From 5b283663b40dbc06c56cc481ef90f4365ab85724 Mon Sep 17 00:00:00 2001 From: Jeffrey Wilcke Date: Tue, 12 Jan 2016 11:54:29 +0100 Subject: [PATCH] core: Added new TD strategy which mitigate the risk for selfish mining Assuming the following scenario where a miner has 15% of all hashing power and the ability to exert a moderate control over the network to the point where if the attacker sees a message A, it can't stop A from propagating, but what it **can** do is send a message B and ensure that most nodes see B before A. The attacker can then selfish mine and augment selfish mining strategy by giving his own blocks an advantage. This change makes the time at which a block is received less relevant and so the level of control an attacker has over the network no longer makes a difference. This change changes the current td algorithm `B_td > C_td` to the new algorithm `B_td > C_td || B_td == C_td && rnd < 0.5`. --- core/blockchain.go | 20 ++++++++++++++------ tests/init.go | 3 +++ 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/core/blockchain.go b/core/blockchain.go index 22dd617ad8..2c6ff24f97 100644 --- a/core/blockchain.go +++ b/core/blockchain.go @@ -725,14 +725,18 @@ func (self *BlockChain) writeHeader(header *types.Header) error { if ptd == nil { return ParentError(header.ParentHash) } - td := new(big.Int).Add(header.Difficulty, ptd) + + localTd := self.GetTd(self.currentHeader.Hash()) + externTd := new(big.Int).Add(header.Difficulty, ptd) // Make sure no inconsistent state is leaked during insertion self.mu.Lock() defer self.mu.Unlock() // If the total difficulty is higher than our known, add it to the canonical chain - if td.Cmp(self.GetTd(self.currentHeader.Hash())) > 0 { + // Second clause in the if statement reduces the vulnerability to selfish mining. + // Please refer to http://www.cs.cornell.edu/~ie53/publications/btcProcFC.pdf + if externTd.Cmp(localTd) > 0 || (externTd.Cmp(localTd) == 0 && mrand.Float64() < 0.5) { // Delete any canonical number assignments above the new head for i := header.Number.Uint64() + 1; GetCanonicalHash(self.chainDb, i) != (common.Hash{}); i++ { DeleteCanonicalHash(self.chainDb, i) @@ -753,7 +757,7 @@ func (self *BlockChain) writeHeader(header *types.Header) error { self.currentHeader = types.CopyHeader(header) } // Irrelevant of the canonical status, write the header itself to the database - if err := WriteTd(self.chainDb, header.Hash(), td); err != nil { + if err := WriteTd(self.chainDb, header.Hash(), externTd); err != nil { glog.Fatalf("failed to write header total difficulty: %v", err) } if err := WriteHeader(self.chainDb, header); err != nil { @@ -1060,14 +1064,18 @@ func (self *BlockChain) WriteBlock(block *types.Block) (status writeStatus, err if ptd == nil { return NonStatTy, ParentError(block.ParentHash()) } - td := new(big.Int).Add(block.Difficulty(), ptd) + + localTd := self.GetTd(self.currentBlock.Hash()) + externTd := new(big.Int).Add(block.Difficulty(), ptd) // Make sure no inconsistent state is leaked during insertion self.mu.Lock() defer self.mu.Unlock() // If the total difficulty is higher than our known, add it to the canonical chain - if td.Cmp(self.GetTd(self.currentBlock.Hash())) > 0 { + // Second clause in the if statement reduces the vulnerability to selfish mining. + // Please refer to http://www.cs.cornell.edu/~ie53/publications/btcProcFC.pdf + if externTd.Cmp(localTd) > 0 || (externTd.Cmp(localTd) == 0 && mrand.Float64() < 0.5) { // Reorganize the chain if the parent is not the head block if block.ParentHash() != self.currentBlock.Hash() { if err := self.reorg(self.currentBlock, block); err != nil { @@ -1081,7 +1089,7 @@ func (self *BlockChain) WriteBlock(block *types.Block) (status writeStatus, err status = SideStatTy } // Irrelevant of the canonical status, write the block itself to the database - if err := WriteTd(self.chainDb, block.Hash(), td); err != nil { + if err := WriteTd(self.chainDb, block.Hash(), externTd); err != nil { glog.Fatalf("failed to write block total difficulty: %v", err) } if err := WriteBlock(self.chainDb, block); err != nil { diff --git a/tests/init.go b/tests/init.go index a869704999..caa4eca6cb 100644 --- a/tests/init.go +++ b/tests/init.go @@ -44,6 +44,9 @@ var ( "TRANSCT__RandomByteAtTheEnd", "BLOCK__ZeroByteAtTheEnd", "TRANSCT__ZeroByteAtTheEnd", + + "ChainAtoChainB_blockorder2", + "ChainAtoChainB_blockorder1", } /* Go client does not support transaction (account) nonces above 2^64. This