic=43692.msg521772#msg521772
Seems to me there are two fundamental problems:
1) Bitcoin should be overlapping the ranges of block timestamps that
it uses to calculate difficulty adjustments.
2) Bitcoin's "what time is it" code is kind of a hack.
Fixing (1) would mean a potential block-chain split; before
considering doing that I'd like to consider second-best solutions.
Fixing (2) is easier; incorporating a ntp library and/or simply
removing the bitcoin mining code from the client but requiring pools
and miners to have accurate-to-within-a-minute system clocks (or their
blocks will be "discouraged") seems reasonable to me. If you want to
produce blocks that the rest of the network will accept, run ntp on
your system.
I THINK that fixing (2) will make (1) a non-issue-- if miners can't
mess around with block times very much then it will be very difficult
for them to manipulate the difficulty for their benefit.
--
--
Gavin Andresen
Gavin Andresen [ARCHIVE] /
npub1s4…d44kw
2023-06-07 02:25:14
in reply to nevent1q…eg6n
Author Public Key
npub1s4lj77xuzcu7wy04afcr487f0r3za0f8n2775xrpkld2sv639mjqsd44kwPublished at
2023-06-07 02:25:14Event JSON
{
"id": "fe1d4f2748942667aa762d90638abfe81e197e019f8fae25adde9ba60e509f0e",
"pubkey": "857f2f78dc1639e711f5ea703a9fc978e22ebd279abdea1861b7daa833512ee4",
"created_at": 1686104714,
"kind": 1,
"tags": [
[
"e",
"c5d8eb0720120c08594c588b2c728c7a4f1ca34d1ae4dfac6ef6225ba2d5a835",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "📅 Original date posted:2011-09-13\n🗒️ Summary of this message: Bitcoin's \"timejacking\" vulnerability allows miners to manipulate block timestamps, leading to difficulty adjustment issues. Fixing it requires addressing the \"what time is it\" code.\n📝 Original message:Background:\n\nTimejacking:\n http://culubas.blogspot.com/2011/05/timejacking-bitcoin_802.html\n\nAnd a recent related exploit launched against the low-difficulty\nalternative chains:\n https://bitcointalk.org/index.php?topic=43692.msg521772#msg521772\n\n\nSeems to me there are two fundamental problems:\n\n1) Bitcoin should be overlapping the ranges of block timestamps that\nit uses to calculate difficulty adjustments.\n\n2) Bitcoin's \"what time is it\" code is kind of a hack.\n\n\nFixing (1) would mean a potential block-chain split; before\nconsidering doing that I'd like to consider second-best solutions.\n\nFixing (2) is easier; incorporating a ntp library and/or simply\nremoving the bitcoin mining code from the client but requiring pools\nand miners to have accurate-to-within-a-minute system clocks (or their\nblocks will be \"discouraged\") seems reasonable to me. If you want to\nproduce blocks that the rest of the network will accept, run ntp on\nyour system.\n\nI THINK that fixing (2) will make (1) a non-issue-- if miners can't\nmess around with block times very much then it will be very difficult\nfor them to manipulate the difficulty for their benefit.\n\n-- \n--\nGavin Andresen",
"sig": "f7e1e88ee2bf1d64121957426fafa850f3d248394b95a745aaf528619bbbbdd66dc2f4a5c4e762f5d3bbd3623bf895b729f1d9c0edd7cf0ed7769690c038dd5b"
}