一、区块链分层架构
I, block chain stratification
传统互联网架构
Traditional Internet Structure
区块链网络架构
区块链系统由数据层、网络层、共识层、激励层、合约层和应用层组成。
The block chain system consists of data layer, network layer, consensus layer, incentive layer, contract layer and application layer.
区块链网络架构模型:由P2P网络、公钥体制、共识机制和智能合约等技术所构建的区块链网络结构
Block chain network architecture model: block chain network structure constructed by technologies such as P2P network, public key system, consensus mechanism and smart contract
?
数据层(Data Layer):负责区块链数据的存储。“数据结构”,即“区块+链”的结构。从还没有记录交易信息的创世区块起,直到现在仍一直在新添加的区块,构成的链式结构,里面包含了哈希值、随机数、认证交易的时间戳、交易信息数据、公钥和私钥等,是整个区块链技术中最底层的数据结构。
Data layer (Data Layer): is responsible for the storage of block chain data.
?
网络层(Network Layer):负责各个节点之间的网络连接和传输。主要是(点对点)P2P网络机制、数据传播机制和数据验证机制。分布式算法以及加密签名等都在网络层中实现,区块链上的各个节点通过这种方式来保持联系,共同维护整个区块链账本,比较熟知的有闪电网络、雷电网络等第二层支付协议。目前很多区块链数据传输都采用RPC或者GRPC。
Networks (Network Layer): Network connections and transmissions between nodes.
?
共识层(Consensus Layer):负责实现各个账本的数据一致性。主要包括共识算法机制。目前为止有 PoW、PoS、DPoS、PoW 和 PoS 结合、燃烧证明、重要性证明等十几种共识机制。共识层决定了区块的记账权(将数据连接到区块链的权利)、信息的一致性(确保每个节点的数据都一样)。
Consensus Layer: responsible for achieving data consistency across the books. Mainly, there are consensus algorithm mechanisms. To date, there are dozens of consensus mechanisms such as PoW, PoS, DPOS, PoW and PoS combined, burn certificate, materiality certificate. consensus level determines the rights to account for blocks (right to link data to the block chain), consistency of information (ensuring that data for each node is the same).
?
激励层(Actuator Layer)包括激励机制和分配制度。在区块链中一般指挖矿奖励,通过奖励一部分数字资产从而激励矿工去验证交易信息,从而维持挖矿活动以及区块链账本更新的持续进行;另外,还会制定一些相关制度,奖惩分明,激励记账节点,惩罚恶意节点。
Incentive layers include incentive mechanisms and distribution systems. In block chains, incentives are generally referred to as mining incentives, which provide incentives for miners to verify transactional information by rewarding a portion of digital assets, thus sustaining mining activities and the updating of block chain books; in addition, there are systems that provide clear incentives, incentives to account nodes, and penalties for malignant nodes.
?
合约层(Contract Layer):负责实现智能合约、脚本的功能。使区块链可编程。例如,智能合约是区块链的一些脚本,区块链上的各种交易会触发对应的脚本。触发后,该脚本就可以从区块链读取数据或向区块链写入数据甚至去触发其他脚本协同工作。通过这种方式,就可以使用程序算法来替换人员去仲裁和执行合同,为用户节省巨大的信任成本。【把代码写到合约里,就可以自定义约束条件,不需要第三方信任背书,到时间立即实时操作。】
Contract Layer: Performs the functions of a smart contract, script. Makes the block chain programmed. For example, a smart contract is a few scripts of a block chain, and transactions on a block chain trigger the corresponding script. After triggering, the script can read data from the block chain or write data to the block chain, or even triggers other scripts to work together. In this way, process algorithms can be used to replace people in arbitration and contract enforcement, saving users significant trust costs.
针对不同的业务需求,在合约层灵活定义逻辑、规则 、关系,通过合约层与区块链网络交互,是应用层访问区块链数据的接囗,也是区块链中核心代码逻辑的定义层和处理层。应用层通过调用存储与区块链状态库中的智能合约账户,提供相关输入数据,智能合约根据输入数据及预置于合约代码中的响应条件,对区块链状态进行相关更新,并将更新后的状态叠加存入状态库。通过智能合约,应用层可以将产生的重要价值数据以智能合约提供的接囗存入区块链。
In response to different business needs, the contract layer has a flexible definition of logic, rules, relationships, where application provides relevant input data by calling on the smart contract accounts in the storage and block chain status bank, and the intelligent contract updates the block chain status in accordance with the input data and the response conditions pre-positioned in the contract code, adding the updated status to the status library. Through the smart contract, the application layer can store the key value data generated by the smart contract into the block chain chain.
?
应用层(Application Layer)该层封装了区块链的各种应用和场景。
Application Layer covers the applications and scenes of the block chain.
?
应用层:可编程货币,可编程金融,可编程社会
Level of application: programmable currency, programmable finance, programmable society
合约层:脚本代码、算法机制、智能合约
Contract layer: Script code, algorithm mechanism, smart contract
激励层:发行机制、分配机制
Incentive level: distribution mechanisms, distribution mechanisms
共识层:PoW、PoS、DPoS、PBFT、Raft
Consensus layer: PoW, PoS, DPOS, PBFT, Raft
网络层:P2P网络、传播数据机制、验证数据机制
Network level: P2P network, dissemination mechanism, validation mechanism
数据层:数据区块、链式结构、哈希算法、时间戳、默克尔树、非对称加密
Data layers: data blocks, chain structures, Hashi algorithms, time stampes, Merkel trees, asymmetric encryption
?
区块链生态:技术生态、用户生态、应用生态、存储生态
Block chain ecology: technology ecology, user ecology, applied ecology, storage ecology
?
?
二、数据层
ii,
每个分布式节点都可以通过特定的哈希算法和Merkle 树数据结构,将一段时间内接收到的交易数据和代码封装到一个带有时间戳的数据区块中,并链接到当前最长的主区块链上,形成最新的区块,该过程涉及区块,链式结构,哈希算法,Merkle树和时间等技术。
Each distributed node can encrypt the transaction data and codes received over a period of time into a data block with a `strang' time stamped
?
2.1 哈希函数
2.1 Hashi function
Hash,“散列”、“哈希”,把任意长度的输入(又叫做预映射,pre-image),通过散列算法,变换成固定长度的输出,该输出就是散列值。这种转换是一种压缩映射,一种将任意长度的消息压缩到某一固定长度的消息摘要的函数。
Hash, " hash ", " Hash ", changes the input of any length (also known as premap, pre-image) to a fixed length output, which is a hash value, through a hash algorithm. This conversion is a compressed map, a function that compresss messages of any length to a fixed length of message summary.
?
3个重要性质:
Three important characteristics:
collision resistance抗碰撞;x≠y,可有H(x)=H(y)
collision resistance resistance; xy, may include H(x)=H(y)
若有一条信息x,我们希望别人知道我有x但不想让别人知道x具体是什么,就可以通过告诉其Hash(x)。对方可以通过Hash(x)知道你确实知道x这个信息,但他无法(很难)通过Hash(x)反推出x。
If there is a message x, we want people to know that I have it but don't want people to know what x is, you can tell it by telling it to Hash (x). Through Hash (x), the other party knows that you do know it, but he can't (it's hard) to reverse it by Hash (x).
hiding单向不可逆;H(x)无法x
hiding single-way irreversible; H(x) cannot be x
collision resistance + hiding ?digital commitment:
先公布H(x),待揭晓后公布x,因为H是可知的,通过求H(x)即可知道x是否被篡改。
H(x) is published first, and upon disclosure, because H is known, and by asking H(x) it is known whether or not the x has been tampered with.
puzzle friendly;哈希值的计算是不可预测的,
puzzle friendly; the calculation of is unpredictable .
如果想要H(x)落在某个范围之内,只能一个个去试。
If you want H(x) to fall within a certain range, you have to try it one by one.
该性质保证了比特币系统中,只能通过“挖矿”获得比特币。保证了工作量证明(POW)机制可以运行下去【“挖矿难,但验证易”】。
This nature ensures that bitcoin can only be obtained through “mining” in the bitcoin system.
?
2.2 账户模型(以以太坊为代表)
2.2 Account Model (represented by Taicha)
账户保存了余额的状态,与银行账户很像
The account keeps the balance in a state similar to the bank account.
优点:
Advantages:
①合约以代码形式保存在Account中,并且Account拥有自身状态
Contract 1 is stored coded in Account, and Account has its own state.
②该模型具有更好的可编程性,易被开发人员理解,场景更广泛
2 The model is better programable, easy to understand by developers, and more extensive.
③批量交易的成本较低。设想矿池向矿工支付手续费,UTXO中因为每个Input和Out都需要单独Witness script 或者Locking script,交易本身会非常大,签名验证和交易存储都需要消耗链上宝贵的资源。而Account模型可以通过合约的方式极大的降低成本。
The cost of a three-volume transaction is lower. The UTXO assumes that the pit pays the miners, because each Input and Out requires a separate Witness Script or Locking Script, the transaction itself would be very large, and signature validation and transaction storage would require the consumption of valuable resources on the chain. The Acaccount model could significantly reduce costs by contractual means.
?
缺点:
Disadvantages:
①Account模型交易之间没有依赖性,需要解决重放问题
There is no dependency between the 1Acaccount model transactions and there is a need to address the problem of resetting
②对于实现闪电网络/雷电网络,Plasma等,用户举证需要更复杂的Proof证明机制,子链向主链进行状态迁移需要更复杂的协议。
For the realization of the lightning/ thunder network, Plasma, etc., user proof requires more sophisticated Proof certification mechanisms, and more complex protocols are required for the subchain to move to the main chain.
?
2.3 UTXO账户模型(以比特币为代表)
2.3 UTXO account model (represented by Bitcoin)
UTXO —— Unspent Transation Output 未支出的交易输出。
不可再分的最小交易单元。
上一笔交易将比特币汇至某一地址,这笔比特币可长期存储,直到该地址的主人要将款项汇至下一个收款人。在某笔款项尚未被提出汇至下一个地址之前,这笔款项被称为UTXO。
The last transaction at transfers bitcoin to an address, which can be stored for a long time until the owner of the address transfers the money to the next payee. This amount is known as UTXO before a money is submitted for transfer to the next address.
?
以比特币为例,每笔交易都有一个或多个交易的输入可以追溯到铸币(coinbase)奖励。交易的每一个输出即为一个新的UTXO,一个用户所拥有的比特币余额即为该用户所有的UTXO之和,这些UTXO并不集中在同一个“账户”之中,而是记录在多个零散的交易区块中。
?
优点:
①原子性,或成功,或失败,无中间状态;
②可并发
③消耗存储空间较小
缺点:
①查询余额需要遍历所有交易数据
②UTXO无状态,若账户中需要存放复杂状态(如智能合约),则无法支持
③当Input较多时,见证脚本也会增加
④签名本身是比较消耗CPU和存储空间
?
2.4 地址
比特币里的地址是“一个0x00字节”+ “收款人公钥的哈希值”+ “4字节的校验”,整个地址以Base58编码(详细内容见另一个文档)
①添加版本的目的是为了明确需要编码的数据类型,数据类型如下:
②添加校验码主要是为了检测转录过程中出现的错误;
③Base58check是什么?
二进制:0、1
十进制:0~9
十六进制:0~9,A~F
Base64(相当于64进制):0~9,a~z,A~F,以及连个符号(例如,-、+)
Base58:是Base64编码格式的子集,同样使用大小写字母和10个数字,但舍弃了一些容易错读和在特定字体中容易混淆的字符。具体地,Base58不0(数字0)、O(大写字母o)、l(小写字母L)、I(大写字母i),以及“+”和“/”两个字符。
Base58Check:是一种常用在比特币中的Base58编码格式,增加了错误校验码来检查数据在转录中出现的错误。校验码长4个字节,添加到需要编码的数据之后。最终生成的这个地址,就是你的账号了。
?
2.5 交易
2.5 Transactions
每个比特币交易都有一个交易Hash(txhash),此Hash的值是针对整个交易内容计算得到唯一指向此条交易。因此,在比特币追那个交易Hash通常作为交易ID。
?
交易的正文包括2部分:输入地址信息、输出地址信息
输入地址信息:记录此次交易发送方的账户信息
并不是记录发送者的账号,而是记录输入资金的来源(pre-txhash),即通过来源交易Hash指定全局账本中的一条交易,并通过索引信息(index)来指定交易中对应的输出地址,并通过签名信息(sign)证明用户对这笔资金的所有权。
?
输出地址信息:记录此次交易接受方的账户信息
包括输出地址account和输出金额(amount)
输出地址是由用户自行生成的公钥信息经过字符变换得到的一串字符串,输出地址经过反向变换后可以得到公钥的Hash,用于验证签名。
The
?
交易具体例子
交易实例部分介绍了2条交易
其中编号为“10002”的交易中第“0”个输入地址中的来源交易Hash是同时索引为“1”
因此,可以确定此输入地址的真实账户是编号“10001”交易中第“1”个输出地址“1 A 1 R m b b V o L 4 p n M Z f”
?
2.6 时间戳
2.6 Time stamp
时间戳:上一个区块的hash
人类历史上第一次实现非物理时钟
区块链技术要求获得记账权的节点必须在当前数据区块头中加盖时间戳,表明区块数据的写入时间。因此,主链上各区块是按照时间顺序(区块高度)依次排列的
时间戳技术本身并不复杂,但其在区块链技术中的应用是具有重要意义的创新,从而为区块链应用公证,知识产权注册等时间敏感的领域奠定了基础。
①区块数据的存在性证明(Proof of existence)
②有助于形成不可篡改和不可伪造的区块链数据库
?
2.7 数据区块
每个数据区块一般包含:区块头(Header)和区块体(Body)两部分
区块头封装了: ?当前版本号(Version);
前一区块的目标地址(Prev-block)
当前区块的目标哈希值(Bits)
当前区块POW共识过程的解随机数(Nonce)
Merkle根(Merkle-root)
时间戳(TimeStamp)等信息
比特币网络可以可以动态调整POW共识过程的难度值,首先找到正确的解随机数Nonce并经过全体矿工验证的矿工将会获得当前区块的记账权
区块体则包括当前区块的交易数量以及经过验证的,区块创建过程中生成的所有交易记录,这些记录通过Merkle树的哈希过程生成唯一的Merkle根并记入区块头
?
2.8 Merkle Tree(默克尔树)
默克尔树是一种二叉树,由一组叶节点,一组中间节点和一个根节点构成。
优点:
①节约存储空间(已经花费过的交易,如果时间很久就可以丢弃)
②可以只保留根节点的hash,即Merkle根,放到区块头里,便于支付验证。
③比特币中没有交易的区块头只有80bytes
?
2.9 链式结构
2.9 chain structure
取得记账权的矿工将当前区块链接到前一区块,形成最新的区块主链,各个区块依次环环相接,形成从创世区块到当前区块的一条最长主链,它记录了区块链数据的完整历史。
优点:
①能够提供区块链数据的溯源和定位功能
②任意数据都可以通过此链式结构顺藤摸瓜,追本溯源
分叉:如果短时间内有两个矿工同时“挖出”两个新的区块加以链接的话,区块主链可能会出现暂时的“分叉”现象
分叉解决方法:
约定矿工总是选择延长累计工作量证明最大的区块链。
因此,当主链分叉后,后续区块的矿工将通过计算和比较,将其区块链接到当前累计工作量证明最大化的备选链上,形成更长的新主链,从而解决分叉问题。
?
三、网络层
iii,
【方框内为之前肖臻老师的网课笔记】
Boxes for former Xiao Xiao's Internet lesson notes
Application layer(应用层):运行Bitcoin Block Chain
Application player: Run Bitcoin Block Chain
Network layer(底层):运行P2P Overlay Network(P2P覆盖网络)
Network player (bottom): running P2P Overlay Network (P2P overwrite network)
比特币系统中所有节点完全平等,不像一些其他网络存在超级节点(super node)。要加入网络,至少需要知道一个种子节点,通过种子节点告知自己它所知道的节点。节点之间的通信采用了TCP协议,便于穿透防火墙。当节点离开时,只需要自行退出即可,其他节点在一定时间后仍然没有收到该节点消息,便会将其删掉。
In order to join the network, needs to know at least one seed node and to inform itself of the node that it knows through the seed node. Communications between nodes use the TCP protocol to facilitate the penetration of firewalls. When nodes leave, they simply need to withdraw themselves, and other nodes do not receive the node after a certain period of time, they will be deleted.
?
比特币网络设计原则:simple,robust but not efficient,flooding。
Bitcoinnet design principles: simple, root but not efficency, flooding.
每个节点维护一个邻居节点集合,消息传播在网络中采用洪泛法,某个节点在收到一条消息会将其发送给所有邻居节点并标记,下次再收到便不会再发送该消息。邻居节点选取随机,未考虑网络底层拓扑结构,也与现实世界物理地址无关。该网络具有极强鲁棒性,但牺牲了网络效率。
Each node maintains a neighbor's node collection, and the message spreads through the network using floodplain , and a node receives a message that sends it to all neighbors and tags it , which will not be sent again. Neighbor node selects random , does not take into account the bottom of the network and has nothing to do with the physical address of the real world. The network is extremely powerful, but at the expense of network efficiency.
比特币系统中,每个节点要维护一个等待上链的交易集合。第一次听到交易,若是合法交易,则将其加入该交易集合并转发给邻居节点,以后再收到该交易就不再转发(避免网络上交易无线传输)。假如网络中存在两个冲突交易,具体接收哪个取决于节点先接收到哪个交易,之后收到另一个交易会将其放弃。
In the Bitcoin system, maintains a pool of transactions waiting for the upper chain . When a transaction is heard as a legal transaction, joins it and forwards it to a neighbour's node, it is not retransmitted (avoiding wireless transmission of a transaction on the network). If there are two conflicting transactions in the network, the specific recipient depends on which transaction receives the node first, and the other transaction is given up.
新发布区块在网络中传播方式与新发布交易传播方式类似,每个节点除检查该区块内容是否合法,还要检查是否位于最长合法链上。区块越大,则网络上传输越慢。
Newly released blocks are distributed on the network in a manner similar to that of newly published transactions, and each node, in addition to checking whether the content of the blocks is legal, is located on the longest legal chain. The larger the blocks, the slower the network transports.
比特币网络传播属于 Best effort(尽力而为) ,不能保证一定传输成功。以一个交易发布到网络上,未必所有节点都能收到,也未必所有节点收到交易顺序都一致。
Bitcoin network distribution belongs to Best effort (to the best of its ability) and does not guarantee a certain transfer success. is posted on the network with a transaction, not all nodes receive it, and not all nodes receive the order of the transaction .
3.1 概述
3.1 Overview
网络层封装了区块链系统的组网方式,消息传播协议和数据验证机制等要素,
The network layer covers the network approach of block chain systems, information dissemination protocols, data validation mechanisms, etc.,
结合实际应用需求,通过设计特定的传播协议和数据验证机制,
and data validation mechanisms by designing specific dissemination protocols ,
可使得区块链系统中每个节点都能参与区块数据的校验和记账过程,
It allows each node in the block chain system to participate in the verification and accounting process for block data.
仅当区块数据通过全网大部分节点验证后,才能记入区块链。
Block data can be entered in the block chain only when validated by most nodes of the network.
?
3.2 组网方式P2P网络
3.2 Groupnet P2P Network
组网方式:采用对等式网络(Peer-to-peer networl, P2P网络)来组织散布全球的参与数据验证和记账的节点。
Group network approach: use peer-to-peer network (P2P network) to organize the distribution of global participation data validation and accounting nodes.
P2P网络:
P2P network:
每个节点均地位对等且以扁平式拓扑结构相互连通和交互
Each node is equal to and is connected and interactive with flat-pump structure
不存在任何中心化的特殊节点和层级结构
There are no centralized special nodes and hierarchical structures
每个节点均会承担网络路由,验证区块数据,传播区块数据,发现新节点等功能
Each node assumes such functions as 按照节点存储数据量不同,可以分为全节点和轻量节点 Different amounts of data stored by node can be divided into full node and light node 特点:永不停止 Feature: Never stop. 初始化时通过硬编码的种子节点建立连接。
?
分布式哈希表
Distributed Hashi Table
核心思想:网络中的每个节点都维护一部分索引信息,然后通过特定的规则将这些节点连接起来,使得在查询或注册时,按规则触达相关节点或资源,这种方案既能避免中心化索引,也避免了网络风暴。不同的“规则”对应着分布式哈希表不同的协议。
Core idea : Each node in the network maintains a portion of the index and then connects these nodes
好处:网络中有资源变更时不需要全网广播,只需更新相关节点。
Benefits: Resource changes in the network do not require full-network broadcasting, but simply update the relevant nodes.
?
主流实现协议Kademlia
每一个节点都维护一张哈希表,表中将网络的节点基于距离进行分组,每个分组下存放若干个节点代表。
Each node of
Kademlia协议将网络中的节点和资源均映射成160位的二进制码,编码等于或接近某个资源的节点,需要知道该资源的下载地址。
The Kademlia protocol maps all nodes and resources in the network into 160-digit binary codes, coded to equal or close to a resource node that needs to know the download address of the resource.
优点:替换与递进的设计解决了点对点网络中的组网问题。
Advantages: The replacement and incremental design solves the problem of the network in the point-to-point network.
?
3.3 数据传播协议
3.3 Data dissemination protocol
任一区块数据生成后,将由生成该数据的节点广播到全网其他所有的节点来加以验证。
Once a block data is generated, the node from which the data is generated will be broadcast to all other nodes on the Internet for validation.
每个节点向其直接连接的节点发送区块信息,循环直至全网的节点。
Each node sends block information to its directly connected node and circulates it to the full web node.
在以太坊的具体实现中有两种发送方式:①向相邻节点发送完整区块的消息【只向根号N个相邻节点】;②向相邻节点发送只包含区块哈希的消息。
There are two ways of sending a message to a complete block to a adjacent node [only to a root N node] and a message to a adjacent node containing only a block Hashi.
?
根据中本聪的设计比特币系统的交易数据传播协议包括如下步骤:
The trade data dissemination protocol for the design of the Bitcoin system based on the medium-bone bellicose system includes the following steps:
①比特币交易节点将新生成的交易数据向全网所有节点进行广播
1 bitcoin trading node to broadcast newly generated transaction data to all nodes across the network
②每个节点都将收集到的交易数据存储到一个区块中
2 nodes store the collected transaction data in one block
③每个节点基于自身算力在区块中找到一个具有足够难度的工作量证明
Each node finds a sufficiently difficult workload certificate in a block based on its ability to calculate.
④当节点找到区块的工作量证明后,就向全网所有节点广播此区块
The block will be broadcast to all nodes on the Internet when the node has a proof of the workload of the block.
⑤仅当包含在区块中的所有交易都是有效的且之前未存在过的,其他节点才认同该区块的有效性。
The validity of a block is recognized by the other nodes only if all transactions included in the block were valid and did not exist before .
⑥其他节点接受该数据区块,并在该区块的末尾制造新的区块以延长该链条,而将被接受区块的随机哈希值视为先于新区块的随机哈希值。
The data block is accepted by other nodes and a new block is created at the end of the block to extend the chain and the random al-Hash value of the accepted block is considered to be the random al-Hash value before the new block.
?
3.4 数据验证机制
3.4 Data validation mechanism
数据验证机制:P2P网络中的每个节点都时刻监听比特币网络中广播的数据与新区块。
Data validation mechanism: Each node in the P2P network always listens to data and new blocks broadcast in the Bitcoin network.
节点接受到邻近节点发来的数据后,将首先验证该数据的有效性。如果数据有效,则按照接受顺序为新数据建立存储池以暂存尚未记入区块的有效数据,同时继续向邻近节点转发;
When the data is received from the adjacent node, the validity of the data will first be verified. If the data is valid, sets up a storage pool for new data in order of acceptance to store valid data that have not yet been entered in blocks for the time being, while continuing to transmit them to the adjacent node;
如果数据无效,则立即废弃该数据,从而保证无效数据不会在区块链网络继续传播。
If the data is invalid, the data is discarded immediately, thereby guaranteeing that the invalid data will not continue to be disseminated in the block chain network.
?
3.5 区块链网络攻击以及防御方案
【补充知识】
[Supplementary knowledge]
区块高度:时钟高度,其实是用来描述一个区块的序号的,从创世区块 0 开始依次递增。叫区块序号更容易理解。
确认数:
Confirmed:
?
节点通过什么方式竞争,怎么竞争?竞争的方式就称之为共识,描述分布式去中心化的系统中大家通过共识算法达成统一某个行为或是认知的这种行为,即大家达成了共识,本次由 A 节点进行记账,下次由 B 节点进行记账。
How can the node of
?
若某节点放弃自己的链,那么这条链里面的数据是不是都无效了?里面的交易呢?
If a node abandons its chain, is the data in this chain invalid? What about the deal in it?
答案是的,里面的交易都无效了,因为一个区块是对一堆交易的打包,而对于同一笔交易来说,转账发起方会把这笔交易广播给所有人,也就是对于一笔交易来说,每个矿工都可能会收到这条交易并且放到自己的交易池。虽然在这条链上无效了,但是这些交易也会被其他节点看到,说不定已经被其他节点挖到区块并且记录到下面这条区块链里了。所以针对某笔交易来说,并没有丢失。
The answer is yes, the `strong' transactions in it are invalid
?
3.5.1 51%攻击
51% 攻击:如果攻击者拥有全网 51% 的算力,那么他就能够利用算力优势搞一些动作。这里的 51% 是一个概称,实际上运气好的话可能不需要这么多的算力就能发动 51%攻击。
51% Attack: If the attacker has 51% of the net's arithmetic, then he can use the power of arithmetic to do something. The 51% here is an overview of how lucky may not need that much of arithmetic to launch 51% of the attack .
?
攻击者会利用 51%攻击做什么事?
What would the attackers use 51% to attack?
(1)双花攻击/做空比特币
(1) double flower attack/empty bitcoin
攻击者拥有全网超过 51% 算力之后,首先是成功挖矿的概率增大了,由于成功挖矿的概率增大,那么攻击者就能够对挖到的区块进行修改。假设攻击者是理性的,为了利益考虑,那么他会修改区块中关于自己的交易记录,以便双重支付,区块中其他的交易,由于没有发起者的签名,攻击者是不能够去修改的,也就是说攻击者没法做到把别人的币转给自己。
If the attackers have more than 51% of the net, first of all, the probability of successful mining increases, and because the probability of successful mining increases, the attackers will be able to to modify the dug-up blocks . Assuming that the attackers are rational, and for the sake of interest, he will modify the records of his own transactions in the blocks in order to double-pay, and other transactions in the blocks, without the signature of the sponsors, the attackers will not be able to modify them, which means that the attackers will not be able to transfer another person's currency to themselves.
具体做法就是把自己的币转到交易所,卖出后出金提现,然后利用 51% 攻击去修改这笔交易,转到自己的另外一个钱包地址中,由于有算力优势,并且遵循最长链原则,那么之前转到交易所的交易记录被认为是无效的,区块链中记录的是后面这笔交易。也就是同一笔钱花了两次,最终损失的是交易所。这里不一定是交易所,也可能是其他人或者商家等。
This is done by transferring its currency to the exchange, selling it and cashing it, and then using 51 per cent of the attack to modify the transaction to its other wallet address, where the record of the transaction that was previously transferred to the exchange is considered invalid because of its arithmetic advantages and following the principle of the maximum chain, and where the subsequent transaction is recorded in the block chain. That is, twice the same money was spent and ultimately lost to the exchange.
对于双花攻击,节点是有可能在 6 个确认周期内发现一笔交易被双重支付了,从而对交易发起者进行一些惩罚。所以为了预防双花,一般可以增加确认数,对比特币来说,6个确认周期是比较合适的。
In the case of a double flower attack, it is possible to find that a transaction has been double-payed within six confirmation cycles, thereby imposing some punishment on the originator of the transaction. So, in order to prevent double flowers, the number of confirmations can generally be increased, and the six confirmation cycles of are more appropriate in the case of Bitcoin.
区块链是由一个个区块形象的连接在一起,形成链状。当其中某笔交易发生的时候,会被打包到区块中,然后形成区块链,每追加一个区块,确认数加 1。计算方法很简单,用当前最长链的最新区块高度减去某笔交易所在的区块高度即为确认数。注意:由于有分叉的可能,这笔交易在不同的链里面高度是不一样的,所以正确获得某笔交易所在的区块高度是通过交易哈希去获取的。
Block chains are connected by the image of a block, forming a chain. When one of these transactions occurs, it is packed into a block, then it forms a block chain, each additional block,
?
(2)摧毁比特币系统
(2) destroys the bitcoin system
对比特币发起51%攻击,比特币系统不会崩溃,而且还能恢复,但比特币市值就不好说了,甚至整个加密货币的市值很可能损失0 ~ 90%以上。
Bitcoin launched 51 per cent of the attack, and the Bitcoin system will not collapse and will recover, but the market value of Bitcoin is not easy to say, and even the entire encoded currency is likely to lose more than 0 to 90 per cent.
本来POW是消耗了大量的电力来做算力竞速的,但是在比特币系统接近崩溃的时候,只要有算力的加入,整个区块链网络就能恢复起来。
When the Bitcoin system approached a collapse, the entire block chain network could recover with the ability to join.
如果是使用了POS的区块链系统,如果发生类似的51%攻击,由于共识算法是以Stake 作为依据的,那么新节点加入并不能带来任何起色,整个网络基本上不可能恢复了。
If the POS block chain system is used, if a similar 51 per cent attack occurs and the consensus algorithm is based on Stake, the addition of the new node does not bring any improvement and the entire network is virtually impossible to recover.
?
51%攻击悖论
发起 51%攻击的成本很高,尤其是想持续一段时间的攻击。那么收益的大小就很关键,但是无论怎么算,收益本身并不高并且风险巨大。
The cost of launching 51 per cent of the attacks is high, especially if they are to last for a while. The size of the proceeds is crucial, but in any case, the returns are not high in themselves and are very risky.
相比拥有 51% 算力诚实的参与比特币挖矿得到的奖励来说,可能都达不到。而且真实场景下,想要发起 51%攻击,门槛很高,并且不可能做到无人察觉。所以这也就是为什么51%攻击基本上不可能的原因。但是结合其他的攻击手段,可以降低51%攻击的算力门槛,比如日蚀攻击。
This is why 51% of attacks are largely impossible. But , combined with other means of attack, lowers the arithmetic threshold for 51% of attacks, such as solar erosion attacks .
?
对于区块链系统来说,基本上不用担心这种攻击,因为有悖论的存在。真正需要关心的是门槛较低,风险较低,收益较高的攻击。
For block chain systems, there is little concern about such attacks because of paradoxes. What is really needed is attacks with lower thresholds, lower risks and higher returns.
?
3.5.2 日蚀攻击
3.5.2 Solar corrosion attack
【补充知识】
[Supplementary knowledge]
P2P 网络
P2P Network
P2P 从诞生到现在经过了几个阶段,分别是混合式 P2P,无结构化 P2P以及结构化 P2P。
P2P has gone through several stages from its inception to now: hybrid P2P, unstructured P2P and structured P2P.
混合式:P2P 网络混合了传统的 C/S 模型,网络中有角色充当server角色;
Mixed: the P2P network mixes traditional C/S models and has a role in the network as a server role;
无结构化:网状结构模型,纯分布式网络,典型代表就是比特币网络,节点之间以一种随机的、松散的方式组织在一起
Unstructured: Networked structure model, pure distributed network, typical of the Bitcoin network, where nodes are organized together in a random, loose manner.
结构化:节点按照一定规则组织在一起,路由算法比较精准,比如DHT算法。
Structured: Nodes are organized together according to certain rules and route algorithms are more precise, such as DHT algorithms.
?
路由表(邻居表)
路由表里面保存了网络里面的一些节点,具体数量从几个到几十个不等。路由表中的这些节点可以看做是这个节点与这个 P2P 网络建立关联的重要依据,或者说表示节点到这个 P2P 网络的一些入口。这个节点想要发送任何信息需要先转发给路由表中的节点,再由它们负责转发消息。
The route list contains a number of nodes in the network, ranging from a few to dozens. These nodes in the route list can be seen as an important basis for linking this node to the P2P network, or as an entry to this P2P network. The node needs to transmit any information first to the node in the route table, and then they are responsible for transmitting the message.
无论是哪一种结构的 P2P 网络,每个节点都有一个类似于路由表的概念,本质上就是跟这个网络中的多个节点建立了一些联系,然后后续的所有收发包都交由这些邻居代为收发。
Regardless of the structure of the P2P network, each node has a concept similar to that of a router, essentially establishing links to multiple nodes in the network, and then leaving all subsequent packages to the neighbours.
所以对于 P2P 网络里的一个节点来说,它看不到网络的全貌,只能看到网络的局部信息。并且由于路由表的存在,哪怕路由表中只保存了一个入口节点,这个节点也能服务于整个 P2P 网络,其他节点也能通过一定的方式找到这个节点。
So, for one node in the P2P network, it does not see the network in its entirety, but only the local information of the network. And because of the existence of route sheets, even if there is only one entry node in the route table, this node can serve the entire P2P network, and other nodes can find this node in some way.
?
NAT 穿透
NT penetrating
NAT穿透不是P2P网络的一个必要特性,如果P2P网络中都是公网节点(具有公网IP),其实是不需要NAT穿透的。如果有一些私网节点(局域网节点)也加入到了这个P2P网络中,由于不能互通,导致其他节点无法发现这些私网节点,最后带来的结果就是这个私网节点能够成功发送信息到这个P2 网络中,但是可能却无法收到来自P2P网络里的消息。注意这里的用词是可能,因为存在一些场景是有可能收到的。
NAT penetration is not a necessary feature of the P2P network, and if the P2P network is a public network (with a public network IP), NAT penetration is not required. If some private network nodes (LAN nodes) are included in the P2P network, they cannot be detected because of lack of interconnectivity, and the result is that the private network node
?
日蚀攻击
solar corrosion attack
日蚀攻击针对特定的某个节点,通过一些方法,填满被攻击节点的路由表,以便切断它们与其他对等点的所有入站/出站通信(这会有效地窒息受害者)。
.
?
造成什么后果?
What are the consequences?
①阻止受害节点查看真实的区块链信息
1 prevents victimization nodes from viewing true block chain information
②隔离网络中多个节点,以达到分裂网络的可能
Multiple nodes in the sequestered network to reach the potential for fragmentation of the network
③用少于51%的算力发起51%攻击
3 launched 51 per cent of the attack with less than 51 per cent arithmetic.
受害节点被恶意节点包围之后,恶意节点可以选择性的给受害节点发包或者篡改真实的数据包,本质上就是让这个节点误以为自己还在这个网络中挖矿,然而真实情况是它已经从网络中隔离开来了。
After the victim nodes were surrounded by malicious nodes, the malicious nodes were selectively packaged to the victim nodes or tampered with the real data packs, essentially allowing the nodes to believe that they were still mining in the network, but the truth was that it had been isolated from the network.
如果受害节点很多的情况,从整个网络全局来看就是被隔离成多个部分,网络实际上已经被分裂了。那么就可以实施分裂网络的 51%攻击,只需要用比原来 51%攻击更少的算力就行。
If there are many victim nodes, the whole network is isolated in multiple parts, and the network is effectively divided. Then 51% of the break-up network can be carried out, with less value than the original 51%.
?
如何发起日蚀攻击?以以太坊为例来做说明。
How do you launch a solar eclipse attack? Use the box as an example.
?
(1)以太坊 kademlia网络原理
(1) based on kademlia network
以太坊底层的 P2P 网络采用的是kademlia算法,kademlia网络是一种结构化的P2P网络,网络中的节点按照一定的规则组织在一起。
The P2P network at the bottom of the Taiku uses the kademlia algorithm, which is a structured P2P network of
kademlia 算法中的核心特点是用异或来定义两个节点的距离,这种距离与实际的物理距离没有任何关系。
The core feature of the kademlia algorithm is that the distance between the two nodes is defined by 每个节点的路由表会保存不同距离的节点,这个距离的最小值当然是 0,也就是它自己,这个距离的最大值跟节点ID的长度有关系(NodeID)。NodeID 是一段具有特定长度的字符串,每个节点具有唯一的NodeID,用NodeID来作为这个节点在P2P网络中的身份信息。比如:NodeID: DEA25B0AF6CC5EA9DA4961DBC5FFEB97 The route of each node 假设NodeID长度为N bit(对于上面的NodeID来说N为32 * 8=256),那么这个距离的最大值就是 N-1,即距离范围在 [0, N)。 Assuming NodeID's length is N bit (32 * 8 = 256 for NodeID above), the maximum value of this distance is N-1, i.e. the range of distance is [0, N]. ? kademlia网络中的节点的路由表中会保存每一个距离的节点,数量在1个以上,这个值称为为α值。与自己的NodeID距离为 1 的会保存α个,距离为2的会保存α个,以此类推,直到距离为N-1的节点会保存α个。实际情况是距离越大,能找到符合要求的节点的概率也就越大,想一想为什么? The routing table of the nodes in the
每一个距离称为一个Bucket,每一个Bucket里保存着[0, α]个距离匹配的节点。
Each distance is called a Bucket, each with a [0, alpha] distance matching node in Bucket.
?
知道一个节点的NodeID,就能够计算出这个节点的路由表中的每一个Bucket中应该填入什么样的NodeID。而这就是日蚀攻击的核心依据。
If you know NodeID at a node, you can calculate what kind of NodeID should be entered in each Bucket in this node list. And that's the core of the eclipse attack.
?
(2)发起日蚀攻击
(2) Launches a solar eclipse attack
当我们知道目标节点的NodeID之后,就可以通过一定的方式去伪造生成满足不同Bucket的NodeID,当这个目标节点重启之后,马上以这些NodeID启动节点去连接目标节点,由于kademlia的特性,这些特意伪造的NodeID肯定会被填入目标节点的路由表中,从而把路由表占满,以达到日蚀攻击的目的。
When we know Nodeids at the target node, we can create Nodeids that satisfy different Buckets in some way. When this target node is restarted, connects the target node with these Nodeids, which, because of Kademlia's characteristics, are bound to be filled with the routers at the target node, thus filling the road sheets to achieve the purpose of the eclipse attack.
?
至于让目标节点重启,可以等待目标节点自动重启或者采用DOS攻击迫使目标节点重启,当重启之后马上进行上面的操作就可以完成日蚀攻击。
For the purpose of restarting the target node, it is possible to wait for the target node to be automatically restarted or to force the target node to restart using the DOS attack, so that the operation above can be completed as soon as it is restarted.
当成功发起日蚀攻击之后,随后就能隔离节点,篡改目标节点的收发数据包了。
When a solar eclipse attack is successfully launched, the nodes can then be isolated and the receiving and receiving data packs of the target nodes altered.
?
(3)如何防御日蚀攻击
(3) how to defend against the eclipse attack
想要避免日蚀攻击由很多种办法:(可能只适用于 kademlia 网络)
There are many ways to avoid a solar eclipse attack: (may only apply to the kademlia network)
?
1.?提高节点进入网络的准入门槛
1.
节点进入P2P网络需要一定的门槛,不论是以时间为代价还是以Stake或是工作证明为代价,这样就能有效防止大批量伪造节点进入网络,从而从源头上避免日蚀攻击
Access to the P2P network requires a certain threshold, whether at the cost of time or at the expense of Stake or the certificate of work, which effectively prevents large numbers of forged nodes from entering the network and thus avoids erosion attacks from the source
?
2.?针对同一个IP段的节点做连接限制
2. connects to nodes in the same IP paragraph
攻击者很可能利用有限的 IP(1~2个)伪造大量节点,发起日蚀攻击,那么对于目标节点来说,看到的节点都是来自于这个IP,多半可以说明这是恶意节点。那么只需要对来自同一个IP段的节点做一定数量的限制,比如最多2个,也能显著提高攻击者的攻击成本。
The attackers are likely to use a limited IP (1-2) to falsify a large number of nodes and launch a solar eclipse attack. For the target node, the node is derived from this IP, and most of the node is considered to be a malicious node. Then only a limited number of nodes from the same IP section, such as a maximum of two, would significantly increase the cost of the attack.
?
3.?对节点主动建立连接和被动建立连接的数量做一定的均衡
3. provides a certain balance between the number of active and passive connections at nodes.
发起日蚀攻击,需要主动占满目标节点的路由表,也就是主动与目标节点建立连接,即便不是这样,也有方法让目标节点主动建立连接到恶意节点。所以对于进出的连接数,做一定的均衡能有效避免日蚀攻击的发生
Initiating a solar eclipse attack requires a proactive routing of the target node, i.e. an active connection to the target node. Even if this is not the case, the target node will be actively connected to the malignant node.
?
4.?NodeID 重启之后变化
4.? NodeID Change after restart
进行日蚀攻击的前提是需要知道目标节点的NodeID,并且迫使目标节点重启,然后以事先根据目标节点NodeID计算好的伪造节点发起连接,达成日蚀攻击。所以如果节点重启之后NodeID变为与原来不再一致,那么攻击者事先计算伪造的节点就变得毫无可用之地了。
The solar corrosive attack is carried out on the premise that Nodeid, the target node, needs to be known and the target node is forced to restart and then connect with a pre-calculated fake node based on NodeID. So if Nodeid becomes no longer the same after the node is restarted, then the attacker's pre-counting of the fake node becomes useless.
?
5.?其他辅助措施
Other support measures?
比如节点实时检测,发现恶意节点进行广播,并采取一定的惩罚措施等。
For example, nodes are detected in real time, malicious nodes are detected for broadcasting, and some punitive measures are taken.
?
由于以太坊采用的是结构化的P2P网络,采用了kademlia算法,知道了NodeID,基本上就大致能知道这个路由表中应该填入一些什么类型的节点;
Because Ether uses structured P2P networks, kademlia algorithms and NodeIDs, it basically knows what types of nodes should be filled in this route table;
由于比特币的P2P网络采用的是无结构的模型,节点之间以随机,松散的方式进行组织,比特币节点不关心你的NodeID。但是还是有办法迫使比特币节点只与恶意节点建立连接的。
Because the P2P network in Bitcoin uses unstructured models, nodes are organized randomly and loosely, and bitcoin nodes do not care about your Nodeid. But there are ways of forcing Bitcoin nodes to connect only to malicious nodes.
?
?
3.5.3 女巫攻击
对于区块链来说,女巫攻击指攻击者将一个节点伪装成多个节点进入P2P网络中,在P2P网络中具有多重身份。通常用于恶意刷票、恶意刷排名、恶意刷信誉等网络活动,或者在一些网络活动中通过数量优势进行造假。
For block chains, the witch attack refers to the attacker 日蚀攻击的着眼点在于某一个确定的节点,而女巫攻击的着眼点在于整个网络。通过伪造身份进入网络,干扰路由,干扰信息传递等。 The purpose of the eclipse attack is in a certain node, while the witch attack is in the network as a whole. Access to the network through false identities, interference with routes, interference with the transmission of information, etc. ? 如何防御女巫攻击?提高进入P2P网络的门槛。 How can defend against witch attacks? raises the threshold of access to the P2P network. ? 1.?身份验证 1. Authentication 进入这个网络的任何节点都需要做验证,验证通过才能进入网络。 Any node entering the network would need to be validated to allow access to the network. 通常有两种方式: There are usually two ways: ①去中心化身份认证 One to centralize identification. ②中心化身份认证(第三方身份认证) 2. Centralized identification (third-party identification) 但基于去中心化系统的匿名性,一般不推荐采用中心化的身份认证方式。所以在进入网络之时,通常需要网络当中已经存在较长时间或者信誉较高的多数节点共同达成认证公式,才能被允许进入。 However, based on the anonymity of decentralised systems, centralized identification methods are generally not recommended. Therefore, when you enter the network, it is usually necessary for most nodes in the network that have a longer period of time or high credibility to work together to arrive at a certification formula before being allowed to enter. ? 2.?工作量证明 2. workload proof 进入网络是需要成本的,不能够随意的加入退出。所以可以利用类似 POW 的方式对节点入网做一定的工作量证明,提高节点准入门槛。 Access to the network is costly and cannot be freely joined out. So a Pow-like approach can be used to prove the workload of node access and to raise the node access threshold. ? 3.?特征向量 characteristic vector 在针对日蚀攻击的防御方案,其中有一个防御方案是采用“限制本地路由表中来自同一个 IP段的节点数量”。其实这种方式是可能造成误杀的,因为并非来自同一个IP段的节点就可能是恶意节点。所以我们可能需要一种更加准确的方式去分析一个节点的行为,区分一个节点。 In the defense programme against the eclipse attack, one of the defence options is to “limit the number of nodes from the same IP section in the local route list”. This approach is likely to cause 我们在做大数据的时候,往往需要通过很多特征向量来区分出是不是同一个用户,同样的在P2P网络中,我们也可以通过这种特征向量来区分这个节点是不是伪造的节点。当然这种方式不能完全避免女巫攻击,但是可以有效的减少女巫攻击。这种是有成熟产品的,像SybilGuard 和 the Advogato Trust Metric。 When we do big data, it is often necessary to distinguish between the same user through many characterization vectors, and in the same way, in the P2P network, we can distinguish between this node and a forged node through this signature vector. certainly does not completely avoid witch attacks, but it effectively reduces witch attacks. This is a mature product, like SybilGuard and the Advogato Trust Metric. ? 女巫攻击相对来说成本是很低的,但是可能获取的收益是比较高的。通常这种攻击也会结合一些日蚀攻击,或者DDOS攻击进行。所以真正的区块链网络攻击,多半会结合多种攻击手段一起进行。 Witch attacks are relatively low-cost, but they are likely to yield higher returns. Often they are combined with solar erosion attacks, or with DDOS attacks. So most of the real block chain attacks are carried out in combination with multiple means of attack. ? ? 3.5.4 拒绝服务攻击 3.5.4 Denied service attack 分布式拒绝服务攻击(Distributed Denial of Service Attack) Distributed Negative of Service Attack 信息安全的三要素——“保密性”、“完整性”和“可用性”中,拒绝服务攻击,针对的目标正是“可用性”。该攻击方式利用目标系统网络服务功能缺陷或者直接消耗其系统资源,使得该目标系统无法提供正常的服务。 In the three elements of information security — “confidentiality”, “integrity” and “accessibility” — the object of the denial of service attack is precisely “availability”. This attack uses the impairment of the network services of the target system or directly consumes its system resources, making it impossible for the target system to provide normal services. ? 拒绝服务攻击(DoS)?问题一直得不到合理的解决,目前还是世界性难题,究其原因是因为这是由于网络协议本身的安全缺陷造成的,从而拒绝服务攻击也成为了攻击者的终极手法。攻击者进行拒绝服务攻击,实际上让服务器实现两种效果:①迫使服务器的缓冲区满,不接收新的请求;②使用IP欺骗,迫使服务器把合法用户的连接复位,影响合法用户的连接。 refuses service attacks (DoS) ? The problem has not been resolved rationally. It is still a worldwide problem because it is due to the security deficiencies of the network agreement itself, and therefore the denial of service attacks has become the ultimate method of attackers. 1 forces the server to fill the buffer zone and not to receive new requests; 2 uses IP frauds to force the server to re-establish the connection of the legitimate user and affect the connection of the legitimate user. ? 而分布式拒绝服务攻击 (DDoS)?是指攻击者采用分布式攻击手法施行DoS攻击,通常是控制了多台机器向目标主机或者路由器发起DoS攻击。 And distributed denial-of-service attacks (DDoS) ? refers to the distributed attack method used by the `strong' attackers to carry out DoS attacks, usually by controlling multiple machines to launch DoS attacks on target hosts or routers . ? 针对区块链来说,攻击者通过DDoS攻击试图减慢网络速度,或者迫使网络停止运作。也可用于针对矿池,使矿池脱机,或者针对特定的目标主机,使其从网络离线。 For block chains, the attackers attempt to slow down the network by means of a DDoS attack or force the network to shut down. ? ? 危害 Hazards DDoS攻击造成的危害自不必说,中心化场景下,通常针对网站或者主机施行攻击,造成网站无法访问,影响业务运作,造成巨大经济损失; The harm caused by the DDoS attack goes without saying that, in a centralized setting, attacks are usually directed against websites or hosts, resulting in the loss of access to websites, disruption of operations and significant economic losses; ? 在区块链场景下,攻击者目标通常是为了一定的利益才执行这样的攻击,导致网络速度变慢,或者影响矿工挖矿,从而方便攻击者对目标下手。 In the block chain scenario, the target of the attacker usually carries out such an attack for a certain benefit, causing the network to slow down or affecting the miners in mining, thus facilitating the attacker's targeting. DDoS并非是区块链特有的攻击,在中心化场景下的攻击其实相对会更多。 DDos is not an attack unique to the chain of blocks, and there are actually more attacks in a central setting. ? 攻击形式 1.?带宽攻击 1. Bandwidth Attack 通过攻击使受害者节点的网络带宽耗尽,从而造成拒绝服务的效果。 By attacking 区块链系统的底层构建于 P2P 网络,其中通信上广播占据了大部分通信,一次广播通常就是大于N倍的收包,随着网络规模的扩大,节点数量的增多,通信的压力也会很大。 The bottom of the block chain system is built on the P2P network, where most communications are broadcast, which is usually received more than N in one broadcast, and where the number of nodes increases as the network expands, the pressure on communications is also high. 攻击者通过疯狂向节点通信端口发包,或者攻击者利用软件逻辑触发系统自动的大规模通信(比如触发同步),耗尽节点的带宽,最终从网络中离线。 The attackers used the logic of the software to trigger the automatic mass communication of the system (e.g. trigger synchronization), draining the bandwidth of the node and eventually leaving the network. 而一旦离线重启之后,往往又会伴随着其他的攻击,比如日蚀攻击。 Once the offline is re-opened, other attacks, such as the eclipse, are often accompanied. ? 2.?CC攻击 {\bord0\shad0\alphaH3D}? DDoS攻击是针对IP的攻击,而CC攻击的是服务器资源。 The DDoS attack was against IP, while the CC attack was on server resources . CC攻击全称Challenge Collapsar,中文意思是挑战黑洞,因为以前的抵抗DDoS攻击的安全设备叫黑洞,新一代的抗DDoS设备已经改名为ADS(Anti-DDoS System),基本上已经可以完美的抵御CC攻击了。 The CC attack, which is called Challenge Collapsar, means challenging the black hole, because the former security device against the DDoS attack was called the black hole, and the new generation of the DDoS has been renamed the ADS (Anti-DDos System) and is largely ready to withstand the CC attack. CC攻击的原理是通过代理服务器或者大量肉鸡模拟多个用户访问目标网站的动态页面,制造大量的后台数据库查询动作,消耗目标CPU资源,造成拒绝服务。CC不像DDoS可以用硬件防火墙来过滤攻击,CC攻击本身的请求就是正常的请求。动态网页是需要与后台数据库进行交互的,消耗很多CPU资源,造成静态网页能打开,但是需要和数据库交互的动态网页打开慢或者无法打开的现象。这种攻击方式相对于前两种实现要相对复杂一些,但是防御起来要简单的多,提供服务的企业只要尽量少用动态网页并且让一些操作提供验证码就能抵御一般的CC攻击。 The rationale behind the CC attack is that ? CC攻击的种类有三种,直接攻击,代理攻击,僵尸网络攻击。 There are three types of CC attacks, direct attacks by , proxy attacks, Zombie network attacks. ①直接攻击主要针对有重要缺陷的WEB应用程序,一般说来是程序写的有问题的时候才会出现这种情况,比较少见。 A direct attack is directed primarily at the WEB application ②僵尸网络攻击有点类似于DDOS攻击了,从WEB应用程序层面上已经无法防御。 The Zombie Network attack is somewhat similar to the DDOS attack and is no longer defensive from the WEB application level. ③代理攻击是CC攻击者一般会操作一批代理服务器,比方说100个代理,然后每个代理同时发出10个请求,这样WEB服务器同时收到1000个并发请求的,并且在发出请求后,立刻断掉与代理的连接,避免代理返回的数据将本身的带宽堵死,而不能发动再次请求,这时 WEB服务器会将响应这些请求的进程进行队列,数据库服务器也同样如此,这样一来,正常请求将会被排在很后被处理。 The proxy attack was that the CC attackers typically operated a group of ? 3.?SYN 洪泛攻击 ? SYN flood attack SYN Flooding攻击是指攻击者发送了大量的TCP/SYN包,并且以一个假的IP作为发送地址到达目标主机,由于TCP在建立连接的时候有3次握手,也就是建立连接需要发送3个包,当目标主机收到这个SYN建连包之后,会回复一个SYN-ACK包。 The SYN Flooding attack refers to a large number of TCP/SYN packages sent by the attacker 但是由于攻击者恶意伪造了来源 IP,那么攻击者是收不到这个ACK包的,但是会导致目标主机打开了一个半开放的连接,如果攻击者发动了频繁的SYN洪泛攻击,那么会造成目标主机TCP资源消耗枯竭,导致无法与正常客户端建立连接,以达到拒绝服务的效果。 But because the attackers malignly faked the source IP, the attacker could not receive the ACK package, but it would result in the target host opening a semi-open connection, and if the attacker ? 4.?Land 攻击 {\bord0\shad0\alphaH3D}and attack 是SYN攻击的变种,攻击者此时伪造的来源IP就是目标主机的IP,就会导致目标主机向自己发送大量的SYN-ACK包,从而消耗TCP资源,阻止正常客户端的连接建立。 It is a variant of the SYN attack, when the assailant ? ? 四、攻击案例 IV. attacks (1)GitHub 遭受史上最大规模 DDoS 攻击 在美国东部时间2月28日下午17:28分,几乎一瞬间收到了1.35 Tbps的流量访问。这是互联网有史以来规模最大、威力最大的分布式拒绝服务攻击 (DDos)。 On February 28th, 17:28 p.m., Eastern American time, almost instant traffic access to 1.35 Tbps was received. This is the largest and most powerful distributed denial-of-service attack in the history of the Internet (Dos). 不到十分钟,GitHub就不得不向CDN服务商Akamai请求协助。最终Akamai接管GitHub的所有信息流,并通过其清理中心发送数据以清除和阻止恶意数据包。8分钟后,攻击者发现没什么效果,选择了撤退,停止了攻击。 In less than 10 minutes, GitHub had to request assistance from the CDN service provider Akamai. At last, Akamai took over all GitHub information streams and sent data through its clean-up centre to clear and stop malicious data packs. Eight minutes later, the attackers found no effect, chose to withdraw and stopped the attack. ? (2)2016 年以太坊DDoS攻击 (2) Ethio DDos attack 2016 此次攻击也被称为 “EXTCODESIZE” 攻击。 The attack was also known as the “EXTCODESIZE” attack. 攻击者让矿工和节点需要花费很长的时间(20 ~ 60 秒) 来处理一些区块。造成这次攻击的原因是一个 EXTCODESIZE 的操作码,它具有相当低的 gas 价格,需要节点从磁盘读取状态信息。攻击交易调用此操作码的频率大约是50000次每区块。这样的后果就是,网络大大放缓了,但没有共识故障或是内存超载发生。 The attacker gave the miners and nodes a long time (20~60 seconds) to deal with some blocks. The reason for the attack was an EXTCODESIZE code, which had a very low gas price and required nodes to read the status information from disk. The frequency of the strike transaction calling this code was about 50,000 times per block. 因为此次攻击事件,很多媒体都宣告了以太坊的末日。可见在区块链世界里,DDoS 攻击的后果是比较严重的。 As a result of this attack, many media outlets have announced the end of Ether. The consequences of the DDoS attack can be seen in the block chain world. ? (3)以太坊Fomo3D,黑客拿走2200万 (3) With Fomo3D in the Taiga, hackers took 22 million Fomo3D是以太坊上一个比较火爆的Dapp,是一个类似于资金盘的游戏。 Fomo3D is a relatively hot Dapp in the Tai Po, a game similar to the money plate. 首先,介绍一下 Fomo3D 这个游戏的规则: First of all, I'd like to introduce Fomo3D, the rules of this game: 规则1: 每个人参与游戏需要购买一个Key Rule 1: Everyone involved in the game needs to buy a Key 规则2: 在一轮游戏中,谁是最后一个购买Key的人,则可以拿走奖池中的大奖 Rule 2: In a round of games, who's the last person to buy Key can take the big prize from the pool. 规则3: 只要有人购买一个Key, 游戏倒计时就会增加30秒 Rule 3: as long as someone buys a Key, the game counts down to 30 seconds. 规则4: 游戏启动从24小时倒计时 Rule 4: Game starts on round-the-clock countdown. ? 正常人一般都是在倒数的最后几分钟或者几秒钟去购买Key,这样的话自己也许是倒计时结束后最后一个购买的人。 Normal people usually buy Key at the end of the countdown in the last few minutes or seconds, so that they may be the last to buy at the end of the countdown. 稍微高级一点的玩家,比如程序员,可能会写个脚本,自动化的方式来购买Key,速度是不是比手工快多了。 A slightly more advanced player, such as a programmer, may write a script to automate the purchase of Key at a much faster pace than a manual. ? 黑客玩家是怎么做的?利用 DDoS 攻击,在你购买成功后,马上施行攻击,拖慢整个网络,造成矿工无法打包或者打包很慢,那么势必会影响到其他交易的正常进行。如果你比较幸运,正好导致其他正在购买Key的人的交易失败了,那么你就是大奖得主。 How do hackers do 但是说起来容易,实际做起来还是不太容易操作的。因为你要能确保你购买成功后的 DDos攻击能让后续的交易都失败。 But it's easy to say, actually it's not easy to do. Because you need to make sure that the DDos attack after you're successful makes the subsequent deal fail. 了解以太坊的人应该听说过gas机制,可以理解为一个交易的手续费,而矿工通常会优先打包gas费用较高的交易,那么这位黑客利用自己的智能合约创建了大量的交易,并且具有高额的gas费用,几乎垄断了以太坊网络的所有算力,这样就造成了以太坊拥堵了接近 3 分钟,进而使其他的玩家无法打包购买 Key 的交易,从而成为大奖得主。 Those who know about Ether should have heard of the Gas mechanism, which can be understood as a transaction fee, and the miners usually give priority to wrapping up the transaction at a higher cost, so that the hacker created a large amount of transactions using his own smart contracts and had a high cost of gas, monopolizing almost all the calculations of the Ether network, thus causing Ether to crowd in close to three minutes, thereby making it impossible for his player to pack a deal to buy Key, thereby becoming a winner of the prize. 该黑客此前还尝试过多次这样的攻击,直至最后一次才成功。 The hacker had tried many such attacks before, until the last time. ? 是不是还是很有趣的?区块链公链本身具有比较致命的缺陷就是 tps 很低,单位时间处理的交易有限。后续的交易只能在排队,尤其是在网络被攻击拖慢的情况下,交易成功的时间会大大拉长。 Isn't it interesting? The chain of blocks itself has a more lethal flaw: it's very low tps and limited transaction processing per unit of time. Subsequent transactions can only be lined up, especially if the network is being attacked slowly. ? 五、DDoS 防御方案 V. DDoS Defense Program 1.?高防服务器 1. high-security server 高防服务器:能独立硬防御50Gbps以上的服务器,本身就能抑制一定的DDoS攻击。买就是了,只是比较贵。 High-security servers: Servers with a stand-alone hard defense of 50 Gbps or more are able to contain a certain DDoS attack. Just buy it, just more expensive. ? 2.?CDN 加速 ? CDN acceleration CDN本身就就有大带宽,多节点的优势,并且隐藏了真实的网站 IP。通过把流量分配到多地多节点降低攻击负载,防止源站崩溃。 The CDN itself has the advantage of bandwidth, multiple nodes, and hides the real IP. By allocating traffic to multiple nodes, it reduces the load of the attack and prevents the source station from collapsing. ? 3.?配置防火墙 3. Configure Firewall 防火墙能防御DDoS和其他的一些攻击。防火墙有软件防火墙和硬件防火墙之分。必要可以两者结合。 Firewalls can protect against DDos and some other attacks. The firewalls are divided between software and hardware firewalls. ? 4.?攻击检测和溯源 4. 通过分析攻击的方法和手段,追踪攻击的路由,检测出恶意的 IP 和路由,做好相应的屏蔽,保护主机。 By analysing the methods and means of the attack, tracking the route of the attack, detecting malicious IPs and routes, shielding them accordingly and protecting the mainframe. ? 5.?黑名单机制 5. The blacklist mechanism? 通过建立黑名单机制,限制黑名单的访问。 Restrictions on black-list access through the establishment of black-list mechanisms. ? DDoS 攻击每天都在发生,对于区块链系统来说,由于接入的节点性能参差不齐以及无许可的特征,想要利用中心化的防御机制去做好DDoS防御可能还是有难度。况且由于区块链本身的弊端,性能瓶颈,更容易被攻击者利用。 DDoS attacks occur every day, and it may be difficult for block chain systems to use centralized defence mechanisms for DDoS defence because of the uneven performance of the nodes of access and unlicensed features. And because of the faults of the block chain itself, performance bottlenecks are more likely to be used by the attackers. ? ? 3.5.5 其他网络攻击 3.5.5 Other cyberattacks 1. 异形攻击 1. alien attack 异形攻击又称地址污染攻击,是指诱使同类链的节点之间互相发现、互联、侵入的一种攻击手法。同类链的意思是底层P2P网络使用了相同或者相似的P2P通信协议。这尤其针对比特币和以太坊系列的公链。 An alien attack, also known as a strong 很多劣质公链大量 COPY 以太坊、比特币的源码,导致大量的公链的底层是相同的或者兼容的。 Many poor public chains have a lot of COPY and Bitcoin's source code, leading to the same or compatible bottoms of a lot of public chains. 如果攻击者执行了异形攻击,就有可能导致同类链的节点之间互相缠绕在一起,影响公链节点内部的通信和路由,进而影响到交易、共识和安全。从而让攻击者有机会施行其他的攻击,比如 DDoS 攻击,网络分裂攻击。 If the attacker commits an alien attack, it can lead to entanglement between nodes in the same chain, affecting communications and routes within the public chain, and thus transactions, consensus, and security. This gives the attacker the opportunity to carry out other attacks, such as the DDoS attack, and the network break-up attack. 应对办法也很简单,首先是拒绝做伸手党;其次加强对本公链的节点类型的检测,比如节点地址不符合的一切拒绝,通信协议不一致的一切拒绝,通信报文头特殊字段不一致的一切拒绝等等。 The response is also simple: first, the refusal to reach out to the party; second, the intensified testing of the node type of this public chain, ? 2.?窃听攻击 bugging attacks 本质上就是流量行为分析,通过分析流量,甚至可以把IP和家庭地址关联起来,从而知道某笔交易时来自某一个特定的客户端或者某个人。 Essentially, it is a flow behaviour analysis that analyses traffic and even links IP and home addresses to know that a transaction comes from a particular client or person. ? 3.?交易延展性攻击 transaction extended sexual assault 延展性攻击者侦听P2P网络中的交易,利用交易签名算法的特征修改原交易中的input 签名, 生成拥有一样input和output的新交易,然后广播到网络中形成双花,这样原来的交易就可能有一定的概率不能被确认,在虚拟货币交易的情况下,它可以被用来进行二次存款或双重提现。 The extended assaulter listens to transactions in the P2P network, modifys the input signature in the original transaction by using the characteristics of the transaction signature algorithm to generate new transactions with the same input and output and then broadcasts to the network to create two flowers , so that the original transaction may not be recognized with a certain probability that, in the case of virtual currency transactions, it can be used for secondary deposits or double cash withdrawals. ? 4.?BGP劫持攻击 4. BGP hijacking attack BGP劫持,即利用BGP操纵因特网路由路径,最近几年中已经变得越来越频繁。如误导和拦截流量等,目前在区块链网络中节点的流量一但被接管又能对整个网络造成巨大的影响,如破坏共识机制,交易等各种信息。 BGP hijackings, or the use of BGP to manipulate the Internet route , have become more frequent in recent years. Current traffic at nodes in the block chain network, such as misleading and intercepting traffic, can have a huge impact on the entire network, such as breaking consensus mechanisms, trading, etc. ? 而对于BGP劫持攻击中,目前有安全研究者已经证明该攻击的概念可行性,从2015年11月5日至2016年11月15日通过对节点网络的分析统计目前大多数比特币节点都托管在少数特定的几个互联网服务提供商(ISPs),而60%的比特币连接都是在这几个ISP。所以这几个ISP可以看到60%的比特币流量,所以也能够做到对目前比特币网络的流量控制权,研究者通过劫持的场景验证了至少如下两个攻击概念是可行的,同时给出了验证的代码。 In the case of BGP hijacking attacks, where security researchers have now demonstrated the conceptual feasibility of the attack, from 5 November 2015 to 15 November 2016, analysis of the nodal network shows that most bitcoin nodes are currently hosted in a few specific Internet service providers (ISPs), while 60% of bitcoins are connected to these ISPs. So these ISPs can see 60% of bitcoins flow, so control over the flow of the current bitcoin network can also be achieved, and researchers have proven that at least two of the following concepts of attack are feasible through the hijacking scene, with authentication codes given. ? 4.1 分割攻击 4.1 攻击者可以利用BGP劫持来讲区块链网络划分成两个或多个不相交的网络,此时的区块链会分叉为两条或多条并行链。攻击停止后,区块链会重新统一为一条链,以最长的链为主链,其他的链将被废弃,其上的交易、奖励等全部无效。 The attacker can use BGP to hijack a network of blocks into two or more separate networks, at which point the chain of blocks will be split into two or more parallel chains. When the attack stops, the chain of blocks will be reunified into one chain, with the longest chain as the main chain, while the other chain will be abandoned and the transactions, rewards, etc. on it will be totally ineffective. ? 攻击场景举例: Examples of attacks: 1) 首先,攻击者发动BGP劫持,将网络分割为两部分,一个大网络、一个小网络。 1) First, the attackers staged the BGP hijacking, dividing the network into two parts, a large network and a small network. 2) 在小网络中,攻击者发布交易卖出自己全部的加密货币,并兑换为法币。 2) In the small network, the assailants issue a transaction to sell all their encrypted currency and convert it into French currency. 3) 经过小网络的“全网确认”,这笔交易生效,攻击者获得等值的法币。 3) After a “net-wide confirmation” of a small network, the transaction entered into force and the attackers received the equivalent in French. 4) 攻击者释放BGP劫持,大网络与小网络互通,小网络上的一切交易被大网络否定,攻击者的加密货币全部回归到账户,而交易得来的法币,依然还在攻击者手中,完成获利。 4) The assailants released BGP hijackings, the big network was connected to the small network, all transactions on the small network were rejected by the big network, the encoded currency of the `strung' attackers were returned to the account, and the money that was traded was still in the hands of the attackers and was profitable. ? 4.2 路由攻击 4.2 路由攻击往往配合其他的攻击来施行,攻击者可以先利用女巫攻击或者日蚀攻击把网络分裂,然后篡改消息发送到网络当中。最终效果是影响了网络中的通信和路由。 Roadside attacks often go hand in hand with other attacks, and the attacker can divide the network by using a witch attack or a solar eclipse attack, and then alter the message to the network. The ultimate effect is to affect communications and routes in the network.
注册有任何问题请添加 微信:MVIP619 拉你进入群
打开微信扫一扫
添加客服
进入交流群
发表评论