Author: Gregory Maxwell 2013-05-06 23:13:15
Published on: 2013-05-06T23:13:15+00:00
In an email exchange on May 6, 2013, Adam Back discussed the possibility of hacking a pool to co-opt it into his netsplit and do the work for him, or segment enough of the network to have some miners in it. Another person advised him to let it mine honestly and take the Bitcoins, as this is fast and yields the values that would have otherwise been able to use it to mine the difficulty down to 1. They also said that cost is just as much foregone income from the alternative attack he could have done instead. When asked about the downwards limit on difficulty, they replied that every 2016 blocks can at most lower the difficulty by a factor of 4, which comes from the log4 (number of 2016 groups needed) and 4^n (factor in cost reduction for each group) formulas previously given. In response to Back's proposal to create short reorgs, they agreed that those don't have to be long-lived and that there are many messages where they've written on that subject. However, they found it inconsiderate to propose one attack and then change it out from under them when they responded to it. The conversation then shifted to discuss the issue of signatures. Back provided a link to where signatures are located, saying that they can't be inside the tarball because they sign the tarball. They also expressed concern over the fact that SSL is mostly security theater in practice, and that even if the CA infrastructure weren't a joke, there are still many ways to compromise the hosting environment. They suggested that the gpg signatures and gitian downloader signatures provide good security if actually used, but solving the problem of getting people to use them remains an open question. Overall, they believed that this issue is a bigger concern than mining the difficulty down.
Updated on: 2023-05-19T16:56:28.946191+00:00