đź“… Original date posted:2012-01-31
đź“ť Original message:On Mon, Jan 30, 2012 at 11:33 PM, Michael Hendricks <michael at ndrix.org> wrote:
> address manager point to the attacker. Â If a client has 8 connections
> to the network, a Sybil attack would succeed 1.7% of the time.
Meh, careful not to mixup addrman created issues with preexisting ones
simply related to the number of connections vs the number of nodes.
Even absent addressman someone who can spin up a large multiple of the
current nodes as tcp forwarders to a system they control can capture
all of a nodes outbound connections.
Increasing the number of outbound connections is a very bad solution
to this problem: It invites a tragedy of the commons: you get the
"best" security by setting your number as high as it will let you. Who
doesn't want security? Meanwhile we've come pretty close to running
out of open listening ports already in the past.
There is a much more scalable improvement for those concerned about
the sybil attack (I say those concerned because a sybil attack is not
that fatal in bitcoin— checkpoints prevent a total fantasy chain, it's
mostly but not entirely a DOS risk)...
The solution is to addnode a couple of (ideally) trusted nodes, or
failing the availability of trusted nodes, a few that you think are
unlikely to be mutually cooperating against you.
A single connection to the 'good' network kills isolation attacks
dead, so a couple carefully selected outbound connections its a more
secure remedy and one which doesn't explode the network.
Gregory Maxwell [ARCHIVE] /
npub1f2…crwet
2023-06-07 03:00:52
in reply to nevent1q…p0n9
Author Public Key
npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwetPublished at
2023-06-07 03:00:52Event JSON
{
"id": "49ed3a624005855017ab5723fa04e70b7a162f0cce6b41ba02ec61d29463e3bc",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686106852,
"kind": 1,
"tags": [
[
"e",
"c8cd18df3a4b91b5c814c19333fbefa9dd94a17bd1f2c1fb3e3d7e42339f0dfd",
"",
"root"
],
[
"e",
"6988735c5a4cdc05ec0ece3ba3c9ad446640854d6fcede41f0afb3f17ded9214",
"",
"reply"
],
[
"p",
"3415c93783a275488e5c6b38892170eaef07d76147cfa1af131b95577b903df7"
]
],
"content": "📅 Original date posted:2012-01-31\n📝 Original message:On Mon, Jan 30, 2012 at 11:33 PM, Michael Hendricks \u003cmichael at ndrix.org\u003e wrote:\n\u003e address manager point to the attacker.  If a client has 8 connections\n\u003e to the network, a Sybil attack would succeed 1.7% of the time.\n\nMeh, careful not to mixup addrman created issues with preexisting ones\nsimply related to the number of connections vs the number of nodes.\nEven absent addressman someone who can spin up a large multiple of the\ncurrent nodes as tcp forwarders to a system they control can capture\nall of a nodes outbound connections.\n\nIncreasing the number of outbound connections is a very bad solution\nto this problem: It invites a tragedy of the commons: you get the\n\"best\" security by setting your number as high as it will let you. Who\ndoesn't want security? Meanwhile we've come pretty close to running\nout of open listening ports already in the past.\n\nThere is a much more scalable improvement for those concerned about\nthe sybil attack (I say those concerned because a sybil attack is not\nthat fatal in bitcoin— checkpoints prevent a total fantasy chain, it's\nmostly but not entirely a DOS risk)...\n\nThe solution is to addnode a couple of (ideally) trusted nodes, or\nfailing the availability of trusted nodes, a few that you think are\nunlikely to be mutually cooperating against you.\n\nA single connection to the 'good' network kills isolation attacks\ndead, so a couple carefully selected outbound connections its a more\nsecure remedy and one which doesn't explode the network.",
"sig": "1530a906abcc6df56368558bf4fb83c196f8258de6cdd28afc91ef7556ce85e01bcb9669dcf76860127980f79854c98218a475e631dc424bef3f3a7b816302d5"
}