Slashdot Mirror
Researchers Locate Flaw In Bitcoin Protocol
An anonymous reader writes "Researchers at Microsoft Research and Cornell identified a potential flaw in Bitcoin's transaction propagation. In a recent paper they show how miner nodes in the Bitcoin network have an incentive not to relay transactions to the rest of the network, and propose to implement a scheme that rewards nodes [PDF] for relaying messages."
They seem to do lot of cool stuff. From that Courier tablet to studying Bitcoin. Even while Microsoft doesn't realize their R&D section has a great amount of potential, it's actually the only major company in the industry that does have such research center. I wish I worked there :-P
It still sounds like a better system than our current financial institutions.
"If any question why we died, Tell them because our fathers lied."
Well, IBM do have a fairly large research division too.
You're the guy that said he worked in marketing yesterday. Why is it that all UIDs over 2,000,000 seem to do marketing for MS?
which is totally what she said
Only a small fraction of bitcoin nodes (e.g. 1%) are mining nodes, and they all relay transactions as relaying transactions is very cheap to do. The problem they're describing clearly does not exist. If it did someday turn out to be an issue you can address it by users handing their transactions directly to various miners, you don't need some crazy complicated reward scheme.
It's also not news— their contribution isn't insight on incentives but a complicated sibyl resistant reward scheme for trees (which the bitcoin network is not) which requires doubling the cost of forwarding a transaction every two hops it takes. (By making every node perform a great many additional cryptographic signatures and checks in order to track the reward)
If a LARGE proportion of bitcoin nodes are run by assholes who refuse to distribute transactions then the network may fall apart.
This system seems to add a lot of complexity to solve something that has not proven a problem.
note: i'm known as plugwash most places but i screwd up registering that here somehow in the past and now can't register
This doesn't really make sense. Clients forward transactions as well as miners (and typical clients are connected to 8 other clients, making it a very well connected network).
Granted, there is no incentive to forward transactions, but if nobody forwards transactions then the network won't work so ultimately it's in the self interest of all users to do so. Some miners may decide not to do so, in the hope that they will be the one who solves the block and get the transaction fee. But they are not actually gaining anything by doing so. They are making other miners potentially miss out on transaction fees but it doesn't improve their chances of winning the block and therefore getting the fee and there is no way they can know what transactions other miners have picked up through other routes via the network.
I think the conclusion is wrong; while there is no incentive to forward the transaction (beyond stability of the network), there is also no obvious disincentive to do so as the cost is tiny (the cost of the bandwidth to forward it)
I think the real question here is why all UIDs under 2,000,000 don't do marketing for MS. But seriously, their R&D department do some pretty cool stuff. Even though MS manage to churn out nine-nines of crap products, occasionally they still come out with something awesome that they manage to get to market (think Kinect). Shame they spend the rest of their time suing their competitors, churning out garbage like Windows and spreading FUD.
"The most dangerous enemy of a better solution is an existing codebase that is just good enough." -- Eric S. Raymond
A bug can exist without it immediately causing problems. It's generally best to fix things before they become a problem, not afterwards.
vos nescitis quicquam, nec cogitatis quia expedit nobis ut unus moriatur homo pro populo et non tota gens pereat.
when you wrote "denial" did you mean "in a discussion involving several dozen people, one participant denied the existence of the problem while everyone else discussed whether the flaw is a practical problem or how it could be solved"?
Understandable typo, the keys are right next to each other.
Not to mention "engaging in a constructive discussion with one of the original authors of the paper, who hopped in and thanked people for their interesting comments".
Mod parent up.
Donate free food here
But seriously, their R&D department do some pretty cool stuff. Even though MS manage to churn out nine-nines of crap products, occasionally they still come out with something awesome that they manage to get to market (think Kinect).
The problem with that idea is that Kinect was a 90%+ finished product when they bought it. They polished it for use with the 360, it always takes them some time to fuck up a new technology sufficiently for their branding, and kicked it out the door. And it's taking them how long to kick out a PC version even though hobbyists have been doing it all along? Microsoft is pathetic at everything but illegally exploiting their opportunities and believing otherwise is ignorant at best.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
So we need some new method or entity to help move bitcoin from one place to another? Perhaps something like.. banks and insurance companies and derivatives etc? I don't like where this is headed :)
The value of a good is actually whatever a third party is willing to give you in exchange for that good... This value is completely arbitrary, and allows products with no physical value (eg software) to be sold for huge amounts of money or other goods...
Similarly, money itself has no real value, only the value that others are willing to give in exchange for it.
The advantage of bitcoin, is that while its effectively a worthless token system, just like regular cash, it is a finite supply and thus not subject to the whims of a central authority.
Personally i use bitcoin a lot, primarily as an intermediary currency because i can buy bitcoins with money i hold in one currency, and then draw it out again in my local currency without incurring fees levied by existing currency exchange establishments.
http://spamdecoy.net - free throwaway anonymous email - avoid spam!
Yeah, hardly denial. Let me post my response to the thread here to make it more visible. The summary is that this is not a new argument, but the MSR researchers certainly went deeper into it than most people do. Long term broadcast/floodfill is likely to become less important for other reasons beyond nodes deciding not to relay (which is not a problem observed in practice).
If people stop mining bitcoins now, the people at the top will stop winning, so of course they are going to deny. You know, kind of like global warming
A bad analogy is like a leaky screwdriver and that analogy has covered the floor in so much water that it is like a really tricky crossword puzzle.
SJW n. One who posts facts.
That's about how long it took MS to find out about Slashdot.
Not sure what planet you're living on.. Apple has become a second evil empire which may make MS seem slightly more reasonable in some cases - but MS is still obviously an evil empire in itself. As soon as their anti-trust oversight was up earlier this year, it was straight back to the BS. I feel dirty even thinking about looking at an MS product like .NET.
which is totally what she said
Shame on you slashdot. This is a disgustingly misleading headline that has absolutely nothing to do with the paper. The paper is only offering recommendations for the future, based on some incorrect assumptions about the network (which is that there will be difficulty in propagating transactions). This is not a "flaw" in the protocol.
The Bitcoin network is well-connected and the only nodes that have incentive not to forward txs make up a tiny percentage of the network (less than 1%). Even if they were the only nodes on the network, the network is designed so that users can locate them, and it costs nothing for a user to forward their transaction to many/all of them. This is completely a non-issue.
I got bored of the Wii gimmick and PS Move pretty quick. So I didn't even bother buying Kinect for my 360. How is it any better?
It's not. All three non-haptic (don't give me that "vibration is feedback" claptrap!) motion gaming controllers are absolutely horrible to use.
However, the Kinect is an amazing machine vision system. SLAM, 3d scanning, etc, all for something the size of a Toblerone you can buy off-the-shelf for cheap.
And Sony haven't done that? Oh wait they did.
I think the real question here is why all UIDs under 2,000,000 don't do marketing for MS.
Stupid question. We're too old.
Oh, the beautiful gloss of greality!
I think the best response on there is this:
"I suppose this argument would be equivalent to saying in BitTorrent, that there is "no incentive" for people to seed files, therefore, eventually nobody will seed files and that BitTorrent will soon fail."
As far as I can tell, the argument is this:
1. Miners win transaction fees when they a) receive a transaction, and b) solve a block with that transaction in it.
2. If other miners don't know about a transaction, they cannot win the transaction fee.
3. Miners are therefore incentivised to not tell other people about the transactions they hear about.
4. Therefore, the network will break as miners stop forwarding transactions.
This argument has some significant flaws:
1. It isn't just miners who forward transactions -- it's all nodes. As the quote above suggests, there is no incentive for non-miner nodes (which massively outnumber the miner nodes) to not forward a transaction, except bandwidth costs. And that doesn't seem to have stopped BitTorrent users.
2. For this scheme (not forwarding) to pay off, miners would have to somehow prevent all other nodes from receiving the transactions. Transactions are propagating around the network via all the nodes, so each transaction could find hundreds of paths to each node. A miner would have to block of all paths to all of the competing miners for this attack to be effective.
For this to be effective, it would need the majority of nodes on the network to be "selfish" (including non-miner nodes). Remember, the whole Bitcoin network already relies on the fact that the majority of nodes are "good" nodes (for verification purposes). So there is no point speculating about a possible future Bitcoin network in which an overwhelming majority of nodes collude together to prevent other nodes receiving transactions.
This;
The stability of the current desktop computer market is so important to Microsoft that they will practically never actually innovate. They have an R&D department for two reasons. 1) To keep the ideas away from other companies by patenting them and then not licensing them onward 2) To keep the good people away from other companies by using them to create patents.
The reason not to work for Microsoft R&D is that, whilst you will be comfortable, well fed and well off, you will lead an empty life and they will suck your soul out of you.
=~ s,(.*),<sarcasm>$1</sarcasm>,g if any_point_you_wish();
"The flaw pointed out in (this) paper is that there is a negative incentive for miners to forward Bitcoin transactions." This is a big derp on the part of these researchers.
There might be 20 pools collectively mining, and maybe 100+ people mining by themselves at this time. They currently have more processing power than the top 10 supercomputers in the world put together. Miners strengthen the blockchain record of past transactions against cryptographic forgery, but their processing power is not what distributes the pre-inclusion transactions to other nodes on the network.
The forwarding of transactions around the network is done largely by the 40,000+ users who have Bitcoin open at any time, and form the peer-to-peer transaction distribution network. They distribute the newest transactions waiting to be included in the blockchain to the miners and to each other, and any miner will want to include any outstanding transactions in the next block theyadd to the blockchain, so they can earn the associated transaction fees.
If one mining pool doesn't forward transactions waiting to be included in the blockchain, then the dozens of connections each peer has to each other will distribute it everywhere else on the network in about a second anyway.
Google as well. Saw an interesting article on Google X labs, their "skunkworks"-style division yesterday.
http://www.slashgear.com/google-x-labs-plans-robot-researchers-to-map-the-future-14194990/
There's a link to the poorly-paywalled nytimes article in there. Funny thing is they like to keep the fact that they're doing research a secret and constantly emphasize that they put very little money into research, because research makes shareholders nervous. Shows you how far ahead shareholders (or their HFT servers) are thinking.
"When information is power, privacy is freedom" - Jah-Wren Ryel
But seriously, their R&D department do some pretty cool stuff. Even though MS manage to churn out nine-nines of crap products, occasionally they still come out with something awesome that they manage to get to market (think Kinect).
The problem with that idea is that Kinect was a 90%+ finished product when they bought it.
That's strange, isn't this EXACTLY the sort of thing people praise Apple for? I mean hell, two weeks ago that's exactly what I heard journalists waxing poetic about with Steve Jobs.
"Just a fox, a whisper."
Fairly large? Second only to Microsoft. And it's one of the best places you could work at.
IBM spends really a large amount of money on R&D. I wish the coffee were free, tho. Google does that right.
How can they expect to do R&D if the coffee's not free?
I'm serious!
Dark Reflection
Problem is, the final 10% polishing is actually pretty damn hard. If you've done software development, getting to the point where the basic features work is really quick. But getting to the point where it's releasable and usable takes a lot of effort.
It's one thing that Apple is known for (most innovations that are "cool" are at the 90% stage, but it still takes a ton of effort to get it to the stage where people other than geeks and engineers can USE it).
For Kinect, the final 10% would involve packaging (how does Kinect look, and will it fit with the rest of the equipment?), fitting the stuff inside the package (does it fit? Does the enclosure need redesign?), and more importantly, manufacturability.
Sticking a reference design in a box is not easy. A lot of work is required in order to be able to build in huge volumes - are the parts available in quantity (and cheaply)? Can it be assembled easily or are there fiddly calibration bits that'll take time to work? Are there simple pass/fail criterion?
It takes a lot of work. For open-source, you can abandon it after the 90% point (and most stuff is - the final work is the boring dull stuff no one wants to do), but it's not going to fly for commercial products that you want people to buy. And they know when a product was skimped on.
Heck, even the UI of a product is important, and Kinect took some beating there.
(It's why you get reviews on "solidness" - a minor detail but relates to build quality, ditto with use of "cheap plastic" or worse yet, "cheap feeling plastic".) It's that final 10% that Apple is well reknown for, and if it was easy, well, Apple would be dead and there would be tons of products with well designed UIs and very nice casings and such.
Bell Labs also used to set the standard in R&D,
For Kinect, the final 10% would involve packaging (how does Kinect look, and will it fit with the rest of the equipment?)
which is subjective; I think it looks lame, but that's my own personal opinion.
fitting the stuff inside the package (does it fit? Does the enclosure need redesign?),
They made the package for the camera. Srsly?
and more importantly, manufacturability.
Which is the kind of thing that Microsoft has proven themselves to be bad at time and again with flaky hardware. Unless that's just planned obsolescence, in which case they have merely proven themselves to be bastards time and again, which we knew anyway.
Heck, even the UI of a product is important, and Kinect took some beating there.
IOW, they failed.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"
Just telling it how I see it.
1-1000: godlike
1001-5000: clever cookies
5000-50000: smart, run their own business
50001-100000: like to drink beer, married to beautiful, genius female geeks
100001-900000: generally insightful and interesting. Occasional troll.
900001-1000000: overly opinionated, often wrong
1000001-1500000: can't spell
1500001-2000000: really can't spell. "Lol" a lot. Point out the bleeding obvious in every comment.
2000001+ : work for advertising agencies, contracted out to MS and Facebook.
666: strangely erratic
which is totally what she said
The problem with that idea is that Kinect was a 90%+ finished product when they bought it.
That's strange, isn't this EXACTLY the sort of thing people praise Apple for? I mean hell, two weeks ago that's exactly what I heard journalists waxing poetic about with Steve Jobs.
People who aren't me. Check my posting history, I got plenty of downmods right after Jobs died for saying the things that RMS eventually said about Jobs (I don't believe in "too soon" or "sacred") and then I got more for supporting RMS' article. Luckily I got more up than down. That doesn't mean that the groupthink agrees with me, but it does suggest that the groupthink is not as aligned as you seem to think it is.
"You're right," Fisheye says. "I should have set it on 'whip' or 'chop.'"