OpenSats Work-Log 3
AI Summary4 min read
TL;DR
This work-log details activities from Q3 2024 under an LTS grant, including research on mining pool centralization, Bitcoin Core vulnerability disclosures, and infrastructure projects like peer-observer. It covers publications, talks, and maintenance of monitoring tools and nodes, with plans to continue these efforts next quarter.
Key Takeaways
- •Research revealed similarities in block templates from major mining pools, indicating proxy pooling and potential centralization in mining.
- •Authored and discussed Bitcoin Core vulnerability disclosures, including DoS and block propagation issues, and presented at events like the eBPF Summit.
- •Developed and maintained infrastructure projects such as peer-observer for P2P monitoring, with tools for real-time event display and node configuration enhancements.
- •Contributed to Bitcoin Core development through GUIX builds, ASMap file creation, CI setup exploration, and PR reviews, while attending CoreDev for collaboration.
- •Plans for next quarter include further work on peer-observer, infrastructure upgrades, data analysis on compact blocks, and ongoing project maintenance.
This is a copy of the 3rd work-log I sent to OpenSats for my LTS grant.
Disclaimer: Some information that is not (or not yet) meant to be published may have been redacted.How did you spend your time?
Publications & Talks
- Block Template Similarities between Mining Pools: Using the Stratum jobs I’ve collected with my stratum-observer project, I was able to show that the block templates from major mining pools often match. This indicates proxy pooling and suggests mining centralization.
- Stats on compact block reconstructions: I published a delving post with data on compact block reconstructions. Specifically, I looked at reconstructions that don’t need an extra round trip for transaction requests. I also used this data to conceptually review the
mempoolfullrbf=1-by-default PR. I plan to revisit this topic with recent data. - I authored two Bitcoin Core vulnerability disclosures I was involved with to some extend: Disclosure of DoS due to inv-to-send sets growing too large and Disclosure of hindered block propagation due to mutated blocks. I appeared on the brink.dev podcast to discuss on of these vulnerabilities. # Episode 6: Discussing Pre-25.0 Bitcoin Core Vulnerability Disclosures
- I spoke at the eBPF Summit 2024 about how I’m using eBPF and the USDT tracepoints in Bitcoin Core to extract P2P network events to use them for, for example, anomaly detection: https://b10c.me/talks/#monitoring-bitcoin-p2p-network-attacks-and-anomalies-with-ebpf-and-usdt-tracepoints
- At the “Bitcoin Burg Academy” I talked about Bitcoin Core development to an non-technical audience: https://b10c.me/talks/#bitcoin-core-development
Projects
peer-observer and infrastructure
To monitor for Bitcoin P2P anomalies and attacks, I run Bitcoin Core “honeynodes” (honeypot nodes). The nodes have additional monitoring attached that is used to record data and metrics. In the last three months, my focus has been on:
- Developed a set of tools that can connect to a peer-observer websocket endpoint and display P2P events in real time.
- Configured CJDNS connectivity on some of the monitoring nodes
- Started a few nodes with a recent ASMap file to test and collect data on ASMap
- Configured some nodes with ASan, UBSan and TSan to catch potential issues
- All
assumes()normally disabled in production nodes are treat as asserts to catch potential issues - I cleaned up a bunch of old Grafana dashboards and created a big playlist
- General maintenance of the nodes and infrastructure.
Bitcoin Core
- I attended the CoreDev event to catch up with other Bitcoin Core developers. I showcased some of my P2P monitoring tooling and got good feedback and ideas.
- I have been GUIX-building and uploading signatures of GUIX build hashes for the recent Bitcoin Core releases.
- I helped in another round of (demo) ASMap file creation and publication.
- Helped out in exploring a nix-based CI setup for Bitcoin Core to reduce the maintenance burden and allow for faster deployment of more CI resources.
- I’ve been keeping my currently open PRs rebased and ready for review.
- When ever suitable, I left my feedback on Bitcoin Core PRs and issues.
misc
- nix flake: I have a nix flake repository for nix packages and modules of Bitcoin software I use. Next to keeping the packages and modules up-to-date, I’ve added a package for my transactionfee-info rewrite, added a miningpool-observer module and integration test, an asmap-data package, and an auto update functionality for packages.
- fork-observer: Based on user feedback from the Warnet project, I improved the UX a bit in #47. I also set up a
testnet4node and attached fork-observer to it: https://fork.observer/?network=4 - stratum-observer: While I had planned to work on stratum v2 implementation in Q3 2024, I have postponed this work for now as there is no real stratum v2 pool yet to connect to. Using the collected stratum data to show the similarities between pools seemed more important.
- btcffm.org: I’m maintaining the website of the Frankfurt Bitcoin meetup
What do you plan to work on next quarter?
- further work on the peer-observer & infrastructure
- keep nodes up-to-date and running
- switch out the current nanomsg message queue for something like NATS: https://github.com/0xB10C/peer-observer/issues/56
- extract non-sensitive infrastructure parts into a separate nix flake and publish a public demo instance again
- collect and analyze data on the transactions requested for compact block reconstruction
- continue to work on the projects mentioned above and in the last progress reports