[zrm]

The problem with that attack is that Bitcoin is not very high bandwidth which makes it easy to put behind an anonymizer.

You could DoS the anonymizer but now you're into large collateral damage and the anonymizer may not be in a country where your agents control the backbone.

[SomeStupidPoint]

I agree you could harden a cryptocurrency, I was merely pointing out that Bitcoin is not. (And would require reaching consesus or having a fork to become one.)

Further, Im not sure that there's an anonymization network that could sustain being the consensus network backbone without also leaking the information to a pervasive, persistent adversary.

Things like TOR likely can already be penetrated by the US or China or Russia, and things like FreeNet are likely too slow to reach global consesus fast enough to prevent diverging chains.

Also, DoSing the network doesn't require you deanonymize them, merely that you can fill most of their anonymous routes with traffic (or that you can drop packets along them). This is problematic, because the network fundamentally must publish routes. The underlying architecture isn't meant to operate in truly adverse conditions.

[zrm]

> I agree you could harden a cryptocurrency, I was merely pointing out that Bitcoin is not. (And would require reaching consesus or having a fork to become one.)

You're treating Bitcoin as a black box.

The thing people care about forking is the blockchain. The DoS problem is the network transport. They're independent pieces. You could add a new hardened transport without forking the blockchain or even discontinuing the existing transports. Everyone would just naturally start using the hardened transport if the attack materialized.

> Also, DoSing the network doesn't require you deanonymize them, merely that you can fill most of their anonymous routes with traffic (or that you can drop packets along them). This is problematic, because the network fundamentally must publish routes. The underlying architecture isn't meant to operate in truly adverse conditions.

An anonymity service needs to be resistant to censorship. In one sense that means having a lot of bandwidth, but it also means having some political support. A government may have the technical capacity to launch a large DoS attack but it can't do that if the target servers are in a non-pushover country that would take the attack as an act of aggression.

And penetrating an onion routing network in this context is non-trivial. The three main categories of attack are implementation bugs in the endpoints, an adversary operating a large number of relays, and timing correlation by a global adversary. But the first group are inherently temporary and there are fewer of them when the endpoint is not a web browser with ten million lines of code. The second can be mitigated by not choosing relays in adversarial countries. And the third can be mitigated for low bandwidth services by using a fixed low bitrate and sending padding when there is no data.

[riprowan]

> DoSing the network doesn't require you deanonymize them, merely that you can fill most of their anonymous routes with traffic

At best if you're "successful" then you merely take all the current Bitcoin users and scatter them into a hundred different competing and more anonymous cryptos. Oops.

In the south we have fire ants. The thing about fire ants is that if you disrupt the nest you had better kill them all, because if you mess with a nest today, in a few days you'll have 5 nests to deal with. And so on.

Crypto is like fire ants in this regard.

[SomeStupidPoint]

1. The strength of a currency is its ability to be exchanged, so forcing them onto several (possibly themselves compromised) networks increases transaction costs and changes the economics significantly. Similarly, hardened networks likely impose additional overhead. Finally, smaller networks are easier to perform 51% attacks on. If you can break it in to 10 networks, you only need 1/10th the power to 51% them each in turn.

2. My point was about the strength of the bitcoin network as it stands. And I think you agree that it's both vulnerable and non-trivial to fix, so Im not actually sure what your point is.