Bitcoin Forum

You have to be insane having vested interest and control of large share of contributed hashing power to plan an attack on growing revenue stream.

http://chart.googleapis.com/chart?chs=350x200&chd=t:49.40,3.05,21.96,1.62,10.46,0.49,4.06,8.16,0.80&cht=p&chf=bg,s,00000000&chl=deepbit|BitcoinPool|slush|bitcoins.lc|btcguild|other|Eligius|btcmine|swepool

its actually at 49% right now ..

I am a n00b CPU Miner without enough MHash/s to make a difference.

So what happens now ???

We wait for someone to discover Tycho's rouge blocks.

mommy im scared  :-\

Guys, chill out. Even if it surpasses 50% Tycho is not going to do anything evil.

And if that happens, we will go back (in time) and start over right before insertion of such rouge blocks.

Yeah...thats it, just fork it right after he inserted the blocks on that restart a couple of hours ago, and tell anyone after to blow off.

And of course, Tycho would never screw the pooch here. Not one person who ever had control lost it...

Im sure he wouldent, kiwiasian. Or should I say... TYCHO!  ;D

please explain why would Tycho or any other pool owner want to fork a good healthy feeding cow (aka revenue stream)?

I believe he probably wouldn't, since by all accounts it looks like cares about the success of his pool, the miners involved in it, and Bitcoin as a whole.

But there's also the democratic factor.  Even if he has 50% of the hash generation, that's only as long as the miners in deepbit are willing to GIVE him 50% of the hash power.  Anything "weird" happening in deepbit or any other pool, and it's very easy for a huge percentage of the miners to go somewhere else.

Frankly, I'm more concerned about the prospect of a large foreign power with limitless resources throwing hash generation into the fray.

He who controls the spice controls the universe  :o

Because he has, or develops, any one of uncountable delusions of how a majority pool can be used. (or someone related to him/can access the pool/can pop his crap)

As I posted over on another thread( dealing with this topic only 15% of people (or less)) get....

The road to hell is paved with good intentions.

Trust is everything in this game, unfortunately most of the players are unfamiliar with that concept, and freely give in to nonsense (in RL, see tea party voters).

...accidents/mistakes/someone finding where he lives/someone ddos another pool/random craziness happens.

I'm really not so sure.  People don't really have any reason to pledge allegiance to any particular pool long term, nor is there the real life problem of making a choice (voting) and then being stuck with it for years.

I mine with BTCGuild because I like their website.  A day from now I could decide I like someone else and mine in their pool.  A day later I could switch back.  There is hardly any cost in doing so, for me or any other miner, so any power a pool operator has is extremely temporary and entirely contingent on keeping their miners happy.  That makes a pool operator doing bad things seem at least fairly unlikely.

Hey, guess what they just hit.

50%.
http://chart.googleapis.com/chart?chs=350x200&chd=t:50.01,3.05,22.49,0.84,9.97,0.85,3.78,8.18,0.83&cht=p&chf=bg,s,00000000&chl=deepbit|BitcoinPool|slush|bitcoins.lc|btcguild|other|Eligius|btcmine|swepool

That's not the point. Too much power is in one pool. What if some sort of government agency takes control of his pool? Currencies are all about confidence. No confidence, no currency.

Miner greed puts the network at risk because people want to see many tiny payments rather than wait for larger ones and pay 3% for the privilege.

Do miners really want to take the risk so they can see 0.01 or 0.02 BTC a block?  Or wait a little longer for 0.07 a block? You know what I mean.

If tycho starts to do shit, people will move to another pools, whats the problem?
He may be greedy, i dont know, but well its his pool. I already mobed to a zero fee pool, if you care about this why dont you do the same?

Wrong.

Its a fundamental issue in trust...investor confidence. Once the trust is broken, it won't be restored.

Sooo that means, when a broken chain is discovered (and when can lag), how does the joe-investor who just dropped $100k on btc recover?

He sells...

If Tycho does shit, then its too late. All he needs is ONE forged block to screw the entire system, then the block chain is forked and you cant do shit.
Also, fee will/has been restored.

Mommy, I'm scared! :(

Which is also a powerful incentive for pool operators to NOT mess with the block chain.  If they do it an are discovered, they screw themselves out of all the BTC they're earned so far (which in the case of deepbit is a LOT).  If they aren't discovered but there is even the hint of wrongdoing, miners jump ship.  The best choice for them is being above board, I think.

But I'm also playing devil's advocate here, to be honest.  I would feel more confident about the whole thing if hashing power was distributed a bit more evenly.

Well, lets assume that if somebody has a very large amount of coin, they can sell that for a very large price. 1000 bitcoins = 25,000$. Tycho almost certainly has magnitudes more than that.
He could just cash out and run; however I dont want to be a fear malingerer so Im not saying he would do that.

But if someone did want to take down Bitcoin, now would be the time.

Hm... does anyone else notice how small btcguild's slice looks? According to btcguild's website, they are getting about 400Ghash/s... wouldn't that slice be a bit bigger?

Also, btcmine.com is now down for maintenance it seems...

And if they do it for a $100k payoff tomorrow, what's the difference?

Most of the supportive crap to this guy gives them the benefit of the doubt, or is based on subjective analysis of their possible intentions....not based on firm evidence. (I didn't notice the Tycho Foundation's charitable giving to the March of Dimes yesterday).

Seems like trust should be computable nowadays...lol. Instead, all most miners obviously need is a slick page and working api.

Its proportional to the entire power of the network, so I think its OK.

bitcoins.lc is also down.....

Look at that. Chart has been updated. btcguild's slice is much more respectable now.

http://chart.googleapis.com/chart?chs=350x200&chd=t:47.93,3.10,22.68,0.34,8.80,12.51,3.80,0.83&cht=p&chf=bg,s,00000000&chl=deepbit|BitcoinPool|slush|bitcoins.lc|btcguild|other|Eligius|swepool

Look at the updated chart, it confirms what I suspected

Deepbit just hit 50%. We are still alive. Now everyone stop whining.

Btcmine is down too...no where to go now!! Except deepbit...

Must..not...

Simply no reason to put so much trust in one person. Regardless if he is Jesus Christ reborn, someone else can take advantage of the situation.

This proves you DON'T GET IT. It's not a "50%..the end" thing...its a

User A: "....some time later...what's this? double-spending? can't be...."

User B: "@twitter...btc chain broken..sell."

Thing.

Maybe this proves most of the world is run by the ignorant, and the rest of us are just too "unlucky" to notice, care, or do anything about it.

I believe in the future...I'll give a btc bounty right now to whatever education system produced these wonderful people.

The possibility of your scenario is so slight that it's not even funny.

In the even that it did happen, the price will drop, mining won't be profitable and everyone that's only in it for the money would get out.

The network would recover and rebuild, a little more wiser.

From a new block chain. Thats not a very easy thing to do, now that people can look at the original Bitcoin blockchain and say "Oh, yea, you can double spend in that thing.... Not very secure. Lets NOT use that technology."

lolol

I really hope the deepbit server itself has very high security.
If someone gained unauthorized remote access...
Well, let's say our trust in Tycho would not be the issue.

The exploit was recognized and explained by the creator. I trust the protocol. If you don't then you should sell out and close up shop.

Rather, the possibility of exploit.

But the protocol is insecure once someone gets >50% (or even close). So why would anyone trust it after a failure like that?

I love the laissez-faire attitude with the emerging technology. Obviously a real champion for bitcoin stability and prosperity among all segments, especially the early-adopter and more recent screwed groups.

They hit 51%

First, it's not about you or I trusting the protocol. It's about the people all over the world who might want to buy some Bitcoins trusting the protocol. Once something is has shown to be vulnerable, it's kind of difficult to regain that trust.

Satoshi designed Bitcoin to be decentralized. CPUs all around the world contributing to the network security. Having so much of the network hashing power in one place just isn't healthy.

When deepbit was DDOSed recently it took the network 50 minutes to solve 2 blocks. Ignoring any >50% attack, that simply isn't a healthy network.

There is no reason we should be reactive to a possible problem, when we can be proactive and prevent it from being possible in the first place.

If you people want to play with fire and tempt fate, so be it. It may never bite you in the ass, but if it does, kiss all this "free money" goodbye.

The protocol is not insecure. At 50% it is prone to a single type of attack which is most effectively done by an anonymous person, not a very well known figure.

Thanks for clarifying your point of view.

Could you elaborate?

bitcoins.lc is back up.

Really? ::FACEPALM::

Ooo yeah, I remember in the bitcoin paper it did mention a large scale attacker, but with clear stipulations on that it couldn't be a long term forum poster. Whew...close.

It's broke now ... sell your coins while you can. The end is near. Fate is imminent.

lol

If we cannot withstand an attack, then there is really no point in any of it.

The network can recover. Will the public's trust?

Nada.

An attack is one thing...blind ignorance is another.

You can survive russian roulette too...5 out of 6 games. Better to use the gun when you need it, not on yourself.

No.

Which public? The majority of geeks that are using it? Or the minority of clueless people who don't care about topics like this?

Depends on amount of lost value and if its recoverable or not.
If network has weaknesses I rather we went through them early in development and learned how to react before whole countries adopt it. Without network's experience and ability in resisting attacks  countries unlikely will ever trust bitcoin in order to adopt it on that scale.

Maybe the significant majority of liquidity providers who joined....you know, your lost-future buyers. Yeah, their trust, and those in their web, bye-bye. Closed-minded nerds never had any trust to contribute.

The public that dumped a million dollars into MtGox yesterday. Oh, I supposed people don't do their homework when they invest large sums of cash. I suppose those with a few extra grand to invest in Bitcoin are "clueless". After all, scraping up a few extra grand to toss at an extremely high risk investment is child's play.

We don't need to react. We can prevent it altogether by distributing the network's hashing power more evenly.

You will never be able to control even distribution of hashing power, too many forces out of your reach, lots of funds out of your reach, new technology that comes next could be out of your reach. What will you do then?  when market cap will be in trillions and some unknown hashing entity took over 50% of hashing power?  Is it not a possibility in any given time in the future?

Huh? Miners on deepbit can move to other pools. Problem solved. There is no need for "control". Only education. Why would new technology be out of my reach? Just because something might happen doesn't mean we shouldn't try to prevent it.

I'm along for the ride regardless. I would prefer the network to be healthier, that is all.

Yes, we will. In a way, we do now (just not controlling very good). There's no reason you couldn't run hashing power via a globally collaborative system.

BUT THAT'S NOT DEEPBIT RIGHT NOW. This is just the sum of all ignorance...which never changes. (Hence, why we'd like to plan for it).

All of these threads are reactive. Every single one of them, every time This is the second time deepbit has gone over 50%. Nothing was accomplished after the first time. [Tyco]'s thread about coding a an attack detector barely got any interest. The best idea I've seen so far is an ad campaign to try to get users to go to other pools.

If people think this is really a big problem and [Tyco] is such a huge threat then come up with some realistic ideas about how to solve it.

1) Inform users of the problem and try to get them to distribute themselves. Hint: You're going to have to reach them outside of here since a good number of them will probably never come here. You can't make users leave either. It is their choice where they mine.

2) Put some technical skill into getting a block chain monitor working so that people will know if/when something happens instead of being reactive.

These threads are proactive. An attack hasn't occurred yet. The best idea so far is the distributed mining pool.

A block chain comparator....errr....might...work. Since Tyc's sooo noble, and he's got the coin (lol), he should bounty it. That'd give him the TRUST he needs.

TRUST....not fees....not coding....not bad logic....TRUST.

So who's gonna move first. Tyc? The cattle? Or the man waiting outside Tyc's installation?

All 5-6 threads are reacting to the fact that deepbit has 50%+ of network power, they are a threat to the network, and talk like an attack will happen any moment. The nicest toned ones try to dissuade people from deepbit by appealing to the fee topic, but the basis is always reaction.

Even if the distributed pool mining process becomes a reality what are you going to do if every existing pool operator decides not to accept it? You said it yourself the answer is education, not technical.

You mean like how it is?

[BOUNTY] Bitcoin blockchain monitoring site [Tycho]

http://forum.bitcoin.org/index.php?topic=7622.0

Thanks for playing, no parting gift for you.

Because tycho knows an attack detector is impossible.  Forked chains are simply abandoned by those who discover them, they are not reported anywhere where we could analyze if they are being utilized to create double spends.

Hhhmmm .. maybe it could be deployed by multiple people across the network, or even something put into a future client so it's detected by all nodes and reported somewhere voluntarily like antivirus databases. I'm not a coder, but I can at least come up with ideas instead of criticisms.

WHat youre talking about would require literally every person running bitcoin to update their client to your specific version.  And agree on a central authority to monitor double spends.

Why don't we just avoid the matter altogether and stop mining for someone who could destroy the currency's value?  Or DDoS the hell out of his servers until he's below the 50% point.

Maybe because apparently all the posts here about this topic haven't solved the problem. Apparently it's either not persuading people or not reaching enough people.

Because that would make you a hypocrite for crying how he's doing something unethical to the network and then doing something unethical to him to get what you want. But since you don't care about ethics it doesn't matter to you, does it? Wait, if you don't have a problem with ethics then you shouldn't care what he's doing to the network. Except what he's doing isn't illegal in most nations.

Tomorrow it might not be deepbit, but some unknown force, and how will you avoid it then?

There's a big difference between this time and last time. Last time tycho temporarily got 50% of the hashing power because slush went down. When it went back up, he lost those miners.

This time he has a sustained 50% interest. And it looks like it will keep growing.

You know what else has already happened too? Tycho has been hacked. That's why he instituted email locks on accounts, because a hacker got into his system and changed peoples addresses. Hacked once...

Anyway. We'll see what comes.

You seem to mistake "unethical" with protecting the network.  I dont have any more hashing power to contribute to dilute his pools strength, so the only next logical thing I can do to protect my BTC investment would be to disrupt his pool and/or his pools users.  He is a threat to the network.

So your saying you wouldn't do anything to prevent the network from being compromised, even if it is unethical/illegal? Your cash?

Yeah, you gave yourself away there.

Please, don't tell about what you don't know.
Most (~14) victims of that attack were using same passwords on deepbit and another pool that got hacked, that's how the attacker got them. Also they were using same passwords for mining and main account.

Hey [Tyco] what's the [Bounty] on the Block Chain Monitor?

As it says in the forum thread, my part and those two who added their messages.

This thread? http://forum.bitcoin.org/index.php?topic=7622.0 Where the bounty is 60 BTC, currently equaling over US$1500.

It's just a strawman, and Tycho knows it.

There is no technical way to find orphaned block chains without everyone running bitcoind to update their software to a specific version that would report orphaned blocks to a central authority.  And the authority would need to be agreed upon.  The client, as it stands, simply abandons them.

Very well, my apologies for creating such an insinuation, at the time it occured you did not know how it happened and I must have missed it had you shared the information later.

But it still stands to reason that no one is proof against hacking and it's still a potential risk as was my original point.

This "authority" can just connect to some different points of network and log the blocks.

You are definitely correct regardless, about it being a threat. Tycho himself is likely a target as well. His personal home network, work network, etc. It is the online atmosphere in which he is becoming wealthy from. A serious business like that requires serious security.

When the majority of the network is reporting one set of blocks as being accurate, and the minority is reporting a different set as accurate...

Wouldn't the authority automatically assume the majority?...
:|
Or let's say, they always assume the smaller portion of the network was correct...
THAT WOULD MAKE A FORK IN THE BLOCK CHAIN EVEN EASIER TO DO.

Your logging at different points in the network idea is not sound.

This is how it will end soon:

http://i51.tinypic.com/3536war.png

I like that, I'm stealing it for the other thread.

If there is difference detected then it would be cause for inspection and alert people that something might be wrong. i would have achieved what it was set out to do and the people who really understand the protocol better would look at it and see if there was a problem. It's an early warning system, not a prevention method.

It would also be a good thing to have in place in the future so that it can be adapted if any new exploits are discovered.

Looks like you don't get the idea.
That's the whole point of the service - to detect presence of the other set.

Detection is not a solution.

Prevention is.

Think of it like AIDS
By the time you 'detect' it
It's DEFINITELY too late.

So [Tycho], clearly you getting 50% of the hashing power has ruffled some feathers and even has me slightly concerned. What do you think is the best route to ensure individuals confidence? Would you be opposed to instituting a lock on new user registration on your pool until other pools increase their network share?

Already answered on this in my thread.
Actually I don't see other pools doing something to get more hashrate. Panic is not a solution.

Recent USD/BTC rate jump may be followed by immense influx of new miners - that's their opportunity.

Just because an attack is implemented doesn't mean it will succeed. Just because someone introduces a modified block chain doesn't mean that will get accepted. Knowing nuclear missiles are coming at you gives you time to get to an underground bunker.

Yep, it gives you ~10min to sell your BTC off en masse before the collapse occurs

The price of bitcoin can collapse without any security issues on the network. There should be something to prevent this too.

We need regulation on this free market thing.

Bump because there's not enough deepbit threads on the main page.

What kind of argument is this?  ???

The price of Bitcoin can collapse for thousands of unknown reasons. Not much we can do.

The price of Bitcoin can collapse if people lose trust in the networks ability to secure transactions. We can promote a healthy network.

None of this requires regulation... just a group of well informed, willing miners.