Bitcoin Core Dev: Full Node Sybil Attack Problem Exists and Has No Perfect Solution

In our recent feature, we discussed the problem of full nodes in the Bitcoin network, and more likely, why running them may be expensive to a user but grants him or her no monetary reward.

As a brief reminder, a full node is a node in a network that stores the entire copy of the blockchain to verify transactions and blocks. Still, it has to run 24/7 and takes up nearly 250 gigabytes of your hard drive as of the moment of writing. There are options to install it in a separate device as well, yet such gadgets usually cost well over $100. Full nodes are vital for the proper functioning of the Bitcoin network.

The main reason why running full nodes is not rewarded is the risk that someone malevolent may create a pool of full nodes and effectively hijack the entire ecosystem. On the other hand, spending money on devices and power supply without much compensation does not seem fair.

In the wake of our article and in order to settle this question, forklog.media talked with Gleb Naumenko, a Bitcoin Core developer. As it turned out, things are more complicated than they seemed.

The Problem of Full Node Rewards

forklog.media: We understand the theory behind why there is no reward for running a full node. But such nodes are the lifeblood of the network, so maybe there is some way to still reward those who run them?

Gleb Naumenko: There is a reward but it’s not monetary. One of the biggest advantages of running a full node is that you dramatically increase your privacy. If you just use a wallet without a full node, then whoever created that walled can see your IP address and where you send your money. If you have a full node, you don’t have to rely on anybody else. This is actually what “trustless” is about in a sense. So this great privacy is one of the rewards. That’s what Bitcoin has always been about after all.

forklog.media: But have you at Bitcoin Core ever considered changing the situation in some way to bring the full node operators something more than greater privacy and the honor to be one of the ecosystem’s pillars? 

Gleb Naumenko: We have never actually discussed bringing up a monetary reward for running a full node. Generally, we think that launching a full node must be as cheap as possible. You want to get a reward because launching a reward takes much effort. What we are after is to make this effort almost unnoticeable while enhancing your understanding that you’re doing something important for the entire network. 

Full Node Pool Attack

forklog.media: But even with things going as they go right now, it’s not impossible that some “consortium” might run thousands of full nodes and just dictate which blocks are correct and which are not. Do you know how to resist such an attack?

Gleb Naumenko: Bitcoin is naturally protected against such things because all you have to do in that case is find at least one “honest” node with the longest chain of blocks and spread the news. 

forklog.media: That does not seem very viable. Even assuming that someone managed to reach a node with a larger chain, how can they be sure he or she is not an attacker? So there must be some other way to resist it.

Gleb Naumenko: Right now, there are around 60,000 full nodes, with 8,000 of them running publicly. If someone launches say, 100,000 “bad” nodes, half of the users will connect to them without even knowing that they are bad. We at Bitcoin Core will start working on that as soon as we see such things happening. My personal priority at Bitcoin Core is to prevent these attacks from being very cheap (for example, using only 10 bad nodes) through exploiting some additional bug/vulnerability. Increasing the cost of the attack effectively makes it not viable because the benefits an attacker gets are very temporal and not that high.

forklog.media: But it doesn’t have to happen incrementally. In fact, all I need to run such an attack is to have a powerful server and internet access. Basically, I could do it with just one click. The attack would just happen in a blink of an eye. And what are you going to do? How would you know where the real blockchain is?

Gleb Naumenko: First of all, we will probably start suggesting that users blacklist those nodes actively spreading the invalid chain. If this does not help, it’s likely that we would launch some “trust system” for a while that would address nodes with some sort of proof. For instance, it could be proof of operation before the attack’s commencement. Or we could make trusted the nodes showing that they have bitcoins minted in 2014. There are different options. We could even take the nodes belonging to Bitcoin developers, which is not good of course but could work as an extreme remedy for the first week of such a crisis. 

Again, we could talk directly with miners because the problem here would be to find what miners have actually mined. So I would say that this problem really exists, and there is no easy solution for that. Even more complex solutions are far from perfect. We think all the time how to make it better but the best possible prevention means, in that case, is indeed to make it easier for honest users to run full nodes.

How to Solve the Problem?

forklog.media: Why can’t you divide blockchain into previously verified parts and “freeze them” to create some sort of a golden standard everyone will agree upon, and then move incrementally until the actual state of blockchain?

Gleb Naumenko: Something of the same nature always existed in Bitcoin in a similar form: there is one traditional checkpoint, there is an “assume_valid” feature with an updated block hash every release, and an “assume_utxo” feature is in progress. These features are used in a very minimal way, just to provide some optimizations and DoS-protections. It was always the goal of Bitcoin Core to make these “trust assumptions“ as small as possible because Bitcoin is a trust-minimized system.

forklog.media: So, in your opinion, the best solution is upscaling, right?

Gleb Naumenko: Yes but the one that does not introduce additional trust assumptions. The solutions I talked about are not very good compared to that. Someone might just buy out the proofs of age, or just buy those old Bitcoins and run the attack you described once again. And it’s a real problem.

Conclusion

It seems that the theoretical full node Sybil attack may occur even with relatively high entry threshold and no rewards, let alone with the presence of some monetary incentivizing system. 

Still, Bitcoin Core does not seem to have a well-developed response plan should this kind of attack occur. However, they have a bunch of countermeasures on their mind, which are indeed imperfect but would allow reducing the consequences at a relatively low cost.

You can watch the whole interview here (in Russian).

Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.