Author: James MacWhyte 2016-08-25 02:54:47
Published on: 2016-08-25T02:54:47+00:00
The use of honeypots in Bitcoin-based security systems has been proposed as a means of incentivizing intruders to reveal their presence and activity. The idea is that by leaving a trail of secret information that can only be revealed by publishing data to the public Bitcoin blockchain, any attempt at unauthorized access will be detected. However, this method can be resource-intensive if multiple servers need to be protected, and so a multisig approach has been proposed using the existing Bitcoin protocol. This involves sharing one secret key among all N servers, while each server has a unique signature with SIGHASH_SINGLE, paying a token amount to a notification address, created with a discriminator secret key. While the use of non-standard SIGHASH flags may raise concerns about censorship resistance and loss of fungibility, improvements on this concept have been suggested using a pre-signed standard transaction instead. This transaction spends the honeypot txout to two addresses, a per-server canary address, and a change address, with the private key associated with the change address left on the server. To any external observer, this appears to be two normal transactions, thereby improving the credibility of the honeypot reward without raising suspicion.Further refinements include the use of opt-in RBF flags and CPFP-aware transaction replacement, which enables the honeypot owner to respond to the compromise by potentially recovering the honeypot while still learning about the intrusion. In case of doublespending attempts, the "scorched earth" concept can be used whereby a second version of the honeypot pre-signed transaction would spend the entirety of the honeypot output to fees, making it costly for the honeypot owner to doublespend. The complexity of these methods, however, may discourage intruders from targeting honeypots altogether.
Updated on: 2023-06-11T19:52:22.905158+00:00