Remove incentive for makers to cheat by creating multiple bots #43
Conversation
Incorporates seamo1's prudent pull request to remove spam bots from JM by setting default bondless makers to 0. Fidelity bonds have been around long enough where makers can easily set one up.
Removes the incentive of makers to cheat by creating multiple makers/bots by restoring Chris Belcher's original bond value exponent of 2.0. This also reduces the sybil attack surface. The exponent had been set to 1.3 on a temporary basis to address the issue where a few bonds were receiving most of the offers, but with the maturity of marketplace this should be restored to reduce cheating and attacks.
|
Hi @cookcut ! Thanks a lot for the Pull Request. I don't have a clear opinion on this yet, so in this comment I will try to summarize the timelines and main points for and against changing each parameter (I see it as 2 different topics). Historical Timeline of JoinMarket Fidelity Bond ParametersOriginal Design (2019-2021)Parameters:
Chris Belcher's original design document established these values with the quadratic factor (exponent 2.0) specifically to:
The 12.5% bondless allowance was included because "some privacy-makers are useful to include in coinjoins too" and they're "easy to fake by an adversary so they don't contribute much to sybil resistance." April-May 2022: Reduction to 1.3 #1247, #1253Change: Exponent reduced from 2.0 to 1.3 Context:
Key Arguments For Change:
Important Revelation: Chris Belcher stated: "FWIW, speaking historically the reason I chose an exponent of 2 was because I forgot the possibility of fractional exponents. So in my head the choice was only 1 or 2." Consensus: 1.3 still provides good Sybil resistance (any value >1 incentivizes consolidation) while reducing centralization risk. August 2022: First Reversion Attempt #1325Proposal: Change back to 2.0 because market has matured (82 bonded vs 85 bondless offers) Outcome: No consensus, no change Key Counter-Arguments:
July 2025: Spam Crisis #1790Crisis: ~7,000 bondless bots vs ~40 bonded makers Impacts:
Strong Consensus: Set Rationale: Fidelity bonds are 6 years old, mature, safe, and easy to create. September-October 2025: Current Debate #1798Proposal: Change both parameters:
New Evidence:
Adam's Mathematical Analysis: Surprising finding that exponent 1.0 might actually minimize Sybil attack success probability directly, with higher exponents helping only indirectly through economic disincentives. Arguments SummaryFor Exponent 2.0:
For Exponent 1.3:
For bondless_makers_allowance = 0.0:
For bondless_makers_allowance > 0:
|
|
Thanks m0wer. Regarding Adam's analysis, he did post: If I'm right about that, it comes back to the "finesse" point I mentioned above: as per Chris' gist, the motivation here is that the exponents > 1 create the concentrating incentive; Chris's point in that section was that the Sybiller had to sacrifice a huge amount of value to get a success prob. still significantly less than 100% [1]. But that doc (and all the subsequent discussion that I recall) doesn't identify the very important point that high exponents do not actually help prevent Sybil attacks directly, in fact they are quite suboptimal for that, since ceteris paribus they increase, rather than reduce, the probability of Sybil attack success with the same coin resources.[2] But on the other hand indirectly they make such attacks less likely because they are more costly in terms of lost income. To me it seems [1] and [2] cancel each other out. It isn't clearcut that n = 1 provides better resistance based on my interpretation. His assumptions: And this is likely not the case in the real environment. But I tend to think, from what I've seen, than "an x > 1 makes Sybil attack success probability more likely" is a good general heuristic; concentration effect allows bumping Sybil success probability, generally. (btw x < 1 is also bad, because it allows success by arbitrarily small splitting, but ... no one would propose that!). This seems to me like he is saying in general that x > 1 provides better resistance, which I agree with and contradicts x = 1 providing better resistance. If I go through and re-read the whole analysis the general tone is 'this is my thought, but here are assumptions and caveats that may not make it as conclusive'. Really if we think about it, x has to be greater than 1 and it needs to be a strong exponent to provide a strong incentive for makers to considate into one maker and not run multiple makers. The current environment shows that we need a stronger incentive/exponent. Going through the other 'pros' for exponent 1.3:
Disagree since the 'pro' for exponent 2.0, "Market has matured (more bonds, better distribution)" prevents this.
The issue now is the 40 makers with 1 BTC could be controlled by the same entity. This is likely the case looking at the orderbook. 40 valid makers controlled by different entities will still get action with a stronger exponent/Sybil protection.
True, but the issue we are addressing is to provide a stronger incentive for makers to not run multiple makers.
Just the nature of software updates. There will always be updates that disadvantage early adopters. They can adjust when their fidelity bond expires. But the increase back to exponent 2.0 should have a more immediate impact on Sybil protection and multiple makers controlled by the same entity. |
|
Addressing the bondless_makers_allowance > 0 'pro's:
Not sure what this means. There will be some makers that will be slow to switch to having bonds, and if takers want some in the mix they are free to set this parameter themselves to a non-zero value. I think the question here is in general, is it safer/better for the default to be set to 0.0 or 0.125? For the new JM users or those who don't bother with changing the defaults, it is better for the default to be set to 0.0 to disincentive the spam issue.
Not much of a need for this since fidelity bonds are mature now and each maker can create one easily. Again, it is better to have a 0.0 instead of 0.125 default to address current issues, and if individual takers want to increase diversity by including non-bonded makers, they are free to do so by changing this variable themselves.
Part of the price to pay to be a bonded maker. Eventually this aspect of JM could be improved so that this will be less of an issue. Makers can also choose not to add bonds if they are OK with getting less action. |
|
Ran some numbers of different exponents, here is the script and results: https://gist.github.com/m0wer/23d09c90b7a23070a3e4e340b26d6d14 |
|
Given the results of the experiment, I'm hesitant on the 2.0 exponent based on the marginal gains vs centralization cost, but I understand your reasoning. Would love to see what others think, and I'm definitely open to changing my mind if the data shows something I'm missing. About the bondless allowance, the question is if they would still do harm if they are free. Currently, bondless peers make the same fee as others, so there's a clear incentive for creating lots of fake offers at 0 cost instead of locking a fidelity bond. But maybe if bondless allowance stays, they're a nice addition if free. Meaning that you have earned at least the same privacy than in a 8 person coinjoin but adding 2 extra free bondless peers for free (which might be legit or not, but since it's free why not take the chance). Would that be a better fix than banning them? Because even if all clients set the bondless allowance to 0, that does not help with the directory nodes load, since those still receive offers and traffic from bondless peers (as takers are). So it's hard to justify it for this goal. Nevertheless it is very annoying to have a guy spying on makers AND making money (explained below and in the Telegram group). A protocol level fix would be needed to protect the directories. Opened #46 for that. The other problem that we are currently having is actually a rogue taker learning UTXOs and linking them to bonds. Which BTW happens to be the same person posting the thousands of spam offers. Proving even further that bondless makers might actually save the day if there's ever someone with a map of UTXO(s)->maker->bond. A bondless maker just randomizes their nick each time so you can't track them as easily. This problem needs a proper fix and deserves its own issue: #47 What do you think about the experiment results? And about the no fee for bondless makers (by default, but configurable)? |
|
Sorry, you've lost me here. This experiment does not take into account the current spam maker attack, which is the most important factor. Keep in mind that it is under these defaults that the attack is occurring, so obviously we need changes. There is always going to be a tradeoff for sybil protection vs. 'fairness' for lower-bonded makers. Lower/non-bonded makers can be legitimate but right now it is obvious that many/most are controlled by a single entity. I don't mind lower-bonded makers being part of less CJs, and I think most others are fine with that, compared to the issue of the spam maker attack. Lower-bonded makers will always get some action anyway. They will pickup CJs that higher-bonded makers don't want to be a part of by adjusting the CJ minimum amount settings. Again, CJ maker users are knowledgeable and can adjust this. They can also increase their bond size and know how to do that as well. However, the problematic defaults lead to the spam maker attack because of the users that are usually not running makers or know to change settings. So the question isn't about centralization pressure - it is about what is the strongest action we can take to combat the spam maker attack. Also we aren't 'banning' non-bonded makers. They will always get some action, because some JM versions will not be updated, or knowledgeable takers can adjust their settings to allow for a non-zero amount if they so choose. Again, it is about what is the strongest action we can take to address the current issue. It is obvious to me that both of these changes will be needed - the change in default to 0.0 for bondless makers allowed will force the attacker to adjust and add fidelity bonds to each of their makers. The change in default to 2.0 for the bond exponent will make this adjustment futile compared to consolidating their makers. Without both settings updated, the attacker will still be rewarded. Pardon my frankness, but any derivative or version of JM that preserves the status quo or defaults, and therefore supports the current situation of spam maker attack is suspect to me and not credible. More discussion is not needed, as that would only delay the needed change to address the spam maker attack now. Both defaults need to be updated ASAP, and a editable config file similar to the reference client (joinmarket.cfg) should be made available. It seems like the defaults in JM-NG are hard-coded. On a positive note, I'm all for enhancing the privacy of makers with fidelity bonds. At least there is one thing we can agree on. :-) The rogue taker learning UTXOs is not a good thing, but I don't think that bondless makers would 'save the day'. We should make the privacy for bonded makers as robust as non-bonded makers. But again, maker users are knowledgeable. So the onus is on them to know that the sats they use for a bond can be tied to them, and to take appropriate measures to choose the right sats for a bond. |
|
As far as I know, the current spam attack consists of only bondless offers, so I don't see the direct connection to the exponent discussion. What I see is the economic incentive of running lots of makers without bond and the same wallet to get chosen more often. Thus the suggestion of removing the incentive: no fees for bondless makers. And seeing what happens. If the motivation of the “evil” maker is just economic, I would expect the fake offers to disappear eventually. The spam load that directory nodes have to handle does not change either way. Unless directories start rejecting offers without bonds but that would be very different from changing the taker's default. Maybe in the future the “evil maker” makes several maker bots with bonds, and then the exponent discussion begins. But from the number I've run I don't think it's a game changer either way. Please let me know if I'm missing something and there's another spam attack where several makers with bonds are controlled by the same entity. But I'm not sure that's even feasible, given the current numbers of the top bonds selection probability: https://m0wer.github.io/joinmarket-fidelity-bond-simulator/ I'm all in favor of changing things, just need to make sure of solving the right problems and doing so mindfully. I highly appreciate your time and efforts in that regard. |
It's pretty obvious that the attacker will just add bonds onto their makers to adjust if needed. So let's deal with it now instead of later. The attacker is sophisticated - they will likely adjust very fast. This is a chess game where we have to think multiple moves ahead, not just one.
There isn't now but it is clear how the attacker will adjust. To me it is obvious that both changes are needed to combat this. If both changes go in, the attacker is more likely to consolidate into one maker than they are to just add bonds onto each of their multiple makers.
This isn't going to happen overnight even with these changes going in now. More important is to have the reference client updated, since JM-NG is not widespread.
Spam load on directory nodes is bad, but the attacker being rewarded is worse.
Thanks, but I feel like we're just giving the attacker more time to profit/be rewarded. I've mentioned this in the reference JM's discussions/pull request ages ago but the update is so slow. Appreciate your quicker response, but I think we need quick action, not further discussion. The underlying theme behind my thoughts is - what is the strongest action we can take against the attack, that still preserves the ability for knowledgeable JM users to adjust via settings? To me it would be these changes. |
Not everyone has 50 BTC laying around for a fidelity bond. Currently all it takes to perform the attack is just a script that spawns a lot of makers with the same wallet. Why do you think the attacker will have a lot of funds for adding fidelity bonds to each bot? And this is only about the exponent debate. We could change the attacker from needing 50 BTC to do some harm to needing even more, but as far as I know there's no evidence to think that it'll even have that amount. And it's not clear to me that the motivation is other than just economic. That being said, your suggestion of taking a strong action fast convinced me of changing the default bondless allowance to 0. I would still like to work on a separate issue to allow for bondless without fee as a non-default alternative. Would it be fine for you to adapt the Pull Request to keep the bondless allowance set to 0 but leave the exponent at 1.3? That would cover the most urgent issue. |
The argument that the attacker needs a lot of funds for the fidelity bond does not make sense to me. All that is needed is for the attacker to easily add a few sats per bond for each maker and bondless allowance set to 0 is circumvented. The attacker's makers will still be the mix as they now have bonds. Looking at the distribution of attack makers and the sophistication of the attacker, they likely already know about this mitigation and have written a script to quickly populate their makers with bonds. The amount of funds that the maker has doesn't matter as much as the incentive to split up the funds into many different makers. The 2.0 exponent would strongly prevent this scenario, as a large number of makers with smaller bonds each should not pick up much action compared to a single maker with a larger bond. The incentive is then for the maker to pool resources that they would normally split in to many smaller bonds into a larger bond. The associated maker with that larger bond requires the 2.0 exponent so that the attacker will consolidate funds into this maker and eliminate the other makers. Which is ideal for legitimate makers with smaller bonds, as once the attacker's makers are eliminated/consolidated, it gives legitimate makers with smaller bonds more access to CJs. The attacker has access to a lot of funds anyway - eyeballing the suspected makers, that amount looks to add up to 50-100 BTC, possibly more. Likely the attacker started with one maker, but then analyzed the market, saw that it was more profitable to split their resources and attack with multiple makers. With a weak 1.3 exponent, they are still incentivized to keep multiple makers, perhaps creating 'medium-sized' bonds for each. We need a strong exponent to encourage consolidation.
My stance is still the same. These are needed changes to address the spam maker attack fully. Only taking one of the two necessary changes does not fully address the topic of this pull request. I'm not sure why it is up to me to do additional work here that I consider a half solution. It's easier for you to make the change to the bondless maker allowance setting yourself, as you have the access to commit that change into a version. |
|
Having bonds is not enough for a fidelity bond attack. With the current orderbook, a 0.1 BTC bond locked for a year would have only ~0.01% of being chosen with bondless allowance set to 0. To have a 1% of being chosen you would need 100x that, so 10 BTC split across 100 makers. And you would be better off (as an attacker) having a single 10 BTC bond (which is the point of an exponent >1). And all of this with the value 1.3 So what do we accomplish with 2? Why not 100 (as an absurd example)? About making the changes, it's just courtesy so you have the chance for recognition. But it's easier for me to do them myself and can do so happily. |
Having any bond is enough to circumvent bondless allowance = 0. Again, only half a solution because once those attacking makers all have bonds they are all again included in the mix. I don't want them to profit. At all. They are taking away CJs from legitimate makers. This attacker has access to a lot of funds. So 10 BTC or more split across multiple makers may be nothing for them. I'm not sure where your numbers are from. I think your overall point here is that 1.3 is enough. I disagree, a stronger approach is needed here. The attacker is smart and sophisticated. If this default is left at 1.3 they will find it much easier to keep multiple makers. With the default set to 2.0, that is our best chance to rid ourselves of these makers controlled by the same entity.
That is a distraction/fallacy and you know it. :-) 2 is stronger than 1.3 to address the current attack, and it was the original value.
No need, I'm happy that we address this spam attack fully. I don't need recognition. |
|
I think we are talking past each other at this point. Can you please provide evidence or numbers for:
The numbers shown come from https://m0wer.github.io/joinmarket-fidelity-bond-simulator/ and https://gist.github.com/m0wer/23d09c90b7a23070a3e4e340b26d6d14 Where a lot of different scenarios were tested and the Sybil resistance for each exponent value was measured. You keep saying 2 without backing where it comes from. 2 is stronger than 1.3 for Sybil resistance. And 100 is wayyy stronger than 2 or 1.3. Thus the question why not 100. The answer is the tradeoff between Sybil resistance and maker selection centralization. You can see the numbers of both in detail in the gist. I honestly don't see a significant improvement that justifies the 10x impact on maker selection centralization. Please have a look at the numbers. 2 being the original selection is not an argument, specially after Chris's quote:
Currently the “evil” maker is probably ending up in almost all coinjoins, and that's bad for privacy and unfair to other makers. But mostly to bondless makers! Makers with bond are being selected proportionally to their bond value as usual. As said before, even with a 1 year 0.1 BTC bond, you only get 0.01% of being chosen vs the almost 12.5% selection probability that the “evil” maker is almost coping at the moment. Making the bondless allowance 0 is the most effective way to counter this (with some tradeoffs), so that part I agree with. What is yet to be proven is the urgency and net benefit of changing the exponent. If the attacker creates fidelity bonds and is chosen proportionally to their value as every other maker, is he still an attacker? |
|
I can't make changes to your branch so had to create a new Pull Request: #48 It leaves out the exponent change and sets the default bondless allowance to 0. Also introduces a flag to only consider offers with zero fee for the bondless spot for when manually set to >0. Feel free to keep the discussion of the exponent here or move to an issue or a discussion thread. |
Again with this silly call for numbers. There is a current attack going on with these current defaults. It's common sense that adjusting both these parameters will address the spam attack - either with or without fidelity bonds. Simply implementing half the solution will not fix the whole problem. As for the attacker having a lot of funds, just sum up the maximum CJ sizes in the orderbooks for the makers with fees from 0.119% to < 0.399%, and again for absolute fee values 0.00002 to < 0.0001. If you look at these makers, they have a sliding scale of fees in this range, all have a custom min size of 27300 sats, and indicative of the same entity controlling these makers. Maximum CJ sizes don't account for sats in other mixdepths, only one mixdepth with the most sats, so it is likely that the actual funds controlled are much higher.
The 'why not 100' is a fallacy that is meant to distract and not focus on how 1.3 is inadequate. Anyone of intelligence will see this for what it is. There was no need to bring this up, unless one couldn't focus on the merits of 1.3 vs. 2.0.
Great, so let's go with 2 then since it is clear that 1 is weaker than the current exponent, which has created an incentive for the attacker to use multiple makers.
Well obviously we want to make sure the "evil" maker is involved in less coinjoins. The way to do that is to 'force'/convince them to considate multiple makers into one, with one fidelity bond. While they still might be involved in many coinjoins, since coinjoins usually require a minimum of 4 makers, they don't have as much impact as if they had multiple makers involved in one coinjoin. The way to do that is not just change bondless allowance to 0, but also to make the bond exponent stronger. Seems pretty obvious.
We don't need to prove anything to know that an exponent of 2.0 is a stronger action to move the attacker towards consolidation than an exponent of 1.3. The fact that this PR was closed quickly and a new one opened without the exponent change is troubling. It leads one to think that for all the effort put into JM-NG, the effort seems wasted because even though the response to concerns are quicker than JM reference, the development here is centralized with one person, who may or may not see the same concern. |
|
@cookcut I've provided simulation data, you've provided assertions. Let me address your points one final time: On the "attacker's funds": On the exponent:
On Chris's quote: On consolidation:
This is true at 1.3 AND at 2.0. The difference is HOW MUCH less - and whether that difference justifies 10x impact on legitimate smaller makers. On closing the PR: We've implementing |
|
Once one goes into fallacies they lose all credibility. It's also obvious that a higher exponent would more likely force the attacker to merge their makers instead of the status quo exponent. Plain as day to me, and I'm sure others that haven't spoken up. The best way smaller makers can be protected is to eliminate the other makers controlled by the same entity, not keeping the same exponent so that the attack continues. This PR was about addressing the spam attack, closing it acknowledges you do not consider the seriousness of this attack. Good luck with this project, but it has lost credibility with me. |
|
You can find a consensus on bondless allowance 0 and exponent 1.3 in the Telegram group, including a reference implementation maintainer. No one has spoken in favor of increasing the exponent. I'm not trying to convince you (gave up some messages ago), but want to leave a clear reference for anyone else reading. |
|
@AdamISZ you might find the discussion here and the experiment from the gist interesting. |
|
@cookcut re: "This seems to me like he is saying in general that x > 1 provides better resistance, which I agree with and contradicts x = 1 providing better resistance." But the quote you're responding to doesn't say that, it says x > 1 provides worse resistance. @m0wer I took a quick look at your gist. That's going to take a while to digest. If I have a question about it I'll ask here as IIRC gists don't ping. |
3 participants
Thanks m0wer for your efforts to keep JM updated. Bringing this pull request over from the reference client's repositiory as it has been sitting for quite some time and is much needed to combat the current maker shenanigans.
Description from reference JM pull request 1798:
This was discussed in Issue 1790.
This change removes the incentive of makers to cheat through creating multiple makers/bots. This is done by restoring JM creator Chris Belcher's original bond value exponent of 2.0 in his fidelity bond paper. This also reduces the sybil attack surface. The exponent had been set to 1.3 to address a perception that too many offers were going to a handful of makers. This was in an environment where only a handful of makers had fidelity bonds. With the maturity of the marketplace and fidelity bonds being around for years now, the default setting should be restored to help reduce maker cheating and sybil attacks. It seems pretty obvious that cheating is occurring through multiple makers being created/controlled by the same entity.
This pull request also incorporates seamo1's necessary pull request 1792 to remove spam bots from JM by setting default bondless makers to 0. Fidelity bonds have been around long enough where makers can easily set one up.
For current users, I strongly urge you to update your joinmarket.cfg file as such:
bondless_makers_allowance = 0.0
bond_value_exponent = 2.0