Sep 01, · E.g. generate a random key on first start, store the key in the database, then XOR all subsequent data read/written to the database with that. Possibly this obfuscation could include the block files as well, although I've never heard of problems with those - the most likely explanation is that AV software doesn't consider files above a certain. Bitcoin obfuscation key: My results after 7 months - Screenshots & facts Bitcoind stuck in Stack Overflow 8 Protect And Obfuscate. The private key is is a bit value all, Bitcoin's key innovation Using Crypto feuerwehr-matzenbach.de blockchain, a public, Reddit The obfuscation key the original key used in startup loading block Creation have been code below shows a running on a raspberry in obfuscated. Bitcoin obfuscation key is a decentralized whole number currency without a central bank or single administrator that can be sent from user to someone on the peer-to-peer bitcoin material without the need for intermediaries. Transactions are verified away scheme nodes finished cryptography and prerecorded in angstrom unit public distributed.
Bitcoin obfuscation keyObfuscate database files · Issue # · bitcoin/bitcoin · GitHub
As this is meant as a fast, lightweight obfuscation mechanism, using AES seems like overkill. The goal is to avoid trivial signature matching. I don't see what using a stronger crypto-system would add. Specifically if this is switched to the default then everybody is going to need to do the upgrade procedure, which is potentially slow and expensive. All keys are serialize something , whether that something is a character or something more complex.
Doing this in the background is pretty hard, as you need to prevent writing entries that a concurrent modification may be updating. You also said -reindex was hard :. A UTXO entry that is not touched is never overwritten, so creating a UTXO with a virus signature in it, and then never spending it would leave AV software detecting the file as problematic until reindex anyway.
I think for now I'm perfectly fine with an opt-in approach. We can add updating later. Another issue: we need a clean failure when downgrading. I don't think the chainstate has a version number, so that's problematic. People tend to try a new version but then find a problem, so need to revert to an earlier version of the client. My thought was that if there is no obf key, we set one and set it to all zeros.
Everyone is "obfuscated". On reindex we should reset the key. Downgrade works fine, so long as you haven't reindexed since. If you do downgrade after one you'll fail right away, on the chainstate check I do not think more complexity than this is justified.
The users this helps are primarily ones where the software currently immediately fails. If you suffer a latent AV incident, the result will be to need a reindex in any case Considering how much data corruption problems we currently have with LevelDB on windows already, this sounds pretty complete.
I'll get to implementing. Skip to content. New issue. Jump to bottom. Copy link Quote reply. Copy link. Concept ACK. The xor value could be cached inside the wrapper object - there is no need to read it over and over again. You'd read it when opening the database, and if it doesn't exist, generate and write it.
As Luke mentions, you also need to deal with non-obfuscated values. LevelDB is efficient for large amounts of keys that start with the same sequence of bytes, so this would not hurt storage. You do need some mechanism for erasing the old unobfuscated key when the new one is written. This may have some performance impact Member Author. Obfuscate chainstate Transition thinking Mixed obfuscation creates a mixed situation that lingers forever. Mixed obfuscation does not eliminate the problem for a user, even after the user upgrades.
A one-time upgrade is painful only if done in the foreground. You also said -reindex was hard : e. The scheme is very simple - a randomly chosen per database bit value that gets XORed into all values in the database. This is fast, simple, and so far, effective.
Sign up to join this community. The best answers are voted up and rise to the top. What is an obfuscation key? Ask Question. Asked 3 years, 11 months ago. Active 3 years, 11 months ago. Viewed 1k times. This message appears in my debug. See also github. Active Oldest Votes. Pieter Wuille Pieter Wuille Sign up or log in Sign up using Google.
Sign up using Facebook. Sign up using Email and Password. Post as a guest Name.