[messaging] Do Blockchains solve Zooko's triangle? (was: Another Take At Public Key Distribution)
Karl
gmkarl at gmail.com
Mon Aug 3 15:19:03 PDT 2015
These are real problems with both centralized and p2p networks. They
can be more accessible with p2p networks because you *don't* have to
create a global mitm -- you just have to poison Alice's list of peers.
I think this is called an Eclipse attack (?)
But blockchain technologies are almost entirely focused on resolving this issue.
1. You cannot change the past unless you can duplicate the amount of
work produced by the entire mining network up from the event in the
past you want to change and the last point of sync as Alice. Only
then can you produce a blockchain long enough to convince an
already-sync'd client that yours is correct -- and what you have
basically done at this point is create a new canonical blockchain that
should and will be used by everybody, not just Alice.
2. Alice has a wide variety of options to circumnavigate a persistent
MITM. She can use an overlay network such as Tor or I2P. She can
share her blockchain with her friends using floppies. She can sync
via ad-hoc wifi or send packets over amateur radio. She does not have
these options if she is using a centralized system, where the MITM can
surround the servers themselves.
3. Alice can check and see what is going on. When data is committed
to a blockchain the data resides in a block which has a hash unique to
that block and all parent blocks that came before it. If you are
living in a fake blockchain, your transaction and block ids will
mismatch those of the people you are interacting with. Your
blockchain will have a much lower proof of work difficulty.
A persistent MITM is technically possible, but you also have to MITM
all the other channels of relevant data. If my friend is resolving an
address differently than me, we simply have to exchange blocks to
figure out what is going on and who is right.
I'm not too experienced but the way people are talking seems to
disregard the grey areas of these situations. Blockchains are
incredibly good at storing globally unique, permanent information.
They have classic P2P network issues. But once you can intercept all
information exchanged by an individual with anybody, you can make them
believe yellow is blue under any conditions.
On 8/3/15, Jonathan Rudenberg <jonathan at titanous.com> wrote:
>
>> On Jul 23, 2015, at 9:22 PM, Tao Effect <contact at taoeffect.com> wrote:
>>
>> So, the only real option left is for a persistent, 24/7 global MITM. At
>> that point you are no longer dealing with the Internet anymore. You might
>> as well smash Alice’s computer with a brick and declare a successful
>> “attack” on Namecoin.
>
> This is already known to exist, it is called QUANTUM INSERT[0]. Also, BGP
> and DNS attacks can be used to accomplish the same thing. Let alone the
> cheaper option of just hacking Alice’s WiFi. Throwing out MITM attacks as
> not a viable threat is unreasonable at this point.
>
> Jonathan
>
> [0] https://en.wikipedia.org/wiki/Tailored_Access_Operations#QUANTUM_attacks
> _______________________________________________
> Messaging mailing list
> Messaging at moderncrypto.org
> https://moderncrypto.org/mailman/listinfo/messaging
>
More information about the Messaging
mailing list