From: Peter Vessenes <peter@coinlab•com>
To: Luke-Jr <luke@dashjr•org>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Defeating the block withholding attack
Date: Sun, 3 Jun 2012 21:43:42 -0400 [thread overview]
Message-ID: <CAMGNxUu7SbnfpU8L+qp7KUmFLSU=VqcYGu2GhzRaYhkTT3Nz7A@mail.gmail.com> (raw)
In-Reply-To: <201206030052.17128.luke@dashjr.org>
[-- Attachment #1: Type: text/plain, Size: 1547 bytes --]
On Sat, Jun 2, 2012 at 8:52 PM, Luke-Jr <luke@dashjr•org> wrote:
> Analysis, comments, constructive criticism, etc welcome for the following:
>
> ==Background==
> At present, an attacker can harm a pool by intentionally NOT submitting
> shares
> that are also valid blocks. All pools are vulnerable to this attack,
> whether
> centralized or decentralized and regardless of reward system used. The
> attack's effectiveness is proportional to ratio of the attacker's hashrate
> to
> the rest of the pool.
>
>
I'm unclear on the economics of this attack; we spent a bit of time talking
about it a few months ago at CoinLab and decided not to worry about it for
right now.
Does it have asymmetric payoff for an attacker, that is, over time does it
pay them more to spend their hashes attacking than just mining?
My gut is that it pays less well than mining, meaning I think this is
likely a small problem in the aggregate, and certainly not something we
should try and fork the blockchain for until there's real pain.
Consider, for instance, whether it pays better than just mining bitcoins
and spending those on 'bonuses' for getting users to switch from a pool you
hate.
Watson, I don't believe the attack signature you mention is a factor here,
since the pool controls the merkle, only that pool will benefit from block
submission. The nonce / coinbase combo is worthless otherwise, and so this
attack is just in brief "get lucky, but don't submit."
So, can anyone enlighten me as to some actual estimates of badness for this
attack?
Peter
[-- Attachment #2: Type: text/html, Size: 2029 bytes --]
next prev parent reply other threads:[~2012-06-04 1:44 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-03 0:52 Luke-Jr
[not found] ` <CACsn0c=+xrVvGMAkPZffpVhRcAc09RuOW7LeOwi0TOD88VbuqQ@mail.gmail.com>
2012-06-03 3:40 ` [Bitcoin-development] Fwd: " Watson Ladd
2012-06-04 1:43 ` Peter Vessenes [this message]
2012-06-04 2:04 ` [Bitcoin-development] " Luke-Jr
2012-06-04 20:49 ` Mike Koss
2012-06-04 21:05 ` Luke-Jr
2012-06-05 0:00 ` Mike Koss
2012-06-05 1:05 ` Luke-Jr
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAMGNxUu7SbnfpU8L+qp7KUmFLSU=VqcYGu2GhzRaYhkTT3Nz7A@mail.gmail.com' \
--to=peter@coinlab$(echo .)com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=luke@dashjr$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox