Hey @Michael.Liesenfelt,
Thanks for dropping by. I have been away for too long until I got a comment notification on my CIP that it is up for review. So, I have not had any chance to follow on the progress of your CIP. Will try to refresh myself on it again if I get a chance. Best of luck!
1 Like
I am an idiot for not realizing this, but virtual machines require RAM and hard drive allocations. So, if I have a CPU that’s only 12 GB RAM and 200 GB hardrive, I can not add any more VMs because I’m maxed out if we go by MAC addresses. Definitely, I would have to go by a PC with TB RAM and hard drive specs if I want to have multiple pools on it. This is expensive.
However, it’s different if we go by IP address because IP addresses can share the same specs.
Am I wrong in this?
There are virtualisation solutions that are much more light-weight – for example Docker or even leaner LXC containers.
And, if I wanted to do a large-scale attack on the Cardano network, I would probably not do it with virtual machines, but rather hack the cardano-node implementation, so that a single instance can pose as lots of different relays and block producers (and faking different hardware fingerprints if theoretically your proposal were approved).
Yes, I would have to route lots of IP addresses to this single attack machine, but with a little effort that will also not be so easily detected from the outside.
2 Likes
There are virtualisation solutions that are much more light-weight – for example Docker or even leaner LXC containers.
But since they are lightweight and does not have 12GB RAM, can they still be efficient block-producing nodes? I feel that increasing the RAM requirement might be a solution. Although, this will raise a lot of eye browse.
And, if I wanted to do a large-scale attack on the Cardano network, I would probably not do it with virtual machines, but rather hack the
cardano-nodeimplementation, so that a single instance can pose as lots of different relays and block producers (and faking different hardware fingerprints if theoretically your proposal were approved).
Assuming the clones can carry over the pledge and delegation of the original, such hack should also be possible at the current implementation, right?
I am sorry if I am taking a lot of your time. I reallllllyyyy appreciate you for sharing your expertise here. It brings me more understanding of the ecosystem and my own CIP.
That is not possible. Pledge and delegation are recorded on the chain and are visible to everybody. If I am trying to pose as a lot of different pools/nodes, they will have different identities with different pledge, different delegations, different stake on the blockchain.
I see. So under my CIP, to attack the current ecosystem you would need about 1108 fully saturated pools (11.7B ADA) plus pledge. Let’s assume 100K pledge, it will be 111 M ADA in pledge.
I know it will be difficult to fully saturate all 1108 pools. If the attacker sets up more pools, saturation limit keeps decreasing and total pledge keeps increasing. So he has a race against these two.
Okay, so now I have something to think about: how feasible is it for him to win the race.
Thanks a lot @HeptaSean! If you have more inputs/critiques, please share. I’d love to hear it.