vanitygen VS dogecoin

VanityGen: https://github.com/samr7/vanitygen

🧾 Whitepaper

It already has the "fix" inherited from the Bitcoin code they reuse. Though you shouldn't count on that feature to not have bugs: the Dogecoin codebase is old and poorly maintained. If you run it on a cloud service, always turn on billing limits. https://github.com/dogecoin/dogecoin/blob/master/doc/reduce-...

not theoretical https://github.com/dogecoin/dogecoin/issues/3243

>to cause a specific target networked Bitcoin node to consume quite a bit of bandwidth by returning blockchain data to the attacker.

correct

>It doesn't seem like this would have any effect on the Bitcoin network at large

until a botnet or botnets make huge swaths of the mining network unprofitable

>While I don't doubt that there exists an obscure client vulnerability that could be patched, it seems far-fetched and alarmist to categorise this as a "bitcoin exploit".

it meets all of the criteria to be called, bluntly, a remote financial attack/exploit that much of the network is vulnerable to

that's actually not correct. apples and oranges. we're talking about mining rigs - not websites and apps maintained by sysadmins who can apply a simple fix or waf during an upstream overage attack. if this was a not issue they wouldn't be patching it https://github.com/dogecoin/dogecoin/issues/3243

> that's actually not correct. apples and oranges. we're talking about mining rigs - not websites and apps maintained by sysadmins who can apply a simple fix or waf during an upstream overage attack.

Bitcoin mining rigs don't even use bitcoin p2p protocol themselves, they typically use stratum protocol(https://braiins.com/stratum-v1/docs) and don't accept incoming connections from the public internet generally. They usually connect to mining pool servers which have long had various forms of ddos attack mitigation systems in place.

> if this was a non-issue they wouldn't be patching it https://github.com/dogecoin/dogecoin/issues/3243

They added an integrated basic bandwidth limiter from the looks of it, one can do something like that using external tools already. Hardly a real vulnerability.

read this dogecoin issue for more info (it also works with doge) https://github.com/dogecoin/dogecoin/issues/3243

This example is interesting in that it sheds light on the true cost of running a cryptocurrency node. In the normal case without hackers a transaction takes up about 300 bytes. Each transaction must reach each node in the network. Each node will have to receive it and will receive it once, so on average each node will send it once. So a node will use about 0.3 GB of bandwidth to process a million transactions. At the Digital Ocean rates this will cost the node operator $0.003. So even if there were a million nodes, the total bandwidth cost to process one transaction would still be a fraction of a penny. These costs would be at data centers, and would be higher in residential locations. Don’t run a node over a cell service!