244
245

Bitcoin Transaction Stress Test Results -- 8 hours to clear backlog from 1 hour of transactions (May 29-30, 2015) (i.imgur.com)

hellobitcoinworld 投稿

全 192 件のコメント
並べ替え:
ベスト
トップ新着論争中古い順Q&A

[–]hellobitcoinworld[S] 56ポイント57ポイント  (92子コメント)

On May 29-30, 2015, a group of reddit members decided to do a transaction flood test of the bitcoin network. It was supposed to only last for 1 hour. The image in this post is taken from statoshi.com. It took about 8 hours to clear out the backlog of transactions.

This is intended to raise awareness about our system. What if this attack was maintained for more than a few hours?

Could the bitcoin network be flooded into unusability by simply maintaining this type of spam attack for a longer period of time?

As this reddit user stated:

20Mb blocks just make this attack 20x more expensive, which is still trivial to a true enemy of Bitcoin.

Forget 51% attacks. Flooding the network is far cheaper. We need protection against the ability to do this.

Serious question and concern.

[–]agentcash 33ポイント34ポイント  (44子コメント)

I sent over 12,000 transactions and it cost me ~2.4 BTC in fees which all went to miners who have financial interest in keeping the network secure and operating. Tell me again how redistributing an attacker's wealth to a defender is bad for the system.

[–]Synchronauto 4ポイント5ポイント  (6子コメント)

Forgive my ignorance, but could the network not be spammed with transactions with 0 fees attached, or the lowest possible fee, and the same problem of transaction backlog would occur, no?

Am I not correct in thinking that if you send bitcoin without a fee, it still usually gets processed?

[–]agentcash 2ポイント3ポイント  (2子コメント)

A transaction's priority is based on fee & velocity, so coins that haven't moved recently have a higher priority, and all the fast moving coins of an attacker would have lower priorities than zero-fee transactions with slower moving coins or transactions with fees.

[–]Synchronauto 0ポイント1ポイント  (0子コメント)

What does "velocity" mean in this instance? I've not heard the term in association with BTC transactions.

[–]darkenvy 0ポイント1ポイント  (0子コメント)

Does anyone know where I can find information of Bitcoin priority? How do miners see priority? What is the algorith? And at what output of that algorith is a threashold for it to say “accept”?

priority is a balance between fee and age. That is all I know. But surely there is a line graph illustrating age over fee?

[–]rydan 1ポイント2ポイント  (2子コメント)

It can but those won't be confirmed. I think this would expend memory and you won't get your coins back for something like a month. But you wouldn't be stopping other legit transactions from confirming since those people would be paying fees (I mean they should even if they aren't required to) and would thus have a higher priority.

[–]Synchronauto 0ポイント1ポイント  (1子コメント)

So miners can choose what to confirm and what not to confirm? Is there a setting in the mining software that says "don't process transactions with a fee less than X"? As a miner in a pool, I never saw anything like that, but I wonder if the pool owner has that control?

[–]interfect 0ポイント1ポイント  (0子コメント)

Yeah, the pool can set it to not accept low or no-fee transactions. And a node can even choose not to forward them, to prevent flooding the... transaction flooding algorithm.

[–]credibit 4ポイント5ポイント  (17子コメント)

Many believe that Bitcoin poses an existential threat to companies for whom the total amount spent on transaction fees is less than nothing.

[–]agentcash 3ポイント4ポイント  (16子コメント)

Less than nothing until you try and keep up such an attack 24/7, all the while your funds are going towards making your attack more difficult to maintain.

[–]ztsmart 1ポイント2ポイント  (0子コメント)

Sort of like throwing money into a black hole. You're just going to make the damn thing stronger.

[–]credibit 3ポイント4ポイント  (14子コメント)

You have no idea how much money banks have.

[–]gonzobon 11ポイント12ポイント  (10子コメント)

If they want to pump in 10 billion to bitcoin that's fine with me.

[–]hellobitcoinworld[S] 3ポイント4ポイント  (9子コメント)

Yes, just so long as the network doesn't grind to a standstill in the process of their doing so (I don't think it will come to that, but that's the method we're talking about here in this post)

[–]jhansen858 3ポイント4ポイント  (8子コメント)

Hey miners, huge mining fees this month only, and btw the price has just tripled. Act now!

[–]Taknopotin 2ポイント3ポイント  (7子コメント)

Wouldn't that cause the bitcoin entire economy to halt for a month too? Same effect, except you've saved the overflow attacker all the transaction fees now.

[–]jhansen858 2ポイント3ポイント  (1子コメント)

sure, but it would be stress testing the network, paying everyone to upgrade to the point the network could handle it. Some short term disruption wouldn't be enough to kill it at this point.

[–]allenpiscitello -4ポイント-3ポイント  (4子コメント)

Where is this "bitcoin economy" you speak of?

[–]nostdal_org 8ポイント9ポイント  (1子コメント)

This is correct; they have an unlimited amount of money (fiat), but they will need to purchase Bitcoin somewhere to pay the fees and Bitcoin is not unlimited.

..one can imagine what this would do to the price of Bitcoin over time. :) Also, they can only purchase (receive) Bitcoin to fund their attack(??) when the network is not under attack.

[–]bearjewpacabra -1ポイント0ポイント  (0子コメント)

By they I assume you might be inferring the state...if not you are implying a corporation of some form which is essentially the state(corporations could not and would not exist without the state, they are married at the hip...a match made in hell). 'They' do not need to buy, they can simply assault you, kidnap you, and put you in a cage and steal your bitcoin to use for their own purposes. This has already taken place. Many times over.

[–]rangeoflight 0ポイント1ポイント  (0子コメント)

Their lackeys have already pretty much killed bitcoin. But yes good to have many other ways to destroy it even more completely if they want.

[–]IkmoIkmo 1ポイント2ポイント  (0子コメント)

This combined with a market for fees: want to fill 100% capacity of 100mb blocks? Fine, but 100mb blocks means 8 terabytes or so of data every year, so you must pay for it. Filling 10% of the block and everyone can send money for 1 penny, but if 90% of the block is filled, you can still send for 1 penny but it'll be delayed to a later block, this block costs $1 a transaction.

Basically, increase capacity by a lot to allow more honest throughput, and create a higher bar to ddos, and then add a market to ramp up permanent money transfer from attackers to defenders to make ddosing prohibitively expensive.

It's far from perfect obviously, but what it is, is it's much better than sticking with a dumb ass 1mb block capacity for eternity and seeing that ddosed to hell and back.

[–]MistakeNotDotDotDot 3ポイント4ポイント  (14子コメント)

The 'defenders' aren't the miners, they're the people trying to actually send transactions. If the attacker can shut them out by spending $6M/day ($10/transaction * 7 tps * 86400 seconds/day), which is well within the realm of possibility for a large government, then it doesn't matter if the miners are profiting off of it.

[–]Taknopotin 3ポイント4ポイント  (0子コメント)

I'm reality, it wouldn't take this. You don't actually have to fill up all the slots/block or all the blocks. It creates a positive I feedback that would cascade on itself. I saw an interesting article on it the other day, but I don't remember if I found it here or buttcoin or elsewhere, so I may not be able to find it again.

Essentially, if you start congesting the network crazy amounts, like the 1 hr test did, you get huge delays downstream. This compounds the more you do it, more than directly proportional to your actions, at least partially because others will also be trying to do it, but also because if you were able to fill mempool, transactions would start getting completely lost or never propagate to the network.

This delay, and in some cases transactions-blindness would hinder legitimate uses of bitcoin enough that people who transact in it would suffer greatly. This leads to a loss of faith in the protocol/network, resulting in people fleeing. People fleeing causes a loss of value, which makes your attack even easier.

Edit: I remember the article specifically mentioning mempool, and the paraphrase of "can't even exchange my money for useful money now" ( referring to trying to sell bitcoin for USD or other money being blocked by transactions being lost or slowed beyond what anyone reasonably could accomadate)

[–]agentcash 8ポイント9ポイント  (7子コメント)

That $6M/ day is going into miners pockets who can then pay for outrageous upgrades to their infrastructure and cooperate with the core devs to increase block size further. It's a feedback loop the attacker cannot hope to fight.

[–]zonky -2ポイント-1ポイント  (0子コメント)

Bingo, what a sexy elegant system.

[–]MistakeNotDotDotDot 0ポイント1ポイント  (3子コメント)

That $6M/ day is going into miners pockets who can then pay for outrageous upgrades to their infrastructure and cooperate with the core devs to increase block size further.

Currently, the block reward is 25BTC. At 144 blocks/day and $250/BTC, that's $54M/day in block rewards. An extra $6M/day would hardly lead to 'outrageous upgrades'.

[–]agentcash 1ポイント2ポイント  (2子コメント)

There are not 8640 blocks a day. Try again.

[–]MistakeNotDotDotDot 0ポイント1ポイント  (1子コメント)

Well, fuck, I'm an idiot and messed up my conversion factors. There are 144 blocks in a day, so the block rewards sum to a little under $1M/day.

I still don't think it would lead to massive infrastructure upgrades; for one, that would only last as long as the attack was going on. Once it ended all that extra infrastructure would no longer be profitable (or else why weren't the miners onlining it in the first place?).

[–]agentcash 1ポイント2ポイント  (0子コメント)

As you can see $6 mil a day would be more than sex(woo!)tuple the amount miners are currently getting from block rewards. Plenty to cover outrageous upgrades.

The miners aren't bringing it online right now because it is currently not needed and the capital costs to run fatter internet pipes and build out SSD raid arrays aren't currently the optimal use of funds.

[–]rydan -1ポイント0ポイント  (1子コメント)

lol. Why would they sign Gavin's paycheck? Just because? They'll pocket the money and come up with other get rich quick schemes instead.

[–]agentcash 0ポイント1ポイント  (0子コメント)

I never said anything about signing his paycheck. I said they'd cooperate with the core devs to ensure a resilient system.

[–]btc-ftw 1ポイント2ポイント  (0子コメント)

Allow high fee txns to extend the block size beyond the default max proportionally to the txn fee. This allows high importance txns thru or forces the attacker to spend a huge amount of $ on txn fees.

Also if miners voluntarily chose to fill the first 2 MB (say) with the highest sum of 10 days destroyed then the attackers coins would be prioritized below most normal users pretty quickly.

[–]mikeyouse 1ポイント2ポイント  (0子コメント)

It's more like $2.5M/day since the average transaction size has increased with the expanded usage of multisig and multiple output addresses.. At current tx sizes, the network can only handle about 2.7TPS and falling..

[–]veroxii 0ポイント1ポイント  (0子コメント)

But you don't pay the fees in fiat. You pay it in bitcoin. If I wanted to buy a billion dollars worth or bitcoin tomorrow where would I get it? I'd wipe out all the exchange order books and still be way short.

Same here... if I need 6 million a day where do I get that from? For weeks or months on end? It would also sky rocket the price.

[–]Economist_hat 0ポイント1ポイント  (0子コメント)

Tell me again how redistributing an attacker's wealth to a defender is bad for the system.

They have a financial reason to mine blocks. They cannot process blocks faster because of the difficulty faster. By design.

[–]tetondon 0ポイント1ポイント  (0子コメント)

You shutdown the network for an hour for the low cost of $600.

I bet you think banks with billions of dollars to burn are afraid of bitcoin too.

[–]rydan -1ポイント0ポイント  (0子コメント)

By that logic feeding the whale bear was a good thing.

[–]statoshi 4ポイント5ポイント  (3子コメント)

It's worth noting that my mempool transaction stats are probably lower than the total number of unconfirmed transactions because those stats don't include orphaned transactions. I'm planning on adding an orphaned transaction metric soon.

[–]hellobitcoinworld[S] 1ポイント2ポイント  (2子コメント)

Yeah, it seems graphs displayed by places such as statoshi and blockchain just represent the known transactions for those particular node(s). I am curious about a report including the full number of transactions on the entire Bitcoin network.

Your site is great btw, statoshi.

[–]statoshi 4ポイント5ポイント  (1子コメント)

Thanks! This is a general problem with trying to monitor a decentralized network. To accurately capture all of the data you must listen to every node, which some people consider spammy / a resource hog. The only public service I'm aware of that does this is https://getaddr.bitnodes.io/

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

True, each viewpoint of the network only captures a portion of the entire network.

[–]williamdunne 6ポイント7ポイント  (37子コメント)

Step 1) Flood the network

Step 2) Force people to pay $1 a transaction to get them through quickly

Step 3) Your attack is now 20x more expensive.

[–]hellobitcoinworld[S] 9ポイント10ポイント  (34子コメント)

Step 3) Your attack is now 20x more expensive.

True. However, also:

Step 4) You've succeeding in making the Bitcoin network less useful because it's no longer 3~ cents per transaction, but $1 per transaction (as well as potentially taking longer confirm your transaction). The attacker's purpose to harm the network has won.

[–]cjmalloy 3ポイント4ポイント  (28子コメント)

How long could such an attack be maintained? They are just donating to miners unless the attack is continuous.

[–]hellobitcoinworld[S] 3ポイント4ポイント  (19子コメント)

How long could such an attack be maintained?

As long as there is funding for it. But it doesn't seem to be that expensive if a small group of Redditers can pull it off.

They are just donating to miners unless the attack is continuous.

Correct. Which is why if it were to be done as an attack, it would be continuous and without ceasing until the desired effect was caused. The cost would obviously be mathematically figured out by the attacker before begun.

Also, obviously, this kind of attack would devalue the very network they are attacking so the attacker would most likely not be someone within the bitcoin network, nor someone who had a lot of money to lose in bitcoin. It would likely be someone with vested interestes in destroying the network, like a competitor (SWIFT, Credit Card companies, PayPal, Federal Reserve, etc)

I'm speaking hypothetically of course, but I like to look at things from all angles.

[–]cjmalloy 12ポイント13ポイント  (9子コメント)

I don't think the incentives work out for an attack to be successful. An attacker is basically setting a floor for transaction cost. The higher the floor, the more expensive an attack. If there is currently ~2000 max transactions per block, to enforce a $1 fee floor the attacker might need to spend up to $2000 every 10 min, or ~$300k a day.

At $1 min fee bitcoin would still be valuable as a remittance service and store of value. Miners would love the extra cash, so the attack would actually contribute to the security of the network.

At $100 min fee bitcoin would be almost useless for everything except a store of value, but the attack would cost ~$30 million a day. The only people who are likely to come up with that kind of money are governments who have access to the fiat printing press- but in so doing would devalue their currency.

[–]hellobitcoinworld[S] 1ポイント2ポイント  (0子コメント)

I guess we need the exact numbers. What would it cost per 10 minutes to maintain an attack which maintains a $1/transaction fee minimum?

You definitely duplicated my concern well. +1 to you

[–]MistakeNotDotDotDot 1ポイント2ポイント  (3子コメント)

The only people who are likely to come up with that kind of money are governments who have access to the fiat printing press- but in so doing would devalue their currency.

The daily budget of the US military is something like $2 billion. The overall budget is something like $10 billion. $30M/day wouldn't change the rate of inflation at all.

[–]cjmalloy 2ポイント3ポイント  (2子コメント)

Yes, but you can't pay fees in dollars. You have to get the coins somehow. If they drop $2 billion on an exchange it will absolutely inflate the price of bitcoin in dollars.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (1子コメント)

Yes, just so long as the network doesn't grind to a standstill in the process of their doing so (I hope/don't think it will come to that, but that's what we're talking about here)

[–]cjmalloy 2ポイント3ポイント  (0子コメント)

If they did that we would all be rich overnight. A few extra hours conf would be the least of my worries. And the longer the attack continues the richer we all get.

[–]Five100 0ポイント1ポイント  (2子コメント)

/u/changetip 1 Coffee

[–]changetip 0ポイント1ポイント  (0子コメント)

The Bitcoin tip for 1 Coffee (6,796 bits/$1.50) has been collected by cjmalloy.

what is ChangeTip?

[–]cjmalloy 0ポイント1ポイント  (0子コメント)

Thanks buddy!

[–]Anenome5 1ポイント2ポイント  (5子コメント)

The cost would obviously be mathematically figured out by the attacker before begun.

Miner's fees could be adjusted in real time, so this wouldn't necessarily be possible. If miners figure out that someone was attempting a long-standing transaction attack, they could boost fees significantly to profit on such an intent.

[–]MistakeNotDotDotDot 1ポイント2ポイント  (4子コメント)

But if the miners go 'ok, we won't take any transactions with less than $10 in fees' the attackers win regardless of whether they're actually sending any transactions or not.

[–]Anenome5 1ポイント2ポイント  (3子コメント)

They don't 'win' rather regular users are minorly inconvenienced for a time, and in the process by enriching miners, the "attacker" has incentivized the creation of more future mining power, thus strengthening the network, creating competition and more ability to process more transactions / sec.

So while it might create so short term headaches for regular users, my expectation is it would be a self-defeating attack that ultimately makes bitcoin more powerful.

Also be aware that Gavin and the devs can blacklist attacker addresses with a hot fix within hours or less, to lower impact on honest users.

Furthermore old-coin that hasn't been moved for a long time has priority, and it would be hard for an attacker to obtain that much old coin.

[–]MistakeNotDotDotDot 0ポイント1ポイント  (2子コメント)

They don't 'win' rather regular users are minorly inconvenienced for a time,

I'm sure that if Visa/MC stopped processing all transactions for a day or two people here wouldn't downplay it as 'minor inconvenience'.

the "attacker" has incentivized the creation of more future mining power, thus strengthening the network, creating competition and more ability to process more transactions / sec.

And then when the attack ends, all that extra mining power is going to go away because it won't be as profitable any more.

Also be aware that Gavin and the devs can blacklist attacker addresses with a hot fix within hours or less, to lower impact on honest users.

1) If the attacker is smart then they would have their coins spread out over millions of addresses. 2) I get the feeling that any sort of address-based blacklist would be a very controversial move and not instantly adopted. 3) Even if it was, it's not like they have the ability to force miners to instantly update their nodes.

Furthermore old-coin that hasn't been moved for a long time has priority, and it would be hard for an attacker to obtain that much old coin.

Would miners really accept an old-coin transaction with a standard fee over a new-coin one with a fee of $10? I can't find any documentation on how miners pick which transactions to include.

[–]Anenome5 0ポイント1ポイント  (1子コメント)

I'm sure that if Visa/MC stopped processing all transactions for a day or two people here wouldn't downplay it as 'minor inconvenience'.

Those two have been around forever though. Bitcoin is still early days, it's not even out of beta. We're all pioneers. It would be acceptable. Wasn't long ago we went through the first halvening and no one knew what the fuck would happen.

And then when the attack ends, all that extra mining power is going to go away because it won't be as profitable any more.

Maybe, it depends on where the price goes. If the attackers bid up the price of bitcoin by buy lots of it on exchanges in order to facilitate their attack, that wouldn't be true.

Also be aware that Gavin and the devs can blacklist attacker addresses with a hot fix within hours or less, to lower impact on honest users.

1) If the attacker is smart then they would have their coins spread out over millions of addresses.

That would necessitate millions of transactions and address creation in the first place, which would be rather easily observable. And they'd be likely to do it with dust, don't you think, which could be easily rule-avoided by miners, which can create mandatory transaction minimums which would foil such an attack but not affect most transactions which are for more than a few dollars typically.

2) I get the feeling that any sort of address-based blacklist would be a very controversial move and not instantly adopted. 3) Even if it was, it's not like they have the ability to force miners to instantly update their nodes.

Do you remember when there was a hard-fork and the devs used a little known feature built into the client? The ability to send a pop-up message to all people running nodes. They used this to notify everyone of a new client update designed to limit the fork from spreading, and it worked.

They could use such a feature again to foil an attack, clearly miners would have incentive to help prevent the network from being successfully attacked. I think you're not giving the existing system enough credit.

Furthermore old-coin that hasn't been moved for a long time has priority, and it would be hard for an attacker to obtain that much old coin.

Would miners really accept an old-coin transaction with a standard fee over a new-coin one with a fee of $10? I can't find any documentation on how miners pick which transactions to include.

I'm honestly not sure, but I sincerely doubt any attacker could sustain any attack with $10 transactions. It would more likely be them sending dust with a just slightly above the standard transaction fee, in order to minimize cost and maximize number of transactions, and miners could easily respond by prioritizing non-dust transactions.

And if I recall, there is anti-dust protection built in already in some form, so perhaps they wouldn't be able to use dust. But look into how 'days destroyed' functions work. Old bitcoin that hasn't been moved in a long time has transaction priority.

If the attacker didn't keep moving the same bitcoin back and for algorithmically the only alternative would be to buy a large amount of bitcoin on the market, which would cause the price to skyrocket, which would cause mining power to instantly jump--there's a lot of stalled mining power out there that would suddenly become profitable.

[–]credibit 1ポイント2ポイント  (1子コメント)

Correct. Which is why if it were to be done as an attack, it would be continuous and without ceasing until the desired effect was caused.

Even a temporary attack that coincided with an already high period of demand (like Bitcoin Black Friday) would be devastating.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

True, and if it was enough to actually get nodes to shut down due to memory overflows (the transaction mempool being too large), then this would be pretty devastating too.

[–]rezzme 0ポイント1ポイント  (0子コメント)

It's maintenance is also dependent on people selling bitcoin to the attacker.

[–]painlord2k 2ポイント3ポイント  (1子コメント)

It could not need to maintain the attack continuously. Just jack up a spike of transactions flooding the mempools of full nodes so they run out of RAM and are forced to drop transactions or crash. Or jack up a flood of transactions with low-medium fees compared with normal transactions, then wait until the network start clearing up. This would force people to raise their transaction fees (time is money) to get priority and the spam would not be cleared for a long time. Then push out another batch of spam transactions.

The advantage would be to force people to pay larger fees without essentially paying any fees because the spam transactions are kept in the mempool a lot longer and then dropped or slowly processed.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

It could not need to maintain the attack continuously. Just jack up a spike of transactions flooding the mempools of full nodes so they run out of RAM and are forced to drop transactions or crash.

Very good point. This is a realistic shorter-term option rather than just continuing to flood. Probably more economical to hit hard and fast rather than to spread out over a long period of time.

[–]Anenome5 -1ポイント0ポイント  (5子コメント)

There are groups for whom $20 million to attack bitcoin would be nothing. Have 20 million transactions to choke on.

[–]cjmalloy 1ポイント2ポイント  (0子コメント)

This does nothing except create a floor for transaction fees. If it's a high floor $20 mil would only last a day. If you spread out $20 mil over a few weeks it has almost no effect, even at 1mb limits.

[–]cjmalloy 1ポイント2ポイント  (3子コメント)

Oh sorry I see where you misunderstood me.

A government can print $20 mil without causing any measurable inflation. But if a government prints $20 mil and drops it on an exchange there would be a huge jump in BTC vs USD. You can't pay fees in dollars, you have to get the coin somehow.

[–]Anenome5 1ポイント2ポイント  (2子コメント)

A government can print $20 mil without causing any measurable inflation. But if a government prints $20 mil and drops it on an exchange there would be a huge jump in BTC vs USD.

Ah true. And such an increase in BTC price would also cause vastly more mining power to appear.

[–]cjmalloy 2ポイント3ポイント  (1子コメント)

Personally I would love it if a government attacked bitcoin publicly. What great publicity.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

That may be the one redeeming factor in this entire post. The attack would be traceable and once it was determined who was doing the attack, it would get pretty interesting at that point.

[–]cap2002 4ポイント5ポイント  (3子コメント)

Supply and demand should be the governing mechanism behind fees, pure and simple.

[–]i_wolf 0ポイント1ポイント  (1子コメント)

If sending and storing transactions is costly, then fees should be determined based not only on the amount of BTC sent, but on the transaction size. E.g. 1KB = $0.01

Then again, it's not clear how can this be calculated automatically. It smells like central planning anyway. Miners themselves should be able to adjust fees.

[–]pointychimp 0ポイント1ポイント  (0子コメント)

Fees are already based on size

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

I think you're right. That sounds appropriate-- similar to how the difficulty is determined (dynamically instead of static). The best method of governing mechanism is the next question.

[–]A__Random__Stranger 0ポイント1ポイント  (0子コメント)

Not necessarily true.

Some people with priority transactions will pay more for quick block inclusion.

Those who are not in a rush and can wait a while will pay a smaller fee.

It's then a tradeoff between speed and price.

[–]rydan 0ポイント1ポイント  (1子コメント)

Step 2) Force people to pay $1 a transaction to get them through quickly

And now bitcoin is too expensive to use. Congrats, attack succeeded.

[–]williamdunne 0ポイント1ポイント  (0子コメント)

1) $1 isn't that expensive.

2) They still have to sustain the attack or the result fades.

[–]Noosterdam 1ポイント2ポイント  (1子コメント)

Why don't miners just scale up fees automatically as blocks/mempool fill up?

There's this vague notion that fees should be set by the market, and of course they should, but it should be a constant second-by-second dynamic system where at any given moment a sender/wallet knows exactly how high to set a few to get it included in the next block, because miners are publishing that info in a feed.

Why don't they do it now? Fees are that big a deal yet. Once there are more transactions (and bigger blocks) each block will have substantial fees and miners will want to maximize that by charging what the market will bear.

[–]kamnxt 0ポイント1ポイント  (0子コメント)

Well, that would make bitcoin a lot more confusing for users. You wouldn't be able to buy "just enough" bitcoins to buy something with them, because you wouldn't know what the fees would be the next day.

[–]mmeijeri 1ポイント2ポイント  (1子コメント)

We need protection against the ability to do this.

Transaction fees could take care of this, which is good, but that might make the blockchain useful only for very large transactions, which might be not so good. Then again, something like the Lightning Network could take care of that. Or maybe tree chains.

In the medium term Bitcoin can scale a lot with the current 1MB blocksize + something like Lightning. In the longer term even that will require something more powerful than the current blockchain, such as a blockchain with bigger blocks and / or tree chains.

Of these three mechanisms bigger blocks are more or less technically ready to be deployed, Lightning still needs a lot of work and tree chains need even more work. That makes bigger blocks the obvious candidate for a quick solution should it be needed.

But is it needed now? I see no evidence of that. Once people start complaining about long confirmation times, miners running out of RAM, transaction fees for actual non-frivolous payment transactions rising to levels that make Bitcoin uncompetitive with other payment systems, Streamium streams that won't stream because blocks fill up, THEN we can deploy bigger blocks fairly quickly.

A day may come when we need bigger blocks, when we break all bonds of blocksize bounds, but it is not this day. This day we fight! Oh wait, wrong speech.

Anyway, I don't think we should rush into something irreversible, especially since a hard-fork can lead to people losing money by accident. With the bigger block size change we have a good plan B on standby, which we can put into action once the signs of strain on the network become clear for everyone to see, at which time we'll quickly get the necessary consensus.

[–]goalkeeperr -1ポイント0ポイント  (0子コメント)

this is the right approach

[–]Nitrowolf 0ポイント1ポイント  (0子コメント)

It would be quite difficult to send a huge volume of transactions without making them identifiable as an attack source. As such, you could easily filter those out of the memory pool and process more "legitimate" transactions and process the attack transactions at a lower priority.

No, I don't think that sort of attack is really a threat. There are much faster/easier/better ways to attack bitcoin than to flood it with algorithmically correct, valid transactions that are both costly and ultimately easy to defend against.

All it would take is one or two large pools to filter the attack traffic and 'poof' ... the attack fails and you just spent a tidy sum for nothing. On top of that, unless you're doing large transactions, you don't really need to do a 6 confirm wait and day to day coffeeshop type transactions are fine with 0 confirms, as they aren't worth the effort to double spend.

[–]pietrod21 12ポイント13ポイント  (7子コメント)

Here I see also biggest atacks/stresstests, why nobody talks about them in january?

http://imgur.com/qqMX3h5

[–]hellobitcoinworld[S] 7ポイント8ポイント  (1子コメント)

I can only answer personally that I did not see this in January. It just came to my attention now. And I view it as an issue. It should have been brought up in January. Perhaps no one spotted it as a threat.

[–]pietrod21 2ポイント3ポイント  (0子コメント)

Perhaps no one spot it as a threat.

If you are right so the community are the biggest danger.

[–]cjmalloy 0ポイント1ポイント  (3子コメント)

That graph is very confusing. How did those tx suddenly disappear on 15 and 23? There are too many for a block, and blocks are 10 min, not once a day.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (2子コメント)

There are too many for a block, and blocks are 10 min, not once a day.

It's zoomed very far out. The blocks (represented on the x-axis) are super tiny on that graph.

[–]cjmalloy 0ポイント1ポイント  (1子コメント)

That what I thought- so what do the large drops represent?

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

Perhaps it's due to averages. Notice how right before the large drops there is a spike?

[–]redfacedquark 0ポイント1ポイント  (0子コメント)

Very interesting, the first seems to coincide with the drop from 266 to 166 (give or take timezones) while the second, larger one didn't break the recovery that was going on.

Perhaps the focus (esp. Gavin) switching to the blocksize issue was the community talking about them.

[–]steb2k 7ポイント8ポイント  (5子コメント)

does anyone know how much this stress test cost?

[–]hellobitcoinworld[S] 4ポイント5ポイント  (4子コメント)

Good question, but no one could tell you for sure because it was just a group of random redditors who agreed to do it. But it couldn't have been THAT much. It was done willingly by people just for experiment.

[–]jrmxrf 1ポイント2ポイント  (3子コメント)

Good question, but no one could tell you for sure

There's this thing called the blockchain where you can find all fees associated with transactions during that time.

[–]BaurusdB 7ポイント8ポイント  (2子コメント)

Which ones, then, were stress test transactions and which were not?

[–]jrmxrf 7ポイント8ポイント  (0子コメント)

Just get avg tx cost when not stressed and substract.

[–]hellyeahent 8ポイント9ポイント  (5子コメント)

And attack would be that expensive, now default fee is about 0,025$. Attacker can send with 0,03$ fee and those transactions have prority over default ones. 0,03* 1000-1500 = 30$-45 per block * 6 = 200$ * 24 = ~5000$ per day. With 20mb blocks... 100 000$ per day :) (and only default fees transactions do not go through remember that)

[–]blackcoinprophet 7ポイント8ポイント  (4子コメント)

So it only costs 5 thousand dollars to screw up the Bitcoin network for an entire day?

Holy crap. I'm suprprised one of the billion dollar banks hasn't done this just for the lolz yet.

[–]hellobitcoinworld[S] 1ポイント2ポイント  (1子コメント)

These are the kind of numbers that worry me. Whether they are fully accurate yet I do not know.

[–]hellyeahent 1ポイント2ポイント  (0子コメント)

Im not sure too, just thinking out loud

[–]Unistrut 1ポイント2ポイント  (0子コメント)

Hell, at that price I'm surprised some random asshole hasn't done it. There are guys who paid $10,000 to appear as a character in a video game.

[–]smartfbrankings 0ポイント1ポイント  (0子コメント)

If by screw up you mean make people have to pay a small increase to an already small fee to use one of the best monetary systems ever created, you are correct.

[–]cqm 11ポイント12ポイント  (4子コメント)

YOU MEAN THE POWERS THAT BE HAVE NOT BEEN TRYING TO KILL BITCOIN!?!?

[–]MistakeNotDotDotDot 2ポイント3ポイント  (2子コメント)

But the Internet told me that the evil banksters were terrified of it because it was so anti-fragile!

[–]shortbitcoin 1ポイント2ポイント  (0子コメント)

If you didn't know, "anti-fragile" is a euphemism for "fragile".

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

Perhaps not yet in this manner, with a big enough-scale attack to cause disruption. That's my guess, based on the effects a small group of redditers were able to cause in 1 hour.

[–]stevev916 2ポイント3ポイント  (8子コメント)

Dumb question.

What does "clear backlog" mean?

Were txns posted to network at 0 confirmation? Or did it take that long for them to even be visible?

[–]cjmalloy 6ポイント7ポイント  (0子コメント)

Transactions are visible at 0 conf as soon as they are posted. They are not necessarily going to get 1 conf when the next block is found- only if they were included in the block. They will remain unconfirmed (0 conf) until they are included in a block.

[–]hellobitcoinworld[S] 4ポイント5ポイント  (6子コメント)

A backlog of transactions waiting to be confirmed in a block was caused because there were more transactions in bitcoin nodes' memories than could be output into a single block (i.e., 8mb of transactions and only 750kb-1mb blocks to put them in). Therefore all the awaiting transactions couldn't be put into a single block and couldn't exhaust the transactions in the memory pool-- they had to be carried over to the next block. But by the time the next block came by, more transactions had accumulated (in addition to those already waiting), preventing the memory pool from being exhausted again. And so on. This lasted for 8 hours, in this particular stress test.

[–]stevev916 1ポイント2ポイント  (5子コメント)

Thanks for explaining. I've often felt that small transactions are safe enough with 0 confirmations. E.g. fold.io does this.

Risk/reward tradeoff, but so long as txn is confirmed in 8 hours and doesnt disappear... Its STILL better than credit cards right

[–]hellobitcoinworld[S] 0ポイント1ポイント  (2子コメント)

Small transactions with 0 confirmations generally are safe. They're always safe for the sender. It's the receiver that has to beware.

[–]ThePenultimateOne 0ポイント1ポイント  (1子コメント)

What's fold.io? I went to their site but it looks like it expired.

[–]stevev916 0ポイント1ポイント  (0子コメント)

Sorry, I meant foldapp

[–]turdovski 8ポイント9ポイント  (38子コメント)

This is quite a serious problem and anyone who thinks we shouldn't raise the limit asap is an idiot.

[–]vemrion 3ポイント4ポイント  (0子コメント)

Even the skeptical devs agreed that the rate should be raised (with many caveats), but the question is "how?"

Ideally, we'd come up with an algorithm that mitigates this attack without leaving Bitcoin open to big block attacks. Then we wouldn't have to have more hard forks and these big political debates. I'm hoping somebody will come up with something everybody can accept.

[–]btcforme2 2ポイント3ポイント  (0子コメント)

This is bad.

[–]gavcoin 7ポイント8ポイント  (8子コメント)

20mb is not going to stop this from happening any more than 1mb did

[–]hellobitcoinworld[S] 6ポイント7ポイント  (7子コメント)

20mb is not going to stop this from happening any more than 1mb did

Thank you. Exactly.

It's an attack vector that increasing blocksize for only makes it slightly more difficult to pull off.

[–]yeeha4 8ポイント9ポイント  (6子コメント)

Slightly? Or twenty times more difficult?

Any attempt to spam the network in such an attack would just temporarily lead to a rising in transaction costs until the attacker runs out of funds.

[–]hellobitcoinworld[S] 1ポイント2ポイント  (5子コメント)

It's linear. 20x more difficult. But that's not that much more.

[–]aminok 4ポイント5ポイント  (4子コメント)

20X != slightly. I agree with all your other points.

[–]hellobitcoinworld[S] 1ポイント2ポイント  (3子コメント)

I think it's relative really. I can see how you would consider 20X to not be slight. But imagine bitcoin being used by 100x more people. Suddenly 20X doesn't seem like that much more.

[–]hellyeahent 1ポイント2ポイント  (2子コメント)

20mb blocks would take this whole test in 2 blocks. You wouldnt notice there was any

[–]hellobitcoinworld[S] 0ポイント1ポイント  (1子コメント)

Yeah, but again, it's relative. When 20mb becomes the norm you could say the same thing about 100mb blocks making it no big deal.

[–]drunkdoor 0ポイント1ポイント  (0子コメント)

1->20=20x. 20->100=5x. If you went 20->400=20x then its comparable and it would follow an exponential curve much as technological adoptions usually do. I'll agree that those block size bumps spread years apart do nothing to stop an attack.

[–]Throwahoymatie -2ポイント-1ポイント  (25子コメント)

Or someone who actually understands the economics of maintaining an attack like this. :)

[–]cashstronaut 0ポイント1ポイント  (24子コメント)

...so you're an idiot who also thinks a couple thousand dollars a day to completely shut down bitcoin is prohibitively expensive, too?

[–]Throwahoymatie -2ポイント-1ポイント  (23子コメント)

No, it creates a cascading effect of higher and higher transaction costs that makes the attack exponentially more expensive.

[–]cashstronaut 2ポイント3ポイント  (22子コメント)

I don't think you comprehend how trivial Bitcoin transaction fees are in the world of finance. You think $10,000 or even $100,000 is a prohibitive amount for any big player who actually stands to lose their lunch? Get real. They wouldn't even have to maintain such an attack for long for retailers and investors to lose interest

[–]hellobitcoinworld[S] 1ポイント2ポイント  (0子コメント)

Exactly. Think big. A corporation or entrenched system (legacy banks) have the money to pull of something like this without batting an eye financially.

[–]Throwahoymatie -3ポイント-2ポイント  (20子コメント)

They'd need to buy BTC in order to pay the fees. That's a lot of buying.

[–]cashstronaut 0ポイント1ポイント  (19子コメント)

It's actually a totally negligible amount. Do you have any idea what the daily BTC volume is?

You're really not making any sense here.

[–]Throwahoymatie -2ポイント-1ポイント  (18子コメント)

It's actually a totally negligible amount.

Only when the blocks aren't being filled consistently. You really don't know how the network functions, do you?

[–]cashstronaut 0ポイント1ポイント  (17子コメント)

Tell me what this prohibitively-expensive cost is, then. I'd like to hear how much money you estimate it will cost to attack the network and how laughably affordable that number is for any bank.

Furthermore, you talk about buying BTC as some kind of deterrent or coincidental bonus failing to grasp that the price of BTC would be falling in the face of such an attack

Here's what's going on in your head:

BTC is being attack! Some guy is maliciously clogging the network, but boy is he buying a lot of BTC doing it! Therefore BTC price will rise!

You really don't know how economics works, do you?

[–]Throwahoymatie -1ポイント0ポイント  (16子コメント)

Approximately $6 per transaction is where the attacker would start to actually help the price rise, due to transaction fees being higher than block reward. That number would be much lower assuming bigger blocks.

[–]finway 0ポイント1ポイント  (0子コメント)

What some "core" devs want is exactly this attacking mode to be normal someday in the future.

[–]BS_Filter 2ポイント3ポイント  (0子コメント)

As demand increases, prices go up. Low fee transactions were the only ones that were backlogged. This is not unexpected.

If someone wanted to 'attack' the bitcoin network in this way, they would need to pay significantly more than the usual fee and miners would not think of this as an attack. From a miners perspective, it's an opportunity. From a transactors perspective, it's competition.

Fees of a certain size make it more profitable to carry the transaction than to broadcast a smaller block that has a higher probability of being first. Such transactions incentivize miners to increase supply (construct larger blocks).

It's not unreasonable to expect both miners and users to want larger block sizes.

[–]dudetalking 2ポイント3ポイント  (0子コメント)

These test prove in my my eyes the 1mb block is fine for now and the Spam protection works. Highly decentralized network and peranent t store of value. I could care less about trying to move money for "free" and care more about keeping bitcoin decentralized

The fact is transactions which pay the correct fees get confirmed. Everything else is spam I could care less if it take a day to confirm your attempt at paying for coffee

[–]fcktheussa 2ポイント3ポイント  (10子コメント)

Good question!

I think the miners need bigger blocks and they'll take care of it.

The 20mb fix has got to come quick. It will give the network breathing space.

After the fix we can develop a fix voor the next 80 years.

[–]smartfbrankings 1ポイント2ポイント  (2子コメント)

What makes you think when that fills, the instinct will just be "let's make it 400 MB?!"

[–]conv3rsion 5ポイント6ポイント  (1子コメント)

because people are working on other shit at the same time

[–]smartfbrankings -1ポイント0ポイント  (0子コメント)

But they are working less on it than they would otherwise, because it provides much less value.

[–]cashstronaut -3ポイント-2ポイント  (6子コメント)

After the fix we can develop a fix voor the next 80 years.

Why 80 years?

[–]fcktheussa 0ポイント1ポイント  (5子コメント)

Because the outcome will be the same. It's a long enough timeline.

[–]cashstronaut -3ポイント-2ポイント  (4子コメント)

...but block rewards run out in about 20 years? +99% of the block reward will be mined by 2035

[–]fcktheussa 0ポイント1ポイント  (2子コメント)

People will want to pay to keep their blockchain secure.

They will pay the miners for their security or do it themselves.

[–]cashstronaut -3ポイント-2ポイント  (1子コメント)

The miners are the security. There's no other way to "do it themselves"

[–]Ody0genesO 0ポイント1ポイント  (0子コメント)

Unless they become the miners.

[–]blackcoinprophet 1ポイント2ポイント  (1子コメント)

How much did this stress test cost to execute? If it's cheap this is a big problem.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

Exactly the concern. Hopefully some accurate math gets performed on this subject to simulate the actual cost for a period of time.

[–]A__Random__Stranger 0ポイント1ポイント  (1子コメント)

"what if this kind of attack was maintained for longer than just a few hours?"

Would the only effect not be more transactions than are being put into blocks? Is the solution then not as simple as just paying a slightly higher fee to get your tx included in next block if you need it in a hurry? Then people who aren't in a rush but dont want to pay as much let their low fee low priority tx resolve in a few hours?

I bet that most miners dont grab TXs willy-nilly but try to mine a block that will make them the most profit (ie: the highest paying transactions)

[–]ThePenultimateOne 0ポイント1ポイント  (0子コメント)

The theory is that if we assume that 8:1 ratio is true, they could disable the network for weeks after only a couple days of attacking.

[–]neoice 0ポイント1ポイント  (1子コメント)

somewhat offtopic, what are you using to get that data to Graphite? I < Grafana.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

statoshi.com

full link is in the very first post.

[–]123btc321 1ポイント2ポイント  (2子コメント)

FYI my transactions went through in the first block that was mined. So I am willing to bet that many of those backlogged transactions didn't have fees attached.

[–]hellobitcoinworld[S] 0ポイント1ポイント  (0子コメント)

That would explain it. I wonder what a similar attack would look like with every one of the transactions including fees.

[–]freework 0ポイント1ポイント  (0子コメント)

Even when there is a backlog, new transactions can still get confirmed. All transactions in the mempool are prioritized, so if you used a high enough fee, you'll experience no delay.

[–]Taknopotin 0ポイント1ポイント  (0子コメント)

See my post a little further down in this thread, I'd love to get a 2nd+ opinion on the stuff from that.

[–]Fiach_Dubh 0ポイント1ポイント  (1子コメント)

my concern is that this script allows for the DDOSing of the network as it currently stands. It takes an army of anons to do this, but it's possible with bad actor trolls like 4chan.

The longer the attack, the greater the impact, but imagine having a week of 4hour confirmation times...could be an interesting event since they could conceivably hold the network hostage. They could cash out when offered a bounty, or by hedging BTC with NBT or cash and converting the price takes a significant enough hit to buy in after the dust settles, or do both.

[–]smartfbrankings 1ポイント2ポイント  (0子コメント)

If an army of anons want to give a massive donation to the miners, great.

[–]shortbitcoin 0ポイント1ポイント  (0子コメント)

It sure is a good thing that events like "Bitcoin Black Friday" were complete flops. If they actually were successful, it would have generated bad press.

[–]Taknopotin 0ポイント1ポイント  (0子コメント)

It doesn't have to be "people" using it though. The whole point brought up above is that it would be cheap for a single user to swamp the network with pointless transactions.