In part 1 of this article I described how the Bitcoin’s peer-to-peer communication network could be targeted for attack by an attacker that controlled a large number of ISP addresses, and current mitigation techniques employed to thwart these attacks. In this second part I will talk about some promising techniques being proposed to make Bitcoin’s network resistant to attack even from adversaries with the resources to control large blocks of IP addresses.
Future Mitigation Ideas
In addition to the techniques mentioned in part 1, opportunities exist to decentralize the Bitcoin network using techniques that lower the bandwidth requirements of peer nodes so that they can effectively connect to more nodes in the network. Nodes can also use low-bandwidth alternative communication technologies to monitor and communicate directly with other nodes without going through potentially compromised ISPs.
Naumenko, et al, their paper “Bandwidth-Efficient Transaction Relay for Bitcoin” describe an alternative to the current flooding technique used by the network to relay transactions. The technique they describe, called Erlay, can decrease the bandwidth required by a node to relay transactions by 84%, with only a modest increase in latency. Using this technique, nodes could connect to four times as many peers without significantly increasing the amount of bandwidth they use. If nodes can connect to more peers then the Bitcoin network will become more highly connected and it will be harder for an attacker with access to a large block of IP addresses to partition the network. Lowering bandwidth costs will also encourage more nodes to operate and increase the diversity of the network; people who can not afford to run a node that uses 4 GB of data per month using the current system, may run a node that requires less than 1 GB of data per month.
Block Header Broadcasts
A node could also maintain additional connections to nodes that only broadcast low bandwidth information used to check that they are still connected to the honest network. Peers that provide only Bitcoin block headers could be used to detect when their other peers are transmitting blocks that are not at the current tip of the block chain with the most accumulated work followed by the honest network. These headers are only 80 bytes and contain proof that a certain amount of work was performed by a mining node to produce the block. Producing a valid block header requires incurring actual mining costs. A node that observes different valid block headers from different sources can deduce that a chain split has occurred. This makes it much more difficult for an attacker to covertly eclipse them.
A node that detects a chain split between block headers from different internet connections, for example satellite and wired internet, can alert an operator to manually intervene. A merchant that is alerted to an attack might even automatically stop receiving payments until they have manually reestablished their connection to the honest network. An alerted miner could manually confirm that their miners are working to extend the correct chain.
Local mesh networks can also be used to route transactions to the Bitcoin network using alternative ISPs. A wireless mesh network can bypass a node’s local wired internet provider and relay data across multiple mesh device to reach an independent network connection. This offers privacy and censorship protection similar to Tor or a VPN, but does not rely on the permission of a node’s local ISP. Mesh networks can also allow nodes to share a single satellite downlink or even a satellite uplink that would be too expensive for every user to subscribe to. The TxTenna project is one example of how a mesh radio network can be used to compliment a broadcast only satellite system. The Locha Mesh and Lora Caster projects also show how low cost mesh radios can be used to relay bitcoin transactions to avoid local ISP censorship. These mesh projects do not currently relay Bitcoin block headers, but adding this ability would make them useful tools for protecting Bitcoin users from eclipse attacks.
Amateur radio can be used to send and receive small amounts of data like Bitcoin transactions and block headers over very long distances. Projects that use both weak signal and higher power radio setups have demonstrated the potential of these approaches to communicate Bitcoin information over long distances using low cost equipment. Because of their long range, a single broadcaster can provide eclipse protection to Bitcoin nodes even across national borders. In most areas broadcasters will need an amateur license to run transmitting stations, but receivers do not need to be licensed or require any expensive or difficult to setup equipment.
The Bitcoin network currently uses heuristics that have been shown to substantially increase the cost of eclipse attacks. The use of alternative communication channels, anything from Tor to multihoming to satellite broadcasts, are another effective way to both prevent attacks and increase privacy. As the value of the Bitcoin network increases the need for greater protection against eclipse attacks will also increase. New protocol techniques that lower the bandwidth requirements for node operators can make attacks harder by increasing the size, diversity and connectivity of Bitcoin’s peer-to-peer network. The threat of covert attacks that rely on centralized wired IP networks can also be reduced using decentralized communication techniques such as low cost local mesh networks and long distance high-frequency radio. In recent years the threat of centralized mining pools orchestrating a 51% attack has received the most attention. Less mentioned are potential attacks on Bitcoin’s peer-to-peer protocol. We should remain vigilant for ways to make Bitcoin’s peer network stronger – the techniques described in this article are good places to start.