Topic: If a 51% attack actually happens, could one lose thier bitcoins in cold storage? (Read 1679 times)

Thank you for posting this. I just bought my first coins this week and put them into cold storage. These threads were kind of spooking me about my investment.

This is the best argument against worrying that ghash will execute an attack on the network once they get 51%. Ghash is a entity that is financially motivated.

One other point is that even with them having 40% of the network they could still execute double spend attacks with a roughly 80% success rate. If they were to execute an attack why wait to get 51%? Why not at 35% or 40%, such attack could still earn a substantial amount of BTC. As far as I know no attacks like this have been executed and there have been no reports as such.

killing bitcoin would be alot more effective than killing Napster.
file sharing survived because of the superior implementation of peer to peer networking of its successors.
proof of work coins are the best solution we got to the double spending problem.
and unfortunately we don't have a solution to stop entities from getting a majority of computing power and being able to destroy the system.
as it stands today any successor to bitcoin will be based on the same technology and will be attacked in the same way as bitcoin.

It also means the more capital they have at risk which becomes worthless when they attack the Bitcoin network.  There isn't that much that you could double spend that would be worth more than a days revenue at 50% of the miner reward.  I mean the exchanges are really the only entities with that kind of volume and you don't really think you are going to be able to deposit, trade, and withdraw tens of millions of dollars overnight do you? 

The idea that a 51% attack will be economical is doubtful.  The larger threat comes from a non-economic attack.  An entity well funded seeking to destroy the network and accepting like in any war the cost to do so will never be directly recovered.  There is no magic bullet but if the network continues to grow is value then the cost to perform that kind of attack will also grow.  Crypto currencies are out of the bag now and if the NSA or some other deep pocketed entity wasted tens of millions today or potentially billions of dollars in the future to kill Bitcoin it wouldn't be more effective than killing Napster was at ending file sharing.   The ecosystem would adapt.  Necessity is the mother of all invention.

that's correct assuming they stop growing and don't go into 70-80% territory.
one of the biggest problems is that they have alot of mining hardware under their direct control.
what happens when they have enough hardware to be 70% of the hashing power without anyone's help.
the more hardware they control the more transactions they can reverse if they go rouge.

Well lets keep the hyperbole to a realistic level shall we.

1) With 51% of the hashrate the main chain will continue to grow at a rate of 71 blocks per day and the attackers chain would grow at a rate of 73 blocks per day.  So to reverse a t x which is 279,000 blocks deep in the chain with a 2 block per day advantage would require about 35 years.

2) While the attacker is building the attack chain they won't be mining on the public chain. Usually an attacker would keep this a secret until it the attack is complete because it ensures there is no warning but what this means for a public pool is that the number of blocks on the main chain produced by "ghash.io" would be 0.  Miners would receive 0 BTC in compensation.  GHASH.IO share of new blocks would drop to zero and their share of the network hashrate as charted by various sites would also plummet to zero (because those sites are based on detected blocks on the primary chain).

So putting these two things together ...ghash.io would need to attack the network for 35 years and not have any miners leave despite not getting paid and the fact that it would be very obvious what is going on (i.e. if you have x PH/s and are producing no blocks on the main chain then what are you doing).  It isn't good for any entity to have that much hashing power but there are practical limits on what can be achieved by a pool.

no one knows for sure what part of their hashing power is made of mining hardware under their control.
who is to say they don't have enough hardware to maintain a majority of hashing power without the help of any external miners.

No, that's not the case at all. The checkpoints are hardcoded in the program. Rather, current clients will reject any chain that does not have a block with hash 0000000000000001ae8c72a0b0c301f67e3afca10e819efa9041e458e9bd7e40 at height 279000. You can view this fact via github since that's where the source code is hosted, or (with sufficient effort) by inspecting the compiled .exe that is used by standard clients. Everything after that is (theoretically) up for grabs to anyone who can maintain >50% of the hash power while going rogue (hint: Ghash.IO cannot do this, because people will leave the pool and cut off CEX.IO money influx if they try).

wrong.
as long as ghash.io got over 50% of the network's hashing power they can reverse every transaction since 7th of jan 2014.

Ow ok, I didn't knew about that. makes sense..

the file i posted from github is part of the bitcoin client source code.
it shows the checkpoints hard coded into the client.

Thanks for confirming and it's for sure mission impossible to reverse the Tx, right?

You are saying that if github went offline, all bitcoin clients stop working? I have problems
believing that..

A fork from before the most recent checkpoint isn't really a fork, since all the Bitcoin core clients won't even acknowledge it.  That's what checkpoints are for.

Most of the SPV Android clients presumably talk to Bitcoin core servers which won't see the fork either.  And those that don't will be connecting to a server which will be fixed to know about the checkpoint if they don't already.

no fork originating from a block older than 7th of jan 2014 will be accepted by the client.
no matter how much hashing power who ever computed it has.

I would never suggest such a thing.

But yes.  That would be best. 

So what your telling me is I need to divest and gamble all my coins away?

I doubt if this repository has much authority. If someone with say almost 100% hashing power would
initiate a fork building on a block mined back in 2013, I don't see how a reversed bitcoin from jan. 8 is safer than
a reversed one from Jan. 6...

Not strictly true.

If the attacker *ever* owned your coins in the past, they can start their attack from before they sold them and rewrite history from that point forward.  Then you never bought them and your cold wallet is empty.

the last checkpoint in the source code is of block #279000 (https://github.com/bitcoin/bitcoin/blob/master/src/checkpoints.cpp) which was mined on 7th of January 2014.
so any bitcoins anyone got after that date are in danger in a worst case scenario.