Skip to content

Instantly share code, notes, and snippets.

Eclipse attacks

Eclipse attacks occur when a node is not connected to any honest peers on the network, and instead its peer connections are controlled by an adversary. Once denied connectivity to the honest network, a victim can be attacked in numerous ways, such as with double-spends or funds loss on layer 2 systems (such as the Lightning Network). Mining nodes attacked in this way can be forced to waste hashpower or be commandeered in selfish mining attacks, or generally aid in causing forks on the network.

This document attempts to describe the mechanisms implemented in Bitcoin Core to mitigate eclipse attacks followed by open questions and areas of further research.

Restart-based eclipse attack

A restart-based eclipse attack occurs when the adversary is able to sufficiently saturate the victim's address manager with attacker IPs (a.k.a. addrman flooding), and then the victim restarts. If the attack succeeds, the victim will lose its current outgoing connections due to the restart and be more lik

This is not an exhaustive list. This is mostly from looking at PRs or IRC meetings. Any mistakes are my own.

Backports

  • [MERGED] 0.19: Add txids with non-standard inputs to reject filter #19681
  • [MERGED] 0.20: Add txids with non-standard inputs to reject filter #19680
  • 0.20: Backport wtxid relay #19606
  • bitcoin/bitcoin#19569 (comment) (to be opened by jnewbery) with #19610

In progress/priorities

  • [MERGED] Transaction overhaul (#19184 - sipa) (Review by sdaftuar, ajtowns, ariard)
@adamjonas
adamjonas / verification_v_computation.md
Created August 8, 2020 15:59
verification and computation

Q: In this video, John Newbery talks about verification vs computation, and he bring it up as a big reason why he thinks bitcoin can scale but is skeptical about ethereum. I think I get the general idea of what he’s saying but I might be missing something.

Is there a qualitative difference between verification and computation? And is it the fact that ethereum is capable of performing arbitrary computation that makes the whole thing difficult to scale, or is it that specifically smart contracts that require arbitrary computation won’t be able to scale (as in those contracts would be very expensive to run).

A: There is a big difference between verification and computation.

For instance:

  1. given the prime number 11,121,415,581,673,924,441, compute its prime factorisation.
  2. given the prime number 11,121,415,581,673,924,441, verify that 3,226,079,203 and 3,447,347,347 are its factors.
@adamjonas
adamjonas / high_priority.md
Last active December 19, 2019 01:17
net_processing and validation PRs
@adamjonas
adamjonas / generating_a_patchset.md
Last active June 9, 2020 17:45
Generate a patchset

Error:

>>> [do_build] Command failed: git apply /Users/jonas/bitcoin-dir/bitcoin-maintainer-tools/patches/stripbuildinfo.patch
>>> [do_build] Could not apply patch to strip build info. Probably it needs to be updated

Checkout the patchset from the last patch:

git checkout 'master@{aug 1}'

@adamjonas
adamjonas / irssi.md
Created August 7, 2019 20:05 — forked from tasdikrahman/irssi.md
irssi cheatsheet
@adamjonas
adamjonas / gist:a4399dd277892dfb0654473a6fdfb6f3
Created June 27, 2019 20:08
categorization of first principle issues
Fungibility/Privacy:
Scalability:
Trustlessness/Decentralization:
@adamjonas
adamjonas / gist:8da156886ffa414541eaa43c0c5074ca
Created June 27, 2019 19:58
Privacy Leaks in Lightning
1) How can Gossip protocol be exploited to leak privacy?
2) How do BOLT 11 strings potentially leak privacy?
3) What is the minimal amount of info watchtowers need to know to work?
4) How can we minimize what is broadcasted to the base layer and how can the base layer leak our privacy?