Bitcoin Faucet changes

6 messages BitcoinTalk Gavin Andresen, virtualcoin, llama, Satoshi Nakamoto June 23, 2010 — June 26, 2010

Gavin Andresen June 23, 2010 14:23 UTC Source · Permalink

So I’ve been watching the IP addresses of people getting 5 free bitcoins from the Bitcoin Faucet ( https://freebitcoins.appspot.com/ ).

And I see some… uh, interesting patterns. Like these successful requests for coins:

79.117.152.158 - - [21/Jun/2010:12:17:02 -0700] "POST / HTTP/1.1" 200 1234 
79.117.159.197 - - [21/Jun/2010:12:16:24 -0700] "POST / HTTP/1.1" 200 1234 
79.117.135.236 - - [21/Jun/2010:12:10:23 -0700] "POST / HTTP/1.1" 200 1234
79.117.163.238 - - [21/Jun/2010:12:08:50 -0700] "POST / HTTP/1.1" 200 1234
79.117.155.23 - - [21/Jun/2010:12:08:07 -0700] "POST / HTTP/1.1" 200 1234

My apologies if there actually are a bunch of new bitcoin users using IP addresses in the 79.117 range… but I’m guessing somebody there is getting more than their fair share of free bitcoins.

There are several suspicious requests from the 192.38.95.* address block, too.

So I’ve made some changes to the Faucet. You won’t notice them unless you try to cheat; if you do try to cheat, you’ll have to solve a CAPTCHA to get coins.

If that doesn’t discourage cheating, I’ll modify the code so that if it think you’re trying to cheat it requires a CAPTCHA and only gives out a bitcoin nickel (0.05 bitcoins)…

virtualcoin June 24, 2010 22:07 UTC Source · Permalink

Gavin, why don’t you just block all served Bitcoin addresses? Would it be easy to generate them automatically?

Gavin Andresen June 24, 2010 23:13 UTC Source · Permalink

Quote from: virtualcoin on June 24, 2010, 1:07:30 PM UTC

Gavin, why don’t you just block all served Bitcoin addresses? Would it be easy to generate them automatically?

It is easy to generate them automatically (it is easy to write code that asks the Bitcoin program to generate and return a new address).

llama June 25, 2010 04:25 UTC Source · Permalink

Funny how on this forum the same people play both sides of the table—on the one hand, trying to come up with ways to preserve absolute anonymity (e.g. the heroin store thread), and then coming here and trying to do sort of the opposite to protect BTC Faucet.

I love it 😄

Satoshi Nakamoto June 26, 2010 21:39 UTC Source · Permalink

Many big ISPs give you a new IP every time you connect, usually in the same class B (a.b.?.?). Maybe you should have a minimum time between payments per class-B.

If you can’t solve the problem, you can always keep lowering the amount of bitcoins given until it’s manageable, and always require captcha.

Gavin Andresen June 26, 2010 23:15 UTC Source · Permalink

Turning on the CAPTCHA for everybody has slowed the flow of coins from the faucet to a very manageable trickle.

Oh, and regarding anonymity versus non-anonymity: I was careful not to tie IP addresses to Bitcoin addresses when implementing the Bitcoin Faucet. So I remember that somebody at IP address 96.240.216.119 received bitcoins at 12:30pm today. And I remember that somebody with Bitcoin address 1P3rpbSybuGgeL1bRwCJFWbn4yBjRNQrbY