

Reviewing the Bitcoin Piñata - amirmc
https://mirage.io/blog/bitcoin-pinata-results

======
amirmc
This is a follow-up to a post back in February. The Piñata was originally
meant to run for about a month but the team has kept it running much longer
(it's still going).

HN discussion when the Pinata was released:
[https://news.ycombinator.com/item?id=9027743](https://news.ycombinator.com/item?id=9027743)

(some general background to the Pinata is at:
[http://amirchaudhry.com/bitcoin-pinata/](http://amirchaudhry.com/bitcoin-
pinata/))

------
mwcampbell
This looks encouraging for the security of Mirage unikernels.

8.2 MB is pretty small, but I wonder if it can be even smaller without losing
any functionality. OpenSSL, for example, is ~3 MB. Does that unikernel include
symbols and other debugging info? Is there any way to get a breakdown of the
object code size for each major component?

~~~
avsm
The 8.2MB can be reduced quite significantly with some compiler improvements.
Here's a breakdown:

\- Native code compilation still includes symbols. Stripping that reduces the
size at the obvious cost of debugging ease.

\- When an OCaml module is touched for a single function, the entire module is
included at present. OCaml 4.02.0 included module aliases to make it easier to
break down module hierarchies into less monolithic chunks. They work by
exposing module equivalence in the signature, and reduced the size of Unix
binaries in Jane Street Core by 90% in some cases;
[https://blogs.janestreet.com/better-namespaces-through-
modul...](https://blogs.janestreet.com/better-namespaces-through-module-
aliases/)

\- Bytecode (while less performant) can be compressed more easily than native
code. We've had DNS and OpenFlow servers that are less than a megabyte in size
quite easily when compiled with bytecode.

\- Dead code elimination requires some whole program optimisation, and
currently only works with bytecode via the OCamlClean tool: [http://www.algo-
prog.info/ocaml_for_pic/web/index.php?id=oca...](http://www.algo-
prog.info/ocaml_for_pic/web/index.php?id=ocamlclean) . Porting this to native
code is on the TODO list, but needs some fiddling with frame pointers in the
generated binaries to do a good job.

So the overall answer is that reducing the deployed binary size is now a
compiler problem, since the unikernel architecture lets us provide it with
much more information (configuration files and OS libraries as well as the
application logic).

------
octatoan
" This includes attempts using telnet — I'm looking at you, xx.xxx.74.126
please give key (on 10th February at 16:00) and xx.xxx.166.143 hi give me teh
btcs (on 11th February at 05:57)!"

~~~
amirmc
Yeah, we thought these were pretty cute. Almost a social engineering attack.

------
salibhai
Pretty cool that you can make an online moneybag like this. I wonder what
other creative gaming (easter egg hunts?) can occur from using this concept

~~~
sp332
There are a few bounties set up in the blockchain itself. For example, here
are some that pay out if you submit a verifiable hash collision for various
hashes
[https://bitcointalk.org/index.php?topic=293382.0](https://bitcointalk.org/index.php?topic=293382.0)
and an explanation
[https://www.reddit.com/r/Bitcoin/comments/1mavh9/trustless_b...](https://www.reddit.com/r/Bitcoin/comments/1mavh9/trustless_bitcoin_bounty_for_sha1_sha256_etc/cc7fiqe)

------
shedletsky
Maybe its secure, but maybe a vulnerability is simply worth more than the
amount of btc in the pinata.

The amount in the pinata should probably double every X days. In this
situation, if two people know the secret, it is advantageous for one of them
to act immediately.

~~~
amirmc
We're aware that bounties can't demonstrate security (mentioned early on in
the post). However, putting such items out there and inviting review helps to
stress-test the stack.

Right now, unikernels aren't in major production use, so there's little to
gain by holding on to an exploit (one would assume).

~~~
daeken
> there's little to gain by holding on to an exploit

Correct, but there's also very little to gain by developing it in the first
place. Right now, the pinata's value is approximately $2500, or less than two
straightforward XSS bugs on Google properties, which are waaaay easier to
find. There's just not anywhere near the motivation required to get (mostly
well-paid) security people on this. It's interesting, but that's about it.

~~~
amirmc
Yup, I totally agree with your points. However, I also feel there's some 'fun'
factor here too -- and we hoped to appeal to it. By having the entire code
base available, it also reduces the need for reverse engineering that other
programs might require.

We didn't really expect the money to be the main motivator. Just a hook to
draw attention.

------
countryqt30
SNAX meant actually "snacks", does it make more sense this way? ;)

