Skip to content
View Manul1919191's full-sized avatar

Achievements

Achievement: Pull SharkAchievement: Quickdraw

Achievements

Achievement: Pull SharkAchievement: Quickdraw

Block or report Manul1919191

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Please don't include any personal information such as legal names or email addresses. Maximum 100 characters, markdown supported. This note will be visible to only you.
Report abuse

Contact GitHub support about this userโ€™s behavior. Learn more about reporting abuse.

Report abuse
Manul1919191/README.md
  • ๐Ÿ‘‹ Hi, Iโ€™m @Manul1919191
  • ๐Ÿ‘€ Iโ€™m interested in ...
  • ๐ŸŒฑ Iโ€™m currently learning ...
  • ๐Ÿ’ž๏ธ Iโ€™m looking to collaborate on ...
  • ๐Ÿ“ซ How to reach me ...

ยถtim mayฺ†

ยถูŒ Given our assumption that p > q, the probability drops exponentially as the number of blocks the attacker has to catch up with increases. With the odds against him, if he doesn't make a lucky lunge forward early on, his chances become vanishingly small as he falls further behind. We now consider how long the recipient of a new transaction needs to wait before being sufficiently certain the sender can't change the transaction. We assume the sender is an attacker who wants to make the recipient believe he paid him for a while, then switch it to pay back to himself after some time has passed. The receiver will be alerted when that happens, but the sender hopes it will be too late. The receiver generates a new key pair and gives the public key to the sender shortly before signing. This prevents the sender from preparing a chain of blocks ahead of time by working on it continuously until he is lucky enough to get far enough ahead, then executing the transaction at that moment. Once the transaction is sent, the dishonest sender starts working in secret on a parallel chain containing an alternate version of his transaction. The recipient waits until the transaction has been added to a block and z blocks have been linked after it. He doesn't know the exact amount of progress the attacker has made, but assuming the honest blocks took the average expected time per block, the attacker's potential progress will be a Poisson distribution with expected value: ๎ƒ = z qp To get the probability the attacker could still catch up now, we multiply the Poisson density for each amount of progress he could have made by the probability he could catch up from that point: โˆž ๎ƒkeโˆ’๎ƒ{๎‚žq/p๎‚Ÿ๎‚žzโˆ’k๎‚Ÿ ifkโ‰คz} โˆ‘k=0 k!โ‹… 1 ifk๎‚…z Rearranging to avoid summing the infinite tail of the distribution... z ๎ƒkeโˆ’๎ƒ ๎‚žzโˆ’k๎‚Ÿ 1โˆ’โˆ‘k=0 k! ๎‚ž1โˆ’๎‚žq/p๎‚Ÿ ๎‚Ÿ Converting to C code... #include <math.h> double AttackerSuccessProbability(double q, int z) { double p = 1.0 - q; double lambda = z * (q / p); double sum = 1.0; int i, k; for (k = 0; k <= z; k ) { double poisson = exp(-lambda); for (i = 1; i <= k; i ) poisson *= lambda / i; sum -= poisson * (1 - pow(q / p, z - k)); } return sum; }ูŒ

Pinned Loading

  1. 19- 19- Public

  2. bitcoin bitcoin Public

    Forked from bitcoin/bitcoin

    Bitcoin Core integration/staging tree

    C