Monday, November 12, 2018

How Craig Wright is attempting to dishonestly take over the Bitcoin network

With the upcoming Bitcoin Cash hard fork in just a couple days, everyone is at odds with what is going to happen. In this post, I argue that Nakamoto Consensus is working as designed for honest network participants.

When the Bitcoin whitepaper was published, Satoshi made it very clear what Bitcoin is: A Peer-to-Peer Electronic Cash System. Bitcoin according to Satoshi is a trustless network, where anyone can can send payments to each other with out having to trust a third-party. Nodes (miners) use proof of work to form a block chain so payments cannot be reversed or altered later.

What is the Bitcoin network?

Again referring to the Bitcoin whitepaper in section 5, the network or system rules work like this:

  1. New transactions are broadcast to all nodes.
  2. Each node collects new transactions into a block.
  3. Each node works on finding a difficult proof-of-work for its block.
  4. When a node finds a proof-of-work, it broadcasts the block to all nodes.
  5. Nodes accept the block only if all transactions in it are valid and not already spent.
  6. Nodes express their acceptance of the block by working on creating the next block in the chain, using the hash of the accepted block as the previous hash.

Note: in the first step, it is also covered in section 2 saying "To accomplish this without a trusted party, transactions must be publicly announced [1], and we need a system for participants to agree on a single history of the order in which they were received."

"The system is secure as long as honest nodes collectively control more CPU power than any cooperating group of attacker nodes." - Satoshi Nakamoto

So what is an attack?

In the whitepaper an attacker would be someone trying to "defraud people by stealing back his payments." It is also explained that an attacker could try to "generate an alternate chain faster than the honest chain" for the purpose of "creating value out of thin air or taking money that never belonged to the attacker."

There are two key points to identifying an attacker:

  1. the attacker is not working within the defined rules of the network and
  2. the attacker is trying to defraud users while generating a longer chain

Identifying the attacker

In the upcoming hard fork, an attacker has been identified who is not working within the defined ruleset of the network with the intent of defrauding users by generating the longest chain.

Courtesy of redditor /u/fromaratom, he helped to outline how the attacker is trying to change the protocal to defraud users by doing the following:

  • UNWIND TXs (overwrite history)
  • Send coins with unknown OP codes to Calvin and Craig (so called "miners")
  • Recover "lost" Satoshi coins by sending it to Calvin and Craig (so called "miners")
  • Make P2SH(multisig) transactions obsolete - that's a protocol change (let's guess where the funds "recovered" from P2SH transactions will go..)

How is the attacker going to create a longer chain to try to take over the network? Here's how, as I explained in this comment:

  • Creating millions of expensive to validate txns.
  • Do not broadcast them until ready.
  • Send them and immediately mine them and orphan other blocks.
  • These aren’t organic transactions. They are artificially produced to fill blocks and selfishly mine them.

You can see in these three 32mb blocks mined by Craig Wright's "Big Mining Group" that he was doing a Poison Attack.

In the whitepaper, Satoshi also wrote: "If a greedy attacker is able to assemble more CPU power than all the honest nodes, he would have to choose between using it to defraud people by stealing back his payments, or using it to generate new coins. He ought to find it more profitable to play by the rules, such rules that favour him with more new coins than everyone else combined, than to undermine the system and the validity of his own wealth."

With this scenario, we have a greedy attacker who will "play by the rules" to "generate new coins." Unfortunately, because this attacker is trying to take over the network with the goal of 100% hashing control, the attacker is breaking the trustless nature of the system and will then later attempt to defraud users of their money by having full control.

Conclusion

We have identified a dishonest miner (attacker) that plans to take over the network using a Poison Attack. The next one is planned right after the hard fork on November 17 using what is called the "Satoshi Shotgun" where millions of expensive to validate transactions will be sent to the network to DDoS it. As it's perfected, they will continue this attack with sustained hashing to try to overtake the network.

At this time it's unclear how the network will defend itself against this prior to the attack, but Gavin Andresen came up with a novel solution to a 51% attack back in 2012 that could help stop it. Post-attack, as Satoshi said, the attacker will end up losing by undermining the system and therefor destroying his own wealth.


This post is my personal opinion authored by myself based on observations of recent information and events.


No comments:

Post a Comment