Comment Re:Fundamentals (Score 1) 583
Namecoin (a distributed name system based on Bitcoin) had a problem a few years ago that demonstrated an example to this. Majority mining power just disappeared from the network, and it took miners months to produce 2016 blocks after that, ultimately rendering the network useless (until they found a way to mine both currencies in parallel with 100% efficiency on both, which is very interesting in itself).
I think I start to see what you mean. You're saying that I'd need to win against the rest of the internet's difficulty in order to make a valid block. And that no block is valid unless it follows the difficulty function, which is historically validated down the chain.
Interesting. I'd read about the difficulty heuristic but hadn't thoroughly understood it or realized the implications. In fact you have come up with an entirely new and fairly huge problem for bitcoin that I hadn't considered. Since the difficulty function is not real-time, bitcoin could suffer the same problem that namecoin suffered. It could, in fact, kill the entire thing far more acutely. All you need is a sufficient fluctuation in CPU volume. Right?
So you should be quite afraid of DoS attacks - but far more of changing market conditions. If something causes people to start to leave the network a little too quickly, and it slows down, causing a further exodus, then you have a runaway condition, and the entire thing is doomed for a "temporary" period long enough to kill it, effectively. No?
Bitcoin's fault tolerance is remotely similar to Freenet.
I think you can see my point about the ease of segmentation - and that it is irrelevant to the attack that the block chain can be reconstructed from a single leak, since there would be no leaks in a likely attack. And, agreed - quite academic in light of the issue you raise about faking blocks.
I don't think this conflicts with what I said. You need to break the chain of transactions in order to render the history useless.
Transactions are a chain. In the case of bitcoin, you have perfect and transparent recordkeeping of this chain as a precondition to the system working. Once a link is made, for any reason, you can never break it. You can have many wallets, but at scale you can't keep them separate. At any scale, you still need to have your various accounts exchanging funds sooner or later (and so will any laundry). You can try to create huge volumes of noise, break transactions and amounts up, and make many intermediate fake accounts, but none of those games are particularly resistant to analysis. Hence the example I linked to earlier.
We haven't even started to talk about the guts of P2P routing yet. From Freenet to Gnutella, the ideals of distributed computation never once met the realities. What happens when nodes in Bitcoin's mesh misbehave in different ways? Make too many connections? Route data in valid but esoteric ways? Spam bad data at neighbors, and blame it on other neighbors? And so forth...? The P2P substrate is actually a terribly difficult design problem that is usually inseparable from the higher-level goals of the network, and I've heard relatively little about how the protocol itself works.