Feeds

'Devastating' protocol flaw could paralyze Bitcoin system

Scientists propose 'Red Balloon' incentive solution

Beginner's guide to SSL certificates

Computer scientists say they've identified a fundamental flaw in the Bitcoin electronic currency system that could eventually stunt its development unless developers change the way users are rewarded for their participation.

With about 7.5 million Bitcoins in circulation, the highly decentralized system relies on public-key cryptography and a peer-to-peer network to record who is the rightful owner of each individual piece of currency. When Alice wants to pay Bob 50 coins, she signs the transaction with her private key and broadcasts the details to other nodes. Other participants then receive a small fee in return for verifying the payment, which is done by inverting the cryptographic hashes generated by in the transaction record.

As the currency grows into maturity and an ancillary scheme that allows Bitcoins to be created out of thin air is phased out, the verification of other transactions will be Bitcoin's sole reward scheme. And therein lies the flaw that could represent a chief stumbling block.

With each participant rewarded only for verifying a proposed transaction, there will be little incentive for participants to broadcast transactions to others. Instead, they will want to keep the deals secret so they don't have to share the rewards with others.

“The consequences of such behavior may be devastating,” the researchers wrote in a paper (PDF) that they recently submitted to a peer-reviewed conference. “As only a single node in the network works to authorize each transaction, authorization is expected to take a very long time.”

Shahar Dobzinski, one of the paper's authors, told The Register the security of Bitcoin isn't likely to suffer as a result of the flaw. The use of private encryption keys ensures that each transaction is authorized only by the entity everyone else already agrees is the rightful owner of a given Bitcoin. That helps prevents theft and also keeps a user from spending a unique coin more than once.

The system also doesn't consider a transaction to be fully approved until nodes controlling the majority of the network's CPU power have accepted it, rather than a majority of the nodes themselves. This largely forecloses the likelihood of “Sybil” attacks, in which large numbers of fraudulent identities are used to subvert reputation-based systems.

“This is different problem,” Dobzinski, who is a computer scientist at Cornell University, said of the flaw his paper identifies. “We're afraid the majority of the CPUs might not be able to know about the transaction.”

The paper goes on to propose a modified reward scheme that shares a small portion of the verification fee with participants who forward it to other nodes in the network. Attached to each transaction would be a chain of its forwarding nodes. When a participant solves a discreet block of the transaction, all nodes in the chain that would receive a cut. To prevent additional Sybil attacks in which a single participant forwards himself the same transaction multiple times, the paper proposes canceling rewards when the number of links in the chain reach a certain threshold.

Besides Dobzinski, the researchers included fellow Cornell University computer scientist Sigal Oren and Microsoft researchers Moshe Babaioff and Aviv Zohar. They compared their solution to the winning entry in the 2009 DARPA Network Challenge, in which participants competed to locate 10 red weather balloons that were dispersed across the United States. A team from the Massachusetts Institute of Technology collected the $40,000 prize using a rewards system that created incentives for individuals not involved in the competition to help.

Hunters who found a balloon received $2,000 per discovery, while those who directly recruited a successful hunter received $1,000. A recruiter of a direct recruiter received $500, and so on. The Register's coverage of the competition is here.

Nils Schneider, a developer who works on the Bitcoin project, said the transaction propagation problem described in the paper isn't considered a problem now. In an email to The Register he wrote:

“The paper describes a very interesting theoretical problem but I doubt there will be any need to implement their solutions anytime soon.” ®

Intelligent flash storage arrays

More from The Register

next story
You really need to do some tech support for Aunty Agnes
Free anti-virus software, expires, stops updating and p0wns the world
Regin: The super-spyware the security industry has been silent about
NSA fingered as likely source of complex malware family
You stupid BRICK! PCs running Avast AV can't handle Windows fixes
Fix issued, fingers pointed, forums in flames
Privacy bods offer GOV SPY VICTIMS a FREE SPYWARE SNIFFER
Looks for gov malware that evades most antivirus
Patch NOW! Microsoft slings emergency bug fix at Windows admins
Vulnerability promotes lusers to domain overlords ... oops
HACKERS can DELETE SURVEILLANCE DVRS remotely – report
Hikvision devices wide open to hacking, claim securobods
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
Designing and building an open ITOA architecture
Learn about a new IT data taxonomy defined by the four data sources of IT visibility: wire, machine, agent, and synthetic data sets.
How to determine if cloud backup is right for your servers
Two key factors, technical feasibility and TCO economics, that backup and IT operations managers should consider when assessing cloud backup.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.