IFP as an attack vector

19 927

Written by

No bio yet...

4 years ago

A lot has been written and said about the Infrastructure Funding Plan but I think the core issue still remains untouched in the public discussion. I will skip the ethical and the social arguments and focus on the technical issue. IFP proposal by Bitcoin ABC (as well as the previous proposal), if activated on the main chain, introduces potentially catastrophic consequences for Bitcoin Cash decentralization and in consequence for permissionlessness and uncensorability.

The IFP address bitcoincash:pqnqv9lt7e5vjyp0w88zf2af0l92l8rxdgnlxww9j9 [1] ownership is unknown. It is a p2sh , most likely a multi-signature address. It can be spent from only if a predefined number of key holders signs a transaction. The address was never spent from, so nobody knows neither who are the key holders nor how many signers is needed to use it. All IFP proposals included an unknown multisig addresses.

Scenario 1 - a cartel take over

Suppose the address is 1-of-n of the mining pools cartel involved in the IFP project. Any of the key holders is able to send 8% of the reward exclusively to themselves out of this address by including a spending transaction in the block they are currently hashing.

In this scenario miners participating in the cartel have the 8% advantage over uninvolved miners or pools. They are able to mine above the margins available to regular pools, keeping the difficulty high and discouraging others from joining. The result would be a total domination of BCH mining by the cartel pools, making them a closed group of validators. It would make BCH equivalent to Libra and other permissioned chains, allowing for easier collusion - censorship, blacklisting or reversing transactions.

Scenario 2 - ABC take over

If the address is indeed owned by ABC, it gives them an incentive to start mining BCH themselves, by mining below the profitability for other miners, but still earning more than the 8% they have. It can be done in stealth by fake mining pools. So far we have seen ABC signaling by "very nice mining pool" that appeared out of no where. There can be multiple of them to still appear decentralized and bounce the accusations by calling them a conspiracy theory. The attack can be executed without revealing it have ever happened. At BCH worth $300 one additional percent is about 1 million dollars of incentive. They might also offer kickbacks to existing pools and establish the Scenario 1, with the difference that they decide who is the cartel member and who is not. In this scenario, ABC is the single entity that is able to decide what happens on chain, as they can pressure cartel members by threatening to exclude them from the cartel.

Scenario 3 - ABC being taken over

Even when the intentions behind the IFP are crystal clear, scenario 2 can happen by attacking ABC members. They can be forced to give up their keys to the address, creating the controlled cartel with non-ABC force above it, making the entity a single power controlling Bitcoin.

Summary

The described attack would be detrimental to the core value proposition of Bitcoin Cash. Having a system like this is not suitable for Bitcoin, which is controversial and potentially disruptive to many entities that hold power right now.

$ 253.75

$ 200.00 from @MarcDeMesel

$ 15.96 from @TheRandomRewarder

$ 13.37 from @molecular

+ 13 more contributions

$ 200.00 from @MarcDeMesel

$ 15.96 from @TheRandomRewarder

$ 13.37 from @molecular

$ 10.00 from @jtoomim

$ 5.00 from @Test75785

$ 5.00 from @blockparty-sh

$ 1.01 from @georgedonnelly

$ 1.00 from @emergent_reasons

$ 1.00 from @NilacTheGrim

$ 0.50 from @nyusternie

+ 6 more contributions

Written by

Licho

No bio yet...

4 years ago

Comments

valuable information

$ 0.00

Sitro

4 years ago

Very informative article it is.It helps me many ways.

$ 0.00

Hossain

4 years ago

Stop calling it a "proposal". It not a proposal, it's a mandate.

$ 0.00

oooo

4 years ago

It's not a mandate, either. More like a failing coup.

$ 0.00

molecular

4 years ago

You're right. Poor choice of words. Blame it on my non-native english and propaganda. But it's not a mandate either because ir will most probably be rejected :)

$ 0.00

Licho

4 years ago

so what's the new name for the ifp chain?

$ 0.00

CashAnarchist

4 years ago

It's probably going to just be Bitcoin ABC.

$ 0.00

IMightBeAPenguin

4 years ago

ha.

like a toy for preschoolers.

$ 0.00

CashAnarchist

4 years ago

No scenario looks good from wherever I look at it. Anyway ABC is going for it, and let's hope BCHN is the valid alternative. This will impact BCH market price we want it or not.

$ 0.00

Monolith

4 years ago

Nicely said. Adding to https://bitcoincash.site/upgrade.

$ 0.00

georgedonnelly

4 years ago

Wow, thanks. What a splendid company my article is in!

$ 0.00

Licho

4 years ago

i dont feel these are the strongest arguments against the IFP, because the answer to all of these scenarios is easy and well known - good governance tools (ie, transparency and coin holder voting). The strongest argument against the ABC is: we have proof that ABC is the enemy of BCH, because they are splitting BCH on purpose - by pushing the IFP unnecessarily before such governance tools exist.

$ 0.00

tula_s

4 years ago

I analyzed the current situation - the absolute lack of transparency about the IFP address. Also - I doubt there is a governance tool that would prevent that attack from being executed, especially in the scenario 3. If BCH is aiming to be p2p cash for the entire world, there can be a no singled out address.

$ 0.00

Licho

4 years ago

coin holders can always do a manual intervention anytime they suspect foul play, provided they have a platform to voice their will

$ 0.00

tula_s

4 years ago

The attack can be executed in stealth.

$ 0.00

Licho

4 years ago

The IFP address bitcoincash:pqnqv9lt7e5vjyp0w88zf2af0l92l8rxdgnlxww9j9 [1] ownership is unknown. It is a p2sh , most likely a multi-signature address. It can be spent from only if a predefined number of key holders signs a transaction. The address was never spent from, so nobody knows neither who are the key holders nor how many signers is needed to use it.

Some observations on this.

Two persons have been asked (with good reason) whether they are co-signers on this address.

Both failed to respond at all, instead of dismissing it. They stand to gain nothing by admitting that they are not signers if indeed they are not. Therefore, it is fairly easy to conclude that with high probability, they are indeed signers.

A third person, by circumstantial evidence linked to the creation of that address, is Amaury himself, who was recorded in the Future of Bitcoin Cash video (listen to https://youtu.be/O4YlEZktnDk?t=6146 , i.e. from 1hr42min26s in the stream ) :

Even the people who are on the multisig wallet don't know everybody that is on the multisig wallet, and that is on purpose ... so if they don't know, like, you know, then nobody knows, effectively...

He goes on to say:

it's findable information, like, but, ... but the information here has been segmented, mostly for security reasons, like not everybody knows who is in the wallet

The second part "not everybody knows" contradicts the "even the people who are on the multisig" which covers ALL the people on the multisig wallet. But clearly at least one person knows ALL wallet signers :-D

Amaury's body language in that segment is very telling.

But this video is not the circumstantial evidence linking him to the wallet, it is merely additional information.

$ 1.06