It is interesting how it will play out, but I don’t think it will be the end of either blockchains or enforcement of illegal content bans.
It might go like this:
Some Bitcoin users may get arrested for possession of illegal material via blockchain copy on their disk.
A reasonable court will not prosecute users who clearly didn’t mean to access illegal material.
Some asshole will interpret this as a legal loophole and make a blockchain-based illegal-material-distribution tool.
Courts will prosecute users of such tools, because there is an obvious illegal intent behind that.
or if the step 2 fails and possession of blockchain will get people in real trouble, then I assume it will quickly lead to development of tools or Bitcoin protocol changes that enable skipping of illegal blocks of the chain. People ideologically opposed to any form of censorship don’t control the blockchain. The miners do, and they don’t want their power plants raided and shut down by the police.
This is grim, but wouldn’t the blockchain have to be able to store large data for that to play out? I think most blockchains just store pointers to data (hashes). So then law enforcement can take down the data that is pointed to, rather than the entire blockchain? You should be left with a bunch of dangling pointers.
I don’t know the details, but my understanding is that Bitcoin only stores a sequence of transaction records, and anything that’s “encoded in the blockchain” has to be done with a bunch of hacks / custom encodings. Other blockchains may be different.
In the case of a Botnet, I imagine the control data is pretty small. Actually it could be really tiny, i.e. “the current IP address of the live master”. The bots just need to be able to “call home”.
edit: following my own thoughts, I guess what this really means is that Bitcoin allows you to have a “site that never goes down”, so yes I see your point :-/ The continuously- and distributedly- updated pointer is enough.
Even if Bitcoin only had enough degrees of freedom to allow miners to mine for nonce values, then there would be enough room for a dedicated mining group to offer a premium block-signing service, where one bit of each nonce encodes some plaintext.
And if that were taken away, then folks could revert to using the traditional technique of storing messages in the payment amount; there is not much difference between 99¢ and $1.01 on average, but it encodes a trit.
Never even thought about the idea of storing data in transaction values. $1 right now is 1,721 satoshi.. there’s a lot of ways to use that to encode data.
Child sexual abuse material. A more apt term than “child pornography”, which somewhat applies a more professional, more consensual sounding term by association to what is child abuse.
I wonder what the legalities are around attacking the bitcoin blockchain?
I was having a discussion with a friend of mine, after I posted
this comment to an HN thread.
My friend’s take was essentially: “You’re flirting with eco-terrorism, I don’t want to see you get arrested.”
Of course, flooding the blockchain with illegal content is totally out of
the question for someone who wants to keep it legal, and I obviously do. How about other
sorts of attacks, be they technical or financial?
Just as an idle musing, I’ve been thinking recently that it would be interesting to fuzz common mining software for buffer overflows, specifically ones exploitable using a payload as part of a transaction. That might escalate into something interesting.
The ASICs are the real problem I guess, but it would be interesting to see if they have a similar sort of vulnerability.
Entirely hypothetical right now and potentially impossible (I’m not an expert, just a muser), but maybe this sort of attack pathway could be used to force a hard fork, which helps to destabilise it.
Ironically, BTC’s adoption by larger organizations has been to pay for ransomware attacks. Even though only 45% of attacks end up with a payout for the ransomer, organizations have been holding on to BTC just in case
What is stopping the US or China from doing a 51% attack on network, not to steal coins but to put doubt in the system and discourage people from using it? They could easily pay for enough liquid compute to do it.
Only desire. The US has seized Bitcoin successfully - such that they could do transaction volume attacks - but there’s a lack of desire to destroy bitcoin.
I put this down to a lack of honest desire to truly quash money laundering. Bitcoin isn’t the biggest vector, but it’s one expression of a lack of real policy commitment in this area.
Ugh this is a painful read and a completely misjudged threat model.
One of the largest issues in the blockchain world is called ‘the data availability problem’. The problem is that you cannot prove data availability by fetching data because the next minute the host may not be willing to share it anymore.
The issue is that miners have no incentive to share the blockchain with their would-be competitors, the fact that they do is actually a charitable behaviour.
XRP has completely lost the first thirty blocks. No one has them. This does not affect much. Avalanche has a plan to checkpoint their chain by remembering a state after X many blocks and throw away the tail.
In fact: Dan Boneh has such a proposal for compressing the whole bitcoin blockchain into a zero knowledge proof and this will eventually be needed anyway since the chain grows without bound.
If this problem wasn’t hard then filecoin would have worked. Now there is arweave and lazyledger that have different takes on the problem but fundamentally I think this reveals a certain delusion in the way these systems are designed and I think once we have built a p2p system that fits a more accurate model of reality then we will be able to let go of bitcoin and other proof of work systems.
The way to kill bitcoin is not to attack it but to improve on it so that the energy waste is no longer a necessary part of the system.
Edit: just to close the door on potential ‘proof of stake’ people; the point of ‘proof of _’ is token distribution, in national elections everyone gets one vote which is enforved with proof of identity. Proof of stake is not only vulnerable to a tragedy of the commons attack but it also has no incentive for distribution of tokens but rather creates oligarchs that set the terms of participation. Such systems will be the first to fall to the eventual successor.
The China example has already happened on the Binance Smart Chain:
It is interesting how it will play out, but I don’t think it will be the end of either blockchains or enforcement of illegal content bans.
It might go like this:
or if the step 2 fails and possession of blockchain will get people in real trouble, then I assume it will quickly lead to development of tools or Bitcoin protocol changes that enable skipping of illegal blocks of the chain. People ideologically opposed to any form of censorship don’t control the blockchain. The miners do, and they don’t want their power plants raided and shut down by the police.
I can imagine CSAM is how Bitcoin inevitably dies, or the relevance of government inevitably dies.
This is grim, but wouldn’t the blockchain have to be able to store large data for that to play out? I think most blockchains just store pointers to data (hashes). So then law enforcement can take down the data that is pointed to, rather than the entire blockchain? You should be left with a bunch of dangling pointers.
I don’t know the details, but my understanding is that Bitcoin only stores a sequence of transaction records, and anything that’s “encoded in the blockchain” has to be done with a bunch of hacks / custom encodings. Other blockchains may be different.
In the case of a Botnet, I imagine the control data is pretty small. Actually it could be really tiny, i.e. “the current IP address of the live master”. The bots just need to be able to “call home”.
edit: following my own thoughts, I guess what this really means is that Bitcoin allows you to have a “site that never goes down”, so yes I see your point :-/ The continuously- and distributedly- updated pointer is enough.
Even if Bitcoin only had enough degrees of freedom to allow miners to mine for nonce values, then there would be enough room for a dedicated mining group to offer a premium block-signing service, where one bit of each nonce encodes some plaintext.
And if that were taken away, then folks could revert to using the traditional technique of storing messages in the payment amount; there is not much difference between 99¢ and $1.01 on average, but it encodes a trit.
Never even thought about the idea of storing data in transaction values. $1 right now is 1,721 satoshi.. there’s a lot of ways to use that to encode data.
What is CSAM in this context?
Child sexual abuse material. A more apt term than “child pornography”, which somewhat applies a more professional, more consensual sounding term by association to what is child abuse.
I like DKG’s terminology in the PGP keystore abuse-resistance RFC drafts: “toxic data”.
What data is toxic can vary from jurisdiction to jurisdiction, although there are some near-universal constants.
https://tools.ietf.org/html/draft-dkg-openpgp-abuse-resistant-keystore-04
I suspect “Child sexual abuse material”
And taxes.
I wonder what the legalities are around attacking the bitcoin blockchain? I was having a discussion with a friend of mine, after I posted this comment to an HN thread. My friend’s take was essentially: “You’re flirting with eco-terrorism, I don’t want to see you get arrested.”
Of course, flooding the blockchain with illegal content is totally out of the question for someone who wants to keep it legal, and I obviously do. How about other sorts of attacks, be they technical or financial?
Just as an idle musing, I’ve been thinking recently that it would be interesting to fuzz common mining software for buffer overflows, specifically ones exploitable using a payload as part of a transaction. That might escalate into something interesting.
The ASICs are the real problem I guess, but it would be interesting to see if they have a similar sort of vulnerability.
Entirely hypothetical right now and potentially impossible (I’m not an expert, just a muser), but maybe this sort of attack pathway could be used to force a hard fork, which helps to destabilise it.
Honestly given the sorts of people who use bitcoin for illegal activities, being arrested wouldn’t be my biggest fear.
That said, I think flooding the network with transactions would make it difficult to use. You’d be burning money in transaction fees though.
Ironically, BTC’s adoption by larger organizations has been to pay for ransomware attacks. Even though only 45% of attacks end up with a payout for the ransomer, organizations have been holding on to BTC just in case
https://blog.emsisoft.com/en/33977/is-ransomware-driving-up-the-price-of-bitcoin/
“Only 45%”? I’m surprised it is that high.
What is stopping the US or China from doing a 51% attack on network, not to steal coins but to put doubt in the system and discourage people from using it? They could easily pay for enough liquid compute to do it.
Only desire. The US has seized Bitcoin successfully - such that they could do transaction volume attacks - but there’s a lack of desire to destroy bitcoin.
I put this down to a lack of honest desire to truly quash money laundering. Bitcoin isn’t the biggest vector, but it’s one expression of a lack of real policy commitment in this area.
Ugh this is a painful read and a completely misjudged threat model.
One of the largest issues in the blockchain world is called ‘the data availability problem’. The problem is that you cannot prove data availability by fetching data because the next minute the host may not be willing to share it anymore.
The issue is that miners have no incentive to share the blockchain with their would-be competitors, the fact that they do is actually a charitable behaviour.
XRP has completely lost the first thirty blocks. No one has them. This does not affect much. Avalanche has a plan to checkpoint their chain by remembering a state after X many blocks and throw away the tail.
In fact: Dan Boneh has such a proposal for compressing the whole bitcoin blockchain into a zero knowledge proof and this will eventually be needed anyway since the chain grows without bound.
If this problem wasn’t hard then filecoin would have worked. Now there is arweave and lazyledger that have different takes on the problem but fundamentally I think this reveals a certain delusion in the way these systems are designed and I think once we have built a p2p system that fits a more accurate model of reality then we will be able to let go of bitcoin and other proof of work systems.
The way to kill bitcoin is not to attack it but to improve on it so that the energy waste is no longer a necessary part of the system.
Edit: just to close the door on potential ‘proof of stake’ people; the point of ‘proof of _’ is token distribution, in national elections everyone gets one vote which is enforved with proof of identity. Proof of stake is not only vulnerable to a tragedy of the commons attack but it also has no incentive for distribution of tokens but rather creates oligarchs that set the terms of participation. Such systems will be the first to fall to the eventual successor.