6

I've been reading about ZeroNet and thought about putting a site together but have concerns that it may be vulnerable to the issue laid out in What can an attacker with 51% of hash power do?.

From what I understand, if a majority of peers decide to provide false information, they can dictate what content is actually transferred as they will have a majority say.

However, it's stated on ZeroNet's site that content changes are signed with a private key. I don't know enough about this to know if that would actually prevent 51% of peers from providing misleading information or serves as some other utility.

  • 1
    I'm not familar with ZeroNet, perhaps a 51% attack allows rolling back a website to an earlier version but not forging the content itself. – CodesInChaos Mar 22 '16 at 20:53

2 Answers2

2

In ZeroNet the content of a website is signed with the private key of the owner. This makes it impossible for someone else to change the website and seed it without notice.

An exception are rollbacks to an earlier version as CodesInChaos already mentioned.

The article you linked is about blockchain based systems, but ZeroNet uses the BitTorrent protocol for peer discovery. This means that the 51% could only stop seeding a site, which does not do any harm to the network.

At the moment ZeroNet also does not use a DHT(distributed hash table), but there are plans to support DHT, which give some attack surface for (distributed) denial of service attacks: Real-World Sybil Attacks in BitTorrent Mainline DHT

Summary

  • The attackers might seed an earlier version
  • The attackers might stop seeding a site
    • but then they aren't the 51% peers of that site
  • If an attacker changes a website, other peers will not accept it, because the signature can not be verified.
nebulak
  • 390
  • 1
  • 9
0

Unless I'm wrong, you are attempting to describe a "Sybil attack", where a rouge entity attempts to force a fault using their majority control of a true P2P network.

While I haven't used ZeroNet myself, from what I understand is that if the network implemented some form of conflict resolution, this wouldn't be possible. As it would be impossible to update a majority share of nodes at the same time, the conflict resolution system would take care of this. One such method is called "Byzantine fault tolerance".

Even thinking about this logically works as well. The hash is already out there for the website, but it "committed to". The website belongs to an entity, and ultimately only that entity can update it (propose a new/unseen version). It would appear that there is a versioning system in ZeroNet, such that another entity could roll the the site back, but not forwards.

Another area to look at is how BitCoins work. Someone can not simply give themselves Bitcoins. These changes have to be verified, and the potential offender can't pick who makes the verification. If someone did own a large majority (+80%), I think people would be skeptical of Bitcoins due to this reason.

Web Links:

https://en.wikipedia.org/wiki/Byzantine_fault_tolerance

https://en.wikipedia.org/wiki/Distributed_hash_table

https://bitcoin.org/en/

dark_st3alth
  • 3,052
  • 8
  • 23