I’ve had a look around and can’t find an answer to this.
Is it possible to attack the current Bitcoin blockchain with a competing blockchain that is longer than it?
For example to attack the current blockchain within the timespan of roughly a quarter of its current lifetime you would:
1. Work out the length of the current blockchain to be attacked.
2. Work out the maximum hashing power of the hardware you wish to use to generate the new blockchain.
3. Recursively divide the hashing power of the hardware by four for each difficulty adjustment the current blockchain has undergone.
E.g. if you have a hashrate of 640 KHs and the blockchain has undergone 3 difficulty adjustments you would calculate 640KHs/4^3 = 10KHs. 4. Start generating the new blockchain from the genesis block, starting with the lowest calculated hashrate.
For this example 10KHs. 5. Each time the blockchain’s mining difficulty is re-calculated the hardware then applies four times as much hashing power to solving the next 2016 blocks. The effect of this will be to generate blocks in a quarter the target time the current blockchain was generated.
E.g. the first 2016 blocks will be hashed with a hashrate of 10Khs, as soon as the difficulty re-adjusts the next 2016 blocks are then hashed with a hashrate of 40KHs, then 160KHs at the next difficulty adjustment, and 640KHs at the fourth adjustment. 6. Once a the new blockchain, longer than the current blockchain has been generated, the attacker can propagate it across the network, replacing the current blockchain.
(For simplicity I have assumed that the current blockchain does not continue to grow whilst the hardware is generating a new block chain in reality you would assume a longer generation time than that of the current blockchain if you wanted to launch an attack).
Assumptions: 1. Blocks can be mined with an extremely low hashrate.
2. The Bitcoin network favours the chain of the longest length. (I may be wrong here and it may infact favour the chain of the greatest average difficulty).
3. Each network difficulty adjustment adjusts the block generation time back to the average target (10 minutes in the case of Bitcoin) and that for each adjustment there are no maximum or minimum levels by which it can be adjusted per readjustment.
Unknowns:Could a new blockchain be generated in a similar manner to above to attack a Proof of Stake (PoS) blockchain in the following manner:
In the future, where there has been significant improvements in hashing power and assuming the network does judge blockchain preference on average difficulty of the blocks generated, could an attacker generate a new PoS blockchain from the genesis block on separate hardware, then when it exceeds the current PoS blockchain release this to the network to overwrite the current PoS blockchain?
If the PoS blockchain selection were then to rely on transaction volume to try and mitigate this for example it could still be fooled by a basic
sybil attack, so a Proof of Work or PoS mechanism could be needed to mitigate this.
Can anyone clarify the above and any assumption I may have made?
