How YOU can stop a 51% attack.

By January 22, 2014Bitcoin Business
Click here to view original web page at coinbits.com
line

Mining at this point is no longer about profit. It's about ideology. You mine BTC to support a system in which you believe, the revenue serves the purpose of keeping it affordable to you. For the pool operators, the situation is different. For them, mining IS about profit. If BTC Guild has 25% of the Hashrate, it means their pool discovers 25% of the block per day or 1800 BTC, their 3% fee, (excl transaction fees), means 54 Bitcoin/43,200 dollar daily, far exceeding the cost of hosting a pool.

For this reason it is important that Bitcoin miners know about ALL options available to them to secure the network. Please understand the following simple fact: You do not depend on the pool operators. As I will go on to show, the pool operators depend on you.

You are already aware of your ability to switch to a different pool. You can move to Eligius or other pools which have 0% fees, thus earning you more money. If you want to help the network, mine on a pool that has a low hash rate, abandon the largest pools.

However, there's another option available to you that you have to be aware of. Pools can become malicious. As an example, GHash.IO is believed to have committed double-spending attacks against Betcoin dice, which accepts zero confirmation bets. Theoretically, GHash.IO could use the money from attacks committed against the network to subsidize miners who mine on their pool, thus leading to them eventually getting 51% of the network.

If you believe a pool is a threat to the Bitcoin network, you have the ability to engage in a block withholding attack. There's nothing a pool operator can do about this, which is why they don't want you to know about it. Block withholding attacks are an essential weapon of last resort we have against malicious pools.

It works as following. When you find a valid hash, you normally give the hash to the pool, just like any other hash. The pool takes the reward and distributes the profits equally to everyone in the pool based on the amount of attempts they contributed. You're not able to use the hash for yourself, the reward goes to an address controlled by the pool operator.

However, the pool operator doesn't know if you found a valid hash until you hand it over to him! If you choose to withhold the hash, it doesn't cost you anything, the one who suffers financially is the pool operator, who pays you for your valid shares. If enough people do this, eventually the pool operator figures out that people are probably screwing him over. However, he doesn't know who!

There are roughly three ways the pool operator can respond to this. He can try to figure out who is screwing him over. If the problem began recently, he might try to kick people who joined recently. However, he will also inevitably kick people who are mining honestly. Thus, his share of the network drops. Alternatively, he can increase his fee. When he increases his fee, people will get angry and leave his pool, meaning his share of the network still drops.

The third response is to test miners, by sending them work that has already been solved whenever the pool mines a block. If any of the miners decide to withhold the solution, the pool operator knows they're screwing him over. However, miners can check the blockchain, thus allowing them to send the work they did if the block has already been successfully solved. The only response the pool operator has to such smart miners is to wait with publishing his block. This however increases his risk of having his block orphaned, which will end up costing him money as well. Thus pool operators who can't trust their miners will always lose money, one way or another.

When should you use the block withholding attack?

When to use the block withholding attack is ultimately your decision. However, there are some things you need to keep in mind. The block withholding attack takes some time before people discover it, as the pool operator will at first attribute his lack of blocks to a statistical fluctuation.

Thus, if you move to a pool that's 45% of the network and growing rapidly, my guess would be that you're too late. Previous episodes have shown that we depended on ASICMiner, BTCGuild and GHash.IO to play nice with us and not start a 51% attack. My personal opinion would be that any malicious pool with more than 30% of the network is dangerous enough to justify a block withholding attack against them.

Just the threat of a block withholding attack may be enough to save Bitcoin

Why am I telling you this? As miners, your knowledge of your power to execute a block withholding attack is a danger to the pool operators, because it emancipates you. When most miners know how to commit a block withholding attack, the pools will have to prove to you that they deserve your trust!

Thus, pools will have to make concessions to you. As an example, pools will have to promise not to go over 30% of the network. Alternatively, pool operators will have to reveal their identity to you. Pool operators right now are greedy, happily taking 40% or more of the network, as it raises their revenue. They will have to stop being greedy when miners learn that they can punish greedy pool operators. The ongoing threat of a 51% attack is also reducing the market cap of Bitcoin. When mining decentralizes again the value of Bitcoin will go up.

How do you commit a block withholding attack?

This is the embarrassing part of my post. I'd really like to provide an answer here, but I can't. I am not aware of any mining client that has an option to carry out the block withholding attack. The block withholding attack for now remains a theoretical construct, akin to a Cobalt bomb, a theoretical weapon of mass destruction that nobody has bothered building.

The first guy who builds an open source mining client capable of carrying out a block withholding attack will make large pool operators shit bricks. I'm sure some people would be willing to pay a coder who produces a client capable of a block withholding attack as well. Until that time, the block withholding attack remains the stuff of game theory and nerd-mythology.

Leave a Reply