Ninjastic
PostEdited versionsQuotes to this post
Post
Topic
Board Announcements (Altcoins)
Re: IOTA
by
stdset
on 02/11/2015, 14:40:10 UTC
Quote from: patmast3r on November 02, 2015, 02:28:47 PM
Quote from: stdset on November 02, 2015, 02:17:25 PM
Quote from: iotatoken on November 01, 2015, 03:26:49 PM
Quote from: rigel on November 01, 2015, 02:41:26 PM
Any ETA for first release?

~Christmas

So did mthcl and CfB already fix this vulnerability:

Quote from: stdset on October 28, 2015, 10:25:47 PM
This is the scenario I'm talking about. Green filled, black edged are transactions of the honest network. Red edged - are transactions of the attacker. The doublespends are filled with yellow.
As far as I understand your algo, weight of the red tip is greater by 3 than weight of the green tip.


?


Why would the weight of the red tip be greater (not saying it can't be) ? Afaik tips only have their "own weight" since they are tips and therefore haven't "inherited" any weight yet. Which afair means that their weight depends on the POW of those tx (tips).
It was already discussed several pages earlier.

Quote from: mthcl on October 28, 2015, 11:19:06 PM
Quote from: stdset on October 28, 2015, 11:14:19 PM
Quote from: mthcl on October 28, 2015, 11:07:21 PM
Quote from: stdset on October 28, 2015, 11:06:25 PM
Quote from: mthcl on October 28, 2015, 11:03:52 PM
But the cumulative weight of that tx is not so big, so why the merchant should accept it?
NP, the merchant waits of course for normal amount of confirmations.
On your picture it has 1 confirmation only?..
I can draw more pictures. But I don't think it's necessary. Imagine that the attacker started preparing for the attack a month ago. He spent the whole month to accumulate PoW on top of the second doublespend. He published no transactions during the month. Then he publishes the first doublespending transaction, provides the first confirmation, thus attaching it to recent part of the tangle, waits for the merchant to send him his puchase. Then publishes his secret subtangle and attaches in to the legit subtangle. The first doublespending transaction now is rejected by the network, the second doublespend has more weight.
He would have to attach it "below" the merchant's tx, but yes, you're right, it's a possible attack vector. Anyhow, the referencing algorithm is not yet finished, so we are discussing it with CfB right now.