1. fellow

    fellow Member

    I think technically it will become really hard to prevent nodes B,C and D from communicating with each other and to ensure that "cloned" attack transactions do reach the targeted nodes before the targets exchanged their states.

    From attacker perspective I see a design flaw with this attack caused by the fact that you have to keep all "A" nodes synced as long as the attack lasts. to be able to do so you have to identify which nodes communicate with which to not broadcast "anti attack" transactions.
    for me the flaw for this attack is that after the attack has begun you have to make sure that your nodes stay up to date in "their network segment" which is "undefined" and therefore impossible. you may create dynamic filter maps since you know which transaction you receive from which nodes (B,C and D) but you would have to be really lucky to be able to exploit the traced communication routes since this requires you inject lots of correctly ordered valid transactions.
    if you assume that the network consists at some point of about 100-2000 nodes and each node broadcasts their transactions to 16 nodes and so on you would have reached with a intermediate network latency of 250ms all nodes within 1 second (1->16->256->4096). so if your A nodes try to branch the balance states within their network segment to cause a network hold there is almost no way.
     
  2. Ryler Sturden

    Ryler Sturden Member Staff Member MC Developer

    pineapples because not everyone has the permission to order transactions merely because "they want to" like PoW mining, then there is no easy way to abuse that part of the system. In PoW for instance miners not only get to order transactions, they decide whether they are included or not. They can also rewind the past and put a new state on the system. The MicroCash ordering nodes cannot do that. If you consider the "ordering nodes" in MicroCash much like Bitcoin miners, then we have stripped away all their possibilities to the bare minimum, all they can do is order stuff, that is it. They cannot rewind the past and put us with a new state.

    Because it is not easy to become an orderer then the ability to have the network pause due to your attack are severely limited. It is why I said downtime with the current system will be extremely small if non existent. But only history can prove this, my words should not count for much.
     
  3. roméo

    roméo New Member

    People are confused because you're not clear about the ordering node when it's the most important part of Microcash
    Here's what i know about it :

    The Ordering node is the central node of the network. It will be handled by Realsolid himself. ( at launch and for a long time at least)
    Every transactions pass through it and all the Ordering node do is assign a number to each one of them. It decide the order of all transaction.
    All other nodes just follow that order.

    It's probably very hard to forge an Ordering Node because of cryptography . That's why the network shutdown if a discrepancy is detected, because that should be impossible.

    So the only "power" of the ordering node is to give that number to transaction.

    Realsolid said the ordering node can't filter transactions (accept some and refuse to order others) because the network would notice it and shutdown. If true the only power the Ordering node could use is the one to shutdown the network (temporarily, until a new ordering node is choosen by consensus on social media/forum). It's a huge power but with no "subtility", so you can't really use it. (unlike PoW/PoS in which you can alter/reverse/double spend if you have the power). Choose your poison.

    In term of DDOS protection, to which the Ordering node seems extremely vulnerable, Realsolid said you can't DDOS it, unless you DDOS the whole network. To which every system is vulnerable.
    It's because the Ordering Node is "hidden", not connected to internet, behind proxy, etc..
    (I find that hard to believe personally. I don't know anything about networking, but it seems like you could detect the Ordering node or the proxy to which it sit behind by looking at the propagation thingy and ping stuff or whatever people that know their shit do )


    I guess that's all i know. Realsolid can correct me and add more information
     
    Last edited: Mar 14, 2016
  4. Ryler Sturden

    Ryler Sturden Member Staff Member MC Developer

    romeo is mostly right but simplifies "ordering node" on the assumption it is a single physical node, which it isn't. The ordering nodes are operating within the decentralized network, they are not a central network hub, or point, you don't have to be connected to one to have the system work, just like you don't need to be connected to the actual Bitcoin miners. Do people call Bitcoin or proof of work centralized because only one miner can win a block? I don't think people generally do, but the reality is that bitcoin/PoW/PoS miner is a central point at some point in time in regards to what it is doing, then the rest of the network accepts that block if valid. The same concept exists in MicroCash, at some point in time a single node is ordering transactions, but that is it. Unlike PoW/PoS/etc schemes we have reduced all activities for this gateway and only allow it to simply assign a number to a transaction. This is why MicroCash can be deemed 100% financially secure, with the general assumptions that you are not being targeted in a sybil attack and the crypto primitives are secure. Anyone knowledgeable on p2p and crypto will tell you these are reasonable assumptions.

    The ordering system I create for launch will be nearly impossible to bring network downtime, however, the ordering system can be changed, adapted, improved without much hassle or rule changing of the main network. Though if a clearly better and different system is invented then it may require a hardfork which I assume most people would be fine with since it improves the resilience of the system. Knowing what I do about computers, science and physics I don't think a clearly better system can be invented, with the distant outside exception of quantum computing. Which if that ever comes to fruition would require new cryptographic primitives and a hard fork anyhow.

    I don't want people to think MicroCash is perfect because it is not. When you look at peer to peer decentralized networks there will ALWAYS be issues, you can never solve EVERY problem. The way I looked at this is that we simply need to reduce all problems to the bare minimum ones that will likely never be solved. And not to introduce new ones on top of it. Unfortunately PoW/PoS and whatever hybrids of those DO introduce new ones on top of it. That is why they are not the end game. I invented new proof of work, new proof of stake and hybrid systems 5 years ago, I know their limitations very well.

    MicroCash p2p technology is the "end game" for decentralized database/cryptocurrency because you cannot get any better than this. You cannot get better than instant, 100% secure, truly irreversible transactions. No matter what some people will say about MicroCash the above are indisputable facts. On top of those facts there will be another fact, and that is the extreme efficiency of MicroCash so that it can beat existing financial networks today, not tomorrow. And whatever small improvements can be made to improve resiliency (ie network uptime) can easily be added to MicroCash over time. I expect MicroCash to have better uptime than Visa, which is the gold standard.

    However! The MicroCash economy is very unlikely to be the end game for "p2p cryptocurrency economies". The reality is there is going to be a LOT of magic numbers and guesswork in the economic aspect, and I think if we get a "C" grade on this we can call it a success, we will probably get a D or F :),

    I expect all future improvements in cryptocurrency to come from this economic aspect because when you are at the "end game" in regards to p2p technology there is no way to get better. Hopefully people can see this distinction between the p2p technology behind MicroCash and the currency that will be created on top of it, I simply call it all "MicroCash" but it is a group of components all working together. The p2p technology in MicroCash can actually be used for a lot of things that have nothing to do with crypto, decentralized databases like DHT, etc.

    I hope after I release the source everyone that is interested and who disagrees with the economic aspect of MicroCash can implement their own currencies, whether that is as sidechains within MicroCash or new networks it will be a great time for experimentation.
     
    Last edited: Mar 15, 2016
  5. pineapples

    pineapples Member

    ha. "ordering nodes" explains everything.
    only some one with access to multiple ordering nodes could pull this off then?

    pardon my noob mistake :)
     
    Last edited: Mar 16, 2016
  6. Ryler Sturden

    Ryler Sturden Member Staff Member MC Developer

    You would need to be a node capable of ordering and then somehow attempt to conduct a sybil attack on particular nodes. As soon as you tried do anything "suspicious" as the ordering node then the network will pause to prevent financial insecurity. But if an ordering node could somehow DDoS every _other_ node you were connected to, and you had set up your node in a non sybil preventative way, then it is possible you could be segmented off the real "network" and have a different financial state. Any particular segment can never be double spent as MicroCash completely does not allow that, however if you were a target and then later rejoined the "Real network" and the rogue ordering node knew you were say an exchange then it would be possible there were funds you used to have but do not longer which is effectively like a double spend.

    It is quite easy to prevent sybil attacks, or at least, pause your node when it detects a likely sybil to prevent yourself being abused. And any such abusive ordering node would never be able to completely know if your node is connected to the "real network" or not, which means in the unlikely event an ordering node went "Rogue" it is quite likely to be immediately detected and not able to do anything at all.


    An attack could look like this.

    1) Become an ordering node. Since the launch setup will use a relatively tight loop ordering system this would mean you are either a MicroCash team member or somehow managed to hack your way into such knowledge
    2) Find a target. The obvious choices would be an exchange.
    3) Assume the target is only running one node
    4) Assume the target has changed the default configuration into an insecure state.
    5) Assume the target is doing no other checking not in the default node
    5) Find out the targets network address for the single node. You could attempt to do this by running many nodes over a long period of time to determine through timing where the target node is located.
    6) DDoS every single MicroCash node except your target from the network.
    7) Hope that the target now has no other connections to anyone else because you DDoS'd everyone else off the network.
    8) Start feeding it transactions, such as, I am sending you XXXX MicroCash
    9) After the target accepts your deposits, then you exchange them into another currency, lets say Bitcoin, you withdraw the Bitcoin
    10) You stop the global DDoS and now DDoS only the target node to stop it communicating its state back to the network
    11) The rest of the network resumes operation, once the exchange node comes back to the real network it would update other nodes about these transactions they know nothing about, and the network pauses under the knowledge the ordering system is now not working correctly.

    In case it is not obvious from the above, it is incredibly difficult to pull off an attack and even if you do the likelihood you could somehow pull off the attack more than once (which you would need to double spend funds) is bordering on impossible. You can also easily see how you can prevent being a target in this, just by ensuring (3) or (4) is not going to happen. Which you would hope if you were an exchange you would know a thing or two about security.

    The big advantage of the MicroCash system is that any such illegal activity is able to be proved and the evidence of any such illegal activity can be presented back to the real network to stop any further attacks on other nodes. This is what I would call "downtime" if this were to happen. Then a new ordering system can be used to keep the network running. Which can be as easy as changing a config file or grabbing a new update, depending upon the new ordering system.
     
    Last edited: Mar 16, 2016
  7. roméo

    roméo New Member

    So there is a "Microcash Ordering node secret key".

    Now the network is as safe as the weakest member owning this secret key. And since it's so powerfull, people are not just at risk to be hacked, but targeted IRL too.
    How many people do you plan to give this secret key?
     
  8. Ryler Sturden

    Ryler Sturden Member Staff Member MC Developer

    Of course there are secret keys involved in the ordering nodes, if by secret you mean private key. Because MicroCash is backed by public key cryptography.

    In regards to "as safe as the weakest member" you can see that security has little to do with the ordering system being compromised. The ordering system can be compromised and the potential for a security compromise is near impossible. MicroCash defaults to a "downtime model" over a "security compromise model" like in proof of work and proof of stake systems. The reason is because everybody can cope with downtime, but a break in financial security is disastrous. Not just because of the financial loss for the targets of such attacks, but a loss of faith in the system itself.

    It is not my words, my thoughts, or anyone's thoughts on whether this system I've developed is good. It will take the of seeing it in action. Nearly no one is going to trust some new, obscure system, they need time to see that it works as advertised. If you go to where Satoshi first announced Bitcoin there were already a couple of people who saw the flaws in what he was doing, they were among the first comments. Yet after some time people became more confident in using Bitcoin, even though it has those flaws. The same will be true of any system, especially any system which does things differently like MicroCash. Especially so.
     

Share This Page