Attack by creating large numbers of nodes?

I’m sorry if this has been discussed before, I haven’t followed the discussions for some time now. Just thinking about what an attacker would have to do attack the network in a meaningful way, which would be stuff like making data unaccessible on the network, returning wrong data, making sure data is not stored correctly, faking Safecoin transactions etc.

As far as I understood, this would mean creating huge numbers of nodes in order to control a large majority of the network (don’t know how large that majority would be right now).

Now, my question is: Nodes don’t have to be particularly powerful to participate in the network. So, for a “state-sized” attacker, it wouldn’t really be a problem to create millions or even billions of nodes, which would be enough to take over the network at least during the first few years, I’d guess? If the attacker tries that when the network is already running a few hundred thousand nodes, this kind of attack may not go unnoticed due to the numbers of nodes suddenly joining the network? Not sure if there’s a way to detect that.

But just imagine that some agencies are already having a close look at this project, and they’ll start adding their own nodes at the very day when the SAFE network officially launches, making sure from day one that they’ll always have the majority of nodes they’ll need to disrupt the network. They could just be “regular” farmers with the official software at the beginning and replace it by their own version later when needed.

Granted, due to the encrypted nature of the contents, they still wouldn’t be able to read the traffic. But to my understanding, they would be able to make the network unusable and/or fake Safecoin transactions by agreeing on them with their node majority, thus undermining the trust users have in the network and making them abandon the project.

True?

This is called a Sybil Attack. Here are some bits of existing info (even though the thread titles don’t exactly match your question they still contain very relevant info to this question):

The first line of defense is the fact that a node is expensive to run. A node must provide an amount of storage space and it must respond to requests in a timely manner. The number of coins a node may be responsible for is directly related to the resources it provides to the network. If an attacking node does not participate productively in the network, it will be pushed to the outskirts of the network, increasingly ignored by the other nodes.

‘Vault ranking’ is what you want to read about to understand this better.

I doubt they’ll divert resources from their current profit models. For them it would be relatively expensive compared to what they get out of it.

Research the incentive structure of the safe network to understand this (the attacker benefits more by being a ‘good’ actor than a malicious actor). Yes the attack you talk about can be done, but what’s the motivation?

  • There’s also info on the wiki

https://safenetwork.wiki/en/FAQ#Birthday_paradox.2FSybil_Attacks

the attacker would require the ability to surround specific Vaults in the SAFE Network. This cannot be achieved, as it would require being able to effectively generate different values which, when hashed with SHA-512, result in close hashes around one particular point.

The difficulty of doing this comes down to being able to control group consensus for a particular piece of data. It’s prohibitively difficult to a) know what data you want to control and b) actually be the 28 of 32 nodes that form that group for consensus. This is due to the way vault naming and xor distance works when forming close groups.

Yes this is a lot of jargon but it gives you somewhere to start researching and hopefully answers your original questions :slight_smile:

8 Likes

What if someone joins with a big amount of nodes and after a while takes them all off? It would at least make the safecoin price jump around wildly.

I don’t see how it would effect the safe coin price . Currently it would be way easier to buy Maidsafecoin from the market and then dump. Pretty easy and you can do it with one computer only. What you could do is cause nor instability by say hosting several exo bytes on the network and then pulling the plug. But again, only causing instability, not taking the network down.

1 Like

You can’t choose you own address on the network like with Bitcoin. So you join, have a temporary address, then you ask the network to pick you up. That’s a get_networkname_request. When some group does, they relocate you to another group which now is your close group. So if I have 32 close nodes, you can’t target them to take over my close group. You probably end up in another group. If we have 1 million users, and you create 100 million fake accounts. Well yes, you could probably kill the network. But you need a Safecoin to create an account, so it will cost quite some money. And there probably will be other defenses against an attack like this.

2 Likes

Anything decentralized/distributed can be destroyed using enough resources.

Just imagine how easy it would be to destroy Bitcoin. There are hundreds of individuals capable of this, and i have no idea how many groups.

1 Like

True, you can also put the “decentralised” into parentheses

For bitcoin, I honestly think all you would have to do is spam the network with tiny transactions (dust).
A few million transactions submitted in a short time of a few satoshis would be super cheap and keep the network backed up like crazy.

When it starts catching up you just dust it again. Eventually people would not want to wait a month for a transaction confirmation or would not want to pay a way larger fee to use it. A couple hundred thousand dollars and some code and voilà, mayhem. The confirmation times are one reason I shy away from the bitcoin protocol and can not wait for Safecoin!!!

Anything can be destroyed or protected using enough resources

:smiley:

7 Likes