π
Original date posted:2014-07-28
π Original message:On Mon, 28 Jul 2014 07:28:15 -0400, Peter Todd wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> I've got a bitcoin-only exit running myself and right now there is
> absolutely no traffic leaving it. If the traffic coming from that
> node
> was legit I'd expect some to be exiting my node too.
>
> Multiple people have confirmed the node is connected to an abnormally
> large % of the Bitcoin network. Looks like a Sybil attack to me,
> trying to hide behind a Tor exit node for plausible deniability.
I don't think Sybil attack is the right term for this.. there is only
one IP address.. one "identity".
I'm not even sure that this behaviour can be considered abuse.. it's
pretty much following the rules and maybe even improving the transaction
and block propagation.
As far as monitoring transaction origins someone could do that using
lots of different IPs instead of just one (more like an actual Sybil
attack rather than this non-Sybil attack).. and noone would be making a
fuss (and imo, probably someone does do that too as it would be useful
to capture a larger number of inbound connections).
Rob
Robert McKay [ARCHIVE] /
npub1t6β¦he2py
2023-06-07 15:24:31
in reply to nevent1qβ¦lpks
Author Public Key
npub1t6suh64e65qzzjtthffl6sa3cagp6k9usnx4qev4jsjzf7xud8psdhe2pyPublished at
2023-06-07 15:24:31Event JSON
{
"id": "12ee9e0f695ddc3720d13dae1239028b3c942676869bd5bd064dd65261a95e5b",
"pubkey": "5ea1cbeab9d50021496bba53fd43b1c7501d58bc84cd506595942424f8dc69c3",
"created_at": 1686151471,
"kind": 1,
"tags": [
[
"e",
"556378d03a8e62c4388c049b5fe0908804bedabb839e44fa587da4e1fcf8b478",
"",
"root"
],
[
"e",
"a5a5f5b877403a670994c60b176e634d08e3800355661a7542ab7975eab833fa",
"",
"reply"
],
[
"p",
"daa2fc676a25e3b5b45644540bcbd1e1168b111427cd0e3cf19c56194fb231aa"
]
],
"content": "π
Original date posted:2014-07-28\nπ Original message:On Mon, 28 Jul 2014 07:28:15 -0400, Peter Todd wrote:\n\u003e -----BEGIN PGP SIGNED MESSAGE-----\n\u003e Hash: SHA256\n\u003e\n\u003e I've got a bitcoin-only exit running myself and right now there is\n\u003e absolutely no traffic leaving it. If the traffic coming from that \n\u003e node\n\u003e was legit I'd expect some to be exiting my node too.\n\u003e\n\u003e Multiple people have confirmed the node is connected to an abnormally\n\u003e large % of the Bitcoin network. Looks like a Sybil attack to me,\n\u003e trying to hide behind a Tor exit node for plausible deniability.\n\nI don't think Sybil attack is the right term for this.. there is only \none IP address.. one \"identity\".\n\nI'm not even sure that this behaviour can be considered abuse.. it's \npretty much following the rules and maybe even improving the transaction \nand block propagation.\n\nAs far as monitoring transaction origins someone could do that using \nlots of different IPs instead of just one (more like an actual Sybil \nattack rather than this non-Sybil attack).. and noone would be making a \nfuss (and imo, probably someone does do that too as it would be useful \nto capture a larger number of inbound connections).\n\nRob",
"sig": "807ef90c001231bd45b3c8bfe339932bf123b0415e1c29e1c10774171b29a06b04a57631308c170e16f65b758ac3920fb71055bc1e2b1e64d66ea65dee6672a4"
}