Gavin Andresen - 2011-12-24 16:56:06

The most important metric would be when the block was received.  If I receive a block that tries to replace a block 6 or 10 or 100 blocks ago on the chain I already know about, and I have no reason to believe I've been segregated from the network at large, I'm not going to vouch for it.

Yes.

The times the blocks are announced also matters; if my node suddenly sees a longer 10-block chain it has never seen before, then either it is a 51% attack or the network was split and just came back together.

If the network was split 10 blocks ago then I should see that those 10 blocks took twice as long to create as expected.

Rating blocks is a neat idea; I can think of several potential criteria, there are probably more we could come up with:


Somebody should simulate some 51% attacks and network splits and try out various detection algorithms.

And maybe see if it would be practical to have a checkpoint lock-in rule of something like "auto-checkpoint any AAA-rated block once it is 4-deep in the best chain". I don't think that should be built-in to bitcoind, but a little side program that monitored the block chain and the pools and told bitcoind to add a checkpoint once an hour or so would be pretty spiffy...