Which Masternode model should we implement?

Kong

Member
Apr 9, 2014
55
15
48
I see little point in spending money to prove the resistance of a network against an attack that not yet affected that network even on a small scale.

My issue is with people who spout off attack vectors with a low probability of success or are otherwise properly dis-incentivized and waste everyone's time.
In my opinion this sort of test could also be a big "marketing" aspect, if the masternode network (the masternode owners) would accept and fund this sort of test, and if the masternode network would resist the ddos attacks of a medium botnet.
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
I see little point in spending money to prove the resistance of a network against an attack that not yet affected that network even on a small scale.

My issue is with people who spout off attack vectors with a low probability of success or are otherwise properly dis-incentivized and waste everyone's time.
Darksend is an "ahead-of-time" tool for anonymous money, it would be a terrible irony if it can't be protected by an "ahead-of-time" thinking/planning to prevent MN go down by a DDOS, which will take down the wonderful aheadoftime DS also. Right now DRK isn't well-known yet so it's not a worry but DDOSing the MNs to hell is not a problem for some hackers, i'm sure.
You probably already know hackers can bring down networks of a whole country like Estonia and North Korea.
 

JGCMiner

Active Member
Jun 8, 2014
364
217
113
Darksend is an "ahead-of-time" tool for anonymous money, it would be a terrible irony if it can't be protected by an "ahead-of-time" thinking/planning to prevent MN go down by a DDOS, which will take down the wonderful aheadoftime DS also. Right now DRK isn't well-known yet so it's not a worry but DDOSing the MNs to hell is not a problem for some hackers, i'm sure.
You probably already know hackers can bring down networks of a whole country like Estonia and North Korea.
Yeah, but how far ahead of time do you protect against before you are just wasting time. Evan seems to think that 2000+ nodes is fairly DDOS resistant and we have never seen a large number of MNs down due to this attack. That is enough for me until I see evidence to the contrary.

There are a lot of very rich incumbents in the current financial system that would not mind if BTC disappeared, but recently we haven't seen a major attack against their nodes.

Looking ahead of time is fine so long as you are looking at something that matters.
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
Yeah, but how far ahead of time do you protect against before you are just wasting time. Evan seems to think that 2000+ nodes is fairly DDOS resistant and we have never seen a large number of MNs down due to this attack. That is enough for me until I see evidence to the contrary.

There are a lot of very rich incumbents in the current financial system that would not mind if BTC disappeared, but recently we haven't seen a major attack against their nodes.

Looking ahead of time is fine so long as you are looking at something that matters.
Probably they don't think Bitcoin is a threat? I don't know. But if Darkcoin is perceived as a threat by many, that would be a different story.
 

Kong

Member
Apr 9, 2014
55
15
48
Probably they don't think Bitcoin is a threat? I don't know. But if Darkcoin is perceived as a threat by many, that would be a different story.
Make the coin as hard as possible against any sort of attack. Ddos attack is the most common, therefore it should be tested instead of assuming that ddos is not a threat. Prepare yourself when you can.
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
Make the coin as hard as possible against any sort of attack. Ddos attack is the most common, therefore it should be tested instead of assuming that ddos is not a threat. Prepare yourself when you can.
Agreed totally! Do you own a botnet? Want to try? :D
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
No, i do not. But darkred has outed himself as a botnet and tor hobbyist.
You mean darkstrike420 ? I wonder if he's responsible for some of the DDoSes on Freenode and Efnet ... :D jk
Sometimes it's just fun to see a network being ddosed and then go back up again lol
 

JGCMiner

Active Member
Jun 8, 2014
364
217
113
Make the coin as hard as possible against any sort of attack. Ddos attack is the most common, therefore it should be tested instead of assuming that ddos is not a threat. Prepare yourself when you can.
Everything has tradeoffs.

I am fine with option 2 to make DDOS more difficult if the negative effects are minimal, but if option 2 costs us enough in terms of MN response time which in turn harpoons IX... then what was the point.
 

moli

Grizzled Member
Aug 5, 2014
3,255
1,830
1,183
Everything has tradeoffs.

I am fine with option 2 to make DDOS more difficult if the negative effects are minimal, but if option 2 costs us enough in terms of MN response time which in turn harpoons IX... then what was the point.
Right now it's obvious that option 1 is the only option.
 

Kong

Member
Apr 9, 2014
55
15
48
Everything has tradeoffs.

I am fine with option 2 to make DDOS more difficult if the negative effects are minimal, but if option 2 costs us enough in terms of MN response time which in turn harpoons IX... then what was the point.
Option 1 or 2... i don't know, i am no expert in networking, but i think in general, that the masternode network needs to withstand some hacker attacks minimum in testnet. If there are not enough masternodes in testnet, then there could be a planned ddos attack against half of the masternode network to see what will happen.
 
  • Like
Reactions: moli

JGCMiner

Active Member
Jun 8, 2014
364
217
113
Option 1 or 2... i don't know, i am no expert in networking, but i think in general, that the masternode network needs to withstand some hacker attacks minimum in testnet. If there are not enough masternodes in testnet, then there could be a planned ddos attack against half of the masternode network to see what will happen.
Don't misunderstand my point. I have no problem with testing. Actually, that was the point of my first post. Someone (preferably someone who is worried about this attack) should try to DDOS the MNs. If it works then we need to come up with a solution and if it doesn't then this should be considered a fringe attack vector at best.

Again, I took exception with opponents of option 1 making a yet-to-be-proven, mythical DDOS against against the all MNs save the ones they own the reason why option 1 is not acceptable.

By all means, test away...:)
 

Icebucket

Active Member
Apr 11, 2014
268
129
103
Dont know if this point has been raised but there are VPS service providers that allow you to be anonymous, pay in BTC or convince the provider to accept DRK. like I did, the only info they need is a Email, and you can use https://protonmail.ch/ to be safer.
 
  • Like
Reactions: moli

thelonecrouton

Well-known Member
Foundation Member
Apr 15, 2014
1,135
813
283
LOL, all this worry about DDOSing 2000+ Masternodes when 90% of the hash gets funnelled through 3 pool servers?

An attacker is not going to waste time disrupting DS and IX services when they can render the entire currency unusable and rewrite the blockchain at will with 3 orders of magnitude less effort.

Blockchain security should be shifted to Masternodes, using the same n-of-m approach that makes DS and IX so secure. And then, when IP obfuscation/i2p/whatever is implemented, you have a practically unbreakable system with no weak links.
 
Last edited by a moderator:
  • Like
Reactions: akhavr and Raico

GermanRed+

Active Member
Aug 28, 2014
299
109
113
In my opinion this sort of test could also be a big "marketing" aspect, if the masternode network (the masternode owners) would accept and fund this sort of test, and if the masternode network would resist the ddos attacks of a medium botnet.
We don't need to fund the attack. The MN operators just need to piss off the "Anonymous" group.
 

GermanRed+

Active Member
Aug 28, 2014
299
109
113
Just a question for you guys: We have been emphasizing the one IP per node but we see only 1977 unique IPs for 2237 active MNs. So, how can we say that it is one IP per node? And, we can see that each MN is paid after roughly every 2237 blocks. So, someone is running multiple nodes on one IP.

EDIT: My guess is that these nodes are using NAT and the private IPs are in virtual instance of OS with private network stack. Then, the firewall distribute the incoming traffics to these virtual instance of OS. So, the one IP per node is not a real requirement. It just takes a little more effort to get around it. That brings back to my original suggestion: pay MN according to the number of darksend transactions served.
 
Last edited by a moderator:

GermanRed+

Active Member
Aug 28, 2014
299
109
113
Are there some MNs going through Tor out-proxy right now? Or, do we have to run darkcoin as hidden service?
 

darkstrike420

Active Member
Jul 1, 2014
178
136
103
You mean darkstrike420 ? I wonder if he's responsible for some of the DDoSes on Freenode and Efnet ... :D jk
Sometimes it's just fun to see a network being ddosed and then go back up again lol
I don't own a botnet. If you want to test how strong Darkcoin is against DDOS, you first should get acceptance of ddos of masternode owners(so its legal to stress test their network) then throw together couple thousand for 1 Gbit/s servers and get DNS amplification code off the internet. Then just input the IP addresses.

FYI: I am not criminal. Why would you assume I run botnets?

Are there some MNs going through Tor out-proxy right now? Or, do we have to run darkcoin as hidden service?
Hidden service is way better.
 
  • Like
Reactions: Populandum and moli

darkstrike420

Active Member
Jul 1, 2014
178
136
103
Let's say I manage to purchase enough Darkcoin for 200 masternodes. I obviously know my masternode's IPs. Using your methodology, I then DDOS all the other masternodes so that the network only utilizes my 200 masternodes. Theoretically, I can then unmask Darksend transactions, yes?
Correct. With enough power you would be able to down ALL other or the majority of masternodes thus all mixing would go through your nodes and you would know everything.

Thanks for mentioning this. Another reason to not have clearnet IP.
 

darkstrike420

Active Member
Jul 1, 2014
178
136
103
If your SO anti-DRK then why don't you sell all your DRK and move on

I just don't understand why you would put so much engery into something you see as a failure
Anti-DRK? LOL. I invested cash to be rich. If I was anti-drk I wouldn't recommend ideas that increase the strength of the whole network against DDOS attacks and potentially give a rocket to the value of Darkcoin for a good ride to the moon.

I am just being realistic. Its time to open up your eyes bro. DRK will never replace BTC in the world, it will however replace BTC when it comes to crime. That is the DRK future.

Government will kill every one of us before they allow anonymous money to be used in shops and everything.

Anti-DRK.. lol. I think you are anti-drk for not wanting it to reach its full potential.
 
Last edited by a moderator:
  • Like
Reactions: GermanRed+

GermanRed+

Active Member
Aug 28, 2014
299
109
113
LOL, all this worry about DDOSing 2000+ Masternodes when 90% of the hash gets funnelled through 3 pool servers?

An attacker is not going to waste time disrupting DS and IX services when they can render the entire currency unusable and rewrite the blockchain at will with 3 orders of magnitude less effort.

Blockchain security should be shifted to Masternodes, using the same n-of-m approach that makes DS and IX so secure. And then, when IP obfuscation/i2p/whatever is implemented, you have a practically unbreakable system with no weak links.
What if the goal of an attacker is to reveal who you are rather than bring the network down? I think the goal of being anonymous is one while protecting the network is another goal.
 

darkstrike420

Active Member
Jul 1, 2014
178
136
103
LOL, all this worry about DDOSing 2000+ Masternodes when 90% of the hash gets funnelled through 3 pool servers?

An attacker is not going to waste time disrupting DS and IX services when they can render the entire currency unusable and rewrite the blockchain at will with 3 orders of magnitude less effort.

Blockchain security should be shifted to Masternodes, using the same n-of-m approach that makes DS and IX so secure. And then, when IP obfuscation/i2p/whatever is implemented, you have a practically unbreakable system with no weak links.
Good luck ddosing 3 pools which owners are rich as fuck and totally able to aford $1000/month anti-ddos services compared to masternode operators who are not willing to pay more than 10$/month on hosting because its not cost-effective.

There are good services which offer Anti-ddos for up to 500 Gbit/s and more. Now these 3 pools use 3 different anti-ddos with each 500 Gbit/s. You need 1500 Gbit/s to down these pools. Where dafuq will u get 1500 Gbit/s? It will be more expensive than riding EUR1000/night hookers everyday.

On paper you sound correct, in reality you're wrong.
 

GermanRed+

Active Member
Aug 28, 2014
299
109
113
LOL, all this worry about DDOSing 2000+ Masternodes when 90% of the hash gets funnelled through 3 pool servers?

An attacker is not going to waste time disrupting DS and IX services when they can render the entire currency unusable and rewrite the blockchain at will with 3 orders of magnitude less effort.

Blockchain security should be shifted to Masternodes, using the same n-of-m approach that makes DS and IX so secure. And then, when IP obfuscation/i2p/whatever is implemented, you have a practically unbreakable system with no weak links.
What if the goal of an attacker is to reveal who you are rather than bring the network down? I think the goal of being anonymous is one while protecting the network is another goal.
 
  • Like
Reactions: darkstrike420

GermanRed+

Active Member
Aug 28, 2014
299
109
113
Here is my logic:

We want to use an anonymous coin to protect our privacy. That does not mean we are criminals. Criminals want to be anonymous too. So,

we =/= criminals
drk users = we + criminals

So, in the long run, we still should plan for protecting the MNs.
 
  • Like
Reactions: darkstrike420

tungfa

Grizzled Member
Foundation Member
Masternode Owner/Operator
Apr 9, 2014
8,899
6,744
1,283
Here is my logic:

We want to use an anonymous coin to protect our privacy. That does not mean we are criminals. Criminals want to be anonymous too. So,

we =/= criminals
drk users = we + criminals

So, in the long run, we still should plan for protecting the MNs.
I do not see it like that at all !!
I am public with my name and everything and would have obviously not done that
thinking like
we =/= criminals

DRK is an open source project
the Dev Team is not responsible for any action taken by the coins
MN's are just supporting the tech and network
nothing else !

you are watching way too many hollywood movies i think
I am paranoid enought , but this is just way over the top !
 
  • Like
Reactions: drkhouse and Raico

GermanRed+

Active Member
Aug 28, 2014
299
109
113
I am wondering what will happen if we have the following setup with our current darkcoin software:

( other drk clients and drk MNs on clearnet )==internet==( drk client 1 )==intranet==( drk MN 1 )==internet==( other drk clients and drk MN on darknet )

What will happen when drk client 1 sees a drk MN 1 on the intranet?
 

GermanRed+

Active Member
Aug 28, 2014
299
109
113
I do not see it like that at all !!
I am public with my name and everything and would have obviously not done that
thinking like
we =/= criminals

DRK is an open source project
the Dev Team is not responsible for any action taken by the coins
MN's are just supporting the tech and network
nothing else !

you are watching way too many hollywood movies i think
I am paranoid enought , but this is just way over the top !
I meant
we ≠ criminals
if I have caused any confusion.
 
  • Like
Reactions: tungfa

thelonecrouton

Well-known Member
Foundation Member
Apr 15, 2014
1,135
813
283
Good luck ddosing 3 pools which owners are rich as fuck and totally able to aford $1000/month anti-ddos services compared to masternode operators who are not willing to pay more than 10$/month on hosting because its not cost-effective.

There are good services which offer Anti-ddos for up to 500 Gbit/s and more. Now these 3 pools use 3 different anti-ddos with each 500 Gbit/s. You need 1500 Gbit/s to down these pools. Where dafuq will u get 1500 Gbit/s? It will be more expensive than riding EUR1000/night hookers everyday.

On paper you sound correct, in reality you're wrong.
Two points:

1. I doubt pool owners are as 'rich as fuck' and spending $1000/month on DDOS protection.

2. The killer governments you talk about wouldn't piss about DDOSing them anyway, they'd locate them and physically shut them down. At a cost of peanuts. A phonecall to the service provider would probably do it. "Hi, this is the CIA. Cease provision to blahpool immediately or we will swing on by and FUBAR you."
 

darkstrike420

Active Member
Jul 1, 2014
178
136
103
2. The killer governments you talk about wouldn't piss about DDOSing them anyway, they'd locate them and physically shut them down. At a cost of peanuts.
Because Governments have suceeded to locate and shutdown Agora and Evolution.

Why do u keep talkin out of your ass boy?