Skip to content

Investigating the frequency of alternative blocks, reorganizations, potential double-spend attacks, selfish mining, and more.

License

Notifications You must be signed in to change notification settings

noncesense-research-lab/archival_network

Repository files navigation

Noncesense archival network

The Noncesense archival network employs custom daemons that collect unique empricial data for research purposes, currently deployed on the Monero and Loki networks.

The archival network is a FOSS product of Noncesense Research Lab. See our website at https://noncesense-research-lab.github.io/ for latest contact information. We look forward to your contributions and ideas.

Contributors

Archival daemon development: NeptuneResearch

Analysis: Isthmus and Nathan

Server support: gingeropolous, Isthmus, and SerHack

Goals

Objective set 1: Data collection and archiving

Prior to the Noncesense archival network (previously known as the Monero Archival Project) there was no known resources that archived the content of orphaned blocks or alternative chains on most CryptoNote currencies. The total absence of this data precluded analyses that are critical for monitoring the ecosystem and empirically studying mining and network phenomena. Since these types of records are not on the blockchain itself, they are lost to the sands of time unless intentionally preserved. The Noncesense archival network's central mission is to ensure that we are always collecting and analyzing this key information.

The Noncesense archival network employs custom archival daemons that collect data from orphaned blocks/chains along with notes from the node itself. Nodes are deployed globally using virtual private servers (VPS) to capture a broader view of the network and enable representative analyses.

Objective set 2: Alternative chain analyses

Analysis of archival records allows us to answer several questions:

  • How frequently are multiple versions of the same block mined?
  • What fraction of these alternative blocks result in reorganization?
  • Are the observed intervals between alternative blocks explained by any particular function? A Poisson distribution has been suggested as the theoretical expectation. How well does the model match observations? What are the parameters of, and deviations from, the distribution function model?

Objective set 3: Timing exploration

Miners can arbitrarily choose the timestamps that they include in the block, so MAP retains both the miner-reported timestamp (MRT) and the node-receipt timestamp (NRT). Comparison of the timestamps in the block against the timestamps when the block was received will reveal how often the miner-reported timestamps are spoofed.

Similarly, we can look for signs of selfish mining based on the timing with which blocks are received. Ittay Eyal and Emin Gün Sirer point out that "One could detect this [phenomenon] by looking at the timestamps on successive blocks in the blockchain. Since mining is essentially an independent random process, we'd expect the interblock time gap to be exponentially distributed. Any deviation from this expectation would be suggestive of selfish mining."

Objective set 4: Network topology and study

Data from geographically-distributed MAP nodes can be used to study network connectivity and latency. With each new transaction or block broadcast, we can watch the the route(s) and speed with which it propogates across the globe.

Objective set 5: Double-spend detection

Logs that record the content of orphaned blocks can be used to ascertain whether a given alternative block was benign (e.g. arising from network latency) or maliciously presented (e.g. attempting a double-spend attack).

When two contradictory blocks naturally arise, transaction duplication is expected since both miners draw from the same memory pool. In the case that two miners independently mine the same transaction, the {ring members, key image, receiving stealth address} will be mirrored in the two blocks.

If two versions of a transaction are generated, they will have the same key image, but different one-time recipient stealth address, and different cryptographic signatures. This could occur benignly, if a user regenerates the transaction to the same address (creating a new one-time address in the process). It could also represent a transaction that is being revised to spend to a different recipient. If a double-spend attack is attempted (with or without majority, with or without success), the miner will necessarily have to include a transaction with the same key image, but a different receiving stealth address and signature. While this might happen occasionally due to wallets or users refreshing transactions, an alternative block with several redirected transactions strongly suggests an intentional attempted double-spend attack.

Long-term goals:

We have several plans for making this type of data common and accessible.

  • Data presentation on a web dashboard that allows interactive exploration of archival network data products such as navigation of alternative chans, empirical analytics, and a global view of broadcast propogation.
  • Integration into main Monero codebase as an opt-in daemon setting for users that wish to collect archival data for R & D purposes.

General notes:

The documents directory in this repository contains the roadmap, information for accessing our nodes, specifications, and miscellaneous notes.

The analyses directory includes some preliminary results.

Archival daemon code is available at: https://github.com/neptuneresearch/monerod-archive

Example data

There was a fork at height 1592780, and both sides have been archived

First block at height 1592780

{
  "major_version": 7, 
  "minor_version": 7, 
  "timestamp": 1528736759, 
  "prev_id": "1d4db93917bc6bd16061bcfb638c7dccd8dfa5eb8972412aef421438798d15b3", 
  "nonce": 518482, 
  "miner_tx": {
    "version": 2, 
    "unlock_time": 1592840, 
    "vin": [ {
        "gen": {
          "height": 1592780
        }
      }
    ], 
    "vout": [ {
        "amount": 4534453164784, 
        "target": {
          "key": "4be69660f709234dad518051f5a6d56c01fe81e20afbadbfaa64f6059acfe23b"
        }
      }
    ], 
    "extra": [ 1, 201, 244, 41, 165, 3, 194, 90, 48, 85, 90, 71, 17, 186, 121, 100, 157, 19, 98, 96, 224, 50, 23, 102, 183, 113, 12, 19, 105, 36, 119, 25, 85, 2, 8, 0, 0, 3, 173, 20, 1, 0, 0
    ], 
    "rct_signatures": {
      "type": 0
    }
  }, 
  "tx_hashes": [ "dd6c105d72656e6f9b027a5d0cff9f571c4c8ed75e63509906eabb4dca76ce63", "83b49efb4f5c7938393821bd647c99e9895f20e5e49595ea8a7ed15eb6bc0898", "a37cbcf9fb9a548af32762830890766b4c3126b48a122edb780906a72ff8a03d", "e4bcb887cf6619de9572db3adc2b4fa2ad23b56b7ba11806c08fc3fc88e658dc", "84ef89e6bdb56e63588905142835b371623be4eb6845826ac21c423034dd026f", "fc9f8dfb619a90ea4c755028258315339452979ab056235d8bcfe626cf346084", "f26fd8b663e085040cc65c8c0e8f56238235243c631791b07d2986d0e50f3156", "1083ff3b9b67a193cc2c47b251c8b3facc47e77932d4e1d39c631d7f01fabfc5", "f2db3f41623110dfd17c2ff67c01dfcd2e040cae6269e6fcef11976b467f92d2", "689739ded0aef480c8b149e126aa84685a0eceaa624db9044d0382c07395a86b", "ed1b9d15303f84fc16e0e4b7454bed759390c47634faaae6e87387d2b2a04fa9", "888a91550442d06288c2778e6ce67ed1d392fc451d4c1783c5a2a27a89265d17", "0a37ac74ec6751441b3a364c443c1519f961e79d92f92cfd2588cf5a309bd6a1", "010855970bee8a4e24bb462bf5df62c8fe53c9a3aafa04c0dfdd7f36c6d647d7", "655b211fa826a0035637a6cb637abb3cc7d321c40ceaa21d6aff472745e5ea5c"
  ]
}

Alternative block at height 1592780

{
  "major_version": 7, 
  "minor_version": 7, 
  "timestamp": 1528736759, 
  "prev_id": "1d4db93917bc6bd16061bcfb638c7dccd8dfa5eb8972412aef421438798d15b3", 
  "nonce": 699007682, 
  "miner_tx": {
    "version": 2, 
    "unlock_time": 1592840, 
    "vin": [ {
        "gen": {
          "height": 1592780
        }
      }
    ], 
    "vout": [ {
        "amount": 4534453164784, 
        "target": {
          "key": "85b4261a79211cb9c1f69cf16ee2832c2ae8ef4d626644a77918b3a1ff6359de"
        }
      }
    ], 
    "extra": [ 1, 121, 206, 76, 251, 36, 153, 28, 209, 147, 253, 221, 39, 132, 163, 152, 94, 212, 35, 113, 152, 0, 254, 192, 94, 139, 21, 75, 25, 141, 73, 34, 180, 2, 17, 0, 0, 1, 188, 101, 203, 84, 173, 0, 0, 0, 0, 0, 0, 0, 0, 0
    ], 
    "rct_signatures": {
      "type": 0
    }
  }, 
  "tx_hashes": [ "dd6c105d72656e6f9b027a5d0cff9f571c4c8ed75e63509906eabb4dca76ce63", "83b49efb4f5c7938393821bd647c99e9895f20e5e49595ea8a7ed15eb6bc0898", "a37cbcf9fb9a548af32762830890766b4c3126b48a122edb780906a72ff8a03d", "e4bcb887cf6619de9572db3adc2b4fa2ad23b56b7ba11806c08fc3fc88e658dc", "84ef89e6bdb56e63588905142835b371623be4eb6845826ac21c423034dd026f", "fc9f8dfb619a90ea4c755028258315339452979ab056235d8bcfe626cf346084", "f26fd8b663e085040cc65c8c0e8f56238235243c631791b07d2986d0e50f3156", "1083ff3b9b67a193cc2c47b251c8b3facc47e77932d4e1d39c631d7f01fabfc5", "f2db3f41623110dfd17c2ff67c01dfcd2e040cae6269e6fcef11976b467f92d2", "689739ded0aef480c8b149e126aa84685a0eceaa624db9044d0382c07395a86b", "ed1b9d15303f84fc16e0e4b7454bed759390c47634faaae6e87387d2b2a04fa9", "888a91550442d06288c2778e6ce67ed1d392fc451d4c1783c5a2a27a89265d17", "0a37ac74ec6751441b3a364c443c1519f961e79d92f92cfd2588cf5a309bd6a1", "010855970bee8a4e24bb462bf5df62c8fe53c9a3aafa04c0dfdd7f36c6d647d7", "655b211fa826a0035637a6cb637abb3cc7d321c40ceaa21d6aff472745e5ea5c"
  ]
}

Since the transaction hashes match between the two blocks, no transactions were re-routed. Thus we can infer that this was an accident, and not a double-spend attack.

About

Investigating the frequency of alternative blocks, reorganizations, potential double-spend attacks, selfish mining, and more.

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published