reply on: "Quasi-consensus": help me understand this conversation with Chris Guida \ stacker news ~bitcoin

pull down to refresh

0 sats \ 8 replies \ @Undisciplined 23 Oct \ parent \ on: "Quasi-consensus": help me understand this conversation with Chris Guida bitcoin

Sure, but why am I only connecting to these newly spun up malicious peers?

Are you talking about long-term dynamics or immediate impact of spinning up a ton of nodes? I was thinking about the latter.

42 sats \ 7 replies \ @ek 23 Oct

Do you know if your peers are malicious or not before you connect to them?

0 sats \ 6 replies \ @Undisciplined 23 Oct

I certainly don't, but I don't know whether it's something people can know. Either way, it's not my point.

At t1, I'm connected to whomever I'm connected to. If they're all malicious, sucks for me. If some are honest, apparently I don't have to worry about an eclipse attack.

At t2, some dick spins up a ton of malicious nodes. My previous condition is unchanged.

42 sats \ 5 replies \ @ek 23 Oct

Your connections aren’t permanent. Nodes can go offline.

158 sats \ 4 replies \ @Undisciplined 23 Oct

That's what I wanted to clarify. You're talking about the longer term situation.

Since they aren't permanent connections, how many malicious nodes does it take to consistently prevent connections to honest peers?

It seems like it would have to be an overwhelming share of the network, but that's just a gut impression.

267 sats \ 2 replies \ @optimism 23 Oct

In the longer term, eclipse attacks aren't sustainable. All you need is a single path to a miner that is willing to mine your tx. If I eclipse you for 99 out of 100 slots, my attack fails because you still have 1 path. The human factor (the operator) negates this ultimately, here's how:

Say you find you've been eclipsed and none of your txs go through. You restart your node but you're dealing with some awful trolls and they eclipse you again. If you're on SN, you just ask for help in the saloon and I'm sure a stacker will give you an ip or onion to addnode. Worst case you turn off incoming and outgoing automated connections and curate your peers for a while.

You can also just paste your signed tx in the saloon and then all stackers can do sendrawtransaction for you.

Humans generally help humans and as the remedy takes minutes, say an hour at most, there's no big deal. Which is why if I were me, I wouldn't be worried about getting eclipse attacked to censor my txns; the remedy is fairly easy and the attack costs are rather high.

202 sats \ 1 reply \ @Undisciplined 23 Oct

I was just thinking about the sheer probability. Just eclipsing someone three times in a row, with better than even odds, would require almost every node to be malicious.

144 sats \ 0 replies \ @optimism 23h

Of course, but you're assuming that such an attack would just have one layer.

A sophisticated attack would play the probabilities by not focusing just on the application layer, but combining it with multiple other layers; in the most simplest form, say, a BGP attack that makes a significant portion of the internet unreachable for you.

It's super expensive and super low success rate against an active operator. Your highest risks are your lightning channel partners that you didn't vet, much higher than any node eclipse attack.

42 sats \ 0 replies \ @ek 23h

It seems like it would have to be an overwhelming share of the network, but that's just a gut impression.

Yeah I don't disagree

But I would still consider it a part of a nation state's toolbox to attack bitcoin and thus one should be aware that this attack exists, even if hard to pull of