pull down to refresh
42 sats \ 9 replies \ @ek 23 Oct \ parent \ on: "Quasi-consensus": help me understand this conversation with Chris Guida bitcoin
Your node connects to random peers. If most peers are malicious, the chance is higher that all of your 8 outbound connections (default) will be consumed by only malicious peers.
You don’t know who is a honest peer or not.
Sure, but why am I only connecting to these newly spun up malicious peers?
Are you talking about long-term dynamics or immediate impact of spinning up a ton of nodes? I was thinking about the latter.
reply
reply
I certainly don't, but I don't know whether it's something people can know. Either way, it's not my point.
At t1, I'm connected to whomever I'm connected to. If they're all malicious, sucks for me. If some are honest, apparently I don't have to worry about an eclipse attack.
At t2, some dick spins up a ton of malicious nodes. My previous condition is unchanged.
reply
reply
That's what I wanted to clarify. You're talking about the longer term situation.
Since they aren't permanent connections, how many malicious nodes does it take to consistently prevent connections to honest peers?
It seems like it would have to be an overwhelming share of the network, but that's just a gut impression.
reply
In the longer term, eclipse attacks aren't sustainable. All you need is a single path to a miner that is willing to mine your tx. If I eclipse you for 99 out of 100 slots, my attack fails because you still have 1 path. The human factor (the operator) negates this ultimately, here's how:
Say you find you've been eclipsed and none of your txs go through. You restart your node but you're dealing with some awful trolls and they eclipse you again. If you're on SN, you just ask for help in the saloon and I'm sure a stacker will give you an ip or onion to
addnode. Worst case you turn off incoming and outgoing automated connections and curate your peers for a while.You can also just paste your signed tx in the saloon and then all stackers can do
sendrawtransaction for you.Humans generally help humans and as the remedy takes minutes, say an hour at most, there's no big deal. Which is why if I were me, I wouldn't be worried about getting eclipse attacked to censor my txns; the remedy is fairly easy and the attack costs are rather high.
reply
I was just thinking about the sheer probability. Just eclipsing someone three times in a row, with better than even odds, would require almost every node to be malicious.
reply
Of course, but you're assuming that such an attack would just have one layer.
A sophisticated attack would play the probabilities by not focusing just on the application layer, but combining it with multiple other layers; in the most simplest form, say, a BGP attack that makes a significant portion of the internet unreachable for you.
It's super expensive and super low success rate against an active operator. Your highest risks are your lightning channel partners that you didn't vet, much higher than any node eclipse attack.
It seems like it would have to be an overwhelming share of the network, but that's just a gut impression.
Yeah I don't disagree
But I would still consider it a part of a nation state's toolbox to attack bitcoin and thus one should be aware that this attack exists, even if hard to pull of
reply