Pages:
Author

Topic: [Quiz] Answer the Bitcoin question and earn merits! #1 (Read 712 times)

legendary
Activity: 1512
Merit: 7340
Farewell, Leo
You are totally right BlackHatCoiner but those are 2 different things, one thing is the 51% attack, where the miners can modify confirmed blocks, and the second thing is the double spend where the user modifies the unconfirmed transaction.
That is correct. The miner does not double-spend; it gives the user the option to double-spend. I think, though, that I have clarified it enough, because I mentioned "reversal" alternatively to "double-spend". Whether the miner double-spends or "simply" reverses, the result is that your coins are prone to double-spending.

hosseinimr93 After seeing your algorithm, I tried to do it in C++, but I don't understand why it's getting a minus. I tried with the help of that source, but the answer was a minus.
The reason is probably because you're subtracting from 0 (see the definition of result and which operations you're doing to it). I cannot see, though, if you're printing result or 1-result.

Here you go. I have commented the important parts.
Code:
#include
#include
using namespace std;

// constant number 'e'
const double Euler = std::exp(1.0);

// factorial of integer x
int fact(int x){

    int i, factorial = 1;
    for(i = 1; i <= x; i++)
        factorial *= i;

    return factorial;
}

int main(){
    // q = the proportion of hashrate the attacker possesses
    // z = the total confirmations
    double q = 0.4;
    int z = 6;

    double p = 1 - q;
    double lambda = z*q/p, sum = 0;

    int k;
    for(k = 0; k <= z; k++){
        // build the fraction first
        double fraction = pow(lambda, k) * pow(Euler, -lambda);
        fraction /= fact(k);

        // sum is sum + fraction * (...)
        sum += fraction * (1 - pow((q/p), z-k));

    }

    // print
    cout << 1 - sum << endl;
}

Compile with "g++ -o attack attack.cpp" and run with "./attack".
legendary
Activity: 4410
Merit: 4766
sorry to have to correct you but
You are totally right BlackHatCoiner but those are 2 different things, one thing is the 51% attack, where the miners can modify confirmed blocks, and the second thing is the double spend where the user modifies the unconfirmed transaction.
I think you didn't understand BlackHatCoiner well.
Any mining pool can try to perform a 51% attack and you don't have to own more than 51% of the total hash power to do that. That's what BlackHatCoiner says. He didn't say anything about double-spending.

Question: The dominant mining pool, at the time of writing this, turns evil and uses its hash-power to reorg the chain. A customer of yours sends you a transaction. If you wait for 10 confirmations, what is the chance that the dominant mining pool successfully double-spends / reverses your transaction?

a chain re-org could include all original chain transactions but just change the pool reward address to the malicious pool.. thus win all the rewards for 10 blocks
but altering-removing transactions then allows transactions that were deemed as spent. to then be unspent, to then be able to be spent again later. so they are 2 different things and yes blackhat did mention double spends. not just chain re-orgs for personal gain of rewards
legendary
Activity: 2380
Merit: 5213
hosseinimr93 After seeing your algorithm, I tried to do it in C++, but I don't understand why it's getting a minus. I tried with the help of that source, but the answer was a minus.
I am not familiar with C++, but I feel you are calculating the exp_term wrongly.



You are totally right BlackHatCoiner but those are 2 different things, one thing is the 51% attack, where the miners can modify confirmed blocks, and the second thing is the double spend where the user modifies the unconfirmed transaction.
I think you didn't understand BlackHatCoiner well.
Any mining pool can try to perform a 51% attack and you don't have to own more than 51% of the total hash power to do that. That's what BlackHatCoiner says. He didn't say anything about double-spending.
legendary
Activity: 4410
Merit: 4766
the overly simplified formulae is overly simple for the days of CPU mining of "1cpu=1 vote"
(we are no longer in the days of 1 cpu/node=one block candidate*)
(we are no longer in the days of most CPU/hashpower being equal per block candidate*)

the dynamics of mining has changed..
if the second dominant pool(honest) was close to 30% also. thus then affects the luck of the dominant pool getting all blocks of next 10 blocks to get ahead

as oppose to if all other honest pools only had a couple % each

imagine it this way
if mens 100m sprint average 9.5 second records because their muscle mass is higher
then the chase between men has a formulae

but iff you then add in womens 100m sprint which they have a lower muscle mess their numbers produce longer times to win.. meaning

a race of 5 men is a competition of who can get ~9.5sec win
a race of 1 man and 4 women .. the guy wins pretty much every time.. even if both cases are 5 people competing

so yea if there are 2 pools both competing at 30% of network.. there is less chance of one man winning every race if they had to do the race 10 times in a row
as oppose to 1 dominant pool vs 4 submissive pools where the dominant pool wins every race

so run the scenario and see the difference

a.
malicious pool 30%
honest pool 30%
honest pool 30%
honest pool 5%
honest pool 5%
(imagine this like a 3men olympic race competing with 2 disability olympic racers)

vs
b.
malicious pool 30%
honest pool 10%
honest pool 10%
honest pool 10%
honest pool 10%
honest pool 10%
honest pool 10%
honest pool 10%
(imagine this like a 1 male olympic racer competing with 7 female olympic racers)

..
* the white paper formulae is based on this:
malicious node 10%
malicious node 10%
malicious node 10%
honest node 10%
honest node 10%
honest node 10%
honest node 10%
honest node 10%
honest node 10%
honest node 10%
(all solo mining but 3 colluding with one chain candidate missing out the intended tx)
(imagine this like a 10 female olympic racers)

which is different to how things are done now, and how the question is asked, thus needs a different formulae to calculate risk

i dont even want merit. i just want people to think deeper about actual math, data, statistics and real information.. and not just use outdated notions
legendary
Activity: 3346
Merit: 3125
Since the dominant pool (foundrydigital.com) only has 28.4% of the network, they can't do the 50% attack
Think of it this way: Anyone can attempt to execute a 51% attack. However, if you own less than half the hashrate, then it becomes exponentially less probable the more the blocks. However, you might stand lucky with 30% of the hashrate and reorg, say, the past 2 blocks. That is quite probable to happen in fact, you have 44.6% chance. What is exponentially improbable, as time goes by, is to maintain a chain with more work than the rest of the network, therefore to continue launching the attack forever.

By the time you will have started reorging the 5th to last block, the rest of the network will be way ahead of you, so you will have to work even more to keep up with the new blocks, and it goes on and on. The honest miners will build faster than the attacker, and outpace him.
You are totally right BlackHatCoiner but those are 2 different things, one thing is the 51% attack, where the miners can modify confirmed blocks, and the second thing is the double spend where the user modifies the unconfirmed transaction. In the past, when games used to be on-chain, people used to abuse double spends, recovering their money if the bet lost. And for that, they weren't even miners.


That was the first quiz, and you all did pretty well. Class passed! More Bitcoin questions will come in the next days. Whoever has thought of a good question can drop me a PM, and I'll take it into consideration. Have a good week.  Smiley
Thanks for the quiz, i really enjoy learning from the community and sharing knowledge, i will keep an open eye for the next quiz.
member
Activity: 84
Merit: 57
@BlackHatCoiner has taken an excellent initiative to make the qualification meaningful by answering quizzes. Just like you are qualifying with quizzes on Bitcoin Discussion, @NotATether is running a challenge on Beginners & Help with this Challenge, giving you 14 merits in 14 days by downloading Bitcoin Core. Many users are participating in this challenge and getting merit. In the 14-day challenge, he has beautifully formulated the rules according to which everyone participates in the challenge and downloads.

I gave you a rule for your quiz, bro. I hope you like it, and it will be beautiful.
I have organised a quiz to encourage people to participate in Bitcoin-related quizzes. All of you participate and earn merit.

Quiz Features:
I will ask questions of an educational nature to improve the average user's knowledge about Bitcoin. The questions will be primarily technical and historical.

Rule of Quiz:
1: This quiz is open to everyone.
2: Your answer should be explanatory. Not just a yes-no or a single number.
3: I will answer myself if no one finds the answer by the cut-off date.
4: Don't copy someone's answer; say what you know best; don't copy someone else's answer and tag.
6: You will enjoy participating and get merit for correct answers.

Question: The dominant mining pool, at the time of writing this, turns evil and uses its hash-power to reorg the chain. A customer of yours sends you a transaction. If you wait for 10 confirmations, what is the chance that the dominant mining pool successfully double-spends / reverses your transaction?

Foundry USA has 30.74% of the bitcoin total global hashrate. If he waits for 10 confirmations, he will have the risk of chain reorg reduced to 5.11%.
_act_ First of all, I must commend you because I found you to be very active and knowledgeable. No matter what post comes up on a new topic, I see your presence first, and a nice reply is always there. I am right. I also recharged it and agreed with you.

q is the probability of the the next block being mined by the attacker, p is the probability of the next block being mined by honest miners and z is the number of confirmations your transaction has received so far.
The C code can been seen on the whitepaper and here is the python code.


hosseinimr93 After seeing your algorithm, I tried to do it in C++, but I don't understand why it's getting a minus. I tried with the help of that source, but the answer was a minus.
newbie
Activity: 9
Merit: 0
The probability of success decreases as the hash power of the pool decreases. With less hash power, the pool will need more luck and resources to successfully overwrite existing blocks, making such attacks less feasible and less likely. In general, I want to try the AI trading app https://algosone.ai/ai-trading/. They say it shows good results.
hero member
Activity: 2268
Merit: 669
Bitcoin Casino Est. 2013
Since the dominant pool (foundrydigital.com) only has 28.4% of the network, they can't do the 50% attack, given if the second biggest pool decides to work with them they will have 49.8% of the network, so, not enough to manipulate the blocks.
The more hash power a mining pool own, the more chance they have to replace an existing block with a new one. This doesn't mean the mining pool have to own more than 50% of the total hash power to do so. Any mining pool can try to perform such an attack even with less than 50% of the total hash power.
This is correct that any mining pool can try to perform such attack but the rate of chances that the attack being success would be very much low success and if the hash power is much more lower then chances of the attacks would also become more less than it is.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Not exactly distribution between miners, but from the explanations above and on the whitepaper, the hashrate of the attacking miner in relation to the hashrate of the other honest miners determines the final outcome.
That is correct. It is the proportion of the total hashrate the attacker owns that is used as a parameter in both the whitepaper and the tools by G. Maxwell and J. Lopp above. However, the distribution of the hashrate is not relevant, which is what I was responding to.

Since the dominant pool (foundrydigital.com) only has 28.4% of the network, they can't do the 50% attack
Think of it this way: Anyone can attempt to execute a 51% attack. However, if you own less than half the hashrate, then it becomes exponentially less probable the more the blocks. However, you might stand lucky with 30% of the hashrate and reorg, say, the past 2 blocks. That is quite probable to happen in fact, you have 44.6% chance. What is exponentially improbable, as time goes by, is to maintain a chain with more work than the rest of the network, therefore to continue launching the attack forever.

By the time you will have started reorging the 5th to last block, the rest of the network will be way ahead of you, so you will have to work even more to keep up with the new blocks, and it goes on and on. The honest miners will build faster than the attacker, and outpace him.



That was the first quiz, and you all did pretty well. Class passed! More Bitcoin questions will come in the next days. Whoever has thought of a good question can drop me a PM, and I'll take it into consideration. Have a good week.  Smiley
legendary
Activity: 2380
Merit: 5213
Since the dominant pool (foundrydigital.com) only has 28.4% of the network, they can't do the 50% attack, given if the second biggest pool decides to work with them they will have 49.8% of the network, so, not enough to manipulate the blocks.
The more hash power a mining pool own, the more chance they have to replace an existing block with a new one. This doesn't mean the mining pool have to own more than 50% of the total hash power to do so. Any mining pool can try to perform such an attack even with less than 50% of the total hash power.
legendary
Activity: 3346
Merit: 3125
Question: The dominant mining pool, at the time of writing this, turns evil and uses its hash-power to reorg the chain. A customer of yours sends you a transaction. If you wait for 10 confirmations, what is the chance that the dominant mining pool successfully double-spends / reverses your transaction?

Since the dominant pool (foundrydigital.com) only has 28.4% of the network, they can't do the 50% attack, given if the second biggest pool decides to work with them they will have 49.8% of the network, so, not enough to manipulate the blocks.

But the problem with your story is the double spend part, you don't need to hold a big pool or a big mining percent to make that attack, anyone can double-spend an unconfirmed transaction. They only have to pay more fees for the new one to have a bigger priority.
newbie
Activity: 16
Merit: 5
How can hash power distribution among mining pools affect the final outcome?
Not exactly distribution between miners, but from the explanations above and on the whitepaper, the hashrate of the attacking miner in relation to the hashrate of the other honest miners determines the final outcome.
sr. member
Activity: 854
Merit: 424
I stand with Ukraine!
Since I shared it months ago, can I share it again in this quiz?

How many Bitcoin confirmations is enough?
A tool built by Jameson Lopp to calculate Bitcoin Confirmation Risk.

The bonus information is Jameson Lopp has an account on Bitcointalk and he was active months ago, after he adjusted his tool a little bit. See his post.
sr. member
Activity: 378
Merit: 285
The chance of being able to double spend the transaction reduces as the number of confirmation increases until it eventually becomes  zero at exactly 6 confirmations when the transaction has been validated successfully.

The chance isn’t zero entirely at 6 confirmations but rather it’s probably is very low as more blocks get mined on it  and this chance is also base on the percentage of hashing power that the attacker controls.

~
In general If you’re aren’t good in Mathematics as explained above by hosseinimr93, here is a tool by jlopp to calculate the risk base on each hashrate percentage and the corresponding confirmation number
Thank you for sharing the tool. Am not very good at mathematics. I always struggled to pass my papers in college back then. But still learning never ends. I love educational threads like this.
legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Foundry USA has 30.74% of the bitcoin total global hashrate. If he waits for 10 confirmations, he will have the risk of chain reorg reduced to 5.11%.
Correct!  Smiley Although hosseinimr93 explains the why.

To get a more accurate estimate, you would need access to data such as the hash power distribution among mining pools
How can hash power distribution among mining pools affect the final outcome?

The chance depends on the fee rate used by your customer. Since the mining pool is dominating, if the fee is nice enough for them to add a single confirmation, others will have almost no choice than to confirm the transactions also as they proceed mining the block.
We assume, as I've written, that your transaction already has 10 confirmations. So the fee rate is irrelevant.

c)which is different compared to if someone added a tx in by 835,000
but the malicious pool was already making its own chain since 834,750 but doesnt broadcast it until 835,010
The whitepaper demonstrates that if the attacker has less than half the hashrate, their chance of building a longer chain becomes tiny exponentially. Therefore, when Foundry will have built from 834,750 to 835,010, the rest will be higher than that. (The exact block number they're likely to be is a great future question, though!)
legendary
Activity: 4410
Merit: 4766
many variables are missing in the question
(1)
a)for instance if someone made a tx in block 835,000 where network is now working on 835,001
and a mining pool with 30% network hashrate immediately went back ONE block(835,000)
and then change it, hashed it.  and then played catch up.. the chances to get to over take the network by 835,010(9 blocks of network progress) is different compared to

b)mining pool with 30% network hashrate working on but yet to solve 835,004 and decided to see a tx 3 blocks ago(835,000). to go back 3 blocks and then change it and then play catch up.. the chances to get to over take the network by 835,010(6 blocks of network progress)

c)which is different compared to if someone added a tx in by 835,000
but the malicious pool was already making its own chain since 834,750 but doesnt broadcast it until 835,010

(2)

with 13 pools on the network. there is a difference in chances if:
1. malicious is 30% and other 12 pools are ~6%
vs
2.  malicious is 30% 2 honest pools are 30% 10 pools are 1%

the formula in the white paper is overly simplified as its based on simple "1 cpu=1vote" which no longer applies with current dynamics of asics and difficulty
the number is not as high as 5%
not 0.3
its lower chance
however in scenario (1)c) has best chance of re-organising a chain to make a tx disappear by already playing ahead secretly before people realise it
..
hero member
Activity: 868
Merit: 952
The chance of being able to double spend the transaction reduces as the number of confirmation increases until it eventually becomes  zero at exactly 6 confirmations when the transaction has been validated successfully.

The chance isn’t zero entirely at 6 confirmations but rather it’s probably is very low as more blocks get mined on it  and this chance is also base on the percentage of hashing power that the attacker controls.

~
In general If you’re aren’t good in Mathematics as explained above by hosseinimr93, here is a tool by jlopp to calculate the risk base on each hashrate percentage and the corresponding confirmation number
legendary
Activity: 2380
Merit: 5213
_act_ is right. The probability would be 5.11%.

The probability can be calculated using the formula mentioned on page 7 of bitcoin whitepaper.



in which



q is the probability of the the next block being mined by the attacker, p is the probability of the next block being mined by honest miners and z is the number of confirmations your transaction has received so far.

The C code can been seen on the whitepaper and here is the python code.

Code:
from math import e,factorial

#Enter q and z and then run the program
q=0.3074
z=10

p=1-q
lambda_= z*(q/p)
sum=0
for k in range(z+1):
    sum+=(((lambda_**k)*e**(-lambda_))/factorial(k))*(1-(q/p)**(z-k))
print((1-sum))


The following chart displays how the probability of your transaction being removed from the blockchain decreases with more confirmations.


legendary
Activity: 1512
Merit: 7340
Farewell, Leo
Maybe I should leave it for a few hours, so I can let new readers correct others or post their own estimations.  Smiley
Pages:
Jump to: