📅 Original date posted:2021-05-25
📝 Original message:> It seems to me bitcoin's biggest vulnerabilities are either covert
compromise of mining pool operations, or widespread compromise of networked
mining systems and client node
Stratum v2 will solve the mining pool problem. Widespread compromise of
mining systems seems far fetched. That would involve compromising hundreds
of thousands or perhaps millions of systems in disparate areas with
disparate operating systems and security procedures, run by people who
probably understand computer security better than most (given their
involvement in bitcoin).
I think the biggest vulnerability bitcoin has is a sybil attack draining
the resources of public full nodes. We only have like 10,000 public full
nodes serving the whole network. It wouldn't take that much money to create
a sybil botnet of 100,000 or 1 million nodes that connect to the bitcoin
network and simply take up public node resources, denying service to most
people's full nodes.
> I don't see why it would necessarily be made public if a government
compromised their nation's mining farms. Governments have skilled
operatives for things like that.
Skilled operatives have their limits. It could be kept secret if spies were
hired as employees and then systematically infected all the machines in a
mining operation's machines. But spies aren't magic, no matter how skilled.
One mistake and the jig is up. It would be more likely to be a backroom
deal, which would be harder to keep secret, especially in large operations.
Propaganda has its limits too, sure you could convince some people things
are fine, but sophisticated people like miners? I doubt it.
On Mon, May 24, 2021 at 2:55 PM Karl <gmkarl at gmail.com> wrote:
> If bitcoin were to ever consider changing their PoW algorithm a
> little, it seems that would immediately make purchased ASIC mining
> equipment partially or wholly unusable to compromise the chain (and
> temporarily reduce energy usage without necessarily reducing
> security). One possible plan to deter a multibillionaire attack.
>
> Also regarding the word "security" here, a 51% attack impacts some
> parts of chain operations, but not others.
>
> It seems to me bitcoin's biggest vulnerabilities are either covert
> compromise of mining pool operations, or widespread compromise of
> networked mining systems and client nodes. Far easier than
> outcompeting the mining network with hardware.
>
> I don't see why it would necessarily be made public if a government
> compromised their nation's mining farms. Governments have skilled
> operatives for things like that. People would guess it happened, and
> the government would cover up the guesses with more powerful stories.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20210524/e1b2cfe8/attachment.html>;
Billy Tetrud [ARCHIVE] /
npub1xq…tcnns
2023-06-07 22:54:00
in reply to nevent1q…3sjs
Author Public Key
npub1xqcwcttsyk0a64d63crrwsxp88pa42np37rw87hrfn4uku78g2aqltcnnsPublished at
2023-06-07 22:54:00Event JSON
{
"id": "cdb0b0b04cc0a810e9314431532149fedefba4f49e5574a2cea5e2626d921ecc",
"pubkey": "3030ec2d70259fdd55ba8e063740c139c3daaa618f86e3fae34cebcb73c742ba",
"created_at": 1686178440,
"kind": 1,
"tags": [
[
"e",
"8d0bb826177b41e659f5c566e77dba9a56fdda22bffca10ac52303253ee51896",
"",
"root"
],
[
"e",
"bc301c321ba10d0a9adb5a313d693fdd501e0c34f6e2858a8990cade2d6a352d",
"",
"reply"
],
[
"p",
"7dd8d45fe2b4e06f9e654df2cdc6f8d0428b6e7797de6f14a5b93f3de3719707"
]
],
"content": "📅 Original date posted:2021-05-25\n📝 Original message:\u003e It seems to me bitcoin's biggest vulnerabilities are either covert\ncompromise of mining pool operations, or widespread compromise of networked\nmining systems and client node\n\nStratum v2 will solve the mining pool problem. Widespread compromise of\nmining systems seems far fetched. That would involve compromising hundreds\nof thousands or perhaps millions of systems in disparate areas with\ndisparate operating systems and security procedures, run by people who\nprobably understand computer security better than most (given their\ninvolvement in bitcoin).\n\nI think the biggest vulnerability bitcoin has is a sybil attack draining\nthe resources of public full nodes. We only have like 10,000 public full\nnodes serving the whole network. It wouldn't take that much money to create\na sybil botnet of 100,000 or 1 million nodes that connect to the bitcoin\nnetwork and simply take up public node resources, denying service to most\npeople's full nodes.\n\n\u003e I don't see why it would necessarily be made public if a government\ncompromised their nation's mining farms. Governments have skilled\noperatives for things like that.\n\nSkilled operatives have their limits. It could be kept secret if spies were\nhired as employees and then systematically infected all the machines in a\nmining operation's machines. But spies aren't magic, no matter how skilled.\nOne mistake and the jig is up. It would be more likely to be a backroom\ndeal, which would be harder to keep secret, especially in large operations.\nPropaganda has its limits too, sure you could convince some people things\nare fine, but sophisticated people like miners? I doubt it.\n\n\n\nOn Mon, May 24, 2021 at 2:55 PM Karl \u003cgmkarl at gmail.com\u003e wrote:\n\n\u003e If bitcoin were to ever consider changing their PoW algorithm a\n\u003e little, it seems that would immediately make purchased ASIC mining\n\u003e equipment partially or wholly unusable to compromise the chain (and\n\u003e temporarily reduce energy usage without necessarily reducing\n\u003e security). One possible plan to deter a multibillionaire attack.\n\u003e\n\u003e Also regarding the word \"security\" here, a 51% attack impacts some\n\u003e parts of chain operations, but not others.\n\u003e\n\u003e It seems to me bitcoin's biggest vulnerabilities are either covert\n\u003e compromise of mining pool operations, or widespread compromise of\n\u003e networked mining systems and client nodes. Far easier than\n\u003e outcompeting the mining network with hardware.\n\u003e\n\u003e I don't see why it would necessarily be made public if a government\n\u003e compromised their nation's mining farms. Governments have skilled\n\u003e operatives for things like that. People would guess it happened, and\n\u003e the government would cover up the guesses with more powerful stories.\n\u003e\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20210524/e1b2cfe8/attachment.html\u003e",
"sig": "3512c208891029117ae21d0087fccdf5669fd7f243e17de80df7ec0abf98fd6bcae90464c2f3c91b5708ca2cd221d038e61b68e3ae5eb03d79b227d54530f3b6"
}