52. Drainage of Bitcoin Faucet

52

Drainage of Bitcoin Faucet

AS THE VALUE of bitcoins increased, the Bitcoin faucet (see previous reference) was becoming more attractive. Gavin Andresen reports that the value of a bitcoin has increased by a factor of 10 since he created the Faucet.

Who’s the Spanish jerk draining the Faucet?

Posted by Gavin Andresen, August 04, 2010, 08:40:55 PM

I just shut down freebitcoins.appspot.com; it looks likesomebody in Spain is being a jerk and getting a new IPaddress, bitcoin address, and solving the captcha. Over and over and over again:

Code:

79.154.133.217 [04/Aug/2010:12:46:550700] “POST / HTTP/1.1” 200 1294 “https://freebitcoins.appspot. com/” “Opera/9.80 (Windows NT 6.0; U; es-LA) Presto/2.6.30Version/10.60,gzip(gfe)”

79.146.112.13 [04/Aug/2010:12:45:200700] “POST / HTTP/1.1” 200 1294 “https://freebitcoins.appspot. com/” “Opera/9.80 (Windows NT 6.0; U; es-LA) Presto/2.6.30Version/10.60,gzip(gfe)”

81.44.159.81 [04/Aug/2010:12:42:200700] “POST / HTTP/1.1” 200 1294 “https://freebitcoins.appspot. com/” “Opera/9.80 (Windows NT 6.0; U; es-LA) Presto/2.6.30Version/10.60,gzip(gfe)”

Those IP addresses all map to Telefonica de Espana. If it was you: give them back, please:15VjRaDX9zpbA8LVnbrCAFzrVzN7ixHNsC

Now that 5 bitcoins is worth a fair bit, I’m thinking I need more cheating countermeasures. I can think of four things to try:

1. Rate limit based on the first byte of the IP address (79. or 81. in this case).

2. Rate limit based on the USER-AGENT string(“Opera/9.8 . . .” in this case).

3. Rate limit based on last two domains of reverse DNSlookup of the IP address (rima-tde.net in this case).

4. Make the standard amount given away 0.5 Bitcoins (Bitcoins have gone up 10 times in value since I started the Faucet).

If you get rate limited, you’ll get a message that asks you to try again tomorrow.

BitcoinFX: thanks again for the donation to the faucet; I’m going to drain the Faucet below 500 coins temporarily, and will refill it with your donation after the new cheating countermeasures are in place.

Re: Who’s the Spanish jerk draining the Faucet?

Posted by satoshi, August 04, 2010, 08:40:55 PM

Silently failing would look bad.

Quote from: gavinandresen on August 04, 2010, 08:40:55 PM

1. Rate limit based on the first byte of the IP address (79. or81. in this case).

Definitely needed. What rate are you thinking of? Ultimately, it’s better to rate limit it than to let it all drain out.

Quote from: gavinandresen on August 04, 2010, 08:40:55 PM

3. Rate limit based on last two domains of reverse DNSlookup of the IP address (rima-tde.net in this case).

That might work surprisingly well. If it works, it keeps them from hitting the rate limit, but the rate limit is there as the last line of defence.

Quote from: gavinandresen on August 04, 2010, 08:40:55 PM

4. Make the standard amount given away 0.5 Bitcoins (Bitcoins have gone up 10 times in value since I started the Faucet).

Definitely time to lower it.