Bitcoin Forum>Bitcoin>Mining
Author

Topic: Would it be easy for Pool operators to steal from miners? (Read 1231 times)

notlist3d
legendary
Activity: 1456
Merit: 1000
Would it be easy for Pool operators to steal from miners?
September 11, 2015, 01:52:53 AM
#15
Quote from: afriezalie on September 10, 2015, 10:15:12 PM
They could steal your money, but you would realize that quickly because you could see where are your reward from a block. And you could realize that your reward decrease with same difficulty and hash rate. They can control block reward for miners easily if they want

There is a lot they could way's they could do it.  But eventually someone would most likely put it together doing math on what they should earn.  Most don't just trust and not run any ROI math.

If a pool did this once caught they would loose all workers.  So were talking about a move that would stop future business.  I don't see this happening on major pools at least.
afriezalie
sr. member
Activity: 364
Merit: 250
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 10:15:12 PM
#14
They could steal your money, but you would realize that quickly because you could see where are your reward from a block. And you could realize that your reward decrease with same difficulty and hash rate. They can control block reward for miners easily if they want
RGBKey
hero member
Activity: 854
Merit: 658
rgbkey.github.io/pgp.txt
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 09:57:00 PM
#13
I mean if a pool isn't paying you you're going to find out pretty quick. It's easy to see where the money went and if you're getting money or not.
boliu
sr. member
Activity: 267
Merit: 250
6th BTC reached. Thank you for your support
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 08:56:26 PM
#12
Quote from: TheRealSteve on September 10, 2015, 05:13:34 PM
Quote from: boliu on September 10, 2015, 02:04:08 PM
Lets say for F2Pool, if one of the miners found the hash for the current block, and report it to F2Pool, instead of broadcasting to the blockchain and get reward for the Pool, a few simple line of code can redirect the Hash to an outside miner and they then broadcast it to the blockchain and get the reward.
Nope - can't do that.  The hash is specific for the block header in question.  That block header depends on the content of that block.  So if some 'outside miner' wanted the bitcoin reward, the coinbase transaction would first have to be changed to pay out only to that 'outside miner'.  When that happens, the hash calculated earlier will no longer be valid.

Miners at pools generally cannot scam the pool operators - regardless of traditional pool or P2Pool - for this very reason.

There were some suggestions of actually turning that upside down - e.g. making it so that the individual miner could steal from a pool.  I don't know if any pool has dared implement that.  Further reading (one of several such articles): http://hackingdistributed.com/2014/06/18/how-to-disincentivize-large-bitcoin-mining-pools/

thank you for the clarification.
TheRealSteve
hero member
Activity: 686
Merit: 500
FUN > ROI
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 05:13:34 PM
#11
Quote from: boliu on September 10, 2015, 02:04:08 PM
Lets say for F2Pool, if one of the miners found the hash for the current block, and report it to F2Pool, instead of broadcasting to the blockchain and get reward for the Pool, a few simple line of code can redirect the Hash to an outside miner and they then broadcast it to the blockchain and get the reward.
Nope - can't do that.  The hash is specific for the block header in question.  That block header depends on the content of that block.  So if some 'outside miner' wanted the bitcoin reward, the coinbase transaction would first have to be changed to pay out only to that 'outside miner'.  When that happens, the hash calculated earlier will no longer be valid.

Miners at pools generally cannot scam the pool operators - regardless of traditional pool or P2Pool - for this very reason.

There were some suggestions of actually turning that upside down - e.g. making it so that the individual miner could steal from a pool.  I don't know if any pool has dared implement that.  Further reading (one of several such articles): http://hackingdistributed.com/2014/06/18/how-to-disincentivize-large-bitcoin-mining-pools/
spazzdla
legendary
Activity: 1722
Merit: 1000
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 03:03:29 PM
#10
The risk reward here is to high.  Found out once and your pool is dead instantly.
aeleeth
newbie
Activity: 1
Merit: 0
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 02:10:44 PM
#9
Quote from: MCHouston on September 10, 2015, 12:46:34 PM
It is easy for them to do but very noticeable. They would get caught fast.

Better for them to take like .5%.
This, they win the long-term battle
tiggytomb
legendary
Activity: 1848
Merit: 1000
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 02:06:24 PM
#8
Quote from: boliu on September 10, 2015, 12:05:52 PM
I don't mean they steal your coins, but the whole Block reward (25 BTC)

From my understand (I may be wrong) but, once a miner on the pool found the Block, it's fowarded to the pool and out to the blockchain.  Would it be easy for the site operation to put in line of code to redirect the Hash found and use it for himself therefore claiming the 25 BTC reward.

He wouldn't do it for every block, but maybe 1 in every 4 blocks found.

I see, apologies I misunderstood what you were getting at.
boliu
sr. member
Activity: 267
Merit: 250
6th BTC reached. Thank you for your support
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 02:04:08 PM
#7
I am not suggesting the pool operators to steal from the pool balance, but steal the Block itself.

Lets say for F2Pool, if one of the miners found the hash for the current block, and report it to F2Pool, instead of broadcasting to the blockchain and get reward for the Pool, a few simple line of code can redirect the Hash to an outside miner and they then broadcast it to the blockchain and get the reward.
jonnybravo0311
legendary
Activity: 1344
Merit: 1024
Mine at Jonny's Pool
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 01:53:10 PM
#6
Could they take the entire block reward for themselves?  Sure... at least in a traditional pool.  In a pool like p2pool, no.  In p2pool the block's coinbase transaction contains the payouts of the block reward to all the miners.  In a traditional pool, the entire reward is paid to the pool's address.  That's why when you get rewarded from p2pool, it shows up as an immature transaction and you must wait for the 101 block confirmations before you can use that coin.  When you get a payout from a traditional pool, it's just like getting sent BTC from anyone else - it becomes spendable coin after a single confirmation.

Now, just because it's easy doesn't mean it's done.  Who's going to mine on a pool where the operator keeps everything for himself?  Skimming of the top would be considerably easier to conceal.  Not too many people are going to notice that small percentage missing.
MCHouston
hero member
Activity: 882
Merit: 500
Where am I?
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 12:46:34 PM
#5
It is easy for them to do but very noticeable. They would get caught fast.

Better for them to take like .5%.

TheRealSteve
hero member
Activity: 686
Merit: 500
FUN > ROI
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 12:45:32 PM
#4
Yes-and-no.  Most pools already mine only against their own address - that is to say, the coinbase transaction only has their address and nothing else.  They then pay out the people using that pool from that address in secondary transactions.  So yes, for them, it would be easy.
On the other hand, if they did that, they can kiss their pool (with all the nice and stable fees, etc.) goodbye.  Nobody would want to mine there anymore.  Their name would be forever tainted (which doesn't mean much in Bitcoin, but alright). So if a pool were to do something like that, doing it for 1-in-4 blocks wouldn't fly.  They could do it only on outstanding balances, once; they'd better make sure it's a good one if they want to take the bitcoin and run Smiley

There are other pool types where the coinbase transaction is set up to pay out to the users directly, though - there's no cheating with that, as the pool operator setting it to pay out only to themselves would be immediately obvious (presuming the software is set up to detect it).  P2Pool is a good example of this.
boliu
sr. member
Activity: 267
Merit: 250
6th BTC reached. Thank you for your support
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 12:05:52 PM
#3
I don't mean they steal your coins, but the whole Block reward (25 BTC)

From my understand (I may be wrong) but, once a miner on the pool found the Block, it's fowarded to the pool and out to the blockchain.  Would it be easy for the site operation to put in line of code to redirect the Hash found and use it for himself therefore claiming the 25 BTC reward.

He wouldn't do it for every block, but maybe 1 in every 4 blocks found.
tiggytomb
legendary
Activity: 1848
Merit: 1000
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 12:02:24 PM
#2
I guess it would be very easy for them to steal your coins as they hold the coins until you withdraw them.  I only have experience with altcoin pools perhaps it is a different setup when mining bitcoin.
boliu
sr. member
Activity: 267
Merit: 250
6th BTC reached. Thank you for your support
Re: Would it be easy for Pool operators to steal from miners?
September 10, 2015, 11:56:06 AM
#1
Wouldn't be easy for the Pool operators to put in a few line of codes to forward the Block Hash to his account and claim the Reward for himself?

Bitcoin Forum>Bitcoin>Mining
Jump to: