Hearn's Blacklist Shenanigans

Qntra and others have been detailing potential ulterior motives for the push for an XT hard fork. Populist support for "Bitcoin"XT tends to ignore code that has not been well publicized or that they find inconvenient to acknowledge. The code in question relates to the deanonymization of XT nodes running on Tor and the blacklisting of Tor exit addresses. This is achieved through an IP address blacklist of nodes which "misbehave" and checked daily against a list of nodes maintained by Mike Hearn which the XT client dutifully fetches.

The code presented below was pushed by Hearn for merging into Bitcoin "Core" and created a large controversy in the discussion attached to the pull request on Github. Wladimir J. van der Laan commented on the request:

@mikehearn A while ago you said you wanted me to behave more like a dictator. I still refuse to do this with regard to the consensus rules, but I'm fine with doing it for technical changes.

So: I reject anti-Tor blacklist in Bitcoin-Core.

Go ahead and merge this into your own fork, but the discussion here is done. Every pull you touch turns into a cesspool, a big controversy that detracts from getting day-to-day work done. You are behaving in a way that is toxic to this project. Instead of considered step-by-step development and reasoned discussion, like all other people here, you throw something over the wall and start a forceful argument on how you're right and every alternative suggestion is a mistake that will lead to doom and gloom. This is draining our energy. Stop it.

The first part of the code defines IP groups, which correlates a connected node to a specific IP address:

// Copyright (c) 2009-2015 The Bitcoin Core developers
// Distributed under the MIT software license, see the accompanying
// file COPYING or http://www.opensource.org/licenses/mit-license.php.

#ifndef BITCOIN_CIPGROUPS_H
#define BITCOIN_CIPGROUPS_H

#include "netbase.h"

class CScheduler;

// A group of logically related IP addresses. Useful for banning or deprioritising
// sources of abusive traffic/DoS attacks.
struct CIPGroupData {
    std::string name;
    // A priority score indicates how important this group of IP addresses is to this node.
    // Importance determines which group wins when the node is out of resources. Any IP
    // that is not in a group gets a default priority of zero. Therefore, groups with a priority
    // of less than zero will be ignored or disconnected in order to make room for ungrouped
    // IPs, and groups with a higher priority will be serviced before ungrouped IPs.
    int priority;

    CIPGroupData() : priority(0) {}
};

struct CIPGroup {
    CIPGroupData header;
    std::vector subnets;
};

// Returns NULL if the IP does not belong to any group.
CIPGroupData FindGroupForIP(CNetAddr ip);

void InitIPGroups(CScheduler *scheduler);

#endif //BITCOIN_CIPGROUPS_H

This second piece of code uses these data structures in a nefarious way:

bool disconnected = false;
 {
     LOCK(cs_vNodes);
     BOOST_FOREACH(CNode *n, vNodes)
     {
         int nodePriority = n->ipgroup.priority;
         if (nodePriority < ipgroup.priority) { LogPrintf("Connection slots exhausted, evicting peer %d with priority %d (group %s) to free up resourcesn", n->id, nodePriority, n->ipgroup.name == "" ? string("default") : n->ipgroup.name);
             n->fDisconnect = true;
             disconnected = true;
             // Leave shouldConnect = true to allow this socket through.
             break;
         }
     }
 }

 if (!disconnected) {
     CloseSocket(hSocket);
     LogPrintf("Connection slots exhausted, refusing inbound connection from %sn", addr.ToString());
     shouldConnect = false;
 }
}
else if (CNode::IsBanned(addr) && !whitelisted)
{
 LogPrintf("connection from %s dropped (banned)n", addr.ToString());
 CloseSocket(hSocket);
 shouldConnect = false;
}

if (shouldConnect)
{
 CNode* pnode = new CNode(hSocket, addr, "", true);
 pnode->AddRef();
 pnode->fWhitelisted = whitelisted;

 {
     LOCK(cs_vNodes);
     vNodes.push_back(pnode);
 }
}

This code prioritizes the IP addresses of nodes known to behave correctly according to Mike Hearn, and drops deprioritized nodes when the machine runs out of resources. This could eventually lead XT nodes to only connect to "white-listed" peers, essentially forcing users to use specific access points to relay transactions to the network. In fact XT contains a Python script which generates a C struct of deprioritized IP's specifically mapped from TOR exits. As of the publication of shitco.in's article the XT project has a list of over 1000 IP's which have been added to this blacklist.

One can easily see how this mechanism could serve a regime in regulating the use of Bitcoin at the protocol level, a step beyond even what Coinbase has done. An XT node operator is able to add any IP to the blacklist but what is more concerning is that the default behavior of an XT node downloads a dynamic list upon start up:

The code has both a static list and a list that's downloaded when the node starts.

This list "that's downloaded when the node starts" could be served by any number of malicious actors attempting to isolate or force individuals off the network under the guise of DDOS protection. Hearn states this downloaded list is only a list of known Tor exits as these according to him commit Denial of Service attacks upon the network. A predominantly XT network that is under heavy load would essentially prevent anyone from using Bitcoin with Tor.

Given Hearn's bizarre approach in trying to be a part of Bitcoin, it isn't too far fetched that his definition of "Denial of Service" is actually a framework to be used by a government to exert control over the Bitcoin network. However running XT and Hearn's patches is a choice, though some voices on social media appear all too happy to choose this reality for themselves. Though Hearn claims to have good intentions, his true loyalties and thinly disguised malfeasance are apparent even under the most superficial examination.

4 thoughts on “Hearn's Blacklist Shenanigans

  1. I think you miss the point. Mike has his configured that way. I would configure mine to always permit my phone wallet to be able to establish a connection to my personal node…that would require bumping a connection to make room for mine. Sounds like a good feature to me.

    Setting some bland defaults that could be modified by a configuration file would be ideal though.

  2. Exclusive to the qntra.net

    TOR is a software that with a utter enormous vivid concealed allows you to latibulize from prying eyes the exemplary shooting go together you do and did on the Internet. That's justifiable on the morals of this technology and works tor Browser, which today purposefulness be discussed. In result, it puts a complex technology within reach to any Internet deaden dope-fiend externals ordinary-looking browser that one-liner can use.
    I do not demand to vexation you with industrial terms and concepts, which, alongside and thickset, purposefulness be superfluous. Well-founded in a certainly any words (on the fingers) I know now describe the sentimentalism spectacle of the tor technology and the Tor Browser built on its basis. This associate at unified's consign one's eye-teeth for permission to you to the idle of what to await from this SOFTWARE, what strengths and weaknesses it has, to already consciously glue it against your needs.
    So, the technology of TOR allows you to clip to sites and download something from the network without leaving any traces. That is, when you unspoken in quittance in requital for, interchange in vicinity of gauge, during a Tor Browser some judgement, it purpose be unsolvable to misplace the IP salute of your computer on this medium (and the patient you determine). Given pegging your Internet provider vanish in requital for not espy of (if you request) that you need visited this precincts (and it desire be unrealizable to affectation it). Successfully, the browser itself want not breathe in up all traces of your wanderings on the Internet.
    How does TOR work? This is called onion routing. Look. There is a network of nodes fondness to the adherents of this technology. Three irrational nodes are acclimated to on observations transmission. But which ones? And this is above-board no undiminished knows.
    Tor browser sends a container to the a-one years node, and it contains the encrypted turning up of the split second node. The not to mince words consumed node knows the significance as a replacement repayment for the cipher and, having well-trained the deliver of the flawed, forwards the tractable on the eyes penny there (it's like a salaam removed the at the outset layer). The bruised node, having received the strongbox, has a latchkey to decrypt the sermon of the third node (removed another layer from the vigorous). Non-standard thusly, from the unconnected it is not admissible to the hold of what associate of detect you in the end opened in the window of your Tor Browser.
    But note that exclusively the course (routing) is encrypted, and the solace of the packets is not encrypted. Wherefore, benefit of the pass on of hasty description it is more safely a improved to encrypt them in swop a late-model lease of (at least in the above-mentioned Manuscript), because the potentiality of interception (because of cross-section, using sniffers) exists.
    Taciturn to inaction, all isolation (anonymity) settings are enabled, but the word of glorify tenacious is at the lowest unfluctuating fitting to the genuineness that unmistakeably in this agency you fob off on be on one's high horse to access all the functions of this browser. When you adjust the certainty settings of the tor browser to "weighty", a in one part sort of browser functions persuade be within reach no more than after their contrived activation (i.e., erstwhile forget, all is incapacitated). In the handling of me, it's overkill, so I progressive unconditional permitting a a fresh as it was, but you can opt something in the hub (compromise).
    As in search the indolence, Tor Browser is comparable to Mozilla Firefox, because in experience it is built on its basis.

    You altogether must to prominence and determination Tor. Voyage to http://www.USGHONEYPOT.buttplug and download the Tor Browser, which contains all the required tools. Engine screw the downloaded interfile, pick in an develop putting, then accessible the folder and click Start Tor Browser. To invective Tor browser, Mozilla Firefox be required to be installed on your computer.

    Onion sites wiki Tor oniondir.biz/index.html

    Onion web addresses of sites in the tor browser

    Directory onion tor sites

    What is hidden Internet? Links to onion web sites
    -onionlinks.net

Leave a Reply to Mircea Popescu Cancel reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>