mimblewimble team mailing list archive
-
mimblewimble team
-
Mailing list archive
-
Message #00012
Re: Chain syncing spec
-
To:
mimblewimble@xxxxxxxxxxxxxxxxxxx
-
From:
"Gellert Grindelwald" <grindelwald@xxxxxxxxxxx>
-
Date:
Thu, 5 Jan 2017 14:22:47 -0000
-
Importance:
Normal
-
In-reply-to:
<qtuzxAFV05wrX2XVC7mc7a68-5TrAWwjnkynSKJ0MKi3SO-10m7R5YVw-4eSfAjQ_hsiEjE6vxYFU8E2DZ3w6sSWWStvE5xfBTvsxe0KaJ0=@protonmail.com>
> Greetings Gellert Grindelwald,
>
> Thank you for the reading and the review. The attack you described is
> definitely something that comes to mind as a potential danger but it would
> require to both have a partial rewrite of the chain *and* a full sybil
> attack (where the attacker controls all the peers the new node is
> connected to). Pretty much all cryptocurrencies are vulnerable to a full
> sybil attack, including bitcoin, so it's not something I consider
> acceptable udner our security model.
>
> To elaborate, when a new node joins the network it does the following:
>
> - Connect to a certain number of peers (typically 6 to 10).
>
> - Ask for the latest head H.
>
> - Ask *all* peers for the horizon block header at h=H-O.
>
> - Check for consensus among *all* peers it's connected to on h.
>
>
>
> At this latest step, under the attack you describe, the new node would
> detect the attacker's fork. Not knowing which header to believe, it
> backtracks, increasing O until reaching agreement between all its peers.
>
> - Igno
>
Yeah basically worst case scenario in the full sybil attack scenario is
the bootstrapping node has a forged history of the chain which is pretty
disastrous but unlikely to occur in a mature decentralized network.
Best case scenario where only a couple peers are malicious this is a DoS
attack that forces the node to constantly keep back-tracking for consensus
among peers on a block. Once consensus is found on a block then banning
the peer who is DoSing would be warranted. I think if we gave the block
horizon a one month(or larger) period this would largely thwart any major
threat of adversaries being able to take advantage of the full sybil
scenario while still addressing the DoS attack which will always be
possible to a certain extent. This is under the assumption the network has
a strong hashrate and a one month block horizon is completely unreasonable
to rewrite from a work perspective.
Having pruned nodes only connect to full nodes for syncing past blocks
would make this attack disappear, forcing the attacker to completely
rewrite the blockchain history rather than just H - Z blocks, but as full
nodes go out of favour for pruned nodes this solution is not really
sustainable long term and bolsters the strength of the aforementioned full
sybil attack when full nodes with the entire chain history is scarce.
Choosing the length of the block horizon will be crucial to the security
of the network.
-Gellert
Follow ups
References