You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
My understanding of BCH indicates this attack is possible. The difference between this and a regular selfish mine is that the attacker can get an unlimited number of blocks. The attacker must selfish mine for at least 1.8 days (on BCH), or faster if he first sends a lot of old timestamps to delay the MTP as far back as possible before turning it into a selfish mine. It might be possible to finish in 1 day of selfish mining if a lot of pre-attack delayed stamps are sent. It's not possible to lower difficulty publicly with this n BCH because the attacker needs control of too many timestamps, assuming BCH's MTP is 11. It only requires that he have more than 50%.
This attack seems possible on many coins. I posted an issue to Litecoin to show how to do it there. Coins like Zcash that use MTP as the most recent timestamp do not seem vulnerable. The median of 3 method BCH uses does not provide protection. To get past that, the attack may need to add 1 to each sequential 24000 stamp in my example below.
This is an example with an SMA algorithm like BCH's. The 2x and 1/2 limits BCH mean the attack changes some. I have not seen anyone mention this in regards to the Verge attack, but this may have been s key to it.
My understanding of BCH indicates this attack is possible. The difference between this and a regular selfish mine is that the attacker can get an unlimited number of blocks. The attacker must selfish mine for at least 1.8 days (on BCH), or faster if he first sends a lot of old timestamps to delay the MTP as far back as possible before turning it into a selfish mine. It might be possible to finish in 1 day of selfish mining if a lot of pre-attack delayed stamps are sent. It's not possible to lower difficulty publicly with this n BCH because the attacker needs control of too many timestamps, assuming BCH's MTP is 11. It only requires that he have more than 50%.
This attack seems possible on many coins. I posted an issue to Litecoin to show how to do it there. Coins like Zcash that use MTP as the most recent timestamp do not seem vulnerable. The median of 3 method BCH uses does not provide protection. To get past that, the attack may need to add 1 to each sequential 24000 stamp in my example below.
This is an example with an SMA algorithm like BCH's. The 2x and 1/2 limits BCH mean the attack changes some. I have not seen anyone mention this in regards to the Verge attack, but this may have been s key to it.
I'll maintain most recent information on this attack in my Timestamp Attacks article
See the 2nd link above for solution for fixing it.
The text was updated successfully, but these errors were encountered: