Namecoin is Prime for a 51% attack

tommy
Posts: 10
Joined: Thu Jun 30, 2011 7:28 am
os: linux

Re: Namecoin is Prime for a 51% attack

Post by tommy »

doublec wrote:
tommy wrote: Can this be hardcoded into the namecoin client software? Please provide an updated client version that will revert back to block 19100 once this attack is over.
Run a client that has a recent checkpoint and it'll refuse to accept any chain that was rewritten before that checkpoint. Are you able to do your own namecoin builds?
I just downloaded and ran this client:

http://dot-bit.org/files/namecoin_linux32.tgz

It's version 0.3.24.61, and the downloaded blockchain is up to date. I'm making a backup of the ~/.namecoin directory just in case people are going to have to do things manually after the attack is over, and a trusted copy of the pre-attack blockchain will be needed. I'm not a *coin developer, just a user.

Do you know if the 0.3.24.61 version has a checkpoint hardcoded into it, and at what block number that checkpoint would be?

Edit1:
> Are you able to do your own namecoin builds?
I haven't tried it and don't know how difficult that would be. I used to compile stuff from source many years ago when I was using Red Hat and often wanted software that wasn't available in the package repository (rpm). So if it's "compile-n-go"-easy I should be able to. Why?

doublec
Posts: 149
Joined: Mon May 23, 2011 12:47 am
os: linux
Location: Auckland, New Zealand
Contact:

Re: Namecoin is Prime for a 51% attack

Post by doublec »

tommy wrote: Do you know if the 0.3.24.61 version has a checkpoint hardcoded into it, and at what block number that checkpoint would be?
It does not have a checkpoint. I asked about if you could build because then you could add a checkpoint yourself.

tommy
Posts: 10
Joined: Thu Jun 30, 2011 7:28 am
os: linux

Re: Namecoin is Prime for a 51% attack

Post by tommy »

doublec wrote:
tommy wrote: Do you know if the 0.3.24.61 version has a checkpoint hardcoded into it, and at what block number that checkpoint would be?
It does not have a checkpoint. I asked about if you could build because then you could add a checkpoint yourself.
Oh, ok. Thanks, but I'll just wait and see how this all plays out. I have the blockchain backed up at least, in case I'll have to do something manually later.

twobits
Posts: 26
Joined: Fri Sep 02, 2011 10:10 pm
os: bsd

Re: Namecoin is Prime for a 51% attack

Post by twobits »

tommy wrote:
doublec wrote:
tommy wrote: Can this be hardcoded into the namecoin client software? Please provide an updated client version that will revert back to block 19100 once this attack is over.
Run a client that has a recent checkpoint and it'll refuse to accept any chain that was rewritten before that checkpoint. Are you able to do your own namecoin builds?
I just downloaded and ran this client:

http://dot-bit.org/files/namecoin_linux32.tgz

It's version 0.3.24.61, and the downloaded blockchain is up to date. I'm making a backup of the ~/.namecoin directory just in case people are going to have to do things manually after the attack is over, and a trusted copy of the pre-attack blockchain will be needed. I'm not a *coin developer, just a user.

Do you know if the 0.3.24.61 version has a checkpoint hardcoded into it, and at what block number that checkpoint would be?

Edit1:
> Are you able to do your own namecoin builds?
I haven't tried it and don't know how difficult that would be. I used to compile stuff from source many years ago when I was using Red Hat and often wanted software that wasn't available in the package repository (rpm). So if it's "compile-n-go"-easy I should be able to. Why?
A patch to add checkpoints to 0.3.24.61 is @ https://github.com/zamgo/namecoin/commi ... 628#diff-0

Binaries built with that patch included are @ http://www.wuala.com/jbw9/pub/Bitcoin/n ... eckpoints/

Seraphim401
Posts: 10
Joined: Wed Sep 07, 2011 4:39 pm
os: windows

Re: Namecoin is Prime for a 51% attack

Post by Seraphim401 »

A patch to add checkpoints to 0.3.24.61 is @ https://github.com/zamgo/namecoin/commi ... 628#diff-0

Binaries built with that patch included are @ http://www.wuala.com/jbw9/pub/Bitcoin/n ... heckpoints
Ok.I downloaded the patched binaries.
So all I have to do now is make a backup of the block chain?

thirdlight
Posts: 27
Joined: Thu Jun 16, 2011 3:23 pm

Re: Namecoin is Prime for a 51% attack

Post by thirdlight »

So, thinking about checkpoints.... I could add

Code: Select all

(nHeight == 19001 && hash != uint256("0x00000000000000000000000000000000000000000000000000000000000000001"))
to my client, wait for nodemaster, or other trusted miner to declare the hash for block 19001, and update my client, adding

Code: Select all

(nHeight == 19002 && hash != uint256("0x00000000000000000000000000000000000000000000000000000000000000001"))
In effect manually verifying the block chain.

Anyone who has my ip as a "connect" would only get the "honest" chain, albeit slowly.

Problems:
  1. It's slow. I have to get home from work, playgroup, whatever to update.
  2. I have to be trusted.
  3. I have to trust an "honest" miner.
Solutions
  1. The network is already really slow, & I'd swap slow for destroyed.
  2. I trust me, but you don't. Maybe if there were 20 of me, you could trust any 8 you choose.
  3. Hmm. I think I can trust a couple.
Any good?

paraipanakos
Posts: 3
Joined: Tue Sep 13, 2011 2:58 am
os: linux

Re: Namecoin is Prime for a 51% attack

Post by paraipanakos »

nice try twobits, none of those hashes exist... grrr but hey thanks for implementing the method, I would put my custom block hashes in place

edit: nvm, i just realize that namecoin block explorer can't search blocks by hash, sorry, good hashes in place

twobits
Posts: 26
Joined: Fri Sep 02, 2011 10:10 pm
os: bsd

Re: Namecoin is Prime for a 51% attack

Post by twobits »

paraipanakos wrote:nice try twobits, none of those hashes exist... grrr but hey thanks for implementing the method, I would put my custom block hashes in place
I took the hashes from zamgo's patch I linked to. I compiled and ran it on a virutal machine, and with those checks in place it successfully downloaded the blockchain.


http://explorer.dot-bit.org/b/500

http://explorer.dot-bit.org/b/18932

show hashes that match also, so testing and the block explorer say otherwise, why do you say they do not exist?

moa
Posts: 255
Joined: Mon May 23, 2011 6:13 am

Re: Namecoin is Prime for a 51% attack

Post by moa »

BitcoinEXpress should remember the age old adage:

bulls make money,
bears make money,
pigs get slaughtered.

He seems to forget that the mining pool itself is a centralised structure, probably the most vulnerable out-growth of the bitcoin network.

vinced
Posts: 63
Joined: Wed May 18, 2011 1:16 am

Re: Namecoin is Prime for a 51% attack

Post by vinced »

I released version nc0.3.24.62 with a corrected lockin patch from makomk. Please test.

For now, I suggest we lock in often while we investigate a more permanent solution to the timing attack.

We definitely need more hash power too and that should come with merged mining. If an attack starts, we could restart the chain at the last lockin with merged mining.
!v | Namecoin founder | https://dot-bit.org/

Post Reply