Nano-node: Precomputed PoW Attack - Mitigation Proposal

Created on 27 Dec 2017  路  5Comments  路  Source: nanocurrency/nano-node

Require a _Unix UTC Timestamp_ to be part of a transaction request. Nodes will validate if the timestamp differs significantly (~1 hour?). In case it does, the packet will be discarded as junk.

This mitigates the _Precomputed PoW Attack_ exposed in the whitepaper by invalidating precomputed PoWs and making the transactions invalid.

Checking the timestamp should be a trivial operation for processing and discarding a transaction as invalid, thus mitigating the attack.

The only bad point about it is that it changes the format of the requests, which is not good for retro-compatibility AT ALL. I'm sure the founder or some of the maintainers have already considered such solution, but since i found no issue addressing this particular topic, here it is.

All 5 comments

This creates a critical dependency on clock synchronization among the network. I don't know that other cryptocoins have this dependency and this is a bigger deal than it might seem. It becomes a new potential DoS attack vector.

Bitcoin and Ethereum are two established cryptocurrencies that have such dependency.

However, it is not critical in the case of Bitcoin, since the allowed offset is specified in a very lax manner.

Furthermore, i believe flooding the network with invalid timestamp transactions is equivalent to flooding it with any other kind of invalid transaction, no?

This would mitigate the existing DoS attack vector which is even more serious, since all the precomputed transactions are valid and will be processed as such by the entire network, instead of being discarded at the first phase of the process.

This forces the attacker to pick a time/date for their planned attack before precomputing the PoWs, but i don't think it prevents attacks -- can't the attacker just fill in the timestamps they plan to conduct the attack?

Using the hash of a recent bitcoin block header could prevent precomputed attacks as its easily verifiable and can not be precomputed. But then nodes will need to keep track of bitcoin blocks to validate. I'm sure there's a cleaner solution.

Duplicate of #1064 essentially.

Additionally, as a note that a bitcoin chain wouldn't be needed for a timestamping mechanism but a central Nano chain that periodically emits blocks can be used as a global time source, but #1064 will have more details.

Was this page helpful?
0 / 5 - 0 ratings