Topic: The way how to double protection bitcoin network against 51% attack - page 2. (Read 19861 times)

Yeah and absolutely no deniability.  So when the news starts running reports on this massive global cyber attack and all the evidence points to Bank Of America and you have employees and contractors whistle blowing that is going to look great.  Even if they don't suffer any civil or criminal charges the negative PR would be in the tens if not hundreds of millions of dollars.

Not to mention most corporate PC have neither the expansion slots, cooling, or power requirements for high end graphics cards.  Then the heat and noise aspect.  Walk into a Bank of America branch and every GPU fan is screeming and puking out heat.  That is going to look great for corporate brand image.

It doesn't have to be that complicated. You are thinking the adversary will create a dedicated mining facility, but it would be easier for them to use existing infrastructure. Large banks already have tens of thousands of computers. Some of them might be already powerful enough to mine, others can be upgraded with minimal costs - get any local contractor to drop decent GPUs in a few computers at every branch. These are already solved problems, upgrades and fixes are one email away. Administration is already solved, too. Mass deployment of a smart miner (I'm thinking cgminer) who can do everything automatically is simple enough (already existing procedures). A few more GPUs won't make a major impact on the local power grids, so no worries there either. All they need is to run their own pool and write the attack code. Large institutions already have people who could do that, too.

I dare say that any top bank can do a 51% attack with minimum hardware investment, plus the human resources cost and extra power consumption. It's not going to be cheap, of course, but nowhere near your calculations.

True but FPGA actually improve the security of the network in the long run. 


Bitcoin has two costs.  The capital costs (amortized over the lifetime of the hardware) and the energy costs.  Over say a 3 year lifespan a GPU rig will be about 60% energy cost.  That is bad for defenders.  An attacker doesn't need to run the attack for 3 years so high energy costs (and lower upfront capital cost) makes defenders less efficient and attackers more efficient. 

If we imagine all potential theoretical hardware they could be put on a line.  At one end you have this magical zero operating cost device.  The cost is simply the capital cost.  Spend $1K and it generates hashes until it breaks.  At the other end would be something like Amazon EC2.  There is no upfront capital cost but you may a high operating cost.

GPU are closer to the later and FPGA are closer to the former.   The later is better for attackers and the former is better for defenders.


<---------   better for defenders ----------------------------| --------------------------- better for attackers ------------->
(100% upfront & 0% ongoing cost)               FPGA              GPU                         (0% upfront & 100% ongoing cost)

The high cost of FPGA makes them prohibitive for attackers but you are right as efficiency improves the nominal value of network hashing power produces less and less strength.  When you can get a MH for half the cost then 8.5TH is more like 4.25TH today.    As FPGA become cost effective we should see adoption of them and that should push up hashing power.

Don't forget that GPUs are not the only way to contribute hashing to the network.  FPGAs really cut down dramatically on everything you mentioned in your counter-arguments.   Sure FPGAs are much more expensive material cost, but you avoid most of the problems above, or at least a couple orders of magnitude of such problems.  You're probably cutting down energy consumption and heat by a factor of 20.  And with a really creative setup, you can probably get many dozen FPGAs onto a single computer (especially since the bandwidth required between CPU and device is basically negligible).

Yes, still requires a lot of work, but probably an order of magnitude less work.

You right, thanks.

Or we could just use twice as many GPU.

Just looking at the computing cost underestimates the true cost and complexity of such an attack. 8.5TH is roughly 12K HD 5970s or 20K HD 5870s.  Where are you going to put it them?  You need to consider building and other structural (racks, wiring, ducting, power distribution) costs.  

If assembled into 8 GPU rigs it would require assembling 2500 to 3000 computers.  Who is going to assemble them? Who is going to adminster them?  Who is going to construct racks, run the miles of networking cables, and build the power distribution circuits?  Who is going to guard them (don't want $7M in computers to walk away)?  You need to consider labor costs.

The farm will require roughly 5200 KW connection to the power grid.  A rather non-trivial tasks which requires expertise, planning w/ power company, and long term contracts.  You need to consider the permitting, inspection, and contract costs.

The farm will produce 13 million BTU of thermal output.  We are talking industrial grade cooling system (larger than used by even major datacenters) and likely a custom designed system to ensure the system can pull the heat out of the room quickly enough to avoid unsafe temps.  Remember you need even temps across 2500 rigs pull a KW or so each.  The cooling alone will contribute about 1200 KW of additional electrical load.  This isn't rig a box fan in front of the video card setup.  You need to consider the enterprise sized cooling costs.

The true cost in planning, construction, and execution is likely 3x higher.  Still your right it would be possible for a bank or rogue government to execute a non-economic 51% attack.

The bad news is that using CPUs wouldn't solve that problem. You have simply increased the cost of the network.  The network is specifically 8.5TH today because the value of Bitcoin supports a network that powerful.  We could make it 17TH by just using 2x as many GPU but we aren't 17TH because the revenue from the network doesn't support more that much computing power.   Using CPU doesn't change that dynamic.  The annual revenue wil simply be split between CPUs & GPUs and each sub portion of the network will be smaller.

Sorry for my English. 

Today's total network hashrate is about 8.5 thash. Cost of 1 mhash is approx $0.8. If some company want to beat total hashrate they must spend about 8.5 * 1000000*0.8 = $6 800 000. It is not big money for banks. 

There is a way to near double security of the network. We have to use CPU's power of network as well. For example first block use sha256 as proof of work, next block use Script, next block - sha256 again and so on. So the attacker should spend a much lot of money on GPU and CPU as well.