Bitcoin Forum

Debate away!

none of the pools are at 51% even. to do this "attack" at the moment not only will you have to take out 2 or more pools with estimated 15% of network you would also have to take over btcguild at the same time. can it be done? yes is it likely to be done? no. the chances of it being done are very improbable. i would also assume that this would get noticed fast and miners would just point to other pools for time being

Of course, DOS attacks on these pools have already been a problem.

What if NSA (or another government agency in a country where BTCGuild resides) forces BTCGuild to comply with authority orders, which they are legally forced to keep undisclosed and lie to their users about, just as in Yahoo, Google, Facebook, etc. ? Does this pose a risk?

If the pools are in fact not a risk, then was the initial Bitcoin pitch about decentralization an exaggeration? We don't really care if Bitcoin is mostly centralized now?

Lets say the biggest pools are knocked out completely. Would users still want to run their miners solo, or in smaller pools?

Of course, there is also the issue of whether bitcoiners should simply trust the entire security of Bitcoin to just a few operators.

Lets say BTCGuild knocks out 2 of its biggest competitors, then 51% attacks the network... all in collusion with or under pressure from the government. Sure maybe we could recover from this, but it would be a major hit to public confidence in bitcoin.

All valid points.  I think community has no interest in any one pool /company having 51% as time goes on this should be less likely

Everyone should be using p2pool.

as none of the pools have 51 % of the bitcoin mining power there is no threat to the network at all

As they are usually implemented today pools create a substantial amount of centralization which violates Bitcoin's security assumptions. Today the unequivocal answer to your question is yes.

Even when a pool does not have "$pick_your_threshold" the problem still exists— E.g. a pool with 40% hashpower would still have a quite high success rate reversing two-confirm transactions (and will still be successful reversing 6-confirms half the time (https://people.xiph.org/~greg/attack_success.html)), or two 30% pools being compromised gives you a majority.  "Our security assumption is that _two_ computers won't get hacked, or _two_ operators won't be coerced" doesn't sound all that good (Also works for any small integer instead of "two").

It's possible to construct pools that don't create this problem in a number of ways— P2Pool is one example, though it's not the only way to do it— there are other ways that are compatible with doing PPS pooling, for example.  Though any way of fully removing the centralization pools bring requires miners to participate in and validate the Bitcoin network... and we've gone pretty far down the path of people with $100k in mining asics powering them from a rasberry pi, so turning that back might be hard even if people did suddenly start paying attention to the centralization pooling is creating.

There are also ways to go about pooling which may reduce the harm of the centralization somewhat without the full cost of having miners participate in the Bitcoin network. E.g. miner software that is skeptical about they work its issued and won't participate in certain kinds of bad behavior that can be detected without full validation.

Exact.
The poeple running the pools cherish bitcoin like their baby. Bitcoin is in good hand ATM.

Nah, why should it be insecure :), the biggest pool is only 30%....

I agree. It brings decentralization, even to pooled mining.

Until the pool is compromised by an attacker with malicious intent. A large percentage of hashrate is then in the wrong hands.

p2pool is the way to go.

The pools only want their fees, no body cares about 51% attack..

Yeah. Crashing the coin they're sitting on, profiting on and sometimes even living on would be pretty stupid. They get more from mining rather than cracking down the system. If they did, people would just go to another pool or even better - the before mentioned p2pool.

If you want to encourage P2Pool use you can make it in more people's interest by making bursty donations to the recent p2pool miners: https://en.bitcoin.it/wiki/P2Pool#Donating_to_P2Pool_miners  (Of course if you do this, you should publicize it in order to have an effect.)  Many miners don't fully understand the issues, prize money is one way to get their attention. Switching to P2Pool also has a cost, and some tips can help bridge that gap.

(Disclosure: I mine on p2pool, but I'm under 1% of its hashrate now. Regardless, any funds I get via these sorts of payments to my p2pool addresses I'll just recycle back into other pro-decentralization uses)

That's all great as long as one person doesn't run multiple pools.

https://bitcointalk.org/index.php?topic=329860

In our local (national) forum we had a guy whining about loosing 105 BTC when his used pool went down, 50BTC be gone
https://bitcointalk.org/index.php?topic=313455.msg3363297#msg3363297

If you have let's say 1000 customers storing 1~2 BTC each temporary, it's your 1st Million Dollars to make by closing everything down. So yes, there are two inventives for running, and folding down a pool. Fees, and stored BTCs.

Hell, even that single guy loosed like 105 * 250 = enuf cash to be veeeery upset!

EDIT: Toppic started about "making Bitcoin insecure" and I think loosing a lot of hashrate cycles, a lot of temporary stored BTC counts as beeing "unsecure". The focus merely on "51%" feels like looking away from the real danger

I think the days of keeping 1-2 BTC pool balance are over, let alone 105.

 :o

 Nope