I have found several issues with current implementation. Address spoofing and Inventory injection attacks, crashing listener thread with stateless connection flood etc. There are several ways to seriously disturb functionality of this network. When I have time, I'm going to look for ultimate attack, which would be network propagated persistent attack. It would crash all clients after injecting just a single message to any node of the network. Message would also be persisted in datastore so it would recrash the client on restart. Requiring manual fix or software update to get past this issue. By design system doesn't seem to scale well. I would like to see 10 million nodes on this network. Dont run current client without virtual machine, unless you're ready to encounter interesting problems with resource consumption. (cpu, memory, network, disk)
So, even though it's inspired by bitcoin, it doesn't quite have the same rock-solid original implementation. Bitcoin would have collapsed if there were any major cryptographic bugs, but it turns out that "Entire classes of bugs [were] missing." (-Dan Kaminsky, Security Researcher).
I hope that you can help out by reporting your findings back to them. I think Bitmessage is a really cool idea. It has the potential to allow communication to occur no matter what hostile power wants to censor it. It also finally make end-to-end message encryption a default rather than an after-thought.
Don't assume that Bitcoin hasn't had it's share of implementation problems. There's been a couple of remote DOS bugs, remote command execution vulnerabilities, and an integer overflow that lead to the creation of 32 million additional bitcoins.
Good point. Fortunately, there haven't ever been any vulnerabilities so severe that the entire network was shut down until a software update could be released (as the grandparent said he was looking for with bitmessage).
There was certainly a bug recently where the whole blockchain split and one half of the split ended up losing all the bitcoins they had mined on that limb. As far as cryptocurrencies go, I'd say that was a serious vulnerability.
Thanks for that link... it seems as though there were a lot of people that were thankful and a lot that were against it. Assuming the "guess" of the change address getting 200BTC, that was 800BTC that they paid out. Not knowing enough about it all, why was one of the commenters there saying that it was from the EFF do you know?
It was paid out of bitcoin faucet funds, the bulk of which were donated by the EFF when they stopped accepting bitcoin. A position on which they have recently changed their stance.
I was referring to CVE-2010-5139. Essentially somebody discovered that they could craft a transaction that caused a crazy number of Bitcoin to be introduced to the chain at that transaction, and used this to credit themselves on the main network. At that point the the exploit was patched and a new chain formed back before the transaction occurred, orphaning it in the process.
> It would crash all clients after injecting just a single message to any node of the network. Message would also be persisted in datastore so it would recrash the client on restart.
Wouldn't that fail to propagate through the network? Crashing nodes can't forward messages to other nodes.
It depends where the issue is exactly triggered in code. If it's possible to get data persisted which crashes system on recall, then it's possible. BM also uses pickle on 'non-secure' data, which could allow much wider exploits with lower level attack code.
I don't understand how this is the top comment. Who cares about security, can you just get interested in the features instead ? The protocol is not even mainstream yet...
