Bitcoin Security Threatened By Lightning Network

You might have heard that Bitcoin is unable to scale and there is a giant drama now around the 1 MB blocksize limit. One of the proposed solutions to this problem is the so-called lightning network. Let’s first explain what it is, and then when it came from and why it’s covered up.

Lightning network is an off-chain solution, which means that in some external system, participants exchange IOUs in some private database. Once the database owner decides for a settlement, they submit their own transactions to the real Bitcoin network. For this system to be operational, you need money up front, so you can do the settlement in the end.

So basically, Lightning network is a fund, not so different from one other fund we have heard about a lot, The DAO. The aforementioned comes from Ethereum, of course, not from Bitcoin. And that’s the reason why Andreas and other people are trying to make it look so different, calling it a “network” when in fact it is a centralized database of IOUs with an upfront fund. Purpose might be different, but the structure is completely the same and it has nothing to do with Bitcoin protocol, just as the DAO has nothing to do with Ethereum.

What it creates, however, is a leverage against Bitcoin security. As we have learned from Ethereum, in case of theft, which is in direct proportion to centralization (embodiment of which is the Lightning Network), the developers may decide to salvage a working protocol to save the malfunctioning organization. And that, my friends, is the end of Bitcoin’s purpose and a return to centralized banking.

What a 51% attack really is

I have been innoculated since 2014 with a simplistic definition of a 51% attack. I have been told that it means a malicious actor takes over 51% of the mining power. No, it is not. First, there is no room for morality in a decentralized consensus system like Bitcoin. Many Bitcoiners base their entire attitude on this single fact – that you cannot judge and decide which transactions are good and which are bad. The code decides, and the chain is immutable. So, there are no malicious actors, only selfish people trying to reach their goal, which for the most part, means getting more Bitcoin by validating transactions. The end goal is capital enrichment of self. So if someone tries to disrupt a network by taking over 51% of miners, it is the same situation as with normal mining – they are just reaching their goal and as long as the code allows for it, it’s OK.

Then I have been told that PoS coins are immune to 51% of attacks. That is also false. We need to take a deeper look at what a 51% mining situation causes in PoW to uderstand why. The basic property of Bitcoin is not an application or a protocol, it is the network aspect. Bitcoin is a special type of network, a consensual one. This means that the goals of the network are defined by what the majority wants. Why is this important? The 51% majority which you may call a group of malicious actors are malicious only from your point of view. And since you do not own more than 50% of the network anymore, too bad, your opinion is less relevant and the 51% group shapes the purpose. Right now, the purpose is transaction rewards, block generation with included transactions. But only because the majority thinks it’s a good idea.

The worst thing is not the 51% of the mining power, it is the 51% of the opinion. As long as the network is fragmented to smaller mining segments, the change of the paradigm is unlikely.

In Bitcoin, the opinion can be expressed through mining. That’s not because mining is essential for it’s existence, but because it has been arbitrarily chosen as the agent of the network opinion status. Not mining, but consensus is important. And consensus is incredibly susceptible to attacks. Sybil and 51% attacks are two iconic examples, but we might have forgotten what they have in common, they are both consensual, or network integrity attacks.

Since consensus equal network integrity, we need to look at other types of “attacks” which impact the network structure. And these are forks. Yes, forks are also consensus attacks, sometimes unintentional as with the switch from BerkeleyDB to LevelDB in 2013. Sometimes intentinal, as with the ETH/ETC split.

When the network splits, it changes from let’s say 3500 nodes to 2x 1750 nodes. There are still individuals, but they now have some kind of an incentive to group in order to destroy the other group. In a non-malicious unintentional situation, the incentive usually is keeping the blocks which they mined and got the reward for. The advantage of POW is the simple fork resolution because of the computational power rules which cannot be cheated, we soon know which group won and which was defeated and we carry on, pretending there were never two groups. But there are daily many forks in Bitcoin, as Andreas Antonopoulos noted. The network is weakened, fragmented, and full of conflict.

I am finally getting to the notion why PoS systems are not safe from 51% attacks. If you remove POW mining, you need to set other principles in it’s place. Principles, which represent the network consensus. When done in a decentralized fashion, it always means that you prefer the nodes to express their opinion individually instead of organized groups, because organized groups want to get rid of each other, while individuals look for the lowest common denominator. And a 51% attack happens whenever a group starts forming. Due to the nature of consensus, such groups, leading to forks – which might be caused by something as small as a database system upgrade or network fragmentation, need to form and threaten the existence of the status quo by inflicting a network health crisis.

You don’t have to own 51% of coins or the mining power. Or you have to do is create groups. e.g. unplug some intercontinental network device and you end up in the same situation. Or start a propaganda campaign.

This is a short pictorial I created about who I think might be BCNext, the author of original NXT. This is all speculation, of course, but finding a person who hosted a multibit service on the same IP as the first NXT is a little too suspicious. On closer inspection, we see that he is “…a contract web and blockchain application developer, open source contributor and long distance runner.” In JAVA of course, and he worked for an environmental company! He also says he’s a long term bitcointalk forum member, github shows he has been coding years before Bitcoin was popular. Also, most of his twitter accounts are gone.

Points:

– How many blockchain developers were there in 2014? How many independent, non-forking genuine projects? You could count those on fingers of one hand. Also, all of them were C/C++ developers, only one was a JAVA developer.

– Come-from-Beyond has also been associated with this address, the other project hosted on the IP was “Banana Cash”, which is Russian. Come-from-Beyond has a good command of both English and Russian. He claimed that the ISP assigned that IP to a random other person after he stopped serving the NXT GUI there. The other project must have been either Multibit or Banana Cash, the first one is a JAVA blockchain application and the other one is Russian/English. At least one of those facts is obviously not true.

His LinkedIn profile: http://archive.is/UYzpS
http://www.coindesk.com/cash-strapped-multibit-developers-charge-transaction-fee/

WHOIS entry


% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf

% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.

% Information related to '88.198.0.0 - 88.198.255.255'

% Abuse contact for '88.198.0.0 - 88.198.255.255' is 'abuse@hetzner.de'

inetnum: 88.198.0.0 - 88.198.255.255
netname: DE-HETZNER-20051227
country: DE
org: ORG-HOA1-RIPE
admin-c: HOAC1-RIPE
tech-c: HOAC1-RIPE
status: ALLOCATED PA
mnt-by: RIPE-NCC-HM-MNT
mnt-by: HOS-GUN
mnt-lower: HOS-GUN
mnt-routes: HOS-GUN
created: 2005-12-27T12:36:33Z
last-modified: 2016-08-25T13:25:28Z
source: RIPE Filtered

organisation: ORG-HOA1-RIPE
org-name: Hetzner Online GmbH
org-type: LIR
address: Industriestrasse 25
address: D-91710
address: Gunzenhausen
address: GERMANY
phone: +49 9831 5050
fax-no: +49 9831 5053
admin-c: TF2013-RIPE
admin-c: MF1400-RIPE
admin-c: GM834-RIPE
admin-c: HOAC1-RIPE
admin-c: MH375-RIPE
admin-c: SK2374-RIPE
admin-c: SK8441-RIPE
abuse-c: HOAC1-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: HOS-GUN
mnt-by: RIPE-NCC-HM-MNT
mnt-by: HOS-GUN
created: 2004-04-17T11:07:58Z
last-modified: 2016-08-25T13:26:09Z
source: RIPE Filtered

role: Hetzner Online GmbH - Contact Role
address: Hetzner Online GmbH
address: Industriestrasse 25
address: D-91710 Gunzenhausen
address: Germany
phone: +49 9831 505-0
fax-no: +49 9831 505-3
abuse-mailbox: abuse@hetzner.de
remarks: *************************************************
remarks: * For spam/abuse/security issues please contact *
remarks: * abuse@hetzner.de, not this address. *
remarks: * The contents of your abuse email will be *
remarks: * forwarded directly on to our client for *
remarks: * handling. *
remarks: *************************************************
remarks:
remarks: *************************************************
remarks: * Any questions on Peering please send to *
remarks: * peering@hetzner.de *
remarks: *************************************************
org: ORG-HOA1-RIPE
admin-c: MH375-RIPE
tech-c: GM834-RIPE
tech-c: SK2374-RIPE
tech-c: TF2013-RIPE
tech-c: MF1400-RIPE
tech-c: SK8441-RIPE
nic-hdl: HOAC1-RIPE
mnt-by: HOS-GUN
created: 2004-08-12T09:40:20Z
last-modified: 2015-08-06T09:39:14Z
source: RIPE Filtered

% Information related to '88.198.0.0/16AS24940'

route: 88.198.0.0/16
descr: HETZNER-RZ-NBG-BLK4
origin: AS24940
org: ORG-HOA1-RIPE
mnt-by: HOS-GUN
created: 2006-01-02T08:59:04Z
last-modified: 2006-01-02T08:59:04Z
source: RIPE

organisation: ORG-HOA1-RIPE
org-name: Hetzner Online GmbH
org-type: LIR
address: Industriestrasse 25
address: D-91710
address: Gunzenhausen
address: GERMANY
phone: +49 9831 5050
fax-no: +49 9831 5053
admin-c: TF2013-RIPE
admin-c: MF1400-RIPE
admin-c: GM834-RIPE
admin-c: HOAC1-RIPE
admin-c: MH375-RIPE
admin-c: SK2374-RIPE
admin-c: SK8441-RIPE
abuse-c: HOAC1-RIPE
mnt-ref: RIPE-NCC-HM-MNT
mnt-ref: HOS-GUN
mnt-by: RIPE-NCC-HM-MNT
mnt-by: HOS-GUN
created: 2004-04-17T11:07:58Z
last-modified: 2016-08-25T13:26:09Z
source: RIPE Filtered

% This query was served by the RIPE Database Query Service version 1.88 (HEREFORD)

He has recently been increasingly active in private repositories, so he might also be working on Ardor (bitbucket supports direct imports).

Shocking discovery: Peter Todd is satoshi

Over the past few years, the hunt for satoshi nakamoto has been pivoted around a mysterious character people have created in their minds. The search has not in fact been for the creator of Bitcoin, but for someone unknown with mysterious supernatural powers. The media hoped to bestow such characteristics upon that person so it precedes his real character. We were supposed to discover Spiderman before knowing Peter Parker.

I have also been clouded by this type of thinking, identifying Nick Szabo as satoshi for over a year. It was not until recently that I realized he is obviously not, for he has done something satoshi, as an idealist, would never do. He paired up with banks.

When I started thinking about the identity of satoshi more deeply, I came to draw similarities to projects I have participated in and what was important in every single one. Consistency and incorruptibility. The reason why kingdoms crumble and empires end in war. The impossibility of transferring projects between people while keeping the original ideas intact. Letting the leash loose.

If Szabo got “corrupted”, why wouldn’t every satoshi candidate? After all, Szabo was the most skilled and educated amongst them. There is one person, however, never backed off and never made a compromise. Most importantly, he has never stepped down to give his project to someone else, jsut as satoshi never would. And his name, of course, is Peter Todd.

Hal Finney tried to cover up, saying that satoshi was Japanese. Of course he wasn’t, the name was just a reflection of the fascination with the Japanese culture by a western individual, who would colloquially be referred to as a weeaboo. And as a weeaboo, he would spend most of his time coding and daydreaming, not socializing. Because socializing could corrupt his idealism and in the process, destroy Bitcoin.

Marc De Mesel on the possible upcoming Bitcoin ATH

This excerpt has been taken from Marc’s video comments in https://www.youtube.com/watch?v=5U4W7OS8-74, watch the whole video for more context and information.

“[…]In investing to estimate how high a bubble can go, you look at the past. For example gold went from $21 to $800 in 70’s, so times 40, ofcourse the price had been fixed for 50 years before that so the bull was likely stronger than any other time. From 2000 till 2011 it went up from $250 to $1900, times 8, that is not in the neighborhood of last bubble so odds are it will go up more. The same you can do with stocks or bonds. Bonds for example went up the past 30 years like never before in history (interest rates on 10 year bonds collapsed from 15% to 1% from 1980 till 2015, never happened since 1600) so very likely it will not go up any more and will correct strongly for decades.

Bitcoin has gone up parabolicly in 2011 in couple of months from $1 to $32 (x32), in 2013 suddenly from $15 to $255 (x16) and shortly after rapidly from $130 to $1150 (x8). Counting from the previous ATH it went in 2011 from $1 to $32 = (x32), then from $32 to $255 (x8) and then from $255 to $1150 (x4).

You see a downward trend, it multiplies less and less, logical since marketcap goes up more and more so it becomes harder to rise, need more and more capital. In 2011 when it went from $10 million to $100 million it did x32, in 2013 when it went from $100 to $1 billion it did only half (x16), and only 1/4th (x8) if you count from previous ATH. Shortly after it went from $1 to $10 billion and the power of the bull again halved to x8 and x4.

Since then we recovered from $160 to now $800, bringing the market cap back to $10+ billion so if we get a new bubble the power of it will likely be cut in half again compared to previous bubble so that will be x4 counting from whatever price we shoot off from and x2 from previous ATH.

So counting from $1150 x2 = $2300 high chance, x3 = $3450 maybe, x4 = $4600 unlikely and if it does happen, get rid of your last small exposure that you still have as odds are very high you will be able to buy back considerably cheaper.”

Yahoo used MD5 hasing to store passwords

Yahoo has suffered another hack.

The company disclosed today that it has discovered a breach of more than one billion user accounts that occurred in August 2013. The breach is believed to be separate and distinct from the theft of data from 500 million accounts that Yahoo reported this September.

Troublingly, Yahoo’s chief information security officer Bob Lord says that the company hasn’t been able to determine how the data from the one billion accounts was stolen. “We have not been able to identify the intrusion associated with this theft,” Lord wrote in a post announcing the hack.

“The stolen user account information may have included names, email addresses, telephone numbers, dates of birth, hashed passwords (using MD5) and, in some cases, encrypted or unencrypted security questions and answers,” Lord added.

Yahoo was alerted to the massive breach by law enforcement and has examined the data with the help of outside forensic experts. The data does not appear to include payment details or plaintext passwords, but it’s still bad news for Yahoo account holders. The hashing algorithm MD5 is no longer considered secure and MD5 hashes can easily be looked up online to discover the passwords they hide.

Yahoo says it is notifying the account holders affected in the breach. Affected users will be required to change their passwords.

Yahoo also announced today that its proprietary code had been accessed by a hacker, who used the code to forge cookies that could be used to access accounts without a password. “The outside forensic experts have identified user accounts for which they believe forged cookies were taken or used. We are notifying the affected account holders, and have invalidated the forged cookies,” Lord said, adding that he believed the attack was launched by a state-sponsored actor.

Today’s revelations add to Yahoo’s long string of security problems. Yahoo employees reportedly knew of the intrusion that led to the theft of data from 500 million users as early as 2014, but the company did not announce the breach until this September. What Yahoo executives knew about the breach, and when they knew it, have been crucial questions in Verizon’s ongoing acquisition of Yahoo. Yahoo did not disclose the first breach until several months after the deal was announced.

Larger block size is not an option for any cryptocurrency

Decentralized networks are defined by the lowest common denominator. If you want to push a large amount of data throughout the network, you need to push it everywhere, even to the slowest devices. Also, the mempool synchronization is not, and cannot be, exact. If a peer asks you to synchronize the mempool with them, neither of you know which transactions the other party already has in their pool and which not. In many cases, you end up resynchronizing the entire mempool. Which means that the block size limit now on Bitcoin is not in fact 1 MB, but 1 MB times the amount of users times the amount of mempool block of mempool volume in between blocks. And every time a block sync happens, you need the whole block and mempool to travel across the entire world, to every node. You also need to remember that the mempool synchronization takes away resources shared with block synchronization, so the larger the block limit is, the more unwanted forking happens because the information about new blocks arrives later to many miners – again, exponentially. If anyone with a single-chain solution tells you they can transfer thousands of transactions per minute and satisfy millions of users, they are lying or using cheap tricks.

So the blocksize limit is a technological problem, or more specifically a Bitcoin-related design flaw. Is there a theoretical solution? Yes, since at least 2014, and it’s called sidechains or childchains, and these have been inspired by nothing else than altcoins. Why? Because altcoins in themselves are the scaling solution for Bitcoin, where Bitcoin is only used as the common chain with some market arbitrary value of the altcoin in question. Once you buy an altcoin, you are no longer putting any pressure on the Bitcoin blockchain, until you decide to sell your altcoin and use BTC as a mediator again. Childchains/sidechains are just like that, but only use one network, one dev team, and one common token. It’s like the whole bitcoin/altcoin market virtualized.

Who is working on this technology at the moment? I am not aware if there is any working solution yet, but quite certainly Ardor, or NXT 2.0 development team is releasing their testnet in Q1 2017. It will be spiced up with additional features already present in NXT like the decentralized exchange. Also, Ethereum made some announcements lately and would like to push their solution public early 2017.

Why should you want to use something like this instead of another altcoin? Three reasons – support, price stability and security. Simply, if you use an unknown altcoin because your main coin like BTC has reached it’s technological limit, you are putting yourself at risk of the altcoin holders, who may decide to dump on you. Also, you don’t know how long the chain will be alive, you don’t know if the devs have capabilities of solving issues, etc.

disclaimer: no proofreading done

Your private keys and passwords all belong to Intel/AMD/ARM

Five or so years ago, Intel rolled out something horrible. Intel’s Management Engine (ME) is a completely separate computing environment running on Intel chipsets that has access to everything. The ME has network access, access to the host operating system, memory, and cryptography engine. The ME can be used remotely even if the PC is powered off. If that sounds scary, it gets even worse: no one knows what the ME is doing, and we can’t even look at the code. When — not ‘if’ — the ME is finally cracked open, every computer running on a recent Intel chip will have a huge security and privacy issue. Intel’s Management Engine is the single most dangerous piece of computer hardware ever created.

Researchers are continuing work on deciphering the inner workings of the ME, and we sincerely hope this Pandora’s Box remains closed. Until then, there’s now a new way to disable Intel’s Management Engine.

Previously, the first iteration of the ME found in GM45 chipsets could be removed. This technique was due to the fact the ME was located on a chip separate from the northbridge. For Core i3/i5/i7 processors, the ME is integrated to the northbridge. Until now, efforts to disable an ME this closely coupled to the CPU have failed. Completely removing the ME from these systems is impossible, however disabling parts of the ME are not. There is one caveat: if the ME’s boot ROM (stored in an SPI Flash) does not find a valid Intel signature, the PC will shut down after 30 minutes.

A few months ago, [Trammell Hudson] discovered erasing the first page of the ME region did not shut down his Thinkpad after 30 minutes. This led [Nicola Corna] and [Frederico Amedeo Izzo] to write a script that uses this exploit. Effectively, ME still thinks it’s running, but it doesn’t actually do anything.

With a BeagleBone, an SOIC-8 chip clip, and a few breakout wires, this script will run and effectively disable the ME. This exploit has only been confirmed to work on Sandy Bridge and Ivy Bridge processors. It should work on Skylake processors, and Haswell and Broadwell are untested.

Separating or disabling the ME from the CPU has been a major focus of the libreboot and coreboot communities. The inability to do so has, until now, made the future prospects of truly free computing platforms grim. The ME is in everything, and CPUs without an ME are getting old. Even though we don’t have the ability to remove the ME, disabling it is the next best thing.

Neutralizing Intel’s Management Engine

If you have AMD or ARM processor, you’re in the same trouble:
http://www.tomshardware.com/news/AMD-TrustZone-Security-ARM-CPU-Cortex-A5-APU,16000.html

Ethereum takes lessons from Ardor

On Mar 28, 2014, Vitalik Buterin was interviewed about the differences between NXT and Ethereum (https://www.youtube.com/watch?v=niVodrtLWgM
). He noted that Ethereum is Turing-complete, while NXT is not and pushing a decentralized app code to NXT would be difficult as an additional layer outside the code core.

Many, including senior developer John Connor from project Vanillacoin/Vcash (XVC) doubted usefulness of Touring-completeness for a P2P project and several Etehreum hacks and hardforks have proven my optimism to be farfetched.

But happily, almost 2 years later, Vitalik also indirectly acknowledged Ardor, the “NXT 2.0” project through adopting a sharding mechanism (https://github.com/ethereum/wiki/wiki/Sharding-FAQ) to Ethereum, which is their custom sidechain implementation, similar in many ways. Vitalik aims at releasing sharding before Ardor testnet goes live in Q1 2017, apparently scared by the possibility of Ardor technological taking advantage over Ethereum, which has always considered itself most progressive on the fintech fringe.