📅 Original date posted:2011-12-15
🗒️ Summary of this message: Using a publicly available alias system for Bitcoin addresses could be vulnerable to a DOS attack, consuming considerable resources over time. A solution is suggested to limit address changes.
📝 Original message:2011/12/15, Jordan Mack <jordanmack at parhelic.com>:
> I believe it is also worth mentioning the possible susceptibility of a
> DOS attack on a publicly available alias system. Assuming that an alias
> lookup triggers the creation of a new Bitcoin address, the private key
> would need to be retained indefinitely. If gone unnoticed, this could
> consume considerable resources over time. Unlike system logs and such,
> this is not something that can be so easily pruned.
You're right. Then servers should not use a different address with
every lookup. Maybe don't change it more than once per
min/hour/whatever, maybe wait to see a payment to that address to
start giving another one...
Jorge Timón [ARCHIVE] /
npub1fx…cl2d8
2023-06-07 02:47:12
in reply to nevent1q…kyjt
Author Public Key
npub1fx98zxt3lzspjs5f4msr0fxysx5euucm29ghysryju7vpc9j0jzqtcl2d8Published at
2023-06-07 02:47:12Event JSON
{
"id": "1eef07ed07ed7727beedd06e35e15518439f3c6c886d37f4ae1fd6014dcdc073",
"pubkey": "498a711971f8a0194289aee037a4c481a99e731b5151724064973cc0e0b27c84",
"created_at": 1686106032,
"kind": 1,
"tags": [
[
"e",
"f45e7ca88e6eb3dd1e645e8e3cbb476c5b24e8003cb71eebe205594bb2a4d152",
"",
"root"
],
[
"e",
"50878511c757f1354b1ac63d2916e69e1aacb67d8acfb4c50c9919825a993e4e",
"",
"reply"
],
[
"p",
"3900ae5aebfcedc10896ff09261ba18b16c6812fe8d8bea34333d56fdb4826d0"
]
],
"content": "📅 Original date posted:2011-12-15\n🗒️ Summary of this message: Using a publicly available alias system for Bitcoin addresses could be vulnerable to a DOS attack, consuming considerable resources over time. A solution is suggested to limit address changes.\n📝 Original message:2011/12/15, Jordan Mack \u003cjordanmack at parhelic.com\u003e:\n\u003e I believe it is also worth mentioning the possible susceptibility of a\n\u003e DOS attack on a publicly available alias system. Assuming that an alias\n\u003e lookup triggers the creation of a new Bitcoin address, the private key\n\u003e would need to be retained indefinitely. If gone unnoticed, this could\n\u003e consume considerable resources over time. Unlike system logs and such,\n\u003e this is not something that can be so easily pruned.\n\nYou're right. Then servers should not use a different address with\nevery lookup. Maybe don't change it more than once per\nmin/hour/whatever, maybe wait to see a payment to that address to\nstart giving another one...",
"sig": "2271f510eaac5e783ef90435d4a624fa3b74f5319e8b233ff8227c441d8a8c0f62894ade546a3ca137631cc2ce67ea07827f9e19ee8ec37064987da3b03f383c"
}