In October 2024, the Bitcoin Core project disclosed a Denial-of-Service due to inv-to-send sets growing too large, which I authored, for Bitcoin Core versions before v25.0. I have a few notes and screenshots from my investigation back then that I want to persist here. In early May 2023, my monitoring infrastructure noticed this bug affecting mainnet nodes, which allowed me to pinpoint where the problem came from. Credit for working on a fix goes to Anthony Towns.| b10c's blog
Looking deeper into @boerst’s recent observation about invalid mining jobs by AntPool & friends to discuss his hypothesis about “selfish mining” and “glitchy template code”. I conclude that it’s probably a bug in AntPool’s coinbase creation code and agree with @boerst’s conclusion that this is another good data point for proxy pooling of “AntPool & friends”.| 0xB10C's Blog
My miningpool-observer project aims to detect when Bitcoin mining pools are not mining transactions they could have been mining. Over the past few weeks, it detected fifteen missing transactions spending from OFAC-sanctioned addresses. This post examines whether these transactions were filtered intentionally or if there are other possible explanations for these transactions to be missing from blocks. I conclude that F2Pool might have started to filter OFAC-sanctioned transactions again. Howev...| 0xB10C's Blog
Different mining pools sending out the same or a similar block template to miners is an indicator for proxy pooling. Knowing about proxy pools is important when discussing mining pool centralization. To find similarities between mining pool block templates, I compare the Merkle branches pools sent in the stratum jobs and calculate a similarity score. This shows pools with similar templates and allows building a relationship graph between the pools. --- In April 2024, I reported that pools lik...| Bitcoin Network Observations on 0xB10C's Blog
My notes on the two bad-blk-sigops: too many sigops invalid blocks, 783426 and 784121, mined by F2Pool in April 2023.| b10c.me
I noticed multiple ERROR: AcceptBlock: bad-witness-nonce-size errors in the debug log of my Bitcoin Core node. These indicate that a block my node received is invalid and not accepted. It turned out that these are ViaBTC’s blocks, broadcast by their mining pool software, where transaction witness data is missing. In this post, I’ve written down my notes on this observation.| b10c.me
This blog post provides an overview of non-standard transactions that mining pools included in the last 117000 Bitcoin blocks.| b10c.me
My project, miningpool-observer, aims to detect when Bitcoin mining pools are not mining transactions they could have been mining. Over the past few weeks, it detected six missing transactions spending from OFAC-sanctioned addresses. This post examines whether these transactions were intentionally filtered because they spent from OFAC-sanctioned addresses or if there are other possible explanations for these transactions to be missing from blocks. I conclude that four out of six transactions ...| b10c.me
Notes on the invalid Bitcoin mainnet block at height 809478 mined by experimental, in-house MARAPool mining pool software on September 27, 2023.| b10c.me
My miningpool-observer project aims to detect when mining pools don’t mine transactions they could have mined. Right after taproot activation, it caught that F2Pool and AntPool didn’t mine P2TR (Pay-to-Taproot) spending transactions. This post is a write-up of this observation.| b10c.me
This post describes and discusses the behavior of an entity I call LinkingLion. The entity opens connections to many Bitcoin nodes using four IP address ranges and listens to transaction announcements. This might allow the entity to link newly broadcast transactions to node IP addresses. The entity has been active in some capacity since 2018 and is also active on the Monero network using the same IP address ranges. The entity might be a blockchain analysis company collecting data to improve i...| b10c.me
Over the past few months, I’ve repeatedly observed very short-lived P2P connections with fake user agents being made to my Bitcoin Core node in a high succession. This morning around 7:00 am UTC, these abruptly stopped.| b10c.me
Transactions sent with Blockchain.com wallets make up for about a third of all Bitcoin transactions. A methodology to identify these transactions is described and used. Insights about the wallet-usage are derived from the resulting dataset. The privacy implications and possible improvements are discussed.| b10c.me
At around 13:00 UTC every day, BitMEX, a cryptocurrency exchange and derivative trading platform, broadcasts multiple megabytes of large transactions into the Bitcoin network. This affects the transaction fees paid during European afternoons and US business hours. The transaction size could be greatly reduced by implementing current industry standards in the BitMEX wallet. Once activated, utilizing Schnoor and Taproot combined with output batching seems to be the most promising for improving ...| b10c.me
Some of the regularly used Bitcoin wallets, for example, the Bitcoin Core wallet and the Electrum Bitcoin Wallet, set the locktime of newly constructed transactions to the current block height. This is as an anti-fee-sniping measure and visible as a stair-like pattern when plotting time-locked transactions by their mempool arrival time and locktime. The plot, however, reveals transactions time-locked to a future block height. These should, usually, not be relayed through the Bitcoin network.| b10c.me