Monday, August 12, 2019

Dusting attack against Litecoin

Crypto-cultists know next to nothing about the technicalities of these payment systems

On Saturday, Binance, a cryptocurrency exchange, has warned that a massive dusting attack against the Litecoin, the fifth largest cryptocurrency by capitalization, was probably underway.

What is it? A dusting attack is a method to discover the identity of the holders of various wallets – or to have a chance to do so, assuming that the owner of the wallet does something "not completely careful". I don't even say "a method used by a malicious party" because I am not sure what is the axiomatic framework in which this activity would be "malicious". The widespread claim that the cryptocurrencies are "anonymous" is just a promise that some people – usually promoters of this worthless hype – spread. It's a statement that may be right or wrong to various extents and no one has the moral duty or the legal obligation to make sure that it is "right"!

I have never promised such an anonymity and I don't think that the anonymous payment systems would be better than the systems in which the anonymity may be broken, e.g. by police, at the end. And a person who finds the names of owners of all Bitcoin wallets could perhaps be described as a curious person and an excellent researcher who can unmask the truth that others try to hide, by using the public information plus the standard allowed payments. So I don't think that the people doing a dusting attack should be called "malicious". They just do something else with the unregulated cryptocurrency networks and software than most others – or they do the same steps but combine them more cleverly.



OK, a dusting attack is the donation of a negligible amount of cryptocoins to a wallet whose owner we would like to know. Certain tiny amounts cannot even be sent – because they're smaller than the smallest hypothetical transfer fee (for Bitcoin, it is 546 Satoshis i.e. 5460 nanobitcoins, when SegWit is included, it's 294 Satoshis). OK, these tiny amounts of the cryptocurrency are normally ignored by the owners and when they send something somewhere, the blocks may divide the "change" in various ways so that different wallets owned by the same owner are visually linked – even though the owner wanted to keep them separate.



You know, everyone has his own wallet or wallets in Bitcoin and its emulations. A wallet is parameterized by the public key that everyone can know. But you can't easily find out who owns the wallet, unless you just paid somebody whom you know to that wallet, because the public key cannot be translated to anything such as a "surname" or an "e-mail address", of course. On top of that, the owner also knows the private key which is what he needs to send payments from that wallet. The private key is how he actually "owns the cryptocurrency".

A simple strategy to keep your payments "anonymous" is to produce a different wallet ID – different public key for a new wallet – whenever you're paid a new payment. Imagine you're selling ice cream and you want to remain anonymous. So everytime somebody buys an ice cream from you, you produce the ice cream along with a new leather wallet, and you store the money from each consumer in a separate leather wallet. That's how many cryptopeople obsessed with the anonymity actually do it! Their computers may be full of hundreds of private keys that can unlock all these wallets that they own.

OK, you have the non-money in those many wallets for a while, and you may use one of the wallets, or many wallets, to make your own payments. The person who paid you for the ice cream – the reason why you created the new wallet – may know who is the owner of the first wallet (it is you, the seller of the ice cream) and he may monitor whether the funds have moved elsewhere. But if they have moved elsewhere, he doesn't know whether it's a wallet of the same owner, and if it is not one, who is the new owner.

In this way, the identity of the owners of the funds is being quickly anonymized or forgotten. Except that the "dust" – tiny "change" that is being transferred back and forth – may link the wallets owned by the same person, even if he doesn't do anything "too active" to link them and he might prefer them to be unlinked – and by analyzing some data about the motion of the dust, one can get lots of information about the owners of each wallet, at least each wallet to which "dust" has been sent.

In principle, these methods are very simple but I think that almost none of the Bitcoin and other cryptocurrency cultists understand these matters. They don't understand anything else that is technical, either. Almost all the HODLers are just brainwashed simpletons who were told that they are the new gods if they just buy some Bitcoin or something else for their dollars, so they did it. They became a part of the Ponzi scheme – an active or passive part of it to one extent or another.

But various technicalities are being changed e.g. about the Bitcoin. To make payments cheaper etc., Bitcoin has recently incorporated SegWit as well as the Lighning Network. Only a tiny minority of the Bitcoin cultists actually understand these changes and as far as I an say, most of the holders didn't even bother to update their software to be sure that they're compatible with these changes to the Bitcoin done through some "forks".

This ignorance of the Bitcoin cultists about the Bitcoin technicalities often leads to embarrassing shouting matches or false accusations. For example, the 14-year-old right-wing pundit Soph has produced the following BTC wallet for contributions:
bc1q8ugpqsuaajdeqvezk3va9acqhl6yc02mhqk0ef
The responses include numerous sectarian Bitcoin fanatics who scream at her because she also has a wallet with the competing currency, Bitcoin Cash. But many of her critics scream that she's not smart because they – local Bitcoin gurus – have tried everything they could and they determined that Soph's Bitcoin wallet public key is invalid. So because she couldn't list a valid Bitcoin address, she can't be too smart, they say.

The only problem is that the 14-year-old right-wing girl (who isn't too interested in the cryptocurrencies for their own sake) is completely right and her critics, self-described Bitcoin gurus who are much older and should be smarter (especially about the Bitcoin), are completely wrong. You may check that her wallet exists on chain.so and other Bitcoin "explorers". It's just an address with SegWit enabled – and most Bitcoin "gurus" already find this minor technical update to be an insurmountable barrier. They still pretend to be high-tech and representatives of the future of payment – but even with the Bitcoin, they neglect the crucial technical changes to the Bitcoin that were made official more than two years ago.

So clearly, Bitcoin and its emulations run into an unsurprising problem – with the compatibility of the various users' software. Some "forks" have enabled some new features of the Bitcoin but most users didn't bother to take notice! Even some major websites still report SegWit addresses as invalid! They also don't notice that their oversimplified ideas about the anonymity of their wallets may be invalid due to tricks such as the dusting attack.

In the case of fiat money, the central banks must fulfill the important task of forcing everybody to agree what banknotes are valid – and must be accepted – and what banknotes are not valid. This unity is enforced with the help of police etc. It doesn't and can't happen "automatically" in a decentralized way, as the people from the Bitcoin fantasy land often claim. One needs a central authority. If there is none, there will be mess and various people will claim that valid wallets are invalid and vice versa, among other things.

So the cryptocurrency movement is a religion because these people have been pre-programmed to say religiously good things about the Bitcoin (or its smaller siblings) but they have spent virtually no time by attempts to learn something about the Bitcoin and to verify whether their positively sounding statements are actually correct. It's the active skeptics with the approach similar to mine who actually understand the Bitcoin best.

No comments:

Post a Comment