Pages:
Author

Topic: GHash.IO and double-spending against BetCoin Dice - page 4. (Read 112084 times)

hero member
Activity: 924
Merit: 1000
Watch out for the "Neg-Rep-Dogie-Police".....
Yes, at the very beginning of the thread. Also, ghash.io/cex.io eventually admitted that it was their staff that did it. After first laughing it off & denying it, then lying about it.
hero member
Activity: 518
Merit: 500
Any confirmations on such attacks?
hero member
Activity: 574
Merit: 523
Ghash is at 38% again, watching the blockchain over the last week, their luck has been great, (as expected) so why would any miner WANT to leave,
it's something that needs to be looked at by the core devs at bitcoin.

It may be a much higher percentage than is indicated.
Due to the way the Getblocktemplate works it may be possible for ghash to mine its own blocks from within the eligius or triplemining or other pool with this enabled.  

Although the protocol is designed with the purpose of increasing decentralization, it seems capable of also doing the opposite.
Perhaps this protocol can allow a pool owner to mask an existing 51% capability.  If used sufficiently sparingly, would this even be detected?

I doubt. Although GBT allow you to submit any 'syntactically' valid block any pool operator wants to keep control on coinbase tx content at least. If I were a pool op I would implement the check of all other transactions submitted with a block that they match the set of tx previously sent to the gbt client as well. So, there should be no way to submit a block that has any intentionally altered data apart from nonce, extra nonce and possibly block time stamp when protocol allows it. I hope, that eligius op is aware of these possible targets of attack. So, targeting some hash power of the ghash.io on mining over gbt at eligius should not be harmful in any way IMO.

We agree it is unlikely.  Also unlikely is the families of ghash and eligius and btc guild all get kidnapped.  The point of this thread (it appears) is to identify and suggest amelioration techniques for the pool risks in proportion to their likelihood and potential harm.

We don't have transparency on which pools CEX equip is moved to, all this is speculation.  We really don't know the level of danger.

Ah, yes. I did not read your questions as a single one:). However my answer confirms that retargeting hash power most likely may not be identified. So, the level of danger is not known. But it was always like this: any entity that would not like to show it's real capabilities would split its resources among several pools.
legendary
Activity: 1204
Merit: 1002
Gresham's Lawyer
Ghash is at 38% again, watching the blockchain over the last week, their luck has been great, (as expected) so why would any miner WANT to leave,
it's something that needs to be looked at by the core devs at bitcoin.

It may be a much higher percentage than is indicated.
Due to the way the Getblocktemplate works it may be possible for ghash to mine its own blocks from within the eligius or triplemining or other pool with this enabled.  

Although the protocol is designed with the purpose of increasing decentralization, it seems capable of also doing the opposite.
Perhaps this protocol can allow a pool owner to mask an existing 51% capability.  If used sufficiently sparingly, would this even be detected?

I doubt. Although GBT allow you to submit any 'syntactically' valid block any pool operator wants to keep control on coinbase tx content at least. If I were a pool op I would implement the check of all other transactions submitted with a block that they match the set of tx previously sent to the gbt client as well. So, there should be no way to submit a block that has any intentionally altered data apart from nonce, extra nonce and possibly block time stamp when protocol allows it. I hope, that eligius op is aware of these possible targets of attack. So, targeting some hash power of the ghash.io on mining over gbt at eligius should not be harmful in any way IMO.

We agree it is unlikely.  Also unlikely is the families of ghash and eligius and btc guild all get kidnapped.  The point of this thread (it appears) is to identify and suggest amelioration techniques for the pool risks in proportion to their likelihood and potential harm.

We don't have transparency on which pools CEX equip is moved to, all this is speculation.  We really don't know the level of danger.
hero member
Activity: 574
Merit: 523
Ghash is at 38% again, watching the blockchain over the last week, their luck has been great, (as expected) so why would any miner WANT to leave,
it's something that needs to be looked at by the core devs at bitcoin.

It may be a much higher percentage than is indicated.
Due to the way the Getblocktemplate works it may be possible for ghash to mine its own blocks from within the eligius or triplemining or other pool with this enabled.  

Although the protocol is designed with the purpose of increasing decentralization, it seems capable of also doing the opposite.
Perhaps this protocol can allow a pool owner to mask an existing 51% capability.  If used sufficiently sparingly, would this even be detected?

I doubt. Although GBT allow you to submit any 'syntactically' valid block any pool operator wants to keep control on coinbase tx content at least. If I were a pool op I would implement the check of all other transactions submitted with a block that they match the set of tx previously sent to the gbt client as well. So, there should be no way to submit a block that has any intentionally altered data apart from nonce, extra nonce and possibly block time stamp when protocol allows it. I hope, that eligius op is aware of these possible targets of attack. So, targeting some hash power of the ghash.io on mining over gbt at eligius should not be harmful in any way IMO.
legendary
Activity: 1204
Merit: 1002
Gresham's Lawyer
Ghash is at 38% again, watching the blockchain over the last week, their luck has been great, (as expected) so why would any miner WANT to leave,
it's something that needs to be looked at by the core devs at bitcoin.

It may be a much higher percentage than is indicated.
Due to the way the Getblocktemplate works it may be possible for ghash to mine its own blocks from within the eligius or triplemining or other pool with this enabled. 

Although the protocol is designed with the purpose of increasing decentralization, it seems capable of also doing the opposite.
Perhaps this protocol can allow a pool owner to mask an existing 51% capability.  If used sufficiently sparingly, would this even be detected?
legendary
Activity: 2142
Merit: 1010
Newbie
I'm suspicious.  They snatched two blocks back in December when Slush claimed 275684 and 275792, both being reported before GHash.IO, but in each case when GHash.IO mined the next succeeding block they attached it to their own later fork, orphaning Slush.

Nothing suspicious, this is called Selfish Mining.
full member
Activity: 392
Merit: 116
Worlds Simplest Cryptocurrency Wallet
Lets all flock to P2Pool and hope P2Pool doesn't go rouge...  Cheesy
It's all a big circle. Too fun to watch.
full member
Activity: 221
Merit: 100
GHash.IO has taken a block from under the nose of Slush in odd circumstances.  See blocks 280616 and 280617.  Both Slush and GHash.IO reported 280616 at the same time - 12:17:31 - so maybe Slush missed out by a whisker, but just look at the GHash.IO time stamp: at 12:20:06 it's not only considerably later than the report time, but also later than the time and report stamps on 280617!

I'm suspicious.  They snatched two blocks back in December when Slush claimed 275684 and 275792, both being reported before GHash.IO, but in each case when GHash.IO mined the next succeeding block they attached it to their own later fork, orphaning Slush.
newbie
Activity: 38
Merit: 0
Ghash is at 38% again, watching the blockchain over the last week, their luck has been great, (as expected) so why would any miner WANT to leave,
it's something that needs to be looked at by the core devs at bitcoin.

I use BTCguild and Eligius, and both have had pretty crummy luck this week,
BTCguild has some of the lowest luck I've seen from them in awhile, about 102.28% currently,
I know still decent, but I actually think that # is a bit high, and I know even BTCguild could hold a majority too,
depending on how the next couple of months go,

the point is, if one pool is doing a lot better, a representation of having a huge amount of hash,
people who can sign into there will,
and the percentage will eventually become 40% again, or greater.
It's human nature to be with a "winning team".

I feel like there should be an agreement (possibly backed by incentive given by the community)
by a lot of miners to all switch into other pools whenever this problem arises,

this way those new pools will have more hash and their block intake should increase, it will give them incentive
then just saying "Get out of Ghash" .. those people can see Ghash pulling in block after block, they're not gonna leave.
legendary
Activity: 1135
Merit: 1166
How exactly does one do any of this?  Even with 51%? I don't understand how any of this is possible =/

The way how those gaming sites like BetCoin Dice work is that whenever they see a transaction to one of their addresses, they immediately (i. e., without confirmations) check their random number and send back a winning or losing transaction.  This makes them particularly prone to double-spending attacks, where the attacker only in case they lost the bet try to send a double-spend transaction with much higher fees.  If the second one gets confirmed, they get back their "lost" bet, and can this way just collect the winnings without losing any money.  I think this was already performed against Satoshi Dice as a proof-of-concept a year ago or something like that.

You don't even need 51% (or any hash rate at all) to attempt such attacks, but what was alleged against GHash.IO in this thead is that they cooperate with the attackers (or are the attackers themselves) by specifically mining the double-spend transaction.  This makes it much easier to have it actually confirmed, as opposed to the case where you just hope on your luck and use high fees to incentivise pools to mine the attack transaction rather than the original one.
newbie
Activity: 22
Merit: 0
How exactly does one do any of this?  Even with 51%? I don't understand how any of this is possible =/
hero member
Activity: 686
Merit: 500
WANTED: Active dev to fix & re-write p2pool in C
I totally agree, the problem is with miners, I have the feeling that most of miners don't have a basic understanding of the protocol, and most of them cares only about how much they can mine and at what price they will sell.

It's always easy to think others don't understand something, but it's a lousy explanation. Look at this from a miners perspective - let's say you've invested 50-100 BTC in couple of miners and expect to mine 30 BTC in a few months or half a year. There are only three pools with network percentage above 5%: Eligius, BTC Guild and GHash.IO. BTC Guild is notorious for its 3% mining fee, compared to GHash 0%. If you mine 30 BTC in above example, is it all right for you to keep 29 BTC and give 1 BTC to BTC Guild or would you try to keep all 30? Eligius is a pool with worse service of those three, with great variance, and many miners are reporting 2% less income when mining on it than other two pools. We know from many papers why mining on pools with small percentages is not much better than solo mining, so miners have no alternative. They have to either go to GHash.IO, or accept less income for the good of the network. It's not a solution to bitch at GHash.IO, but to bring some high-quality competition on the market. Until then GHash.IO will have to artificially reduce it's own network percentage by rejecting new users who want their services.

P2pool with 0% is your answer, and yes miners created this situation, there were plenty of pools out there and the network was more or less balanced, but most of new miners were thinking of that 0% fee instead of the network overall health.....

beat me to it, new miners have no clue of how Bitcoin works and they always think bigger is better, BTW they doesn't give a flying fuck simply because they don't understand, just look, the prove that we are trying to spread the word for few months and it keeps getting worse, it is like we are doing Ghash.IO free advertisement...

when all miners spread their hashes the variance issue will be resolved, but you all have to start trying, you are carrying the network and you have to start acting responsibly, if you are aware of this then try to remind your fellow miners educate them and spread the word .... 

Hammer. Nail. Head.   +1
legendary
Activity: 1148
Merit: 1001
things you own end up owning you
I totally agree, the problem is with miners, I have the feeling that most of miners don't have a basic understanding of the protocol, and most of them cares only about how much they can mine and at what price they will sell.

It's always easy to think others don't understand something, but it's a lousy explanation. Look at this from a miners perspective - let's say you've invested 50-100 BTC in couple of miners and expect to mine 30 BTC in a few months or half a year. There are only three pools with network percentage above 5%: Eligius, BTC Guild and GHash.IO. BTC Guild is notorious for its 3% mining fee, compared to GHash 0%. If you mine 30 BTC in above example, is it all right for you to keep 29 BTC and give 1 BTC to BTC Guild or would you try to keep all 30? Eligius is a pool with worse service of those three, with great variance, and many miners are reporting 2% less income when mining on it than other two pools. We know from many papers why mining on pools with small percentages is not much better than solo mining, so miners have no alternative. They have to either go to GHash.IO, or accept less income for the good of the network. It's not a solution to bitch at GHash.IO, but to bring some high-quality competition on the market. Until then GHash.IO will have to artificially reduce it's own network percentage by rejecting new users who want their services.

P2pool with 0% is your answer, and yes miners created this situation, there were plenty of pools out there and the network was more or less balanced, but most of new miners were thinking of that 0% fee instead of the network overall health.....

beat me to it, new miners have no clue of how Bitcoin works and they always think bigger is better, BTW they doesn't give a flying fuck simply because they don't understand, just look, the prove that we are trying to spread the word for few months and it keeps getting worse, it is like we are doing Ghash.IO free advertisement...

when all miners spread their hashes the variance issue will be resolved, but you all have to start trying, you are carrying the network and you have to start acting responsibly, if you are aware of this then try to remind your fellow miners educate them and spread the word .... 
legendary
Activity: 1974
Merit: 1077
^ Will code for Bitcoins
I totally agree, the problem is with miners, I have the feeling that most of miners don't have a basic understanding of the protocol, and most of them cares only about how much they can mine and at what price they will sell.

It's always easy to think others don't understand something, but it's a lousy explanation. Look at this from a miners perspective - let's say you've invested 50-100 BTC in couple of miners and expect to mine 30 BTC in a few months or half a year. There are only three pools with network percentage above 5%: Eligius, BTC Guild and GHash.IO. BTC Guild is notorious for its 3% mining fee, compared to GHash 0%. If you mine 30 BTC in above example, is it all right for you to keep 29 BTC and give 1 BTC to BTC Guild or would you try to keep all 30? Eligius is a pool with worse service of those three, with great variance, and many miners are reporting 2% less income when mining on it than other two pools. We know from many papers why mining on pools with small percentages is not much better than solo mining, so miners have no alternative. They have to either go to GHash.IO, or accept less income for the good of the network. It's not a solution to bitch at GHash.IO, but to bring some high-quality competition on the market. Until then GHash.IO will have to artificially reduce it's own network percentage by rejecting new users who want their services.
legendary
Activity: 3108
Merit: 1359
People just need to chill out and relax, Ghash promised not to gain 51%.

A cryptocurrency based on promise...
I guess that only RealSolid is allowed to do so, because this approach is proprietary. So we need his blessing and perhaps his permission  Smiley
legendary
Activity: 1148
Merit: 1001
things you own end up owning you
People just need to chill out and relax, Ghash promised not to gain 51%.

A cryptocurrency based on promise...

it was sarcasm if you didn't understand  Wink


I know, the other part says so. The point is that their press release is just a BS. Everyone who read it wasted his time.

I totally agree, the problem is with miners, I have the feeling that most of miners don't have a basic understanding of the protocol, and most of them cares only about how much they can mine and at what price they will sell.
legendary
Activity: 2142
Merit: 1010
Newbie
People just need to chill out and relax, Ghash promised not to gain 51%.

A cryptocurrency based on promise...

it was sarcasm if you didn't understand  Wink


I know, the other part says so. The point is that their press release is just a BS. Everyone who read it wasted his time.
hero member
Activity: 574
Merit: 523
People just need to chill out and relax, Ghash promised not to gain 51%.

A cryptocurrency based on promise...

The problem is that not the ghash.io. This is us, the community, who still do mine on ghas.io.

Pages:
Jump to: