search

bcoin-org / bcoin

Javascript bitcoin library for node.js and browsers
https://bcoin.io
Other
3k stars 813 forks source link

Chain width expansion DoS #924

Open braydonf opened 4 years ago

braydonf commented 4 years ago

The attacks leverage unprotected resources for a denial-of-service by filling the disk and exhausting the CPU with unnecessary header and block data. This forces the node to halt operation. The attack difficulty ranges from difficult to easy. There are currently limited guards for some of the attacks that require checkpoints to be enabled. This paper describes a solution that does not require enabling or maintaining checkpoints and provides improved security.

The complete paper: https://bcoin.io/papers/bitcoin-chain-expansion.pdf

Further discussion: https://www.mail-archive.com/bitcoin-dev@lists.linuxfoundation.org/msg08391.html

The branch: https://github.com/bcoin-org/bcoin/tree/chain-expansion

braydonf commented 4 years ago

Related time warp issue https://github.com/bcoin-org/bcoin/issues/925 that should be considered in relation to chain width expansion. It's further discussed on the mailing list.