Bitcoin Forum

https://www.youtube.com/watch?v=bi2thGzzNSs

seems like it's alot easier then some people claimed...

in theory.. you dont need to buy thousands of ASICS.

you just need to bribe the top 3 mining pool owners to collectively use a different mining script that you have coded.

bribing 3 mining pool owners is much cheaper then buying the equipment

Yep, we're all doomed. Remember you heard it here first.

Sarcasm?? This don't look too great... but I guess it can be solved?

Nothing new here, we have been talking about this for years now on both irc and the forum, but he explains it nice and clear. Hopefully putting it in a video this way people will start to care about it a bit more to find a solution.

He made it sound more expensive than I expected. There was an Ars Technica article about a miner which implied $60m might be enough. I guess that's because it does change with time. He does mention it being cheaper a few months ago.

Part of Bitcoin security comes from it being more profitable to use the 51% to mine for honest block rewards than to attack Bitcoin. Perhaps he'll address that point in the second video.

Hope it dosent happen

don't be too afraid, a 51% attack would destroy btc and drive its value to zero

no one will do that to steal coins, because they would become worthless, so forget bribing miners

only someone who wants to destroy BTC would do this and I don't think this is likely to happen (buy some VTC & such as insurance)

Well, like he mentioned in the video there are terrorists with alot of money
They might not be in for the profit but rather to destroy

I do hold 34 vtc actually 8)

it's doesn't happen.
bank are rich with virtual money ... when you buy physical stuff, they have always a problem.

http://static.fjcdn.com/pictures/You+know+u+want+it.+best+credit+card_ecf7cf_3722337.jpg

that why credit card security and bank security (internet) is poor compared to the bitcoin secure transaction system and mining adaptative power.

after that we could switch to Litecoin   ;)

Bribing the 3 pools is actually pointless. Ultimately, they'd be the ones losing out as after a 51% attack nobody would want to mine anymore. They lose miners, they lose fees... Won't benefit them really. (Unless the bribe is HUGE).
Still, won't actually happen!

it's because p2pool is more "bitcoin complain" ... (decentralized way of mining).

you would be surprised if i told you that many people are not bitcoin 'lifers' they dont care about the future of bitcoin, they just want wealth now to cash out to fiat.

as for not wanting to do it because it would ruin rep. .. pirate had a price in mind of how much he deemed as 'enough' before running, mark karpeles had a figure in mind before he decided to screw people over. i bet if i offered anyone here $10m just to install some code on their server. knowing that although bitcoin would be screwed they would atleast have $10m to play with instantly . which would have taken 10-12* years to get, by just continuing to run bitcoinpools. miners are very visibly greedy and would definetely be tempted by a instant $10m payout for 5 minutes work.

which would put the 51% attack price as low as $30m, maybe less


*at todays fiat price calculated against the 1% pool fee and average blocks per hour/day/year/10 year

Since the 18th March there seems to be a significant increase in orphan blocks and possibly in transaction times.
Could this be a sign of a 'selfish miner' attack?

That's why diversifying into NXT, which is already now protected against 51% (and even against 90% when TF feature is completed later) attack makes perfect sense. Another one that protects users better against 51% attack is Myriadcoin.

its just speculation, nothing really new

So someone will buy 1 billion worth of machines to destroy bitcoin. The thing is if someone buys that much of ASIC power it will increase the value of bitcoin because that would be the number one news on Coindesk, bloomberg, etc for a while. That someone would have increased his capital just by simply buying the gear. Next is the 51% attack to destroy bitcoin. Way before the value of bitcoin goes down to zero, a lot of bitcoiners would have converted to another alt coin, making that new alt coin the new Gold crypto. Since his Asic were specifically made for bitcoin mining, that someone will need to invest in another billion to break that new gold crypto.
Meanwhile investors are looking into that someone (most likely an evil bank in that scenario) and wonder why their money is spent so foolishly then will force a change the board direction or walk with their captial.

You don't need 1 billion to kill bitcoin. You would need multiple of billions and even that does not guaranty anything.

Does that story make sense to you?

 he explains this pretty good

Can you please explain your calculations again?

The current hashrate is 55,000 Th/s.

Each Th/s at this time costs around $2,500 (maybe lower in huge orders).
In order to hit the 51% , you need at least lets say 30,000Th/s , to make sure by the time they get delivered you can counter it.

So $2,500 X 30,000Th/s = $75,000,000 approximately.

With $75,000,000, you can potentially control the whole BTC network.

Not close to a billion you say.

IF a 51% attack truly did happen then Litecoin could just step up to the #1 slot. Then if a 51% attack happened to Litecoin (Completely different hardware required) then a CPU based coin like Primecoin would step up.
etc..
Not gonna happen.

Who said that was my calculation? I clicked on the link and watched the video in the OP. Do the same you will see where that number came from.
Why would any bitcoiner NOT leave and transfers to the next alt coin if that scenario was coming, no matter 1 billion or 75M?

This has been a common topic for years.

ud need LOADS of cash to bribe the 3 pools + be sure they wont tell.

imo impossible.

While it's true that bitcoin miners might want to switch, they are in the same boat as the attacker: their ASIC hardware is no good for the altcoin. So the hashrate of the altcoin will be much lower. Also, for non-ASIC currencies the attacker could probably rent cloud servers from Amazon or someone, so the capital cost of an attack would be lower.

Never thought of it that way, good remark.
Let's hope this will never happen. They don't even need to be bribed, governments or criminal organizations could use other ways to force the pool owners to comply using other, more drastic methods.

Meh, lets hope they till the end fight for the community and don't let anything bribe / threaten them.

I don't think many people would prefer having their loved ones injured or killed, being tortured or any kind of that stuff to defend bitcoin..
But I could always be wrong, let's hope they will never be put in that position.

I don't see what anyone could actually gain from doing such a thing, it sounds like pure evil, doing it for the sake of doing it.

If you're replying at the last message, there's no need to quote the previous message.

I could think of many reasons, one being money and greed because people could benefit greatly from a 51% attack.
Also don't forget governments.

It a lot harder than u think. Plus anyone spending that amount on mining hardware would make some btc  rather than attack it

What about the previously discussed argument of just threatening/bribing the largest pool owners?
And what if the goal is not to make money but just kill the system? I could think of many reasons for (some) governments to do this.

I think the video was very clear on exactly how hard/easy it would be. The point was not to use the 51% of the hashing power to make money - but to gain an advantage over other people and destroy bitcoins.

To prevent 51% attack, someone has to mass produce low power asic at low cost.
So when every bitcoin user are solomining, we can easily achieve a crazy hashrate deterring 51% attacks.

But the current problem is most people's mindset. They always think mining = profiting.
We have to remind them the fact that mining is to secure the network instead.

But we need low power asics just because using computer hardware to mine consumes too much power and slowing the pc so people definitely don't want that.
Each asic don't need to have the hashrate that is comparable with those profit-based farms, I believe we will have more users than the farms have asics.

According to Sotoshi's white paper, it seems that a 51% attack would only disrupt current transactions but not affect the previous blocks.

Where can one find this?

Hope it dosent happen. >:(

I think he means the original paper by Satoshi https://bitcoin.org/bitcoin.pdf
However I can't find any explicit mentioning of the 51% attack in it.

Not doable in my opinion

Yes, and people seem to forget that these attack blocks still have to be accepted and propagated by regular Bitcoin nodes throughout the network. There are 2 possibilities:

1) The attack blocks violate the Bitcoin protocol. In this case they will not be relayed by regular nodes and they will immediately orphan out

2) The attack blocks do not violate the Bitcoin protocol. In this case they will be relayed by regular nodes and make  their way through the network. However, because the protocol is obeyed the scope of the attack would be restricted. E.g. the exclusion of certain transactions from the block.

In any case, although transactions would likely be lost the disruption would be temporary. Miners will eventually leave the compromised pool and things will go back to normal.

Would this just only fork the chain which would leave the rest of us happy bitcoiners bitcoining as usual after the temporary disruption?

Hm me neither, that's what I thought he referred to as well.

Under "Calculations" section of bitcoin.pdf

quote:
-"We consider the scenario of an attacker trying to generate an alternate chain faster than the honest
chain. Even if this is accomplished, it does not throw the system open to arbitrary changes, such
as creating value out of thin air or taking money that never belonged to the attacker. Nodes are
not going to accept an invalid transaction as payment, and honest nodes will never accept a block
containing them. An attacker can only try to change one of his own transactions to take back
money he recently spent"
end quote.

To generate an alternate chain faster than the honest chain would mean that the attacker would have 51% or greater control of network.  How else would someone generate a chain faster than the main chain?

P2Pool create already this system ... but have "only" 160TH/s.
and the overhead, CPU, stale and Dead-On-Arrival ... is high, too.

No that seems to make sense. Doesn't seem to be that big of a deal if this is true, however we can't know if he missed something until someone actually tries and succeeds.

The problem is that we won't know which transactions are theirs, so every transaction becomes suspect even if only a small number of transactions are directly affected.

Oh no, hope it doesn't happen

can you say in a short way what is in this video about?

A 51% attack would NOT necessarily mean everyone would switch to litecoin. 

Instead, miners would just leave those corrupted pools and
join new ones not under the control of the dark lord of the sith.

And bitcoin lives on.

How hard would it be for a powerful entity to take control of the 3-4 largest pools to completely paralyze the network? Not very hard I would say if that entity has enough political will to do that.

Now, this would be much harder to do, if at all possible, with such a coin as Myriadcoin or NXT, as they have enough protection by design not to fall victim to such an event.

part 2

https://www.youtube.com/watch?v=Kjtgp5h-jEY (https://www.youtube.com/watch?v=Kjtgp5h-jEY)

It's a long-winded estimation of how much it would cost to acquire 51% of Bitcoin's hash power. With some explanation of why it matters and where the numbers come from.

Ah, been waiting for this one, thank you!

Part 2 is more interesting. I hadn't realised that if a 51% miner secret mines empty blocks for 6 hours and then releases them, that would reset all transactions in those 6 hours back to zero confirmations. That would allow double-spends on all those transactions to be attempted, not by the miner (who doesn't know the private keys) but by whoever initiated the original transactions. The miner could then continue mining in public, accepting transactions, but given preference to the double-spends. Basically it would be a lot worse than Bitcoin being offline for 6 hours.

The idea that this could be countered by looking for long chains of empty blocks is surely wrong. The attacker could fill them with their own, dummy transactions.

I'm not so sure about his claim that the miner could be mostly honest, and accept 99% of transactions but exclude ones for Overstock. That kind of targeted attack would require knowing which transactions were Overstock's.

Yes but it could only get control for a short time before everyone realized what is happening and changes pools.  It would be a huge disruption but not the end of bitcoin.

Hm, do you think that other pools they run to would continue to work just fine? I mean it won't take a long time to identify other pools' operators and if there is a decision to shut the network down, it will be shut down. The chances of this need to be eliminated by design, which is what Bitcoin simply doesn't have. If we put our collective heads in the sand and pretend the problem doesn't exist, well, some day it might kick us in the butt.

pools are distributed across different countries, there would have to be a global agreement in all the countries involved to shut all the pool's down.
even if for some reason all the world governments agree to shut pools down its always possible to start a pool as a TOR hidden service and let it operate like silkroad.

i agree might be good to proactively think about it.  probably people have.
im just saying, trying to shutdown bitcoin by attacking mining pools
won't work because it is easy for any miner to switch pools quickly.

The problem is, if the big mining farms were shut down (not the pools), then the hashrate would drop several fold, which means new blocks would be solved who knows how often, perhaps one block per day. So it's not that easy to switch, I mean yeah, the remaining small fish miners can switch to other pools, but the network would still be paralyzed.

If bitcoin developers actually changed the code so that the difficulty is recalculated after each block, the way they do in Dogecoin now, this wouldn't be an issue. If hashrate drops a lot, the difficulty quickly drops too, and the blocks keep being solved as if nothing happened, but when you have difficulty readjustment every 2000 blocks like it's set up in bitcoin now, this would be hell of a nightmare to wait, what, months perhaps, for next difficulty readjustment, it can get crazy.

Pools are way more concentrated than actual mining farms.  I think shutting down some big farms won't have a huge impact on the network.  Even if the network were cut in HALF, it would be readjusted in less than a month.

The real danger is not in someone taking over 50% of the existing network, but rather someone getting a hold of enough hashing power to double the existing network to create the 51% attack.  That is a dire threat , but I'm not sure what is being done.

This will not happen.
Why would anyone do this? They would only lose money.

To destroy bitcoin.

This isn't going to happen if the few right people care enough. Miners should spread out to more pools because of this. It is solely in their hands.

its irrelevant what pools people join if a big bank or government decides to invest a few hundred million (or less)
to develop their own 60 Ph/s of mining power.

This was discussed before. Why would anyone with any amount of brain waste so much power just to 51% attack it, when the coin can be revived afterwards? The more miners we have, the less chance the government has of overtaking us with the mining power. The improvement in ASICs will stagnate one day.

how would it be revived afterward?

Many alt coins suffered from 51% attacks and survived. Go do your research.

As long as they have 51 of the hashing power , they can control which transactions to accept.  Even blocking a small amount of transactions will destroy credibility of bitcoin.

I've seen a lot of "problems" with bitcoin brought up by people in the forum that are non issues.  This does appear to be something of concern.

The goal would be to destroy Bitcoin. I don't think they'd bother now, but as it becomes more successful it becomes more of a target, until (in my view) a large attack is inevitable.

Why do you think Bitcoin could be revived afterwards? Why would there even be an "afterwards"? Once they've bought the hardware, they can continue the attack indefinitely, for only the cost of electricity. They don't even need to run it continuously. They could, at random times, release a few hours of privately mined forked chain. That would be enough to make the system almost unusable.

By "the government", are you thinking America is the only threat? What about terrorists? As an attack on financial infrastructure, it would have similar symbolism to the 9/11 attack on the World Trade Centre. (How can you get more "world trade" than Bitcoin?) It would avoid the negative publicity of civilian deaths, and avoid the need for them to risk their own deaths. Alternatively, Russia might do it in retaliation for economic sanctions imposed on them, eg over Ukraine. Or China, or any country that has currency controls. Or a private bank. HSBC recently paid over $4b in fines; $100m would be easily affordable to them.

ASICs will plateau, but the block-chain reward will also decrease, and I don't think transaction fees will rise quickly enough to compensate, and nor will the volume of transactions. So we may find that existing miners keep going, because their ASICs are good for nothing else, but few new miners will want to get involved because they'll never cover their capital costs. And while the attacker is attacking, the miners could be mining zero blocks.

Interesting topic. I'd just throw into the mix the possibility or targeted attacks on the infrastructure of the largest farms. If the power supplies of the top five farms suffered a coordinated global attack what percentage of the network could be taken down? If it were a significant amount then it would be worth doing just before a 51% attack as the hardware then needed to get to 51% of the reduced network would be significantly smaller.

Would such a 51% attack fail once the farms got their power back up and that 51% became 40%? If so a more permanent shut-down could attempted eg fire/explosive attack on the largest farms.

How would a government do this, Jonald?  Would Congress pass the "51% Attack Bitcoin Bill" authorizing spending of $0.5 billion?  Do you think such a bill would pass, let alone receive popular support?  

If your answer is that a small-subset of government would do it secretly and in private, then why would they bother 51% attacking bitcoin?  Why not just pocket all the mined bitcoins if they knew they wouldn't get caught.  "Oops, I guess it didn't work.  Good thing the tax payers paid for these bitcoin miners.  Hey, what happened to those mined coins?"

And it's not like the 51% attack would kill bitcoin anyways.  It would just be annoying for a while (and a bunch of people would probably panic sell).  

As for banks, if they thought bitcoin was such a threat that it was worth spending half a billion just to annoy the network for a while, then why not invest half a billion dollars into purchasing bitcoin for cheap, perhaps from a bankrupt exchange, co-opt the system, and pump the price to the moon?  The most talented people at the big banks are well situated to profit from bitcoin.

That all being said, I do support efforts to decentralize mining!

It could be part of the defense budget, who knows...maybe JP Morgan just decides to do it...or HSBC...or both... I have no idea.  I trust government and banks about as far as I can throw them.  My point is, lets make as technically infeasible as possible.  And right now its technically feasible. 

And I would argue that a sustained 51% attack (mining monopoly) could utterly destroy confidence in Bitcoin if the monopoly was malicious.

We are talking in 2 threads simulateously, lol.  I explained how even the extremely unlikely event of a sustained 51% attack is not that great a threat here: https://bitcointalk.org/index.php?topic=581635.msg6364725#msg6364725 .  

The value of bitcoin comes from our community's shared agreement that the blockchain ledger is legitimate.  As long as this is the case, bitcoin will live on.  

An explosion would be great at Knc's farm.

Here, what a user with 51% can do and not do:
https://en.bitcoin.it/wiki/Weaknesses#Attacker_has_a_lot_of_computing_power

Oh, I never thought of that. So the 51% attack is an issue. We need to trust the pool operators. I hope P2P pools gain in hashing power. Does anyone know how much they do nowerdays?



No altcoin with POW is immune against that 51%. Not matter whether GPU or CPU mining. So POS coins could be an alternative.


You think, someone has that capital so buy such mining equipemt and is not capable to start mining from several different IPs?

Although it's true that PoS is much more protected, there is one PoW coin - Myriadcoin, that is technically considerably more secure than other PoW coins. Attacker would have to gain 51% hashpower in more than one (probably all 5) independant algos, otherwise, the network would still run without interruption.

Correct. With POS coins the amount of $ needed to do a 51% attack goes up exponentially.

Mike Hearn is trying to enshrine the 51% attack into the protocol such that a majority cartel of miners can confiscate the generation transaction (just that, for now) of any other miner they want.

http://sourceforge.net/p/bitcoin/mailman/message/32258096/

Here are Mike's suggestions:


I dislike #2 because I see it as a slippery slope to coin confiscation, and I believe this requires changes to the source code.

#1 seems like something that can accomplished now without any changes to the bitcoin code.  Basically, it is a way for honest miners to come to consensus on which blocks were created by malicious double-spend services and agree not to build on top of them.  I think this idea may be worth evaluating in more detail. 

There's no slope - that's exactly what it is.

Spending outputs without satisfying their scripts is a fundamental perversion of the network - it's like building a calculator that sometimes will declare that 2+2=5 when a committee decides that the result of some equation "doesn't deserve (http://sourceforge.net/p/bitcoin/mailman/message/32260787/)" to be 4.

Yes.  You are correct.  It is coin confiscation. 

What is your opinion on #1?

Miners are free to include or exclude any transactions in their blocks that they wish, and are also free to chose which valid block to extend the chain from.

The proof of work algorithm is the process of determining which chain is canonical.

It sounds like we agree then.  If miners establish techniques to detect malicious blocks, they are free to choose not to build upon them. 

Miners choosing to collude is one of the potential failure cases of Bitcoin.

The protocol should not be changed to make this collusion easier to engineer, or more difficult to detect.

I think this is one of the problems of Bitcoin which makes it vulnerable to a problems in a 51% attack.

See my thoughts here:

https://bitcointalk.org/index.php?topic=582386.0

I'm confused with what exactly your position is now. 

If I as a miner have a technique to reliably detect malicious blocks created by double-spend services, and if I choose not to build upon those blocks, then this does not represent a change to the protocol IMO.  I am expressing my view of the legitimate chain with my hash power. 

Do you disagree?

Correct.

And if you don't have a majority of the hash power in the network, and the other miners don't implement your particular exact ruleset, then your chain will never be longer than the consensus chain.  Therefore, every block that you mine will be a waste of your hash power.

Since every other miner faces this same disincentive, the only financially logical thing for you or any other miner to do is to accept the protocol-valid blocks that you receive and mine blocks that follow them.

In addition to what DannyHamilton said, you don't have one of these because it's not a valid concept.

Just a reminder:

A 51% attack cannot break any existing protocol rules, only enforce it's own new rules on top of them, as long as they do not conflict.  Attempting to do otherwise is actually a hard fork where only the attacker is mining.  It will not merge with the "real" blockchain.  The rest of the network will continue happily on the real chain and not even notice the conflicting chain since it is not recognized by bitcoind (unless they update to the attacker's modified version).

Here's what I'm wondering, Danny.  Imagine I'm a miner that control 5% of global hash power.  I have an employee who is always looking for out-of-band double-spend services.  Whenever he learns of a new service like this, he sends it one "test double-spend" every block.  If I see a block that includes the TX that I personally know to be a pseudo double spend attempt, I choose not to mine upon it.  Otherwise, our behaviour is unchanged.  If the block I rejected as malicious is built upon (i.e., not enough miners implemented my rule set), then I give up and start mining on the longest chain.  

Now imagine I talk about this idea at conferences, over IRC, here at the forum, and start a website dedicated to the cause. Perhaps I am able to convince others to implement the same rule set.  Every block I mine is not a waste, as normally I am working to extend the longest chain.  The only block rewards at risk are when I detect a block that I personally know to come from a malicious double-spend service.  But I think these blocks should be rare, and eventually disappear completely if they are rarely extended (the double-spend services would go out of business).

I don't see the flaw in my logic here.  It seems that this may work and that if it did that it would be a good thing.  Do you think this idea is dangerous some how?

I'm not sure about that Justus.  Only 20% of respondents believe that out-of-band double spend services are not complicit in fraud (https://bitcointalk.org/index.php?topic=502571.0).  If I send these services trial double spends and detect the block with the transaction that I know to be fraudulent, based on the results of my poll only 20% of the bitcoin community would disagree with me.  So I think it is a valid concept and that one might achieve enough consensus to implement this.  

Do you think this is dangerous somehow?

If each participating miner (or mining pool) implements your idea independently (searches for the double-spend services themselves, and makes their own determinations from their own double-spend attempts which blocks to ignore), then it's dangerous to the income and profitability of the individual miners (or pools).

It is likely that some miners will find some services, and other miners will find other services.  As such, they will waste time mining blocks that won't earn them income, while the rest of the network that hasn't discovered the particular service they are blacklisting continues on without them.  Additionally, if they happen to solve a block while mining a fork that won't make it, they lose out on the block reward they could have had if they had solved a block on the consensus chain.

Additionally, since there are likely to be many services that some miners find and others don't, the blockchain is likely to always be in a state of multiple competing blocks that are all trying to orphan all the others.  This significantly reduces the hashpower that an attacker would need to outpace the rest of the network with their own chain.  If an attacker can create a situation where there are regularly 5 different blocks that are all being treated by equal portions of the network as the last "valid" block, an attacker only needs 17% of the total hash power of the network to continuously outpace the network (instead of 51%).

If, instead of having each miner (or pool) independently search out and choose which blocks they want to try to ignore, you have some centralized service that provides the block blacklist that all miners are supposed to adhere to, then you've introduced a centralization to the decentralized network that can be abused.  The service can become malicious and (for a secret fee) allow some malicious blocks through, or even block some non-malicious blocks.  The service can segregate the network into as many competing forks as it likes by offering each segment a different block blacklist.

Because all of these repercussions result in reduced income for the honest miners (or pools), it will be difficult to convince any of them to take up your consensus destroying ideas.  As such, you'll be left occasionally ignoring blocks on your own, and drastically reducing your revenues wasting hash power on blocks that will never be part of the consensus chain.  Because mining is so competitive, reductions in revenue will almost certainly result in financial loss that will eventually deplete your capital until you can no longer operate.

51% should be utilized to block stolen funds and recreate those coins so 21M coins will always be in the network.

No.

People can believe what they want, but it doesn't make it possible to solve the Byzantine General's Problem without actually solving the Byzantine General's Problem, which is what "a technique to reliably detect malicious blocks created by double-spend services" means.

Thanks Danny.  I'd say I'm 75% convinced.  The missing 25% is due to my belief that it would be both "obvious" and "independently verifiable" that a certain miner is operating an out-of-band double spend service.  If both these conditions hold, then it seems intuitive that something could be done in a decentralized manner.  Perhaps I am wrong, however.

Bitcoin fans monitor and Bitcoin Foundation also manages  and monitor this issue, so  should avoid that. do not worry

There is no general solution to the Two General's Problem.  Bitcoin is a practical implementation where consensus is achieved by working on the longest chain.  Consensus can be achieved in other ways, however.  

I am not saying that Mike Hearn's idea (#1 only--#2 seems really bad) is necessarily a good one.  It's just that I'm still not fully convinced that it's a bad one.  

And to me it seems intuitive that something could be done in a decentralized manner to prevent empty blocks or excluded transactions, but I could be wrong also.

LOL, but I've already convinced myself that nothing can or should be done about empty blocks.  And I guess it is really the same problem, isn't it?  So I think I'm now 90% convinced by what Danny said.  

Empty blocks in the context of a 51% attack.  That paralyzes bitcoin.  Much worse than a double spend.

How is it the same problem?  And can you summarize/restate the essense of what he said?

I just mean the same problem of "how to come to consensus in a decentralized manner." 

Average confirmation time for transactions goes from 10 minutes to 20 minutes and that's a paralyzing disaster worse than a double spend?

 a 51% attack can create longest chain and then be able to mine 100% of blocks, not just 51% of blocks.

We are both looking to add protocol rules?

Yes, I think so.  For the Mike H idea #1 to work, the majority of the hash power must agree (otherwise you will lose money as Danny pointed out).  If the majority of the hash power agrees, then it's effectively a rule that's been added on top of the Satoshi protocol. 

I can see why extra rules are probably a bad thing, but it's not completely clear to me why they are necessarily a bad thing.  I guess perhaps since you are at risk of 51% attack no matter what the rules are, why risk a loss of confidence from added complexity?

This only works if the service accepts double-spends from everyone. I'd have thought the service was more likely to restrict double-spends to favoured individuals. For example, it could require some pattern in transaction outputs, so that only people who knew how to create that pattern could make double-spends. That knowledge could be traded on underground bulletin boards, rather like how credit card numbers are traded today.

The honest miners could attempt to figure out and replicate the patterns, and then we get an arms race with the patterns getting ever more subtle.

I'm not saying it's a bad idea, necessarily, but it's far from a panacea.

I agree.  I no longer think this idea is workable.  It will create more problems than it solves.

In fact, it is ironic: it would add further heterogeneity [in block acceptance criteria] as a "solution" for the problems originally caused by heterogeneity in certain miners' TX mempool acceptance criteria:  

https://bitcointalk.org/index.php?topic=585511.msg6407793#msg6407793
https://bitcointalk.org/index.php?topic=585511.msg6407938#msg6407938