Discussion:
BIP Proposal: Rate Limiting with server specified Proof of Work challenges
Add Reply
Karl Johan Alm via bitcoin-dev
2017-05-08 02:48:54 UTC
Reply
Permalink
Raw Message
Hello,

I am proposing a new feature for rate limiting purposes where nodes
can make and solve arbitrary PoW challenges in return for connection
slots (to be expanded to cover e.g. bloom filters or other DoS risky
services).

The BIP currently includes two proofs of work (sha256 and
cuckoo-cycle) which can be combined (e.g. sha256(cuckoo-cycle) or
sha256(sha256(sha256)), etc).

Link: https://github.com/kallewoof/bips/blob/pow-connection-slots/bip-rate-limiting-via-pow.mediawiki

Feedback welcome.
Erik Aronesty via bitcoin-dev
2017-05-08 18:58:54 UTC
Reply
Permalink
Raw Message
- It would be cool if any rate-limiting POW was specified as bytecode ...
so nodes can plug in as many "machine-captcha" things as they please, and
solvers can choose to solve... or just say "nope too hard".

- Alternately, it would be a lot nicer if you just required people to pay a
nanobit .... that could prevent DDOS even better, and generate a revenue
stream for nodes.


On Sun, May 7, 2017 at 10:48 PM, Karl Johan Alm via bitcoin-dev <
Post by Karl Johan Alm via bitcoin-dev
Hello,
I am proposing a new feature for rate limiting purposes where nodes
can make and solve arbitrary PoW challenges in return for connection
slots (to be expanded to cover e.g. bloom filters or other DoS risky
services).
The BIP currently includes two proofs of work (sha256 and
cuckoo-cycle) which can be combined (e.g. sha256(cuckoo-cycle) or
sha256(sha256(sha256)), etc).
Link: https://github.com/kallewoof/bips/blob/pow-connection-
slots/bip-rate-limiting-via-pow.mediawiki
Feedback welcome.
_______________________________________________
bitcoin-dev mailing list
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
Karl Johan Alm via bitcoin-dev
2017-05-09 01:15:25 UTC
Reply
Permalink
Raw Message
Erik,
- It would be cool if any rate-limiting POW was specified as bytecode ... so
nodes can plug in as many "machine-captcha" things as they please, and
solvers can choose to solve... or just say "nope too hard".
I'm not entirely sure what you mean, but right now you can make an
arbitrary chain of challenges, and the BIP includes methods for
determining an approximate time to solve (nodes will, at the very
least, discard any challenge which will on average take longer time to
solve than the expiration of the challenge itself, for example, i.e.
the "nope too hard" part).
- Alternately, it would be a lot nicer if you just required people to pay a
nanobit .... that could prevent DDOS even better, and generate a revenue
stream for nodes.
Others mentioned this approach. I haven't given it much thought.
Admittedly it would be an effective way to prevent DoS but it also has
some unwanted side effects that need to be cleared up (e.g. in a
no-gains scenario like the BIP proposes, the node requesting PoW done
doesn't *gain* anything from lying to the node performing the work).
Karl Johan Alm via bitcoin-dev
2017-05-19 04:09:29 UTC
Reply
Permalink
Raw Message
Hello,

Some time has passed since this was initially posted, and I have not
received any negative feedback. If no objections are raised, I would
like to have a BIP number assigned.

On Mon, May 8, 2017 at 11:48 AM, Karl Johan Alm
Post by Karl Johan Alm via bitcoin-dev
Hello,
I am proposing a new feature for rate limiting purposes where nodes
can make and solve arbitrary PoW challenges in return for connection
slots (to be expanded to cover e.g. bloom filters or other DoS risky
services).
The BIP currently includes two proofs of work (sha256 and
cuckoo-cycle) which can be combined (e.g. sha256(cuckoo-cycle) or
sha256(sha256(sha256)), etc).
Link: https://github.com/kallewoof/bips/blob/pow-connection-slots/bip-rate-limiting-via-pow.mediawiki
Feedback welcome.
Loading...