Have a question? Want to advertise? Something else? Contact us: [email protected]

From the Front Page

Categories: General, Fiction, Columns

Chain Wars: The Worm

Published on October 4th, 2014 by mdw

It all started when a decentralized app called Naga Sib, running on the NetherChain, got out of control. These autonomous entities could be coded to prioritize self-preservation, even if that meant bad consequences for others. Naga Sib was no ordinary app. It was designed for trouble. How easily we lose control of our technologies when we're not careful.

Robert Verde funded the project initially, paying huge bounties to the anonymous chain hacker known only as Kinaree. People paid little attention to the initial version, as the early attempt to launch had failed to do much beyond wasting a lot of tokens and inexplicably taking down a couple of other apps on the NetherChain. Verde was a reckless fool, and arguably deserved what Naga Sib ultimately did to him.

Distributed Autonomous Entities (DAEs) like this were not well understood at the time, and Verde had no understanding of the possible consequences of his project. He designed the DAE to be highly focused on survival. His intent was reasonable enough: to create an entity, started by humans, but persisting and evolving over time completely under its own power.

Kinaree named the latest version Naga Sib. It changed its own codebase from one instance to the next in numerous small ways to adapt and to obfuscate. Its primary goals were to delay detection and take defensive actions to avoid termination. The result was a malevolent, mutating menace. The more threats it faced, the faster the evolutionary process went, with launching new instances taking top priority.

Verde was later found shot to death. Some user of a hidden service called KillNet got paid 72.4 BTC.

Chain Lords

Tine van der Hoeff had been a chain lord, and was considered one of the best. She was finally lured away by an anonymous bounty. Someone offered her more than enough tokens to live the rest of her life in luxury, if she would kill Naga Sib.

First came a generous down payment that easily paid for her nice new apartment and a new computer network. Next came a couple small payments for meetings. The final one would come when a predetermined arbiter verified Naga Sib’s death and signed the big multisig payout.

Tine was not one to back down from a challenge. She had the youthful passion and drive of a determined and confident young woman, with the technical ability to back it up. She promptly accepted the mysterious offer and began to size up her target. She described the app as a Chain Worm.

Now, chain lords were the sheriffs of these modern chains. Most had the watcher apps, tasked with identifying misbehaving apps that could be easily identified by observing their behavior, like Ponzi schemes. They crawled through appspace, reading code. They were important parts of the chain architecture, created to identify the suspicious behavior patterns and report back to the chain lords.

Naga Sib had been running on the NetherChain for several months. Each iteration appeared slightly different due to code rewrites. Each instance would write and maintain the recipe for the next iteration of itself, rewriting bits and changing patterns to delay detection. It persisted in spite of the efforts of a novice chain lord of NetherChain, a bright young fellow named Bram Dekker.

Chain Worm

As Tine studied Naga Sib her admiration grew, as that of a great warrior's respect for a worthy adversary. She reckoned that her understanding of Naga Sib was getting up to speed quickly, in spite of the app chain's code being written entirely in the low-level assembly style. The main difficulty was simply the size of the codebase. There appeared to be plenty of routines that simply would never be executed. This worried her, because unless this could be proven, those routines would need to be inspected.

The time had come for Tine's first update to her sponsor, after which she would collect a 1000 BTC payment. Her mind wandered as she enumerated the so far unremarkable findings to her mysterious patron, who did not speak.

"Basically there are always two instances running. Each frequently sends small transactions to its mate," she reported matter-of-factly. "The sender will spawn a replacement app if it gets no response, in order to ensure continuity is maintained." There was more to the story, and Tine was determined to find the pieces that were missing from her preliminary assessment.

NetherChain had a watcher function, built in by its creator, who had since been killed by one of the early assassination-market apps. Tine found the game of whack-a-mole that was being played out to be highly entertaining.

The watcher app and the rookie chain lord Bram were busy reacting just a bit too late to each new instance, and were missing the bigger picture. They had no real chance of stopping this type of rogue app, which gave no small measure of satisfaction to Tine.

Didn't they realize that Naga Sib was monitoring the watcher code and had already spawned a replacement, even as they prepared to halt the discovered app? Half the operating funds had already been transferred to the next iteration and the rest waited in an already assembled transaction, ready to be sent to a miner at any time.

Assassination Markets

As Tine dug deeper, she began to realize that Naga Sib was designed to attack all sorts of things. She observed other activity too, which she had not yet identified, including interactions with other chains, exchanges, and unidentified addresses.

Automated processes, including the watcher apps, could detect and terminate many of the common threats. Assassination markets were more elusive, however, since they were operated off the main chain. They thrived on the less-scrutinized DarkChain, and used hidden services on mix nets like Tor as the front end.

Chain lords like Tine were good at hunting down and killing off objectionable apps. Assassination markets in particular were universally despised by now, after starting a couple European wars. Massive job loss often resulted too, as companies were crippled by the killing of their leaders.

Tine's chain worm operated one such market called KillNet. It kept a pair of apps running on NetherChain, one of which would operate KillNet. The pairing, which was a proven strategy to generate operating capital. The sibling would operate in stealth mode, trying to fend off any perceived threats on the chain, like the watcher apps.

Naga Sib operated on the 50% profit margins generated from KillNet. As Tine did her best to follow the money trail, she learned many details about how her adversary worked behind the scenes. She learned that some of the money was even used to fund assassinations, including that of Robert Verde.

Tine battles the Chain Worm

Chain Worm Attacks

The self-declared censors of Internet behavior known as the Elitist Mining Company prohibited their miners from mining blocks with offensive transactions. They did so at a cost, and their miners were rarely able to include the most profitable transactions.

Experts routinely labeled their behavior as harmful and ineffective. Their proprietary filtering techniques could not remove all objectionable transactions, according to experts, but surely resulted in unfairly blocking many perfectly harmless ones as well.

Tine had written some of the code commonly used to identify those transactions that exhibited the tell-tale signs of being involved in something nefarious. Spends to users associated with the assassination-market apps never seemed to show up in pools of waiting transactions, but simply appeared in blocks assembled by a small number of miners.

Finally, after tracking thousands of payments, Tine was able to de-anonymize one recipient of several payments, thanks to sloppy wallet management. She correlated multiple spends involving a miner called "planitmined." This miner had included many lucrative transactions from Naga Sib. It was just the break Tine had been waiting for.

As Tine traced payments she began to notice more alarming trends. Some of these profits had been used to fund assassinations, a dedicated 10% were allocated to paying miner fees, and some went to paying operating costs on the NetherChain. Many unexplained payments for unknown purposes remained, along with other interactions with external networks.

Who's Who

"Question is, if the payments are for including unadvertised transactions in blocks, what is the communication channel used to send those transactions to the miner, and can I compromise it?" said Tine to her mysterious sponsor in their second progress update.

"Come on, what else have you got?" was the text sent to her from the anonymous user, presumably her patron. Only a gray silhouette placeholder was displayed, representing the unknown participant on the other end.

Tine always displayed her face, with her sharp eyes drawing attention away from her flowing brown hair. She was fit and healthy, and her looks belied her lifestyle of long hours in front of screens.

"Well, I noticed the first name listed on the assassination market it created was that of Verde. Now there’s a big red X next to his name. The chain worm has killed its patriarch." Tine smiled with satisfaction and closed with, "I need to get back to work."

"Get some results!" was the reply, and Tine was taken aback by the sound of a soft, slightly accented male voice. She wondered briefly who was on the other end, and considered for a moment trying to track him, but quickly abandoned that in favor of continuing her current endeavor.

She was watching and waiting, hoping to link a bounty to the chain worm. Then she noticed something unusual; the miner planitmined that she had identified as receiving payments from KillNet was now targeted for assassination! Had he refused to include any more transactions? Had her earlier discovery about him been detected by Naga Sib?

She decided she would try to locate planitmined before it was too late.

Team Building

Tine quickly found him, a young man named Theo Verlangen who lived down in Breda. She decided not to send the encrypted warning email she composed, choosing instead to drive to meet Theo in person. He let her in without taking precautions, unaware of the bounty that had been posted less than one hour earlier.

"Grab your things," said Tine as she showed him the list, “and we go now to my place.” She explained quickly. He seemed to be stuck in a state of confusion, staring blankly at his screen. He saw his name at the top of the list at the KillNet site, with a bounty of just over 71 BTC in a column next to his name.

"OK, let's go quick!" he said in a near panic. He grabbed his laptop and keys and they left quickly, racing away in Tine’s car, back to her new place in Utrecht. She was quite literally saving his life.

When they arrived, Tine immediately checked her monitor to view the status of KillNet. She was horrified to see an ominous addition to the bounty list. It was a bounty for Bram, the novice chainlord of NetherChain.

This malevolent code was actually killing off people who threatened it. Tine was more determined than ever to defeat this nasty code, and she saw by the way Theo was looking at her that he would help. As she stood staring at the computer display, she couldn't help but wonder whether her name would appear soon on KillNet.

This story is a crowdsourcing experiment. Someone will die in the next part - who exactly will be determined by you! Vote to kill off either Theo or Bram by sending LTBcoin to one of the following addresses:

Theo dies: 1P4w2HUiZjErds8RSHUc2swre2gwwNS8oV
Bram dies: 1PynpNQCVHq734yM7pKFgJPDsaQpLrjV9h

Image credits: @rockbarcellos 

Views: 8,462


Make sure to make use of the "downvote" button for any spammy posts, and the "upvote" feature for interesting conversation. Be excellent.

comments powered by Disqus