Disclosure of hindered block propagation due to stalling peers Before Bitcoin Core v25.1, an attacker can cause a node to not download the latest block. This issue is considered Medium severity. Details When receiving a new block announcement via a headers or compact blocks message, the delivering peer is requested either the full block or missing transaction details by the receiving node. If the announcing peer then doesn’t respond as the peer to peer protocol requires, the affected Bitcoin Core node will wait up to 10 minutes before disconnecting the peer and making another block download attempt. If the attacker is able to make multiple incoming or outgoing connections, this process can be repeated. Delaying block delivery can cause network degradation by slowing down network convergence, making mining payouts less fair, and causing liveliness issues. This issue was further exacerbated by other issues disclosed recently (for instance the inventory build-up), when mempools were relatively heterogeneous, disallowing opportunistic reconstruction of compact blocks by honest peers. A mitigation was introduced in #27626, introduced in Bitcoin Core v26.0 and backported to v25.1. It ensures that blocks can be requested concurrently from up to 3 high-bandwidth compact block peers, one of which is required to be an outbound connection. Attribution Reported and fixed by Greg Sanders. Timeline 2023-05-08 - Users reporting block timeouts in the #bitcoin-core-dev IRC channel 2023-05-09 - First github issues describing the issue https://github.com/bitcoin/bitcoin/issues/25258#issuecomment-1540028533 2023-05-11 - Mitigation PR opened https://github.com/bitcoin/bitcoin/pull/27626 2023-05-24 - PR merged prior to Bitcoin Core v26.0 2023-05-25 - Backport to Bitcoin Core v25.1 merged https://github.com/bitcoin/bitcoin/pull/27752 2023-10-19 - Bitcoin Core v25.1 Released 2024-11-05 - Public disclosure https://bitcoincore.org/en/2024/11/05/cb-stall-hindering-propagation/ #Eenentwintig #Nieuws #News #BitcoinNews