<?xml version="1.0" encoding="UTF-8"?>
<feed xmlns="http://www.w3.org/2005/Atom">
  <updated>2023-06-09T12:22:02Z</updated>
  <generator>https://njump.me</generator>

  <title>Nostr notes by Braydon Fuller [ARCHIVE]</title>
  <author>
    <name>Braydon Fuller [ARCHIVE]</name>
  </author>
  <link rel="self" type="application/atom+xml" href="https://njump.me/npub1fx2eyw7avet7dut0slazcehwvrrlhjp2u9jc9zd92l7nexpxeahs4xxtaa.rss" />
  <link href="https://njump.me/npub1fx2eyw7avet7dut0slazcehwvrrlhjp2u9jc9zd92l7nexpxeahs4xxtaa" />
  <id>https://njump.me/npub1fx2eyw7avet7dut0slazcehwvrrlhjp2u9jc9zd92l7nexpxeahs4xxtaa</id>
  <icon></icon>
  <logo></logo>




  <entry>
    <id>https://njump.me/nevent1qqsfm60ux36dtkqqt94s753hzdvh4sh0s3lwk07zc83y539q85xsg3szypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7yguzqk</id>
    
      <title type="html">📅 Original date posted:2020-05-08 📝 Original message: On ...</title>
    
    <link rel="alternate" href="https://njump.me/nevent1qqsfm60ux36dtkqqt94s753hzdvh4sh0s3lwk07zc83y539q85xsg3szypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7yguzqk" />
    <content type="html">
      In reply to &lt;a href=&#39;/nevent1qqsyw024rf9grm6tjalrrqcdstjaf2scv8kcz8hfpgsj5054w0hr2ygaadlhw&#39;&gt;nevent1q…dlhw&lt;/a&gt;&lt;br/&gt;_________________________&lt;br/&gt;&lt;br/&gt;📅 Original date posted:2020-05-08&lt;br/&gt;📝 Original message:&lt;br/&gt;On 5/6/20 9:07 PM, Keagan McClelland wrote:&lt;br/&gt;&lt;br/&gt;&amp;gt; I think that one of the solutions here is to have light clients choose&lt;br/&gt;&amp;gt; their full node tethers explicitly. Even if you think it is unrealistic to&lt;br/&gt;&amp;gt; have everyone run their own node (fwiw, I don’t), there is still a trust&lt;br/&gt;&amp;gt; model where you can pick your trusted source.&lt;br/&gt;&amp;gt;&lt;br/&gt;&amp;gt; This way you could have many light clients working off of a family node,&lt;br/&gt;&amp;gt; and the peer services could be limited to some sort of “authenticated”&lt;br/&gt;&amp;gt; peers. Perhaps this is better accomplished over the RPC interface in Core,&lt;br/&gt;&amp;gt; but the idea is to have some sort of peer service model between “full&lt;br/&gt;&amp;gt; public” and “owner only”. This limits the amount of costs that can be&lt;br/&gt;&amp;gt; properly externalized, without exposing risk of consensus capture by&lt;br/&gt;&amp;gt; economically weighty institutions.&lt;br/&gt;&lt;br/&gt;The RPC interface in Bitcoin Core, and others, is not great for this&lt;br/&gt;because it exposes a lot of functionality that isn&amp;#39;t necessary and&lt;br/&gt;introduces risks. For example the `gettxoutsetinfo` can start a very&lt;br/&gt;intensive CPU and disk I/O task. There are several others, for example:&lt;br/&gt;`stop`, `addnode`, `clearbanned`, `setban`, and etc. Furthermore reading&lt;br/&gt;full raw blocks isn&amp;#39;t very efficient with JSON. Electrum servers (e.g&lt;br/&gt;electrs) for example read blocks from disk instead and use the RPC&lt;br/&gt;interface to sync headers. Though, Electrum servers also have a risk of&lt;br/&gt;DoS with addresses that have many transactions, see the `--txid-limit`&lt;br/&gt;option [2].&lt;br/&gt;&lt;br/&gt;[1]:&lt;br/&gt;&lt;a href=&#34;https://github.com/bitcoin/bitcoin/blob/5b24f6084ede92d0f493ff416b4726245140b2c1/src/rpc/blockchain.cpp#L954-L956&#34;&gt;https://github.com/bitcoin/bitcoin/blob/5b24f6084ede92d0f493ff416b4726245140b2c1/src/rpc/blockchain.cpp#L954-L956&lt;/a&gt;&lt;br/&gt;[2]:&lt;br/&gt;&lt;a href=&#34;https://github.com/romanz/electrs/blob/f0a7a325af495ecbc152c0866550dc300011779b/src/query.rs#L284-L289&#34;&gt;https://github.com/romanz/electrs/blob/f0a7a325af495ecbc152c0866550dc300011779b/src/query.rs#L284-L289&lt;/a&gt;
    </content>
    <updated>2023-06-09T13:00:12Z</updated>
  </entry>

  <entry>
    <id>https://njump.me/nevent1qqstxu880pcmdtgtnwuj5nsnxm3wvqnm7rm66e85e3pvj7xsh9wa3hszypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k78et2rn</id>
    
      <title type="html">📅 Original date posted:2020-09-09 📝 Original message:Hi ...</title>
    
    <link rel="alternate" href="https://njump.me/nevent1qqstxu880pcmdtgtnwuj5nsnxm3wvqnm7rm66e85e3pvj7xsh9wa3hszypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k78et2rn" />
    <content type="html">
      In reply to &lt;a href=&#39;/nevent1qqsrnhxxmtvs2k9sjanyxmmd6yvnrcjc63xlzedfljaksw2zk633dhqpqat8u&#39;&gt;nevent1q…at8u&lt;/a&gt;&lt;br/&gt;_________________________&lt;br/&gt;&lt;br/&gt;📅 Original date posted:2020-09-09&lt;br/&gt;📝 Original message:Hi everyone:&lt;br/&gt;&lt;br/&gt;We would like to share a paper and website for CVE-2018-17145 that was&lt;br/&gt;found in mid-2018.&lt;br/&gt;&lt;br/&gt;There was an easily exploitable uncontrolled memory resource consumption&lt;br/&gt;denial-of-service vulnerability that existed in the peer-to-peer network&lt;br/&gt;code of three implementations of Bitcoin and several alternative chains.&lt;br/&gt;&lt;br/&gt;For more details please see:&lt;br/&gt;&lt;a href=&#34;https://invdos.net/&#34;&gt;https://invdos.net/&lt;/a&gt;&lt;br/&gt;&lt;br/&gt;For the paper:&lt;br/&gt;&lt;a href=&#34;https://invdos.net/paper/CVE-2018-17145.pdf&#34;&gt;https://invdos.net/paper/CVE-2018-17145.pdf&lt;/a&gt;&lt;br/&gt;&lt;br/&gt;Best,&lt;br/&gt;Braydon Fuller
    </content>
    <updated>2023-06-07T18:26:47Z</updated>
  </entry>

  <entry>
    <id>https://njump.me/nevent1qqsdmq84ftja096c30chzaz3gvefvfvhjch8k8nhtn6v58j45w8elcszypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7993hvf</id>
    
      <title type="html">📅 Original date posted:2020-05-08 📝 Original message:On ...</title>
    
    <link rel="alternate" href="https://njump.me/nevent1qqsdmq84ftja096c30chzaz3gvefvfvhjch8k8nhtn6v58j45w8elcszypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7993hvf" />
    <content type="html">
      In reply to &lt;a href=&#39;/nevent1qqsq20q6j2nd78xzeultgl8xx4v8jchrqt5927a7y5rf48ppz45skrcrvsqrs&#39;&gt;nevent1q…sqrs&lt;/a&gt;&lt;br/&gt;_________________________&lt;br/&gt;&lt;br/&gt;📅 Original date posted:2020-05-08&lt;br/&gt;📝 Original message:On 5/8/20 1:01 PM, Keagan McClelland wrote:&lt;br/&gt;&lt;br/&gt;&amp;gt;&amp;gt; The RPC interface in Bitcoin Core, and others, is not great for this&lt;br/&gt;&amp;gt;&amp;gt; because it exposes a lot of functionality that isn&amp;#39;t necessary and&lt;br/&gt;&amp;gt;&amp;gt; introduces risks.&lt;br/&gt;&amp;gt; This is actually somewhat my point. If the RPC interface was good for this&lt;br/&gt;&amp;gt; and *didn&amp;#39;t* introduce risks, we could just use that and be done with it.&lt;br/&gt;&amp;gt; But I&amp;#39;m finding there are many use cases that you want to have low cost&lt;br/&gt;&amp;gt; ways to serve peer services to people whom you have given explicit&lt;br/&gt;&amp;gt; permission, but they shouldn&amp;#39;t have full ability to administrate the node.&lt;br/&gt;&amp;gt;&lt;br/&gt;&amp;gt; Perhaps I wasn&amp;#39;t explicit in my previous note but what I mean is that there&lt;br/&gt;&amp;gt; seems to be a demand for something *in between* a peer interface, and an&lt;br/&gt;&amp;gt; owner interface. I have little opinion as to whether this belongs in core&lt;br/&gt;&amp;gt; or not, I think there are much more experienced folks who can weight in on&lt;br/&gt;&amp;gt; that, but without something like this, you cannot limit your exposure for&lt;br/&gt;&amp;gt; serving something like bip157 filters without removing your own ability to&lt;br/&gt;&amp;gt; make use of some of those same services.&lt;br/&gt;&lt;br/&gt;An idea I was thinking about was having three ports for a full node:&lt;br/&gt;&lt;br/&gt;1) Consensus bitcoin protocol. This is the existing peer-to-peer&lt;br/&gt;protocol without additional services.&lt;br/&gt;2) Wallet services protocol. Adds additional functionality for wallets.&lt;br/&gt;For example bloom filtering, compact block filters, and potentially&lt;br/&gt;output and address indexes for electrum-like support. It&amp;#39;s nearly&lt;br/&gt;identical to the consensus peer-to-peer protocol, supporting the same&lt;br/&gt;wire format. As it&amp;#39;s on another port, various middleware could be added&lt;br/&gt;to support various authentication and transports.&lt;br/&gt;3) Control interface. This is the existing JSON-RPC interface, without&lt;br/&gt;all wallet related RPC methods.
    </content>
    <updated>2023-06-07T18:24:24Z</updated>
  </entry>

  <entry>
    <id>https://njump.me/nevent1qqsv06cagj0ter7gn6lw44k857hweshzvktgf60n2a3t5vtfwnexueczypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7few3jr</id>
    
      <title type="html">📅 Original date posted:2020-05-08 📝 Original message:On ...</title>
    
    <link rel="alternate" href="https://njump.me/nevent1qqsv06cagj0ter7gn6lw44k857hweshzvktgf60n2a3t5vtfwnexueczypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7few3jr" />
    <content type="html">
      In reply to &lt;a href=&#39;/nevent1qqsgfq7a9ycpfp2734wjwyr4lfkkua4l52jmvu92ezl75r3v4zg4zsswwqff3&#39;&gt;nevent1q…qff3&lt;/a&gt;&lt;br/&gt;_________________________&lt;br/&gt;&lt;br/&gt;📅 Original date posted:2020-05-08&lt;br/&gt;📝 Original message:On 5/6/20 9:07 PM, Keagan McClelland wrote:&lt;br/&gt;&lt;br/&gt;&amp;gt; I think that one of the solutions here is to have light clients choose&lt;br/&gt;&amp;gt; their full node tethers explicitly. Even if you think it is unrealistic to&lt;br/&gt;&amp;gt; have everyone run their own node (fwiw, I don’t), there is still a trust&lt;br/&gt;&amp;gt; model where you can pick your trusted source.&lt;br/&gt;&amp;gt;&lt;br/&gt;&amp;gt; This way you could have many light clients working off of a family node,&lt;br/&gt;&amp;gt; and the peer services could be limited to some sort of “authenticated”&lt;br/&gt;&amp;gt; peers. Perhaps this is better accomplished over the RPC interface in Core,&lt;br/&gt;&amp;gt; but the idea is to have some sort of peer service model between “full&lt;br/&gt;&amp;gt; public” and “owner only”. This limits the amount of costs that can be&lt;br/&gt;&amp;gt; properly externalized, without exposing risk of consensus capture by&lt;br/&gt;&amp;gt; economically weighty institutions.&lt;br/&gt;&lt;br/&gt;The RPC interface in Bitcoin Core, and others, is not great for this&lt;br/&gt;because it exposes a lot of functionality that isn&amp;#39;t necessary and&lt;br/&gt;introduces risks. For example the `gettxoutsetinfo` can start a very&lt;br/&gt;intensive CPU and disk I/O task. There are several others, for example:&lt;br/&gt;`stop`, `addnode`, `clearbanned`, `setban`, and etc. Furthermore reading&lt;br/&gt;full raw blocks isn&amp;#39;t very efficient with JSON. Electrum servers (e.g&lt;br/&gt;electrs) for example read blocks from disk instead and use the RPC&lt;br/&gt;interface to sync headers. Though, Electrum servers also have a risk of&lt;br/&gt;DoS with addresses that have many transactions, see the `--txid-limit`&lt;br/&gt;option [2].&lt;br/&gt;&lt;br/&gt;[1]:&lt;br/&gt;&lt;a href=&#34;https://github.com/bitcoin/bitcoin/blob/5b24f6084ede92d0f493ff416b4726245140b2c1/src/rpc/blockchain.cpp#L954-L956&#34;&gt;https://github.com/bitcoin/bitcoin/blob/5b24f6084ede92d0f493ff416b4726245140b2c1/src/rpc/blockchain.cpp#L954-L956&lt;/a&gt;&lt;br/&gt;[2]:&lt;br/&gt;&lt;a href=&#34;https://github.com/romanz/electrs/blob/f0a7a325af495ecbc152c0866550dc300011779b/src/query.rs#L284-L289&#34;&gt;https://github.com/romanz/electrs/blob/f0a7a325af495ecbc152c0866550dc300011779b/src/query.rs#L284-L289&lt;/a&gt;
    </content>
    <updated>2023-06-07T18:24:24Z</updated>
  </entry>

  <entry>
    <id>https://njump.me/nevent1qqs0c6kvh7g862et9nfmnm7n0uztqwgteqjvm7yxwls0pdsr4542tvgzypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7mxtl6h</id>
    
      <title type="html">📅 Original date posted:2019-10-11 📝 Original message:On ...</title>
    
    <link rel="alternate" href="https://njump.me/nevent1qqs0c6kvh7g862et9nfmnm7n0uztqwgteqjvm7yxwls0pdsr4542tvgzypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7mxtl6h" />
    <content type="html">
      In reply to &lt;a href=&#39;/nevent1qqsy3dsszn94wm2lkdqjkj2ttd4g73gzqmrsqeednv72xmdcfaz3auqq2wdv8&#39;&gt;nevent1q…wdv8&lt;/a&gt;&lt;br/&gt;_________________________&lt;br/&gt;&lt;br/&gt;📅 Original date posted:2019-10-11&lt;br/&gt;📝 Original message:On 10/4/19 1:20 AM, David A. Harding wrote:&lt;br/&gt;&lt;br/&gt;&amp;gt; On Thu, Oct 03, 2019 at 05:38:36PM -0700, Braydon Fuller via bitcoin-dev wrote:&lt;br/&gt;&amp;gt;&amp;gt; This paper describes a solution [to DoS attacks] that does not&lt;br/&gt;&amp;gt;&amp;gt; require enabling or maintaining checkpoints and provides improved security.&lt;br/&gt;&amp;gt;&amp;gt; [...] &lt;br/&gt;&amp;gt;&amp;gt; The paper is available at:&lt;br/&gt;&amp;gt;&amp;gt; &lt;a href=&#34;https://bcoin.io/papers/bitcoin-chain-expansion.pdf&#34;&gt;https://bcoin.io/papers/bitcoin-chain-expansion.pdf&lt;/a&gt;&lt;br/&gt;&amp;gt; Hi Braydon,&lt;br/&gt;&amp;gt;&lt;br/&gt;&amp;gt; Thank you for researching this important issue.  An alternative solution&lt;br/&gt;&amp;gt; proposed some time ago (I believe originally by Gregory Maxwell) was a&lt;br/&gt;&amp;gt; soft fork to raise the minimum difficulty.  You can find discussion of&lt;br/&gt;&amp;gt; it in various old IRC conversations[1,2] as well as in related changes&lt;br/&gt;&amp;gt; to Bitcoin Core such as PR #9053 addining minimum chain work[3] and the&lt;br/&gt;&amp;gt; assumed-valid change added in Bitcoin Core 0.14.0[4].&lt;br/&gt;&amp;gt;&lt;br/&gt;&amp;gt; [1] &lt;a href=&#34;http://www.erisian.com.au/meetbot/bitcoin-core-dev/2016/bitcoin-core-dev.2016-10-27-19.01.log.html#l-121&#34;&gt;http://www.erisian.com.au/meetbot/bitcoin-core-dev/2016/bitcoin-core-dev.2016-10-27-19.01.log.html#l-121&lt;/a&gt;&lt;br/&gt;&amp;gt; [2] &lt;a href=&#34;http://www.erisian.com.au/meetbot/bitcoin-core-dev/2017/bitcoin-core-dev.2017-03-02-19.01.log.html#l-57&#34;&gt;http://www.erisian.com.au/meetbot/bitcoin-core-dev/2017/bitcoin-core-dev.2017-03-02-19.01.log.html#l-57&lt;/a&gt;&lt;br/&gt;&amp;gt; [3] &lt;a href=&#34;https://github.com/bitcoin/bitcoin/pull/9053/commits/fd46136dfaf68a7046cf7b8693824d73ac6b1caf&#34;&gt;https://github.com/bitcoin/bitcoin/pull/9053/commits/fd46136dfaf68a7046cf7b8693824d73ac6b1caf&lt;/a&gt;&lt;br/&gt;&amp;gt; [4] &lt;a href=&#34;https://bitcoincore.org/en/2017/03/08/release-0.14.0/#assumed-valid-blocks&#34;&gt;https://bitcoincore.org/en/2017/03/08/release-0.14.0/#assumed-valid-blocks&lt;/a&gt;&lt;br/&gt;&amp;gt;&lt;br/&gt;Okay, here is an overview of what I have found for the minimum&lt;br/&gt;difficulty proposal:&lt;br/&gt;&lt;br/&gt;It describes having a new consensus rule to not fork or accept headers&lt;br/&gt;prior to, or below, a minimum difficulty once the best chain work is&lt;br/&gt;achieved at release time of the software. This would be instead of the&lt;br/&gt;rule to not fork before the last checkpoint, as checkpoints are removed.&lt;br/&gt;&lt;br/&gt;It has an advantage to the existing checkpoint solution as it does not&lt;br/&gt;require checkpoints to be enabled. This is not a surprise as the&lt;br/&gt;proposal was to remove checkpoints entirely. It would increase the cost&lt;br/&gt;of the attack without checkpoints. Long header chains would need to be&lt;br/&gt;built using this minimum difficulty, instead of the current lowest&lt;br/&gt;difficulty of the genesis block. The exact cost of that is not yet&lt;br/&gt;calculated.&lt;br/&gt;&lt;br/&gt;There are a few caveats with the approach mentioned; nodes are&lt;br/&gt;vulnerable if the initial loader peer is the attacker, it could leave&lt;br/&gt;minority hashpower without an ability to softfork away during a&lt;br/&gt;contentious hardfork, and requires period consensus changes to continue&lt;br/&gt;to maintain:&lt;br/&gt;  - Nodes are vulnerable during the initial sync when joining the&lt;br/&gt;network until the minimum chainwork is achieved. This is possible if the&lt;br/&gt;loader peer is the attacker. To mitigate this there would need to be a&lt;br/&gt;minimum chainwork defined based on the current chainwork. However, such&lt;br/&gt;could also be used to prevent nodes from joining the network as it&amp;#39;s&lt;br/&gt;rejecting rather that throttling.&lt;br/&gt;  - A contentious hardfork could leave a minority hashpower without an&lt;br/&gt;ability to softfork away without agreeing on a hardfork. This was the&lt;br/&gt;reason why the minimum difficulty was about 10 devices instead of 10,000.&lt;br/&gt;  - It&amp;#39;s technically a consensus change each time the minimum difficulty&lt;br/&gt;or best chainwork is updated. It is a similar consensus change as&lt;br/&gt;maintaining the last checkpoint, as it&amp;#39;s used to prevent forking prior&lt;br/&gt;to the last checkpoint.&lt;br/&gt;&lt;br/&gt;I think the solution proposed in the Bitcoin Chain Width Expansion paper&lt;br/&gt;solves those issues by limiting chain width and throttling based on&lt;br/&gt;chainwork, instead of rejecting blocks based on the minimum difficulty.
    </content>
    <updated>2023-06-07T18:21:01Z</updated>
  </entry>

  <entry>
    <id>https://njump.me/nevent1qqs98ryw5nmr9fvuhqrqn9ndup6hvt3na4nvvnn36zes67yaxkuq0kgzypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7msp064</id>
    
      <title type="html">📅 Original date posted:2019-10-03 📝 Original message:Hi ...</title>
    
    <link rel="alternate" href="https://njump.me/nevent1qqs98ryw5nmr9fvuhqrqn9ndup6hvt3na4nvvnn36zes67yaxkuq0kgzypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7msp064" />
    <content type="html">
      In reply to &lt;a href=&#39;/nevent1qqs2nf538ahujyu0u74tz6ww996wduyt7jn4e4v33tl2qacthl3vxtcdxwlrw&#39;&gt;nevent1q…wlrw&lt;/a&gt;&lt;br/&gt;_________________________&lt;br/&gt;&lt;br/&gt;📅 Original date posted:2019-10-03&lt;br/&gt;📝 Original message:Hi everyone,&lt;br/&gt;&lt;br/&gt;We would like to share a paper for broad discussion, it is titled&lt;br/&gt;&amp;#34;Bitcoin Chain Width Expansion Denial-of-Service Attacks&amp;#34;.&lt;br/&gt;&lt;br/&gt;&amp;gt;From the abstract: The attacks leverage unprotected resources for a&lt;br/&gt;denial-of-service by filling the disk and exhausting the CPU with&lt;br/&gt;unnecessary header and block data. This forces the node to halt&lt;br/&gt;operation. The attack difficulty ranges from difficult to easy. There&lt;br/&gt;are currently limited guards for some of the attacks that require&lt;br/&gt;checkpoints to be enabled. This paper describes a solution that does not&lt;br/&gt;require enabling or maintaining checkpoints and provides improved security.&lt;br/&gt;&lt;br/&gt;As the checkpoints in Bitcoin Core have not been maintained or updated&lt;br/&gt;since mid 2014, this is especially relevant. Bitcoin Core implements&lt;br/&gt;headers-first synchronization, since 2014, that provides the base for&lt;br/&gt;the further improvements upon that design.&lt;br/&gt;&lt;br/&gt;The paper is available at:&lt;br/&gt;&lt;a href=&#34;https://bcoin.io/papers/bitcoin-chain-expansion.pdf&#34;&gt;https://bcoin.io/papers/bitcoin-chain-expansion.pdf&lt;/a&gt;&lt;br/&gt;&lt;br/&gt;The proposed solution has been implemented in Bcoin and is available at:&lt;br/&gt;&lt;a href=&#34;https://github.com/bcoin-org/bcoin/tree/chain-expansion&#34;&gt;https://github.com/bcoin-org/bcoin/tree/chain-expansion&lt;/a&gt;&lt;br/&gt;&lt;br/&gt;Best,&lt;br/&gt;Braydon Fuller
    </content>
    <updated>2023-06-07T18:21:01Z</updated>
  </entry>

  <entry>
    <id>https://njump.me/nevent1qqsy3dsszn94wm2lkdqjkj2ttd4g73gzqmrsqeednv72xmdcfaz3auqzypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7hgje8w</id>
    
      <title type="html">📅 Original date posted:2019-10-04 📝 Original message:On ...</title>
    
    <link rel="alternate" href="https://njump.me/nevent1qqsy3dsszn94wm2lkdqjkj2ttd4g73gzqmrsqeednv72xmdcfaz3auqzypyety3mm4n90eh3d7rl5trxaesv077g9tsktq5f54tl60ycym8k7hgje8w" />
    <content type="html">
      In reply to &lt;a href=&#39;/nevent1qqsgn4y0tx3ct8juqf9rrevlz8af4mr3k72p0ewlgkaah0v90wrap5q9fyy4z&#39;&gt;nevent1q…yy4z&lt;/a&gt;&lt;br/&gt;_________________________&lt;br/&gt;&lt;br/&gt;📅 Original date posted:2019-10-04&lt;br/&gt;📝 Original message:On 10/4/19 1:20 AM, David A. Harding wrote:&lt;br/&gt;&lt;br/&gt;&amp;gt; On Thu, Oct 03, 2019 at 05:38:36PM -0700, Braydon Fuller via bitcoin-dev wrote:&lt;br/&gt;&amp;gt;&amp;gt; This paper describes a solution [to DoS attacks] that does not&lt;br/&gt;&amp;gt;&amp;gt; require enabling or maintaining checkpoints and provides improved security.&lt;br/&gt;&amp;gt;&amp;gt; [...] &lt;br/&gt;&amp;gt;&amp;gt; The paper is available at:&lt;br/&gt;&amp;gt;&amp;gt; &lt;a href=&#34;https://bcoin.io/papers/bitcoin-chain-expansion.pdf&#34;&gt;https://bcoin.io/papers/bitcoin-chain-expansion.pdf&lt;/a&gt;&lt;br/&gt;&amp;gt; [..] But I worry that the mechanisms could also be used to keep a node that&lt;br/&gt;&amp;gt; synced to a long-but-lower-PoW chain on that false chain (or other false&lt;br/&gt;&amp;gt; chain) indefinitely even if it had connections to honest peers that&lt;br/&gt;&amp;gt; tried to tell it about the most-PoW chain.&lt;br/&gt;&lt;br/&gt;Here is an example: An attacker eclipses a target node during the&lt;br/&gt;initial block download; all of the target&amp;#39;s outgoing peers are the&lt;br/&gt;attacker. The attacker has a low work chain that is sent to the target.&lt;br/&gt;The total chainwork for the low work chain is 0x09104210421039 at a&lt;br/&gt;height of 593,975. The target is now in the state of a fully validated&lt;br/&gt;low work dishonest chain. The target node then connects to an honest&lt;br/&gt;peer and learns about the honest chain. The chainwork of the honest&lt;br/&gt;chain is 0x085b67d9e07a751e53679d68 at a height of 593,975. The first&lt;br/&gt;69,500 headers of the honest chain would have a delay, however the&lt;br/&gt;remaining 52,4475 would not be delayed. Given a maximum of 5 seconds,&lt;br/&gt;this would be a total delay of only 157 seconds.
    </content>
    <updated>2023-06-07T18:21:01Z</updated>
  </entry>

</feed>