Denial-of-service prevention: low-difficulty blocks #534

pull gavinandresen wants to merge 2 commits into bitcoin:master from gavinandresen:DoSorphans changing 13 files +247 −31
  1. gavinandresen commented at 5:07 PM on September 27, 2011: contributor

    The attack this prevents: Generate valid low-difficulty blocks (maybe built on top of an early part of the block chain) and send them to a bitcoin node. Before this patch the bitcoin client could store an arbitrary number of them in memory or on disk, in case they later became part of the main chain.

    Two checks are added:

    1. Blocks before the last blockchain lock-in are rejected, and the peer sending these obviously-not-part-of-the-main-chain blocks it will be disconnected and banned.

    2. Blocks must have a plausible proof-of-work. It is impossible for a difficulty 1.0 block to follow a difficulty 1-million block (it would take at least 19 months for difficulty to drop from 1-million to 1). Blocks with too-low proof-of-work are ignored, and peers relaying them are disconnected/banned.

    Requiring plausible proof-of-work for orphan blocks or alternate chains foils this attack (you would have to be able to generate valid blocks near current difficulty).

  2. gavinandresen commented at 5:11 PM on September 27, 2011: contributor

    Testing: Unless somebody has already written a tool to generate low-difficulty valid-but-orphan blocks, I think we may have to rely on code review and unit tests (unit tests are part of this pull).

    (I am working on a tool to generate blocks and transactions for testing, but have more work to do on it)

  3. alexwaters commented at 5:11 PM on September 27, 2011: contributor

    Would test-net-in-a-box allow me to create orphaned blocks to test this?

  4. gavinandresen commented at 5:15 PM on September 27, 2011: contributor

    You can't use testnet to test this, because testnet doesn't have block-chain lock-in points and there's no way to generate orphan blocks on purpose with too-low difficulty.

  5. ByteCoin commented at 2:20 AM on October 4, 2011: none

    What's the justification for having more checkpoints than just the latest?

  6. gavinandresen commented at 3:47 PM on October 5, 2011: contributor

    Justification for more than the last checkpoint is it makes it harder for an attacker to waste a newbie's time downloading a long-but-invalid chain.

    Pruning some of the checkpoints in the middle is probably a good idea.

  7. Moved checkpoints out of main, to prep for using them to help prevent DoS attacks eb5fff9e16
  8. Orphan block fill-up-memory attack prevention 10fd7f6689
  9. gavinandresen referenced this in commit 43f20bb3c2 on Dec 1, 2011
  10. gavinandresen merged this on Dec 1, 2011
  11. gavinandresen closed this on Dec 1, 2011
  12. coblee referenced this in commit 7637e8ae87 on Jul 17, 2012
  13. rebroad commented at 3:47 AM on June 2, 2013: contributor

    I would be curious to know if this network rule change is in line with the Satoshi White Paper on bitcoin.

  14. gmaxwell commented at 4:04 AM on June 2, 2013: contributor

    Why are you replying to two year old pulls? This doesn't make the node reject any blocks that it wouldn't already (ultimately) reject.

  15. sipa commented at 9:13 AM on June 2, 2013: member

    Indeed, it's not a rule change. It just detects invalid blocks earlier.

  16. DrahtBot locked this on Sep 8, 2021
Contributors
gavinandresenalexwatersByteCoinrebroadgmaxwellsipa
Labels
Refactoring
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-22 06:16 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me