中本聪的白皮书
几乎所有关于加密货币和区块链的讨论都源于中本聪的白皮书:《比特币:一种点对点的电子现金系统》Bitcoin: A Peer-to-Peer Electronic Cash System (Satoshi Nakamoto)。
Almost all the discussions on encrypt currency and block chains stem from the Chinese White Paper: Bitcoin: A Peer-to-Peer Electronic Cash System (Satoshi Nakamoto).
2008 年 11 月 1 日,一个密码学邮件组收到了 satoshi@vistomail.com 邮箱发出的这份白皮书,2009 年 1 月 3 日,中本聪的个人电脑里挖出了 50 个比特币,并在创世区块里留下一句永不可修改的话: “The Times 03/Jan/2009 Chancellor on brink of second bailout for banks( 2009 年 1 月 3 日,财政大臣正处于实施第二轮银行紧急援助的边缘)。”
On 1 November 2008, a password-based mail team received this white paper from satoshi@vistomail.com, and on 3 January 2009, the Chinese Minister of Finance was on the verge of implementing the second round of bank emergency aid.
当时正是英国的财政大臣达林被迫考虑第二次出手纾解银行危机的时刻,这句话是泰晤士报当天的头版文章标题。区块链的时间戳服务和存在证明,让第一个区块链产生的时间和当时正发生的事件被永久性的保留了下来。
That was the moment when British Treasury Secretary Daring was forced to consider a second attempt to alleviate the banking crisis, the headline of the newspaper’s headlines of the day. The time-stamping service and proof of existence of the block chain kept the time and events that had taken place in the first block chain permanently.
2009 年 10 月 5 日出现了最早的交易所汇率:1 美元=1309.03 比特币。十年后比特币的价格已经超过 8000 美元,按照 2017 年峰值的最高价 20000 美元一枚计算,2100 万枚比特币的市值达 4200 亿美元,外加各种山寨币、分叉币,加密货币总规模已经突破万亿美元。比特币带给我们最大的冲击是原来哈耶克的创想可行,技术可以超越现有政府的框架实现“非国家化的货币”并开始流通。
On October 5, 2009, the first exchange rate of exchange emerged: US$ 1 = 1309.03 bitcoins. Ten years later, the price of Bitcoins has exceeded US$ 800, with 21 million bitcoins at a single peak of US$ 20,000 in 2017, plus a variety of bounties and forks, and the total size of the encrypted currency has reached US$ 100 billion. The biggest impact of the Bitcoins is that the original Hajek was viable, and technology can go beyond the existing government framework to achieve “non-stateized currencies” and begin to circulate.
在币值飞涨的疯狂年代,已经很少人再去翻看中本聪的白皮书。仅有九页的白皮书只是一套技术方案,所有的篇幅都是为了探讨一个“币”的实现,超越软件技术本身,我们去细加审视更本质的问题:比特币的“去中心化”是否彻底,是否真正成为了一个权力分散且完全自治的系统?白皮书中是否还有哪些缺陷,是中本聪默认忽略又事实存在的假性前提。
In the frenzied years of currency booming, few people have looked again at the white paper. Only nine pages of the white paper are a technical package, all of which are designed to explore the realization of a “currency” that goes beyond the software technology itself, and we look at the more fundamental question: Is the “decentralization” of Bitcoin complete and truly a decentralized and fully autonomous system?
去中心化=大多数人正义
[白皮书摘要]:本文提出了一种完全通过点对点技术实现的电子现金系统,它使得在线支付能够直接由一方发起并支付给另外一方,中间不需要通过任何的金融机构。虽然数字签名(Digital signatures)部分解决了这个问题,但是如果仍然需要第三方的支持才能防止双重支付(double-spending)的话,那么这种系统也就失去了存在的价值。我们在此提出一种解决方案,使现金系统在点对点的环境下运行,并防止双重支付问题。该网络通过随机散列(hashing)对全部交易加上时间戳(timestamps),将它们合并入一个不断延伸的基于随机散列的工作量证明(proof-of-work)的链条作为交易记录,除非重新完成全部的工作量证明,否者已经形成的交易记录将不可更改。最长的链条不仅将作为被观察到的事件序列(sequence)的证明,而且被看做是包含CPU最大计算工作量的链。只要绝大多数的CPU计算能力都没有打算合作起来对全网进行攻击,那么诚实的节点将会生成最长的、超过攻击者的链条。这个系统本身需要的基础设施非常少。信息尽最大努力在全网传播即可,节点(nodes)可以随时离开和重新加入网络,并将最长的工作量证明链条作为在该节点离线期间发生的交易的证明。
细读比特币白皮书,你会发现中本聪的“去中心化”背后的潜台词是“大多数人正义”,共识机制是比特币的核心理念。
Read the bitcoin white paper in detail, and you will find that the subterfuge behind the middle-class “decentralization” is “justice for most people”, and the consensus mechanism is the central idea of Bitcoin.
建立一套“去中心化的 P2P 支付系统”,没有中心(中介)的支付系统,要避免“双花”(双重支付 double-spending )如何核对记账?答案是通过共识机制:用密码原理和工作量证明( Pow )代替中心化权威信用。
Establishing a “decentralized P2P payment system”, without a central (intermediate) payment system, how can double-collar (double-payment) be reconciled? The answer is through a consensus mechanism: using cryptometry and workload proof (Pow) to replace centralized authority credit.
产生一条新的交易记录时永远有先后顺序,即便是双花也总有先后顺序,同一用户不可能同时创造两笔交易。比特币首先引入了基于时间戳的随机散列,让其形成前后相关的序列,比特币的交易记录就是一个时间序列的链条。这就是为什么称之为区块链的原因。
The creation of a new transaction record is always sequential, and even double flowers are always sequential, and it is not possible for the same user to create two transactions at the same time. Bitcoin first introduced a random hash, based on a time stamp, to form the relevant sequence before and after, and bitcoin’s transaction record is a chain of time series. That is why it is called a block chain.
要避免双花,我们只需要证明其中一条链有效即可,并且将其记录到交易链条上,其他的交易就是无效的了。要证明其中一条是有效又不允许中心化从存在,只有一个办法:发动所有人参与这项活动,进行“多数人的正义”。
To avoid double flowers, we just need to prove that one of the chains is valid and to record it on the chain of transactions, and that the others are not. To prove that one is effective and does not permit centralization from existence, there is only one way to involve all people in this exercise and “justice for the majority”.
POW 共识算法正是为了解决谁是大多数的问题,“大多数”的决定表达为最长的链。新区块进行节点广播,一旦有节点收到了这个区块的广播,会按照“当且仅当包含在该区块中的所有交易都是有效的且之前未存在过的,其他节点才认同该区块的有效性”的规则进行验证。
The POW Consensus algorithm is meant to solve the majority of the issues, and the “most” decision is expressed as the longest chain. The new block broadcasts nodes, and once a node is received, the new node is verified according to the rule that “when and only when all transactions in the block are valid and have not existed before, the other node agrees with the validity of the block”.
验证通过后,这个节点就不会再接受别的节点的同样区块了。同时这个节点会终止自己正在进行的包含同样交易的区块计算,也就说不会在进行无用功了,节点在这个区块基础上启动新的交易区块计算,如此往复,形成链条。
Once certified, this node will no longer accept the same blocks as the other nodes. At the same time, this node will terminate its ongoing calculation of blocks containing the same transactions, so that it will not be useless to start new node calculations on the basis of this node, so that the chain will be formed.
由于网络延迟,如果同时有几个节点互相收到交易区块,记录同样的链条(分叉),该僵局的打破要等到下一个工作量证明发现。通过一段时间运行,总有一条区块链时序最长,作为最终被认可的链条。比特币区块链就是在不停的分叉、抛弃、又分叉、又合并的过程。
Because of the delay in the network, if several trading blocks are received from each other at the same time and the same chain (fork) is recorded, the impasse will be broken until the next workload proves to be clear. Through a period of operation, there will always be a block chain with the longest time series as the ultimate recognized chain. The bitcoin block chain is a continuous process of fork-offs, discards, splits, and merges.
共识机制替代中介信任,那么我们探讨一下极端情况下可能会出现什么问题?
By replacing the intermediary trust in the consensus mechanism, let us explore what problems might arise in extreme situations.
假想的灾难
让我们一起头脑风暴一场假想的灾难:
Let's go head-to-head with a imaginary disaster:
2018 年某一天下午 15:30,中国的海底光纤突然出现故障,国际出口被阻断。整个比特币网络仍旧正常运转:国内的矿池、矿场币照样挖;国外的矿场、交易所继续正常挖币和交易。只是不知不觉间,中国的比特币网络和国际比特币网络被撕裂为两个子网。
At 15:30 p.m., one of the days in 2018, China’s submarine fibre-optics suddenly broke, and international exports were blocked. The entire Bitcoin network was still functioning: domestic pits, mine-field coins, and foreign mines and exchanges continued to dig and trade. Unacknowledgedly, China’s Bitcoin network and the international Bitcoin network were torn into two sub-nets.
17:40,故障后 2 个小时,光纤故障排除,国际出口复通。
17:40, two hours after the failure, fibre-optic failure removed, international export reconnected.
在故障期间,中国境内的算力形成一个链,境外的算力形成另外一条支链。按照共识机制,就看哪条链的长度更长,而长度较短的另一链会被淘汰,即这条被淘汰的支链上产生的所有交易需要重新核算,同时记账奖励将被作废。
During the period of failure, computing in China forms a chain, with extraneous computing forming another. The consensus mechanism depends on which chain is longer, while the other chain, which is shorter, will be eliminated, i.e., all transactions arising from the eliminated link will need to be re-calculated, while the accounting incentive will be discarded.
由于中国国内的算力占比高达 70%,国外链毫无意外会被淘汰,这将为比特币带来灭顶之灾:在故障发生的两个多小时,境外矿场的算力成果被销毁了,海外所有的比特币交易面临重新核算,大家该收到的比特币没收到,该支出的没支出,整个比特币上的商业活动被瘫痪。
With China's domestic capacity at 70 per cent, the foreign chain will not be phased out unexpectedly. This will result in the collapse of bitcoin: more than two hours after the failure, the computational results of offshore mines will be destroyed, all of the bitcoin transactions abroad will be recalculated, and the amount of bitcoins that you are supposed to receive will be confiscated, the expenditure will not be spent, and the entire business activity on bitcoin will be paralysed.
大规模通讯中断会将比特币网络撕裂为算力悬殊的两个分支,那么最优的策略是故障发生那刻起,整个比特币网络立即停摆,直到故障修复。否则如果保持隔离状态继续运行,复通合并时就会出现更棘手的瘫痪。
Large-scale communications disruptions will tear the Bitcoin network apart into two branches of arithmetic. The best strategy is to stop the entire Bitcoin network immediately from the moment of failure until it is repaired.
为防止支链带来的干扰造成损失,比特币一笔交易至少需要 6 个区块的确认,一个区块时间是 10 分钟,6 个区块就是一小时。假如故障导致的网络隔断超过一小时,就会给交易带来冲击,隔断时间越长冲击越大。
In order to protect against the disruption of the branch chain, a Bitcoin transaction requires at least six blocks to be confirmed, one block to be 10 minutes and six blocks to be one hour. If a failure results in a network break of more than one hour, the transaction will be hit, and the longer the break, the larger the shock.
人们对比特币容灾能力的讨论,更多地关注于分布式的多节点存储备份,忽略了共识机制本身造成的隔离和吞没效应。
The debate about the resilience of the bitcoin has focused more on distributed multi-node storage backups, ignoring the isolation and annexation effects of the consensus mechanism itself.
这样的假想并非天方夜谭,就在 2018 年 3 月 30 日,非洲国家毛里塔尼亚由于海底电缆被切断,造成全国范围内彻底断网时间长达 2 天,该起事件还同时影响数个周边国家,断网噩梦首次在现实中上演,说明全球范围内的网络基础设施并非人们想象的安全。
Such a scenario was not the end of the day; on March 30, 2018, Mauritania, an African country, was cut off from its submarine cables for two days, causing a complete nationwide blackout. The incident also affected several neighbouring countries, and the nightmare of the blackout began in reality for the first time, suggesting that the network infrastructure at the global level was not perceived as safe.
实际上,全球大约 97% 以上的网络数据通过海底电缆传输,但各国出于军事目的而进行的海底电缆附近活动并不在少数。2013 年,有 3 名潜水员在埃及被捕,他们被指控为涉嫌切断海底电缆。
In fact, more than 97 per cent of the global network data are transmitted through submarine cables, but not a small number of activities in the vicinity of submarine cables are carried out by countries for military purposes. In 2013, three divers were arrested in Egypt on suspicion of cutting submarine cables.
而在军事战略家的理论中,全面切断海底电缆,影响该国军事通信能力,对敌方造成经济损失和瘫痪性灾难,也不失为一种重要的备选打击手段。
In the doctrine of military strategists, the complete cut-off of submarine cables, which affects the country's military communications capacity, causes economic losses and paralysing disasters to the enemy and is an important alternative means of strikes.
并且,能让比特币陷入瘫痪的可能还不止天灾。
Moreover, it is more than a natural disaster that could paralyse Bitcoin.
算力垄断 ≠ 51% 攻击
Arithmetic Monopoly 51% Attack
目前对比特币的信仰建立在全网 51% 算力难以企及上,然而最近人们越来越多开始担忧,掌握大规模 ASIC 矿机的矿场事实上已经垄断了 51% 算力。
Now that Bitcoin's faith is based on 51 percent of the net, it's hard to reach, but more and more people are worried that mines with large-scale ASIC machines have in fact already monopolized 51 percent of the computing power.
根据《麻省理工科技评论》在 2018 年 1 月 18 日发布的最新研究表明,比特币和以太坊都属于开放区块链系统,即原则上任何人都可以成为矿工,但因为这样的架构特性,自然形成了相应的组织集中挖矿资源。
According to a recent study published by the MIT Review on January 18, 2018, both Bitcoin and Ether belong to the open block chain system, that is, in principle, any person can be a miner, but by virtue of this structural characteristic, the corresponding organizational concentration of mining resources is naturally formed.
基于每周一次的统计,排名前四名的比特币挖掘活动就占整个系统挖掘活动的 53%;而以太坊挖掘活动的中心化程度甚至更加稳固,前 3 大矿机占整体系统每周平均挖掘活动高达 61%。算力垄断是否已经动摇了比特币“去中心化”的特性?
On the basis of weekly statistics, the top four bitcoin excavations account for 53% of the entire system's excavations; while the extent of centralization of the diagonal excavations is even more solid, the former 3 mining machines account for an average of 61% of the system's excavations per week. Has the arithmetic monopoly already shaken the “decentralized” character of bitcoins?
答案是否定的。51% 攻击不会来自生态内。
The answer is no. 51% of the attacks don't come from within the ecology.
这是因为矿场巨头们虽然集中控制了算力,但他们按照游戏规则,付出了大量硬件投资和电费消耗。如果发动 51% 攻击,整个系统的价值就会崩溃,那么攻击获得的比特币就没有任何意义了。
That's because the mine giants, while concentrating on computing, pay a lot of hardware investment and electricity consumption in accordance with the rules of the game. If they launch 51% of the attack, the value of the entire system collapses, and the bitcoin they get doesn't make any sense.
51% 攻击必然来自于体系外。
51% of attacks necessarily come from outside the system.
从假想天灾我们可以得到一点启发,发动 51% 攻击不一定要靠控制算力,影响网络层可能是成本更低,更可实现的方式。下面发散列举一些可能性:
We can be inspired by the idea of a natural disaster, with 51% of the attacks being carried out, not necessarily by controlling the arithmetic, but by influencing the network layer in a way that is less costly and more achievable.
1. 大规模的黑客攻击行动,控制主干网络设备的路由策略,发动 BGP 攻击。
1. Large-scale hacking operations to control the route strategy of the main network equipment and to launch the BGP attack.
2. 网络设备商的后门权限。针对核心路由器 0day 漏洞的蠕虫病毒在传播过程中,有意或无意地封闭了国际出口。
2. Back door privileges for network equipment operators. International exports of worms are either intentionally or unintentionally closed during the transmission of the 0day bug in the core router.
3. 电信运营商的国际出口通讯故障。
3. International export communications failures of telecommunications operators.
4. 国家防火墙的限制和阻断。
4. Restrictions and disruptions on national firewalls.
以上类似天灾的场景中,发动者都可以是体系外的成员,并且不需要耗费大量硬件和电力资源投入,只需要控制网络层就可以轻松实现。这就暴露出比特币和所有加密货币最致命的缺陷:网络层天然高度中心化。
In the above scenario of a natural disaster, the initiators can be extra-system members, without the need for costly hardware and electricity inputs, and can easily be achieved by controlling the network layer. This reveals the most deadly flaw in bitcoin and all encrypted currencies: the natural high-centralization of the network layer.
被忽略的默认前提:信道安全
The ignored default premise for
区块链的底层是 P2P 网络通信技术,区块链本质上是一个基于P2P的价值传输协议。
The bottom of the block chain is the P2P network communication technology, which is essentially a P2P-based value transfer protocol.
比特币采用了基于国际互联网(Internet)的 P2P(peer-to-peer)网络架构。P2P是指位于同一网络中的每台计算机都彼此对等,各个节点共同提供网络服务,不存在任何“特殊”节点。每个网络节点以“扁平(flat)”的拓扑结构相互连通。在P2P网络中不存在任何服务端(server)、中央化的服务、以及层级结构。P2P网络的节点之间交互运作、协同处理:每个节点在对外提供服务的同时也使用网络中其他节点所提供的服务。
Bitcoin uses the Internet-based P2P (peer-to-peer) network structure. The P2P refers to the reciprocity of each computer located in the same network, with each node providing the network service together. There are no “special” nodes. Each node is connected with a flat flat flat (flat) top-up structure. There is no service end (server), centralized service, and hierarchical structure in the P2P network. The P2P network operates interactively, synergeticly: each node provides external services while using other nodes in the network.
早期的国际互联网就是 P2P 网络架构的一个典型用例:IP网络中的各个节点完全平等。当今的互联网架构具有分层架构,但是IP协议仍然保留了扁平拓扑的结构。在比特币之外,规模最大也最成功的P2P技术应用是在文件分享领域:Napster 是该领域的先锋,BitTorrent 是其架构的最新演变。
The early international Internet is a typical example of a P2P network architecture: the nodes in the IP network are completely equal. Today's Internet architecture has a hierarchical structure, but the IP protocol retains flat-top structures. Beyond Bitcoin, the largest and most successful P2P technology application is in the area of document sharing: Napster is the pioneer in this field, and BitTorrent is the latest evolution of its architecture.
“比特币网络”是按照比特币 P2P 协议运行的一系列节点的集合。除了比特币 P2P协议之外,比特币网络中也包含其他协议。例如 Stratum 协议就被应用于挖矿、以及轻量级或移动端比特币钱包之中。网关(gateway)路由服务器提供这些协议,使用比特币P2P协议接入比特币网络,并把网络拓展到运行其他协议的各个节点。例如,Stratum 服务器通过 Stratum 协议将所有的 Stratum 挖矿节点连接至比特币主网络、并将 Stratum 协议桥接(bridge)至比特币 P2P 协议之上。我们使用“扩展比特币网络(extended bitcoin network)”指代所有包含比特币P2P协议、矿池挖矿协议、Stratum 协议以及其他连接比特币系统组件相关协议的整体网络结构。
The Bitcoin network is a collection of nodes that operate under the Bitcoin P2P protocol. In addition to the Bitcoin P2P agreement, the Bitcoin network contains other protocols. For example, the Stratum protocol is applied to mine mining, and to a lightweight or mobile-end Bitcoin wallet. The gateway provides these protocols by the server, using the Bitcoin P2P protocol to access the Bitcoin network and extending the network to the various nodes that run other agreements. For example, the Stratum server connects all Stratum mining nodes to the Bitcoin main network through the Stratum agreement, and links the Stratum agreement to the Bitcoin P2P agreement. We use the Extended Bitcoin network to refer to the entire network structure of all agreements that link the Bitcoin P2P agreement, the mineral mining agreement, the Stratum agreement, and other agreements that link the Bitcoin system.
运行比特币P2P协议的比特币主网络由大约 7000-10000 个运行着不同版本比特币核心客户端(Bitcoin Core)的监听节点、以及几百个运行着各类比特币P2P协议的应用(例如BitcoinJ、Libbitcoin、btcd等)的节点组成。比特币 P2P 网络中的一小部分节点也是挖矿节点,它们竞争挖矿、验证交易、并创建新的区块。
The Bitcoin main network, which runs the Bitcoin P2P protocol, consists of approximately 7000-10000 listening nodes with different versions of the Bitcoin Core client, and hundreds of nodes with various Bitcoin P2P protocols (e.g. BitcoinJ, Libbitcoin, btcd, etc.). A small number of nodes in the Bitcoin P2P network are also mining nodes that compete for mining, validation of transactions, and creation of new blocks.
比特节点通常采用 TCP 协议、使用 8333 端口(该端口号通常是比特币所使用的,除8333端口外也可以指定使用其他端口)与已知的对等节点建立连接。
Bit nodes are usually connected to known peer nodes using the TCP protocol, using the 8333 port (the port number is usually used in Bitcoin and other ports are specified in addition to the 8333 port).
P2P 网络只是为所有节点提供了信息交换的方式,做事的还是共识算法和加密算法。但接收方必须信任,数据区块的传送过程中没有被任何中间方改变破坏。这实际上需要一个“信道安全”的前提保证(这是中本聪没有明确提出,又默认必须的条件):
The P2P network provides only a means of exchanging information for all nodes, whether it does business with consensus algorithms or encryption algorithms. But the recipient must trust that the transmission of the data blocks has not been compromised by any intermediate change. This actually requires a pre-condition of “belief security” (a condition that is not explicitly proposed by Nakae and that is implied):
我们信任区块链软件,相信它在运行中不受破坏,而传输的是非伪造的数据。
We are confident that the block chain software in the zone of confidence will not be destroyed in its operation and that it will transmit non-fabricated data.
我们信任运行区块链软件的运行系统,它在运行中不受破坏,而传输的是非伪造的数据;
We trust the operating system of the block chain software, which is not destroyed in its operation and which transmits non-fabricated data;
我们信任为系统提供网络的中央处理机,相信它不受破坏,而传输的是非伪造的数据。
We trust in providing the system with a network of central processors, trusting that it will not be destroyed and that it will transmit non-fabricated data.
这种信任,基于“网络中立化”而产生。然而,互联网的传输和承载网建设,属于高度资本性投资。因此,所有的互联网基础建设,均来自通讯企业高额投资,而互联网服务,均由各大 ISP 及其分销商提供。
This trust is based on “network neutrality”. However, Internet transmission and carrier network construction are highly capital investments. Thus, all Internet infrastructure is derived from high investment in telecommunications enterprises, while Internet services are provided by major ISPs and their distributors.
这便带来了一个相对矛盾的问题:“去中心化”的分布式系统,承载于中心化的互联网服务之上,但却并未被广泛意识到,这种天然的高度中心化的底层传输网络,对“去中心化”的互联网产品有着轻而易举的打击实力和控制能力。
This raises a relative paradox: the “decentralized” distributed system, which is embedded in a centralized Internet service, but is not widely recognized as a natural, highly centralized bottom transmission network with an easy ability to strike and control “decentralized” Internet products.
从比特币的协议细节便可看出,其对传输层的攻击并未充分防范。比特币的传输协议报头都是明文,且规律恒定,其报文开头 4 个字节就是 0xF9BEB4D9。相信中本聪在设计协议时,将大部分精力都集中在交易过程的密码学设计上。因为对区块链而言,传输数据是否加密,并不影响交易本身的有效性:中间人即使窃取了报文,亦无法让篡改后的交易数据被其他节点接纳。
As can be seen from the details of the Bitcoin agreement, the attack on the transmission layer is not sufficiently protected. Bitcoin's transmission protocol is written and regular, with four bytes starting with 0xF9BEB4D9. It is believed that China-Ben was focusing much of its efforts on the cryptographic design of the transaction process when designing the protocol. Because, for block chains, whether the transmission data is encrypted does not affect the validity of the transaction itself: an intermediary, even if it steals the message, cannot allow the altered transaction data to be accepted by other nodes.
但这种高度自信、过分依赖于信道安全性的协议,在网络底层发动的攻击中,便显得格外脆弱。愈合攻击便是一种足以瓦解比特币信仰的攻击手段。
But this high level of self-confidence, over-reliance on a security agreement of faith, is particularly vulnerable in the attack at the bottom of the network. Healing the attack is an attack sufficient to break the Bitcoin faith.
愈合攻击 Merge attack
Merge attack
有趣的是,“区块链” Blockchain 一词本不是白皮书中的原生词汇,尽管原文中提及“区块” Block 达 67 次,提及“链” Chain 的有 27 次,但中本聪从未将Blockchain 合并在一起。Block 既有“块”的意思,但不要忘了它同时还是另外一个含义:“限制、阻碍”。人们也许有意忽略,Blockchain can be blocked。
Interestingly, the term "block chain" Blockchain was not the original word in the White Paper, although the original reference to "block" Block reached 67 times, and to "chain" Chain 27 times, was never combined with Blockchai. Block has both the meaning of "block," but don't forget that it is also the meaning of "restrictive, obstructive." One might want to ignore that, Blockchai can be blinded.
区块链的核心是共识机制,共识是分布式系统经过网络传输“投票”决策模式,干预和影响分布式系统的承载网络。我们发现,在特定场景下,恶意地利用共识机制,可以间接影响、左右“共识”的预期结果,造成共识破裂。鉴于攻击过程涉及到区块链网络的撕裂与修复,我们将此方法称之为“愈合攻击”。
At the heart of the block chain is the consensus mechanism, which is that distributed systems transmit “vote” decision-making patterns via the web, intervening in and influencing the network of distributed systems. We find that, in a given context, the malicious use of consensus mechanisms can indirectly influence and shape the expected results of consensus, which breaks the consensus. Given that the attack process involves the tearing and repair of the network of blocks, we call it a “healing attack”.
愈合攻击,简而言之,是先通过“撕裂”,将区块链网络隔离成能超过“共识阈值”(比如 POW 的 51%)的两个独立链条,然后间隔一定时间(超过交易确认时间)后,让两个链条“愈合”,利用合并对冲来强制抛弃其中一条已有大量交易的链条。
The healing attack, in short, is to isolate the network of blocks into two separate chains that can exceed the “consensual threshold” (e.g. 51 per cent of the POW), first by “closing”, and then, after a certain period of time (over and above the time of confirmation of the transaction), by allowing the two chains to “corrupt” and to force the abandonment of one of those chains, which has already been traded in large quantities, using a combination of hedges.
愈合攻击实际上是分区攻击(Partition attack)+延迟攻击(Delay attack)的连续组合攻击手段,其破坏力远超DDos攻击和IP封堵。
The healing attack is in fact a continuous combination of attacks from a sector attack (Partition attack) + a delayed attack (Delay attack) with far more destructive power than the DDos attack and the IP blockade.
针对节点、矿工的 DDos、封堵 IP 地址等攻击方式,其影响力是短暂的。无论对任何 IP 地址发动 DDos 攻击,被攻击者都是有感知的,因为节点和矿工将立即意识到,自己无法和任何人通信。被攻击者很快可以切换 IP 的方式应对。攻击对整个区块链网络造成的破坏并不明显,因为节点在切换 IP后,仍得以与其他节点进行通信,确保了交易确认,不会导致区块链网络带来毁灭性影响。
The impact of the attack on nodes, miners’ DDos, blocking IP addresses, etc. is short-lived. Whether the DDos attack on any IP address is perceived, the nodes and miners will immediately realize that they cannot communicate with anyone. The attack can quickly be addressed by switching IP. The damage caused by the attack to the entire network of blocks is not obvious, as the node is still able to communicate with other nodes after the IP is switched, ensuring that the transaction confirms that it does not have a devastating effect on the network of blocks.
愈合攻击直接撕裂网络,形成两个大局域网。两个网内的节点均可以相互通信,并无断网感知,也就无从采取防范措施。它利用网络层,在愈合的一刻使“共识机制”崩溃:假如节点全部遵守“Code is Law”,则必然出现分链被吞没;不遵守代码约定,则需人为分叉,进而颠覆信仰。更致命的是,愈合攻击可以高效率地反复进行,分治对冲,比特币网络就就会瘫痪。
The healing attack directly rips the network apart, forming two large local area networks. Both nodes in the network can communicate with each other, have no fault in the perception of the network, and no precautions can be taken. Using the network layer, it collapses the “consensus mechanism” at the moment of healing: if the nodes comply fully with “Code is Law”, there will inevitably be a break-up; if the code agreement is not followed, an artificial break-off is required, thus undermining faith.
愈合攻击并不仅针对比特币网络有效,对于以太坊等加密数字货币,同样有着致命威胁,尽管以太坊在通讯协议上进行了一定程度的加密,但这仅仅是为了保护智能合约的安全,并不是以消除通讯协议的识别特征为目标的加密。只要根据其网络通讯中长链接、冗余心跳机制等数据和行为特性,攻击者仍然可以精准打击,通过隔离网络,发动愈合攻击。
Healing attacks are not only effective against the Bitcoin network, but also pose a deadly threat to encrypted digital money such as the Taiku, which, despite a degree of encryption on communications protocols, is merely intended to protect the security of smart contracts and not to eliminate the identifiers of communications protocols. As long as they are based on data and behavioural characteristics such as long links in their network communications, redundant heart beating mechanisms, etc., the attackers can still strike with precision and use isolation networks to launch healing attacks.
因此,无论是哪种数字货币,只要没有在通讯底层从数据和行为上抹去特征,便难逃愈合攻击的火力覆盖。近年来广受炒作的山寨币,包括莱特币、门罗币、比特币现金、量子链等则更不能幸免。声称尚未被攻击过,远远不能够作为具有防破坏性的理论证明。
As a result, either digital currency, as long as it does not de-characterize data and behaviour at the bottom of communications, it will be impossible to heal the firepower of the attack. In recent years, much more than ever, the popularly punctured mountain coins – including Letcoin, Menroco, Bitcoin, cash, quantum chains, etc. – have not been attacked.
进一步来看,所有的共识算法,包括 POW、POS、DPOS,都需要保证传输无干扰。因为分布式系统的共识算法本质上都是在信道安全的前提下,解决一致性和正确性问题。而信道安全前提一旦不成立,共识算法保障的“一致性”和“正确性”将瓦解。
Further, all consensus algorithms, including Pow, POS, and DOS, need to ensure that transmissions are free of interference. Because consensus algorithms in distributed systems essentially address the issues of consistency and correctness within the context of the security of faith.
BGP 劫持
愈合攻击是瓦解区块链的技术手段,实施愈合攻击,最常用的是 BGP 劫持。什么是 BGP 劫持呢?
A healing attack is a technical means of breaking the block chain, carrying out a healing attack, most commonly BGP hijacking. What is BGP hijacking?
正常的矿机与矿池的通讯应该包括这几个步骤:
The normal mine machine's communication with the pond should include these steps:
矿机 -> 网络运营商 A -> 网络运营商 B -> 网络运营商… -> 矿池
Miner -> Network operator A-> Network operator B-> Network operator... -> Mineral ponds
由于比特币矿池的跨地域性,在矿机和矿池之间的网络运营商(ISP)可能有数个作为跳转。这是极不安全的,任何一个环节的都有可能被黑客通过边界网关协议(BGP)劫持。
Because of the trans-geographic nature of the Bitcoin ponds, there may be several network operators (ISPs) that jump between the machines and the pits. This is highly unsafe, and any link may be hijacked by hackers through the Border Gateway Agreement (BGP).
边界网关协议(BGP)是因特网的关键组成部分,用于确定路由路径。BGP 劫持,即利用 BGP 操纵因特网路由路径。无论是网络犯罪分子还是国家防火墙,都可以利用这种技术来达到自己的目的,如误导和拦截流量等。
The Border Gateway Protocol (BGP) is a key part of the Internet and is used to determine route routes. BGP hijacking, which uses BGP to manipulate Internet route routes. Both cybercriminals and national firewalls can use this technology for their own purposes, such as misleading and intercepting traffic.
BGP 是一种网络协议,用于交换因特网上各网络之间的路由信息。一般情况下,它用来确定在独立运营的网络或自治系统之间路由数据的最佳路径。 因此,它也常常用来寻找从 ISP 到 ISP 路由数据的路径。需要注意的是,BGP 不是用来传输数据的,而是用来确定最高效的路由路径的。 实际的传输工作,是由其他协议来完成的,例如 TCP/IP 协议栈。
BGP is a network protocol for the exchange of route information between networks on the Internet. It is generally used to determine the best path for route data between independently operated networks or autonomous systems. It is therefore often used to search for routes from ISP to ISP route data. It is important to note that BGP is used not to transmit data, but to determine the most efficient route.
现在,假设我需要发送数据到世界的另一端。最终,这些数据肯定会离开我的ISP所控制的网络,因此,必然就会用到 BGP。 当然,路由路径是无法通过单独一个自治系统来决定的,这需要其他的 BGP 对等端或邻居的参与才行。 这些对等端是些已经通过手工配置为共享路由信息的自治系统。当自治系统学习新路由的时候,这些信息就会进一步传播到其他对等端。 通过梳理从 BGP 对等端收集来的路由信息,处理这些数据的路由器就能够找出最佳路径。这些最佳路径是参考多种因素综合得出的,包括距离以及路由器管理员实现的配置设置等。 由于传播路由的对等端是手工配置的,因此有必要入侵一台边界路由器来广播外部 BGP 通告,从而实现因特网级别的 BGP 劫持。尽管这做起来非常困难,但是 BGP 劫持攻击确实已经出现在现实世界之中了。
Of course, route paths cannot be determined through a separate self-governing system, which requires the involvement of other BGP counterparts or neighbours. These are self-governing systems that have been configured manually to share information.
因为 BGP 决定了数据从源端到目的地端的传输方式,所以,必须要关注该协议的安全性。通过操纵 BGP,攻击者可以按照自己的意愿来修改数据的传输路线,从而达到拦截或者修改数据的目的。 为了劫持因特网级别的 BGP,需要配置一个边界路由器,让它发送含有未分配给它的前缀的通告。如果恶意通告比合法通告还要具体,或者声称提供更短的路径,那么流量就可能被定向到攻击者那里去。 攻击者经常利用弃用的前缀来进行劫持,以免引起合法属主的关注。通过广播含有虚假前缀的通告,受攻击的路由器可能会污染其他路由器的路由信息库。 在污染了其他路由器之后,恶意路由信息可能会进一步传播到别的路由器中,或自治系统,甚至主干因特网上。
In order to hijack BGP at the Internet level, a border router is required to send a notice containing a prefix that is not assigned to it. If a malicious notice is more specific than a legitimate one, or if a shorter route is claimed to be provided, the traffic may be directed to the attacker.
最近几年来,已经有多起 BGP 劫持攻击被记录在案:
In recent years, several BGP hijacking attacks have been documented:
比较著名的就是 13 年巴基斯坦屏蔽 Youtube 的事件。由于巴基斯坦电信部门错误地把屏蔽 Youtube 加到了 BGP 上,导致该协议上的所有AS都被屏蔽了。换句话说,全世界其他所有国家的人都无法上 Youtube 了,因为数据包都涌向巴基斯坦了,而巴基斯坦恰恰屏蔽了 Youtube。
In other words, all the other countries around the world are unable to access YouTube, because the data packs are pouring into Pakistan, and Pakistan is blocking you.
在 Renesys 记载的案例中,2013 年 BGP 劫持技术曾经用来重新路由数据,使其在到达目的地之前,先经过任意指定的国家。 其中,一个攻击案例中的数据流量,在到达起目的地之前,竟然先绕道墨西哥至美国,然后转至白俄罗斯。通过散布虚假 BGP 广播,白俄罗斯的 ISP 成功将非法路由传播到了因特网上。 在这个案例中,很可能是一种公司或国家间谍行为。不过,有迹象说明,即使非国家级别的对手,照样也能够发动 BGP 劫持攻击。
In a case documented by Renesys, BGP hijacking technology was used in 2013 to reroute data, allowing them to pass through randomly designated countries before reaching their destination. In one case, data flows bypassed Mexico to the United States before reaching their destination, and then moved to Belarus.
2014 年 Dell SecureWorks 分析的一个案例中,BGP 劫持被用来拦截比特币矿机到采矿池服务器的链接。通过将流量重路由至攻击者控制的矿池,攻击者就能够窃取受害者的比特币。 这次攻击在两月内收集到了价值 $83,000 的比特币。
In one of the cases analysed by Dell SecureWorks in 2014, BGP hijacking was used to intercept the link of the Bitcoin miner to the mining pool server. By stretching the traffic route to the pond controlled by the attackers, the attackers were able to steal the victim’s bitcoin.
在 2015 年 7 月,监视软件供应商 Hacking Team 被黑,泄露的内部邮件表明,在2013 年,意大利政府曾经与 Hacking Team 有关合作,同时,意大利的一家 ISP 也购买过该公司的 BGP 劫持服务。 由于托管 Hacking Team 指令控制服务器的 IP被阻断之后,该服务器已经离线,因此该恶意软件与指令控制服务器的连接也一直保持不可达状态。通过公布托管该指令控制服务器的虚假 IP 前缀,Hacking Team 竟然又恢复了对受害者机器的访问能力。 这是第一个记载在册的西方国家政府使用BGP 劫持的案例。
In July 2015, the surveillance software provider Hacking Team was hacked and leaked internal mail indicated that in 2013 the Italian government had cooperated with Hacking Team, and that an ISP in Italy had purchased BGP hijacking services from the company. The server was offline after the hosting of Hacking Team’s IP control server was blocked, so the malicious software connection to the command control server remained impassable.
致命伤: “拜占庭将军问题”&“两军问题”
Fatal injury: “The issue of General Byzantine” and “The problem of the two armies”
比特币是分布式系统一次空前的社会实验,也被称为解决”拜占庭将军“问题的成功实例。在此强烈建议大家百度或者维基一下理论原型。
Bitcoin is an unprecedented social experiment in distributed systems, also known as a success story in solving the problem of General Byzantine. Here, it is strongly recommended that you have a 100% or a WikiLeaks version of the theory.
拜占庭将军问题是 2013 年图灵奖得主 Leslie Lamport 在 1980 年的论文 The Byzantine Generals Problem 中提出的分布式领域的容错问题,这是分布式领域最复杂、最严格的容错模型。Lamport 是分布式系统的祖师爷级的大师,这个故事也广为流传:
The question of General Byzantine is the problem of misbehaviour in the area of distribution, which was raised by the 2013 Turing Laureate Leslie Lamport in his 1980 paper The Byzantine Generals Problem, the most complex and strict tolerance model in the area of distribution. Lamport is a master of the grand masters of the distributed system, and the story is widely shared:
拜占庭位于如今的土耳其的伊斯坦布尔,是东罗马帝国的首都。由于当时拜占庭罗马帝国国土辽阔,为了防御目的,因此每个军队都分隔很远,将军与将军之间只能靠信差传消息。 在战争的时候,拜占庭军队内所有将军和副官必需达成一致的共识,决定是否有赢的机会才去攻打敌人的阵营。但是,在军队内有可能存有叛徒和敌军的间谍,左右将军们的决定又扰乱整体军队的秩序。在进行共识时,结果并不代表大多数人的意见。这时候,在已知有成员谋反的情况下,其余忠诚的将军在不受叛徒的影响下如何达成一致的协议,拜占庭问题就此形成。
Byzantine’s Istanbul, which is now Turkey, is the capital of the Eastern Roman Empire. Because of the size of the Byzantine Roman Empire at the time, each army was divided for defensive purposes, and the generals and generals could only pass on information by couriers.
拜占庭将军问题不去考虑信差是否会被截获或无法传递信息等问题。Lamport 已经证明,在存在消息丢失的不可靠信道上试图通过消息传递的方式达到一致性是不可能的。
The question of General Byzantine is not to consider whether the couriers will be intercepted or unable to transmit information. Lamport has shown that it is impossible to try to achieve consistency in the transmission of information on the basis of unreliable beliefs where it has been lost.
另一个比“拜占庭将军问题”更基础,更广为人知的是“两军问题” Two Generals’ Problem:
The other is more fundamental than the issue of General Byzantine, and more widely known is the issue of the two armies:
两支军队,分别由两个将军领导,正在准备攻击一个坚固的城市。两支军队都驻扎在城市旁边的两个不同的山谷里。两军之间隔着第三个山谷,两个将军想要通讯的唯一方法就是穿过第三个山谷传送信件。问题是,第三个山谷被城市的守卫敌军占据,并且经此传送的信件可能会被守卫敌军截获。虽然两个将军商量好要同时对城市发起攻击,但是他们没有约定特定的攻击时间。为了保证取胜,他们必须同时发起攻击,否则任何单独发起攻击的军队都有可能全军覆没。他们必须互相通信来决定一个同时攻击时间,并且同意在那个时间发起攻击。两个将军彼此之间要知道另一个将军知道自己同意了作战计划。
Two armies, each headed by two generals, are preparing to attack a strong city. Both armies are stationed in two different valleys next to the city. Between the three valleys, the only way the two generals want to communicate is through the third valley to transmit letters. The problem is that the third valley is occupied by the city’s enemy guards, and the letters transmitted may be intercepted by the enemy guards.
两军问题是阐述在一个不可靠的通信链路上试图通过通信以达成一致是存在缺陷的和困难的,这个问题经常出现在计算机网络入门课程中,用于阐释 TCP 协议不能保证通信两端状态的一致性。不过两军问题同样适用于任何有可能通信失败情况下的两点通信。
The question of the two armies, which describes the flaws and difficulties of attempting to reach agreement through communication in an unreliable communications chain, often appears in the computer network induction course and is used to explain that the TCP protocol does not guarantee consistency between the two ends of the communication. But the question of the two armies applies equally to any two points of communication that may fail.
对比两个故事,我们会发现两军问题和拜占庭将军问题有一定的相似性,但必须注意的是,信差得经过敌人的山谷,在这过程中他可能被捕,也就是说,两军问题中信道是不可靠的,并且其中没有叛徒之说,这就是两军问题和拜占庭将军问题的根本性不同。
In contrast to the two stories, we will find some similarities between the issue of the two armies and that of General Byzantine, but it is important to note that the messenger passes through the valley of the enemy, in the course of which he may be arrested, that is to say, the belief in the issue of the two armies is unreliable and that there is no traitor in it, which is the fundamental difference between the issue of the two armies and that of General Byzantine.
两军问题是在计算机通信领域首个被证明无解的问题,由此也可推论出,信道不可靠条件下的“拜占庭将军问题”也同样无解。
The issue of the two armies was the first one to be proved in the area of computer communications, and it can also be inferred that the issue of “General Byzantine” under unreliable conditions of belief is equally incontrovertible.
这意味着我们传输信息时仍然可能出现丢失、监听或篡改的情况。也许只有未来的“量子通讯”可能解决加密通信的问题。
This means that we may still be lost, bugged or tampered with when we transmit information. Perhaps only future “quan communications” can solve the problem of encrypted communications.
搁置各种加密货币共识算法的优劣争论,我们必须看到本质问题,是共识算法离不开信道安全前提。
We must see the essence of the debate over the merits of the various crypto-currency consensus algorithms, which are independent of the security premise of unbelief.
比特币在理论上的缺陷,就是出在网络通讯层的安全上。人们过高的着迷于区块链这种技术在时间戳签名、哈希链等密码学上的贡献,而忽略了其作为分布式系统的网络层安全。事实上这种技术还在早期阶段,尽管十年来比特币曾被上百次的预言死亡而仍健在,但作为科学和技术的本体,是更不应被盲目迷信的。
Bitcoin’s theoretical flaw is that it is in the security of the cybercommunication layer. The technology that is too high for block chains – the cryptographic contribution of time-stamping signatures, the Hashi chain, etc. – ignores its network security as a distributed system.
网络通讯混淆协议 BSO
Network Communication Confusion Protocol BSO
比特币的信仰建立在彻底去中心化的大前提下:整个体系公平、自治,不依赖也不需要现有的中心化机构介入,甚至也无法介入。因此,评价一个加密货币成功的标准必须在于是否彻底去中心化,中本聪理想化的忽略了网络的中心化现实,任何不彻底的“中心化”残余之处,都可能成为击垮整个比特币的“阿琉克斯之踵”。
Bitcoin’s faith is built on the premise of complete decentralization: the system is fair, autonomous, and does not depend on or require the intervention of existing centralized institutions. Therefore, the criterion for evaluating an encoded currency success must be whether or not it is completely decentralized, the idealization of the brain ignores the centralization reality of the network, and any incomplete “centralization” remains could be the “Step of Alex” that destroys the entire bitcoin.
比特币要实现彻底去中心化,承载价值网络之名,就必须运行于安全的网络上,成为加密到底层通讯协议的全加密货币。现实的网络世界,完全安全、透明、中立的网络通讯是不存在的。量子通讯从理论到落地仍需假以时日。现实的思路是立足当下技术之可为,从安全和成本制衡的角度,改良和重新设计区块链的P2P通讯协议,使工程学所能实现的安全量级大大超过现实可用于监听、拦截、破坏区块链通讯所要付出的成本代价。
In order for Bitcoin to be completely decentralized and carry the name of a value network, it must operate on a secure network and become a fully encrypted currency for encryption to the bottom of the communications protocol. The real network world, with complete security, transparency, and neutrality, does not exist.
以太坊和一些加密货币开始使用加密通讯协议,这是一个好的开始。然而这些协议仍留有很多痕迹。在 2018 年初,移动互联网系统与应用安全国家实验室举办的一场通讯加密数据识别邀请赛中,几乎所有的加密货币通讯数据全被识别了出来。
It is a good start to the use of encryption protocols in Tai Pa and some encrypted currencies. However, these agreements still leave a lot of traces. In early 2018, almost all of the encrypted currency communication data were identified in a communication encryption data recognition invitation competition between mobile Internet systems and the National Laboratory for Applied Safety.
我们认为需要重新设计一种更优的区块链通讯混淆协议 BSO(Blockchain Security Obscure Protocol),协议设计思想是让 P2P 网路在通讯传输时无明显特征,混淆在一般的网络通讯中。增加网络层寻识特征的难度,提高网络层识别、篡改或拦截的成本,从而保护区块链网络通讯的安全性。
We believe that there is a need to redesign a better block chain communication confusion protocol, BSO, which is designed to make the P2P network not visible at the time of communication transmission, and to confuse it with the general network communication. By increasing the difficulty of characterization at the network level, increasing the cost of network identification, manipulation or interception, the security of network communications in protected area blocks.
混淆协议属于一种安全对抗工程,一般有两种对抗方向,一种是正面对抗,通过设计一种新的强加密协议,让中间人无法通过分析流量内容识别出应用业务,但是新协议本身的特点,容易成为被针对的特征;另一种是迂回对抗,将应用业务的流量伪装成和互联网中绝大部分正常流量一样的协议,并且同时是一种合法的加密协议,从协议特征、内容加密就可以做到难以从流量上被针对识别。
Confusion agreements are a security counter-engineering project in which there are generally two opposing directions: one is a positive counter-offensive, by designing a new robust encryption protocol that prevents intermediaries from identifying applications by analysing traffic content, but the characteristics of the new agreement itself are easy to characterize as being targeted; the other is a back-to-back confrontation that disguises the flow of the application as the same as the majority of normal traffic on the Internet, and at the same time is a legal encryption protocol, which makes it difficult to be identified from the flow of traffic by way of the signature of the agreement, its content encryption.
BSO 混淆协议只是一个起步,未来混淆和机器学习将是一个在长期对抗中共同演进的技术,而区块链网络可以通过不断软分叉方式不断完善,健壮起来。
The BSO Confusion Agreement is only a start, and future confusion and machine learning will be a technology that evolves together in long-term confrontations, and the block chain network can be improved and robustly developed through continuous soft fork.
分布式网络治理和监控
区块链生长于网络之上,算力节点在网络上的分布生态是一个未被足够关注的问题。分布式系统的共识离不开信道安全,甚至需要网络保护。
Block chains grow above the network, and the distribution ecology of the arithmetic nodes on the network is a matter of insufficient concern.
运行在区块链上的数据,资产,应当如同承载在互联网上的信息一样,被全世界所有国家的政府、网络管理机构、运营商来保护,并承诺安全。
Data that operate on the block chain should be protected and committed to security by all Governments, network regulators and operators around the world, as is the case with information on the Internet.
所有的加密货币和区块链应用,必须争取获得获得国家和政府的认可、监管并且保护。因为加密货币并不像看上去那样,可以无法无天无人可管,又令管制机构无可奈何。可能不需更多的国家跨国联手,一两个超级大国足以让整个加密货币世界停摆。以网管链,以链治币,区块链的监管将绝不是空话。
All applications of encrypted money and block chains must be recognized, regulated, and protected by the state and the government. Because encrypted money is not as seemingly unmanageable as it seems, it is impossible to control institutions.
从事区块链、加密货币研究的企业、机构,更应该呼吁和推动政府部门尽快出台相关法律法规和监管政策,规范、保护并约束一个良好的生态环境。
Enterprises and institutions involved in block-linking, encrypt currency research should, in particular, call for and promote the speedy adoption of laws and regulations and regulatory policies to regulate, protect and regulate a sound ecological environment.
另一个维度,区块链是需要运维的。这个观点与追求“维持开放、无需权限和分布式”的理念似乎有点格格不入。但当千百亿资本涌入那些加密货币,专业的攻击者也会盯上这片“无主之地”。在去中心化的理念下,传统的运维手段几乎都不再适用,需要探索原创性的技术资源。用分布式的监控模式,去监控分布式网络和节点的健康状态,是我们认为可欲可行的。这将是一个类似比特币挖矿一样,宏大而广阔的工程:在不同的国家、运营商,部署足够多的监控节点,来反复检测线路健壮程度,是否通畅,是否被劫持。以比特币为例,如果可以提高对劫持的预警灵敏度,以至于在不可逆的 6 个区块确认前,及时采取措施,也是一条可以避免愈合攻击的发生的方案。而这样的一套类似“晴雨表”的分布式节点的监控设施,将是区块链必须的基础设施之一。
In a decentralized concept, traditional means of transport are virtually no longer applicable and original technical resources need to be explored. Using distributed surveillance models to monitor the health of distributed networks and nodes, we think it is feasible to do so. It would be like a bitcoin mining project, big and wide: deployment of enough surveillance spots in different countries, operators, to monitor the soundness of the circuits, whether they are smooth or not, and whether they are hijacked. By bitco, for example, it would be one of the infrastructure necessary for a regional chain if early warning of hijackings could be improved, so that measures could be taken in a timely manner before the six irreversibly identified.
信仰代码
Faith Code > /strong
哈耶克终身都在反对人为建构的秩序,认为人类理性不及,需要由市场自生自发的秩序来认知和管理世界,并提出了《货币的去国家化》的开创性构想,他在序言写下:
Hayek's lifelong rejection of an artificially constructed order, the belief that human reason is out of hand and requires a spontaneous market order to recognize and manage the world, and the pioneering idea of " Denationalization of the Currency ", which he wrote in his preamble:
“当下的政治必然性不应当是经济学家关注的问题。他的任务应当是像我不厌其烦地重复过的那样,是从今天的政治角度看来不可行的政策,具有政治上的可能性。决定此时此刻应当做什么,这是政治家而不是经济学家的任务···(《货币的非国家化》第二版,1978 年)”
“The political inevitability of the moment should not be a matter of concern to economists. His mission should be, as I am tired of repeating, a policy that is not feasible from today’s political point of view, with political possibilities.
作为技术开发者,引起我们共鸣的是:应从技术的角度探求,使得今天可能在政治上不可能的事情具有政治上的可能性。剩下的交给政治家。
As technology developers, we share the sentiment that technology should be explored so that things that may not be politically possible today are politically possible. The rest is left to politicians.
最后,期待人们仍可以回到对代码的信仰上。在它完善之后。
Finally, people are expected to return to their faith in the code. After it's perfected.
- 全文完 -
- The whole story is over--
编者注:
本文系微位科技 CEO 李子阳在 4 月 14 日深圳大学区块链前沿技术研讨会暨区块链技术研究中心揭牌仪式活动现场发表的主题为“Blockchain Regtech” 的演讲稿,由黄华编辑整理。
This is a presentation on the theme “Blockchain Regtech”, presented by CEO Lee Ziyang on April 14 at the University of Shenzhen Technical Seminar on the Frontiers of Block Chains and by the Centre for the Technical Study of Block Chains, which was edited by Huang Hua.
附录:致谢和参与者
Appendix: Acknowledgement and Participants
由衷的感谢下面的人,他们慷慨的分享和贡献了他们的时间和见解:
Expresses its sincere thanks to the following people, who generously shared and contributed their time and insights:
1、Satoshi Nakamoto Bitcoin: A Peer-to-Peer Electronic Cash System 2008
2、Zach Julian An Overview of BGP Hijacking AUGUST 17, 2015
3、Dave Hudson Look back to Satoshi's White Paper to Find the Essence of Blockchain 2016
4、Maria Apostolaki,Aviv Zohar,Laurent Vanbever Hijacking Bitcoin: Routing Attacks on Cryptocurrencies May 2017
5、Liang Wang,Kevin P. Dyer,Aditya Akella,Thomas Ristenpart,Thomas Shrimpton Seeing through Network-Protocol Obfuscation
6、Adem Efe Gencer, Soumya Basu, Ittay Eyal, Robbert van Renesse, and Emin Gün Sirer Decentralization in Bitcoin and Ethereum Networks
7、Byron Gibson Bitcoin and the byzantine generals problem
8、Tan Qingfeng, Shi Jinqiao, Fang Binxing, Guo Li, Zhang Wentao,Wang Xuebin, Wei Bingjie Towards Measuring Unobservability in Anonymous Communication Systems
9、Zhu Yixiang,Li Ziyang,Liang Yingfeng,Chen Yexuan,Wang Si,Jiang Zhuojian Security analysis and improvement of Blockchain network communication focus on Bitcoin 2018
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论