Topic: Gold collapsing. Bitcoin UP. - page 371. (Read 2032266 times)

Seems like more than a bit of a gamble, if 50% of the hashrate means you have a 50/50 chance of mining each block. That's a 1 in 64 chance of mining 6 blocks is a row, per my calculation above, right?

Yes, but the probability of failure with substantial hash shares is relatively low. It is that the probability of failure is so high with small hash shares (and only this) that makes multiple confirmations extremely secure. There is no incentive to even try to attack with say 1% hash power, because your probability of success is minuscule, you are just wasting hash power by trying. With 40% it isn't necessarily a waste, it is a bit of a gamble is all. If the payoff is there, then it's worth it.

Cypherdoc, this has nothing to do with selfish mining, just probability. It's right in satoshi's white paper.

Inspired to see you understood and/or agreed with my point, despite "Lol" slandering me in your prior post and not quoting or acknowledging that I had made the same point as you did in the post immediately before yours as follows.


The power held by the banksters who have captured the government through the power vacuum of the Iron Law of Collective Action, is not limited to printing money at the Central Banks. This DEEP STATE (which on the eve of 9/11 the Secretary of Defense admitted had $4 trillion missing from the Dept of Defense budget, and all the records & investigators were eliminated the next day at the Pentagon attack) has the power to do 9/11, unmask 100s of Tor .onion hidden services, and more saliently to our discussion they can render competition insolvent with regulatory requirements they create with the government they control (i.e. democracy is a lie and a power vacuum, and I was making the analogy that pools are also).

If you want to defeat this paradigm, you are going to have to think more out-of-the-box, because it patently obvious to me they designed Bitcoin.

Regarding my design solution to this problem, once you see my solution you will have an epiphany and realize there are a gamut of choices of what we centralize and what we decentralize, and it is those choices which determine whether the crypto-currency falls into the power vacuum or not.

You can start by showing me some mutual respect, which I will then return in kind. Or not. It won't stop me in either case.

P.S. I seriously have Multiple Sclerosis. If you had any clue what it is like to battle this (debilitating headaches, dizziness, and chronic fatigure, etc), you might understand why I was incapable of a lot of coding action from 2012 to 2015, until I discovered what appears so far to be a viable treatment a month ago.

The reason is the attacker just keeps going with his attack until (with a tiny bit of luck) his chain is longer. At that point everyone else will join his chain and his need to "attack" is over, he just mines his chain along with everyone else.

Intuitively, realize that the success probability is 100% at >50%, because he can always be assured of outrunning the other fork. It doesn't just jump right from near-zero to 100% as soon as you get 50%, it rises gradually with significant shares <50%.

Just to add my 0.002XBT

I was listening to this while mowing the lawn today.

"Simon Sinek: If You Don't Understand People, You Don't Understand Business"

The bottom line is business is about trust and people seek to work and trust people who believe what they believe.

Cypher is correct in my view that it's just the small transactions that happen in a trust free environment.

This is also where I see Gmax falls short, it's: what is it about the money we need to trust. Ultimately it's the people we trust when you are dealing with large value you can't make a transaction and 6 confirmations later claim deal done then have it reverse and think all is well. If its not reflected in the blockchain 324 blocks later it didn't happen.

Where the real opportunity for innovation is, is in using the blockchain to make identities you can trust that are linked to people.

The identify needs to reveal just the information you need to know. Like going to a bar it only reveals your likeness and your age.
Your identity is private information and must be managed as such, you choose to expose just what is relevant at the time.

We are moving into a reputation economy and you're going to have to trust the reputation.

yes, in general, if an attack fails the attacking miner loses any block rewards and fees he would have otherwise gained by playing honestly.

back in October, i mentioned here on this thread about a post presentation talk i had with Emin Sirer of Selfish Mining.  i was challenging him about his theory in practice.  he admitted that it is a dangerous attack to perform b/c at the time blocks were worth around $11000 and those would be the losses if his strategy failed.   he said it was very tricky and one of the keys strategies to increase success was to place strategic nodes across the internet to immediately transmit the attackers longer chain IF successful in forging ahead of the honest chain so as to decrease latency of the attack.

i still called bullshit.

btw, shame on pwiullie and gmax for pushing this boogie man attack FUD. 

lemme tell you a story.  almost a quarter of a century ago now i started my own business in a small, highly desirable community that even you would think there would be significant competition.  all the other similar businesses in the area told me i couldn't do it.  and especially my biggest competitor called me on the phone and said he would crush me if i dared enter the area.  he said he was highly capitalized and had unlimited resources to put me out of business.  i was scared shitless after that call but a little bird inside me said fuck that guy.  i was young, motivated, and knew i was exceptional at what i do.  so i set up, the guy did in fact try to crush me with all sorts of underhanded dirty politics and maneuvers.  but he failed.  the attack should have worked from a pure mathematical basis; he had unlimited resources, i had loans, he had 30 yrs experience on me, i had none.  but he failed to consider all the intangibles of my ability to run business on a shoe string, me being fast, nimble, and skilled.  and, doing the right things.  he was a dirty player and everyone could see it.  he eventually stopped the attacks and i've been fine ever since.

so it will be with any stupid large miner who tries to attack the amorphous definition of "small miners" with bloated block games.  they will fail b/c they would not be concentrating on what they do best, which is if they were a 30% hasher, harvesting 30% of all block rewards and fees which is calculable, consistent, and virtually guaranteed.  they have no idea how skilled this amorphous group of small miners would be.  who knows?   maybe each of them has put aside a $10M war chest for expenses to weather such attacks or create orphans of large blocks.  this will be a good test of Nash's game theory of mining.  that's how i think it will play out.

I'm very much not sure since I'm not familiar with mining technicals, but I think that's what I was saying: the lower the bandwidth in the network, the higher chance of failure of the attack.

The key thing I meant to ask, though, is whether a high amount of bandwidth in the network implies a high average capacity of the miners, meaning it's harder to torment them? In other words, in proposing that attack, is Gmax assuming two mutually incompatible situations are present at once: 1) the network is so slow on average that big blocks can torment many of the miners, and the network is so fast on average that the big blocks won't be orphaned?

I would have to agree that it would be impossible to defend bitcoin against an adversary with unlimited funds. They could attack the network directly with a 51% attack to smash confidence in the nascent store of value (that would go down badly on Wall st), or simply do as we must imagine they are doing now and use regulatory and legal means to try and keep bitcoin contained. But lets not forget the old price manipulation strategy, our friendly overlords central bankers have a vast experience of controlling financial markets now.

My position is probably that even if they do kill bitcoin as a viable counter currency and store of value, that like a hydra, another will grow in it's wake, this time hardened in some way.

It may be in their interests to simply allow bitcoin to exist as a digital asset, a digital curio, in the knowledge that currently it will not scale up sufficiently to function as a reserve currency.

On this, is it the case that every failed attempt essentially wastes all the block rewards the miner would have otherwise gotten? So for example with 50% of all the hashing power if they had an expected block income of 3 blocks at 25 BTC apiece during their 6-confirmation double-spend attempt, they forego an average of 75 BTC every time they attempt this unsuccessfully?* Does that mean, assuming they have to try an average of 2^6 = 64 times to succeed, the attacker would need to be buying something worth more than 75 x 64 = 4800 BTC (currently about $1 million) to have an expected profit? If so, then the price rising 100x again requires them to be buying an item worth $100 million, etc. so it seems pretty solid.

*Actually significantly less I guess because if they for example mine two blocks then miss the third one, they start over so they are only out around 25 for two blocks they were offline for.

are you sure (bolded part)? the bigger the network bandwidth, the faster a bloat block constructed by an attacking large miner would propagate thus increasing their chances of tormenting smaller miners.  conversely, the smaller the bandwidth, the higher the latency and thus the higher probability of the bloat block being orphaned resulting in failure of the attack.

Here's a thought about Gmax's "big block attack" where powerful miners try to eliminate their competition by producing very large blocks that the smaller miners can't handle:

In the absence of a blocksize cap, if I understand correctly, the limiting factor on how big a miner can profitably make their blocks (the orphan rate) correlates negatively with bandwidth in the network, but bandwidth itself it a major factor limiting smaller miners' ability to handle those large blocks. Is there some way that, in essence, the inability of the network to handle large blocks issued by a powerful miner would itself defeat the attack by frequently orphaning such blocks? (Thus making it prohibitively expensive to sustain the attack long enough to actually put any miners out of business.)

This sounds too good to be true, since it suggests a kind of soft consensus mechanism where miners would be prevented from "doing their own thing" too much precisely because others couldn't keep up. I await correction from someone more familiar with mining.

and forever is financially impractical b/c at 49% hashrate statistically he will begin to fall further and further behind to the pt that the lucky "spurt" in block formation will most likely not be enough to propel him ahead of the 51% chain.

Yes, that's a really good point Cypherdoc.  The equation I used (which I took from the Satoshi white paper), gives the probability that the attacker will be able to double spend if he is willing to work on the attack chain forever.  In reality, he would give up at some point.  It would be interesting to calculate the probability that the attacker succeeds within X number of blocks.  

but assuming the attacker with 49% hashrate starts constructing his alternative secret chain at the same moment he pays for his toaster at the check out stand, there is absolutely no chance that he'll hit that lucky streak of block formation within the next hour or 6 blocks. 

He's just jealous that he didn't think of Bitcoin before Satoshi. But he's apparently created something better, so we will wait with bated breath until he reveals it to the world and his superior intellect will finally get the recognition that it deserves.

I think there's two ways to look at it:

1.  Clearly, if an attacker has 50.0001%, then he has a 100% chance of eventually forging the longest chain.  If the attacker has 49.9999% instead, it makes sense that he'd have almost 100% chance, but not quite (why would it suddenly drop to less than 50%?).

2.  It's the attacker who gets to choose when to broadcast the attack chain.  Just by random luck, there's a good chance that at some point the attacker will hit a lucky streak and mine several blocks in quick succession.  When he hits this lucky streak and pulls ahead of the honest chain, he broadcasts his attack chain.

I understand the probability equations, but am trying to understand the logic in how they are being used and how an attacker with less than 50% could have an almost 100% chance of forcing a new longer chain. I would expect that no matter what the probability of being successful would be less than 50%.

Let's say I had 49% of the hash rate. I then made a payment (transaction A) to someone, who after 6 confirmation would consider the transaction valid and would then transfer something else over to me. I also immediately construct a different transaction B that double spends and invalidates transaction A.

Transaction A broadcasts to the network, and 51% of the hash rate starts hashing on that transaction. Simultaneously I dedicate my 49% of the hash rate on creating confirmations on transaction B. I also have to keep my chain a secret, so that the P2P network will only see the chain with transaction A and at some point acknowledge 6 confirmation on transaction A. After this happens the other person transfers something to myself (lets say a title to a car).

Once I have received my counter payment (the title) my goal is to now reverse the original transaction A, by announcing a new longer chain containing transaction B to the network. In order to reverse this, I now have to have a longer chain (i.e. 7 or more) in order to make the the network reorg and switch to my chain (if I only announce a new chain of 6, the network will continue to use the first chain of 6 it received).

Since my hash rate is 49%, and the rest of the network has 51%, it seems that the odds of the secret chain I've been working on (with 49%) being longer than the chain the rest of the network (51%) has been working on is less than 50/50. And again since my chain needs to be longer to force a reorg, the odds are less. I'm not saying that a 49% attacker cannot reverse 6 confirm transactions, but it seems it has to be a bit less than 50% of the time.

yes, why not use that 51% of power to mine 51% of the BTC rewards plus fees which is a guaranteed calculable process?

why instead would they perform a 51% attack to double spend a cup of coffee at a retail store?  i don't say that in jest b/c anything bought online would undergo 6 confirmations before the product ever got shipped out and anything bought at a retail store for substantially more  than a cup of coffee would likely be held to a standard of at least 1 confirmation before walking out the door.

in fact the incentive was so strong that the 3 pools over the last 6 yrs that got close to 51%, BTCGuild, ghash, and Artforz's pool all either backed down voluntarily or got forced down.

huge inconsistency in logic for someone who claims to be logical.  or maybe it's just from someone who lacks comprehension of how Bitcoin incentives work in practice?

so if the pools didn't invest in their hardware, then logically you're referring to pools that aggregate individual mining power.  if that is the case, how can pool operators freely collude and sell out to banksters or any other attacker when those same individuals can just as freely yank their power out of the pool and point it elsewhere as we saw in ghash?