I think the fact that Bitcoin did not fall further after the recent news is a very good sign.
The news of the 51% hashing rate from one source did not affect the price all that much. That does not mean that centralising Bitcoin is good, but it is more resilient than I thought. If BTC makes it to 2016 and to the next "halving", the price is going up again.
Topic: Is 51% Attack the biggest threat for Bitcoin? // What do you think about it? (Read 1232 times)
June 25, 2014, 10:00:02 PM
June 25, 2014, 06:12:52 PM
With merchant adoption going at the rate it's going, the demand for btc and people taking advantage of the "discount" coins will bring the price back up to a reasonably comfortable rate.
June 25, 2014, 02:23:57 PM
Not so good if the price keeps gradually falling everytime and never goes the other way.
June 25, 2014, 02:12:53 PM
I think this thread is FUD and the OP is a clueless noob at best and government shill at worst.
Funny you should say that as I think fud is one of the biggest threats. Far too many people spreading it and far too many people believing in it.
Keep it coming, the more people who let their panic-shaken nerves dictate their BTC trading, the cheaper it'll be for me to buy more coins!!!
June 25, 2014, 01:33:52 PM
I think this thread is FUD and the OP is a clueless noob at best and government shill at worst.
Funny you should say that as I think fud is one of the biggest threats. Far too many people spreading it and far too many people believing in it.
June 25, 2014, 01:30:51 PM
I think this thread is FUD and the OP is a clueless noob at best and government shill at worst.
June 25, 2014, 01:27:44 PM
I don't think it's the biggest threat but it could become a problem in the future. I don't think it is yet though.
June 25, 2014, 10:14:18 AM
Yes but in fiat money world, you have the concept of trust, if Paypal cheats you, you can go to courts.
Good luck with that. Besides, nobody would lose their bitcoins just because somebody makes a mining monopoly, so there would be no reason to go to court. They can't change the bitcoin protocol either. They could double spend, but that would make them lose trust and ruin the point. For the users some aspects could even be improved. For instance it would make instant confirmations possible, because the monopoly owners decides what gets included in the next block.
June 25, 2014, 05:22:16 AM
Lamport Signatures : https://medium.com/@lmgoodman/preventing-mining-pool-concentration-with-lamport-signatures-e7601c474343
seems there is a huge size impact on the blockchain
seems there is a huge size impact on the blockchain
June 24, 2014, 09:41:03 PM
Nobody throws away their fiat money or Paypal money just because it's controlled by single entities. Most people don't care about the political and ideological issues.
Yes but in fiat money world, you have the concept of trust, if Paypal cheats you, you can go to courts. The governement backs the courts. (and by the way we wouldn't like the gov't to be controlled by one single entity...)
That's difficult with an anonymous pool.
Bitcoin is trustless and to keep it that way it must be keps P2P, not P2{one single miner}.
what I have seen brought on as solutions are :
1)a bit of POS, to bring the actual users into the equation
2)some way to block pool mining (Lamport sigs)
3)or as mentioned somewhere on BCT some way to decrease mining efficiency with scale but that might be quite hard to implement
June 24, 2014, 06:15:16 PM
This would destroy the value of bitcoin and the holdings of the malicious miner. The only way either scenario happens is with some one interested purely in chaos and destruction.
Not if there is already an economy that depends on Bitcoin. The network and all the businesses and users that depend on it would still be there, and for anyone except the miners the difference would be minimal. Nobody throws away their fiat money or Paypal money just because it's controlled by single entities. Most people don't care about the political and ideological issues.
June 24, 2014, 04:19:53 PM
Folks tend to think that Ghash, etc having a major control over the network is a big deal. Ghash doing anything malicious is the equivalent of slaughtering the golden goose for a single meal (quite literally). People complain about the anonymity of Ghash, et al.
Isn't that why many of us got into bitcoin to begin with? I want any pool or individual to be anonymous so long as they choose. If the government comes knocking and stealing, they need to try and find the source. I'd rather that source not be found.
Does that instill fear and doubt in the minds of the community? Of course it does. Trust Ghash et al to uphold the integrity of the network. There is no good reason that a pool mining something of value would intentionally destroy said value....EXCEPT this:
If I was asked if the miner manufacturers first use the machines they make at a lower difficulty level while taking pre-orders to make the next gen model - with which they will do the same...and-den...the miner makers send the already used units (see damaged heat sinks and obvious signs of wear when actual consumers take delivery of the pre-ordered unit that has obviously gone through rigorous testing; and now use the pre-ordered units to mine at an advantage to the previously pre-ordered units - I would say emphathically YES this happens.
Don't ask me how or "link" or any other shit like that. It fucking happens, and you are stupid if you think it doesn't happen. It takes a blind fool to not realize this.
51% attack = no big deal
Taking pre-orders to finance a mining operation, only to sell the miners later to the poor souls that pre-ordered = bullshit, fraud, not nice, etc.
Some people grow coffee. Some people buy coffee. Some people sell coffee. Some sell coffee futures (contracts). Quite a few people drink coffee. Understand the difference, but apply this truth to a non-renewable resource like bitcoin and you will understand why people do what they do.
Isn't that why many of us got into bitcoin to begin with? I want any pool or individual to be anonymous so long as they choose. If the government comes knocking and stealing, they need to try and find the source. I'd rather that source not be found.
Does that instill fear and doubt in the minds of the community? Of course it does. Trust Ghash et al to uphold the integrity of the network. There is no good reason that a pool mining something of value would intentionally destroy said value....EXCEPT this:
If I was asked if the miner manufacturers first use the machines they make at a lower difficulty level while taking pre-orders to make the next gen model - with which they will do the same...and-den...the miner makers send the already used units (see damaged heat sinks and obvious signs of wear when actual consumers take delivery of the pre-ordered unit that has obviously gone through rigorous testing
Don't ask me how or "link" or any other shit like that. It fucking happens, and you are stupid if you think it doesn't happen. It takes a blind fool to not realize this.
51% attack = no big deal
Taking pre-orders to finance a mining operation, only to sell the miners later to the poor souls that pre-ordered = bullshit, fraud, not nice, etc.
Some people grow coffee. Some people buy coffee. Some people sell coffee. Some sell coffee futures (contracts). Quite a few people drink coffee. Understand the difference, but apply this truth to a non-renewable resource like bitcoin and you will understand why people do what they do.
June 24, 2014, 04:13:04 PM
I think the biggest threat is a variation of the 51% attack that leads to permanent centralization. One organization can buy up enough mining equipment to have 55-60% of the mining power. It doesn't matter if it's not profitable in the long run because if you ignore all other blocks, no other miners will get any profits at all. This will force them to quit, and after a while most of the miners can be turned off. The difficulty level will go down, and the winner will get all the profits with minimal costs. If anyone tries to compete the offline miners can be turned back on to override their blocks.
This probably won't become a reality unless the Bitcoin economy gets significantly larger, though.
This probably won't become a reality unless the Bitcoin economy gets significantly larger, though.
This would destroy the value of bitcoin and the holdings of the malicious miner. The only way either scenario happens is with some one interested purely in chaos and destruction.
June 24, 2014, 03:55:57 PM
I think the biggest threat is a variation of the 51% attack that leads to permanent centralization. One organization can buy up enough mining equipment to have 55-60% of the mining power. It doesn't matter if it's not profitable in the long run because if you ignore all other blocks, no other miners will get any profits at all. This will force them to quit, and after a while most of the miners can be turned off. The difficulty level will go down, and the winner will get all the profits with minimal costs. If anyone tries to compete the offline miners can be turned back on to override their blocks.
This probably won't become a reality unless the Bitcoin economy gets significantly larger, though.
This probably won't become a reality unless the Bitcoin economy gets significantly larger, though.
June 24, 2014, 09:46:24 AM
Hi Bitcoiners,
We took the initiative to write an article about the 51percent attack in the Bitcoin network. The aim is to explain in a clear and understanding way the 51percent attack and its practical risks so that people who are new to Bitcoin could understand it.
The article is not published on our blog yet, it's only released for bitcointalk users for the moment: www.gatecoin.com/blog
Enjoy the read, don't hesitate to leave feedbacks, and if you want, check our blog!
=======================================================
The 51percent attack issue was brought-up recently in the Bitcoin Media. Certain media even affirm that this is one of the major challenges facing the Bitcoin Network. The Gatecoin Team gives its understanding of the problem, and how it could impact on the Bitcoin Network.
A basic principle of the Bitcoin Network
In a decentralized digital currency model such as Bitcoin, with proof of work transactions validation, the miners are the network’s accountants.
The 51percent attack: Where it comes from
The origins of the 51 percent attack: the math-based model to avoid the double-spending issue, which leads to practical economic challenges
The double spending is the result of successfully spending some money more than once. Bitcoin protects against double spending by verifying each transaction added to the blockchain to ensure that the inputs for the transaction had not previously already been spent.
Indeed, when you send a transaction to the network, it is relayed to all the miners for inclusion in the blockchain. Each miner is trying to include a block of transactions to the blockchain to get your transaction fees and some newly minted currency units. To avoid having two miners submitting at the same time two different blocks (which would then cause a fork) they are required to do some complicated computations. These computations are calibrated by the network to take on average ten minutes for the miners as a whole, with a fairly large variance (ten minutes as well). As our mining readers will know, for a single miner the average time to find a solution (and the variance) are of course much higher.
The miners have to compute the solution of Hash(x)=y, which is done via brute force. With a constant hashrate, the probability of finding the solution in time t has the same distribution as the Poisson process. It can take up to an infinite time (long tail), but on average it will take ten minutes. It has no memory, even after mining for hours, you still have the same probability of mining a block.
Poisson distribution for different mean values. The average time for the first miner to find a block in the bitcoin protocol is x=10 min.
The large variance is essential to minimize the probability of having two miners finding the solution the solution at the same time. As two miners will take very different times to solve the problem, one will very probably find the solution and have the time to broadcast it to the network before the other does. The solution found is minted with the miner’s address, so no one else can take the prize for itself.
Then the other miners can approve that miner’s solution and include the block. Once the solution is found, it is easy to verify that it is valid.
Why are miners pooling?
The big issue is that miners pay for expensive hardware and get very uncertain rewards (by design as we have seen). Economically it then makes sense for them to pool their efforts and lower the volatility of their rewards. This is very similar to stock markets investors buying a basket of stocks to lower the volatility of their overall portfolio.
Why is an overperforming mining pool a threat to the Bitcoin network?
These pools of miners can reach very high computational power on the network. The issue is when there is a mining pool which is overperforming compared to others, such as GHash.io recently. Indeed miners have been more attracted to GHash.io, consequently the overall computational power of the mining pool increased much more than others. This led up to reach the critical 51percent limit (or more precisely up to anything above 50percent) of the total computational power of the Bitcoin network.
What could happen then?
The “Finney” Attack, or the (in)famous 51percent attack.
The 51percent attack: a disaster for Bitcoin in case of overperforming malicious mining entity
The "Finney attack"
In theory, it is possible that a malicious pool could for example retain a valid block it solved, where it spends coins, and spend the same coins with a merchant accepting zero confirmation transactions. Once the goods are received, it releases the block, invalidating the payment. The miner does not even need 50percent for this attack, but as few merchant will accept zero confirmation transaction for significant amounts, this renders this attack irrelevant in practice.
The possibility of preventing transactions
The mining pool could prevent transaction from entering it’s blocks but that would only affect the blocks it validates
The possibility of reversing transactions
For that to happen, the mining pool would have to start from a block before the transaction and mine from there a bigger number of blocks than there is currently in the blockchain. In effect the attacker would recreate a new blockchain on his own. That is extremely unlikely but if the attacker has consistently more than 50percent of hashing power he would succeed over time with probability one.
The 51percent attack: how important the risk is and how to mitigate it
The issue can be alleviated in other digital currencies when replacing the proof of work by a proof of stake. Proof of stake replaces computational power with currency holding for giving the right to validate transactions.
In the current Bitcoin proof of work system, an attacker needs to obtain over half the current network hashing capacity for a significant amount of time to perform a so-called "51percent attack".
If Bitcoin was proof of stake, an attacker would need to obtain over half of the bitcoins in existence, a probably even more expensive and difficult feat. Moreover, performing a 51percent attack and likely devaluing Bitcoin significantly wouldn't be all that appealing if you are so heavily vested into it.
Some digital currencies (NXT, PPC) do use the proof of stake system. Yet, it leads to other issues related to the transactions validation, replacing the risk of 51percent attack. As Gavin Andersen, Bitcoin lead developer and member of the Bitcoin Foundation, declared it on Reddit, there is no natural incentive stopping a miner from assigning their stake to multiple, competing chains. Consequently, by using the proof of stake, you have a lower risk of 51percent attack but a more significant risk of... double-spending, which is exactly the original problem the proof of work aims at solving.
Anyway, to us it feels the 51percent attacks are probably not the most important hurdle facing Bitcoin.
For an attacker with infinite hashing power, creating a parallel blockchain would essentially destroy the Bitcoin and render all his (very expensive!) efforts worthless. The Bitcoin network has never experienced a 51percent attack but frequently faced technically cheaper attacks such as denial of service.
However, it is clear that a 51percent attack could have terrible consequences on the Bitcoin network. Some would say a way to solve the issue is to regulate the % of computing power of these mining pools in order to maintain a "healthy" competition in this sector, but we should aim for a built in incentive.
Some cryptographic solutions are worth researching, like Lamport signatures, which appear to be promising, although they would weigh down the blockchain...
The 51percent attack is an inherent threat of a proof of work system, time will tell if this theoretical issue would affect the effective Bitcoin network in practice. So far, so good.
The Gatecoin Team.
Sources:
Bitcoin Wiki. Weaknesses.
Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System.
Meni Rosenfeld. Analysis of Bitcoin Pooled Mining Reward Systems.
Criticisms of proof of stake. Reddit
Preventing Mining Pool Concentration with Lamport Signatures. Medium.com
We took the initiative to write an article about the 51percent attack in the Bitcoin network. The aim is to explain in a clear and understanding way the 51percent attack and its practical risks so that people who are new to Bitcoin could understand it.
The article is not published on our blog yet, it's only released for bitcointalk users for the moment: www.gatecoin.com/blog
Enjoy the read, don't hesitate to leave feedbacks, and if you want, check our blog!
=======================================================
The 51percent attack issue was brought-up recently in the Bitcoin Media. Certain media even affirm that this is one of the major challenges facing the Bitcoin Network. The Gatecoin Team gives its understanding of the problem, and how it could impact on the Bitcoin Network.
A basic principle of the Bitcoin Network
In a decentralized digital currency model such as Bitcoin, with proof of work transactions validation, the miners are the network’s accountants.
The 51percent attack: Where it comes from
The origins of the 51 percent attack: the math-based model to avoid the double-spending issue, which leads to practical economic challenges
The double spending is the result of successfully spending some money more than once. Bitcoin protects against double spending by verifying each transaction added to the blockchain to ensure that the inputs for the transaction had not previously already been spent.
Indeed, when you send a transaction to the network, it is relayed to all the miners for inclusion in the blockchain. Each miner is trying to include a block of transactions to the blockchain to get your transaction fees and some newly minted currency units. To avoid having two miners submitting at the same time two different blocks (which would then cause a fork) they are required to do some complicated computations. These computations are calibrated by the network to take on average ten minutes for the miners as a whole, with a fairly large variance (ten minutes as well). As our mining readers will know, for a single miner the average time to find a solution (and the variance) are of course much higher.
The miners have to compute the solution of Hash(x)=y, which is done via brute force. With a constant hashrate, the probability of finding the solution in time t has the same distribution as the Poisson process. It can take up to an infinite time (long tail), but on average it will take ten minutes. It has no memory, even after mining for hours, you still have the same probability of mining a block.
Poisson distribution for different mean values. The average time for the first miner to find a block in the bitcoin protocol is x=10 min.
The large variance is essential to minimize the probability of having two miners finding the solution the solution at the same time. As two miners will take very different times to solve the problem, one will very probably find the solution and have the time to broadcast it to the network before the other does. The solution found is minted with the miner’s address, so no one else can take the prize for itself.
Then the other miners can approve that miner’s solution and include the block. Once the solution is found, it is easy to verify that it is valid.
Why are miners pooling?
The big issue is that miners pay for expensive hardware and get very uncertain rewards (by design as we have seen). Economically it then makes sense for them to pool their efforts and lower the volatility of their rewards. This is very similar to stock markets investors buying a basket of stocks to lower the volatility of their overall portfolio.
Why is an overperforming mining pool a threat to the Bitcoin network?
These pools of miners can reach very high computational power on the network. The issue is when there is a mining pool which is overperforming compared to others, such as GHash.io recently. Indeed miners have been more attracted to GHash.io, consequently the overall computational power of the mining pool increased much more than others. This led up to reach the critical 51percent limit (or more precisely up to anything above 50percent) of the total computational power of the Bitcoin network.
What could happen then?
The “Finney” Attack, or the (in)famous 51percent attack.
The 51percent attack: a disaster for Bitcoin in case of overperforming malicious mining entity
The "Finney attack"
In theory, it is possible that a malicious pool could for example retain a valid block it solved, where it spends coins, and spend the same coins with a merchant accepting zero confirmation transactions. Once the goods are received, it releases the block, invalidating the payment. The miner does not even need 50percent for this attack, but as few merchant will accept zero confirmation transaction for significant amounts, this renders this attack irrelevant in practice.
The possibility of preventing transactions
The mining pool could prevent transaction from entering it’s blocks but that would only affect the blocks it validates
The possibility of reversing transactions
For that to happen, the mining pool would have to start from a block before the transaction and mine from there a bigger number of blocks than there is currently in the blockchain. In effect the attacker would recreate a new blockchain on his own. That is extremely unlikely but if the attacker has consistently more than 50percent of hashing power he would succeed over time with probability one.
The 51percent attack: how important the risk is and how to mitigate it
The issue can be alleviated in other digital currencies when replacing the proof of work by a proof of stake. Proof of stake replaces computational power with currency holding for giving the right to validate transactions.
In the current Bitcoin proof of work system, an attacker needs to obtain over half the current network hashing capacity for a significant amount of time to perform a so-called "51percent attack".
If Bitcoin was proof of stake, an attacker would need to obtain over half of the bitcoins in existence, a probably even more expensive and difficult feat. Moreover, performing a 51percent attack and likely devaluing Bitcoin significantly wouldn't be all that appealing if you are so heavily vested into it.
Some digital currencies (NXT, PPC) do use the proof of stake system. Yet, it leads to other issues related to the transactions validation, replacing the risk of 51percent attack. As Gavin Andersen, Bitcoin lead developer and member of the Bitcoin Foundation, declared it on Reddit, there is no natural incentive stopping a miner from assigning their stake to multiple, competing chains. Consequently, by using the proof of stake, you have a lower risk of 51percent attack but a more significant risk of... double-spending, which is exactly the original problem the proof of work aims at solving.
Anyway, to us it feels the 51percent attacks are probably not the most important hurdle facing Bitcoin.
For an attacker with infinite hashing power, creating a parallel blockchain would essentially destroy the Bitcoin and render all his (very expensive!) efforts worthless. The Bitcoin network has never experienced a 51percent attack but frequently faced technically cheaper attacks such as denial of service.
However, it is clear that a 51percent attack could have terrible consequences on the Bitcoin network. Some would say a way to solve the issue is to regulate the % of computing power of these mining pools in order to maintain a "healthy" competition in this sector, but we should aim for a built in incentive.
Some cryptographic solutions are worth researching, like Lamport signatures, which appear to be promising, although they would weigh down the blockchain...
The 51percent attack is an inherent threat of a proof of work system, time will tell if this theoretical issue would affect the effective Bitcoin network in practice. So far, so good.
The Gatecoin Team.
Sources:
Bitcoin Wiki. Weaknesses.
Satoshi Nakamoto. Bitcoin: A Peer-to-Peer Electronic Cash System.
Meni Rosenfeld. Analysis of Bitcoin Pooled Mining Reward Systems.
Criticisms of proof of stake. Reddit
Preventing Mining Pool Concentration with Lamport Signatures. Medium.com
Jump to: