|
BNO (OP)
|
 |
September 17, 2015, 01:27:24 PM |
|
Hi folks,
i would like to find a measure for how the secure network is at a certain point of time. My dream would be that there is a blockchain.info like site that calculates once a day or so how much it would cost in $/btc to rent the needed hashing power from lets say amazon aws to perform the attack. Of course it should assume that the attacker is smart and chooses the least costly option to achieve 51%.
If there isn't something like i think it would be really cool for the bitcoin-community to have a comprehensive one number measure of security. It would help in discussions about blocksize and future discussions about network security, number of nodes, the whole Fee-market debate a LOT if one would have this chart.
Because besides talk about new cool services and the ever question of who satoshi is and the price of bitcoin the rest of the discussion are a very high percentage: network security, blocksize, number of nodes, mining profitability etc. And all those would be easiert to talk about if there was such a measure...
If there isn't such a site, i would still be interested in how the number is for todays network.
|
The thinking that has led us to this point will not lead beyond - Albert Einstein
|
|
|
|
21coin
|
|
September 17, 2015, 01:30:19 PM |
|
I don't think all of amazon AWS or any cloud service for that matter can actually perform a 51% attack, if it does come it will come from the collaboration of the top three hashing pools. Cloud services simply can't deliver that much of hashing power.
As for how to prevent it, there are plenty of threads here about that, either google or rummage through the mining and bitcoin discussion.
|
|
|
|
|
BNO (OP)
|
|
September 17, 2015, 01:38:21 PM |
|
I don't think all of amazon AWS or any cloud service for that matter can actually perform a 51% attack, if it does come it will come from the collaboration of the top three hashing pools. Cloud services simply can't deliver that much of hashing power.
As for how to prevent it, there are plenty of threads here about that, either google or rummage through the mining and bitcoin discussion. I think you can rent on amazon machines with a decent graphic card- so one could calculate out of this how much it would cost for example to have this hashing power for e.g. 24h I would be interested in the calcualtion of this number. Unfortunately i'm lacking the knowledge to do it myself. I'm not interested that an insider (pool, hosted mining whatever) turns evil. That would be another discussion, just the number for renting you hashing power to attack. For that purpose i wouldn't care if AWS actually has the amount (or whatever service you would think would be best to perform attack), just pretend it was there. |
The thinking that has led us to this point will not lead beyond - Albert Einstein
|
|
|
Amph
Legendary
 Offline
Activity: 3206
Merit: 1069
|
|
September 17, 2015, 02:12:25 PM |
|
I don't think all of amazon AWS or any cloud service for that matter can actually perform a 51% attack, if it does come it will come from the collaboration of the top three hashing pools. Cloud services simply can't deliver that much of hashing power.
As for how to prevent it, there are plenty of threads here about that, either google or rummage through the mining and bitcoin discussion. I think you can rent on amazon machines with a decent graphic card- so one could calculate out of this how much it would cost for example to have this hashing power for e.g. 24h I would be interested in the calcualtion of this number. Unfortunately i'm lacking the knowledge to do it myself. I'm not interested that an insider (pool, hosted mining whatever) turns evil. That would be another discussion, just the number for renting you hashing power to attack. For that purpose i wouldn't care if AWS actually has the amount (or whatever service you would think would be best to perform attack), just pretend it was there. i doubt any amount of gpu can cut it, based on the old 7970, you can have something like 2 MB per card right now, with the best gpu available, maybe 3MB(i didn't follow how strong they are on sha256, lately), you need 200 peta to do an attack 200 peta are 200B mega, which mean 100B gpu (basically 14gpu for each person on this planet), none has all those gpu combined, not to mention the wattage, not attainable by a long shot |
|
|
|
|
|
|
adamstgBit
Legendary
Offline
Activity: 1904
Merit: 1037
Trusted Bitcoiner
|
|
September 17, 2015, 02:26:48 PM |
|
AWS doesn't have bitcoin mining hardware, so you'd be mining with CPU power
so expect to max out AWS's available servers and get less than 1% hashing power.
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3430
Merit: 4681
|
|
September 17, 2015, 02:33:01 PM |
|
GPU is useless for attempting a 51% attack. AWS doesn't have enough GPU available for you to mount such an attack even if you rented every GPU they have available. And if you did try to do that, they would raise their prices for GPU processing to meet the huge demand that you would be placing. As such, the cost would increase exponentially and you still wouldn't have 51%. If you want to perform a 51% attack, you are going to have to gain control of enough ASIC hash power.
Keep in mind that if miners are making significantly more than they are spending, then there is an incentive for more people to get involved in mining and to spend more on mining to get a larger portion of the available profit. The additional people involved means that the revenue is spread thinner until it is no longer profitable for people to get involved. This has an effect of reducing the profits of miners until "they are just barely earning more than they are spending".
Also keep in mind that if miners are mining for profit, and they are spending more than they are making, then they will quit mining (since they aren't making a profit). This reduction in people involved means that the revenue is consolidated among fewer people until it becomes profitable for the remaining miners to stay involved. This has an effect of increasing the profits of miners until "they are just barely earning more than they are spending".
So, if we assume that the vast majority of miners are mining for profit, and that they are just barely earning more than they are spending, then it would (incorrectly) seem like this isn't too difficult to estimate.
The average daily sum of the revenue of ALL mining in the world is approximately 3625 BTC. The current (at the time I am writing this post) exchange rate with USD is approximately $231. This means that the global revenue expressed in USD is approximately:
3625 BTC/day * 231 USD/BTC = $837375 USD/day
Since we are assuming that the vast majority of miners are "just barely earning more than they are spending", we are assuming that there is just a bit less than $837375 USD/day being spent on hash power.
There are 2 ways that an attacker could instantly control more than 50% of the global hash power:
1. They could buy up half of the currently operating hash power (if they could find enough existing miners willing to rent or sell that hash power for the exact same amount of money as they are already earning). This would reduce the global hash power that they attacker doesn't control to half of the $837375 USD/day, and would cost the attacker half of $837375 USD/day. Therefore, it would cost the attacker about $418688 per day.
2. They could add to the network the same amount of new hash power that already exists. In this case the amount of hash power on the network would double, and the attacker would have half of it. Since the current network is spending $837375 per day, it would cost the attacker about $837375 per day.
Unfortunately, these calculations are based on an attacker instantly having half of the global hash power and being able to very quickly acquire that immense amount of hash power at the same cost as purchasing a very small amount of hash power. In the real world, there are several other factors in play.
Trying to buy up such a large amount of existing hash power that is already mining for a profit would create a very large demand in an environment where there isn't enough supply. Basic economics makes it pretty clear that this huge demand against a relatively slow growing supply would result in skyrocketing costs for the attacker to buy incrementally more hash power. They may be able to buy the first 2% or 3% at current costs, but the next 5% might cost 10X as much, and the next 5% after that might cost 100X as much. As they found less and less hash power for sale, they might have to offer a lot of money to convince any of the remaining controllers of hash power to give up that control.
Trying to buy up such a large amount of new hash power would run into the same supply&demand problem. There just isn't enough new hash power manufactured for the attacker to be able to quickly buy or rent as much hash power as the network is currently using. Buying up what little is available would encourage the manufacturers to increase their prices.
Meanwhile, if the attacker was willing to wait for some time to gain control rather than having it all happen in an instant, then they could just add enough hash power to the network to make it unprofitable for others to mine. The attacker would be taking a loss in their mining, just like everyone else, but this attacker isn't motivated by mining for profit. They are motivated by gaining control of more than 50% of the hash power. Therefore, they would run enough extra hash power to make it unprofitable and then wait for the most unprofitable miners to quit mining. As the network stabilized, they would again add more new hash power, and wait for more miners to quit mining. Initially it might just cost them 5% or 10% of the current global revenue (somewhere around $62800 per day), but they would be gaining revenue from the blocks they mine which would offset the costs. It might take them months (or even years) of mining at a slight loss before they could drive out enough competition to be controlling 50% of the network hash power. Since it is difficult to predict exactly how much of a loss per day they would need to take to drive out other miners, and it is difficult to predict exactly how long it would take for enough miners to quit, it is extremely difficult to predict with any accuracy the total amount it would end up costing them.
On top of all of this there is an ever changing exchange rate which can encourage or deter new miners and additional hash power that the attacker doesn't control.
|
|
|
|
|
|
21coin
|
|
September 17, 2015, 02:35:11 PM |
|
GPU is useless for attempting a 51% attack. AWS doesn't have enough GPU available for you to mount such an attack even if you rented every GPU they have available. And if you did try to do that, they would raise their prices for GPU processing to meet the huge demand that you would be placing. As such, the cost would increase exponentially and you still wouldn't have 51%. If you want to perform a 51% attack, you are going to have to gain control of enough ASIC hash power.
Keep in mind that if miners are making significantly more than they are spending, then there is an incentive for more people to get involved in mining and to spend more on mining to get a larger portion of the available profit. The additional people involved means that the revenue is spread thinner until it is no longer profitable for people to get involved. This has an effect of reducing the profits of miners until "they are just barely earning more than they are spending".
Also keep in mind that if miners are mining for profit, and they are spending more than they are making, then they will quit mining (since they aren't making a profit). This reduction in people involved means that the revenue is consolidated among fewer people until it becomes profitable for the remaining miners to stay involved. This has an effect of increasing the profits of miners until "they are just barely earning more than they are spending".
So, if we assume that the vast majority of miners are mining for profit, and that they are just barely earning more than they are spending, then it would (incorrectly) seem like this isn't too difficult to estimate.
The average daily sum of the revenue of ALL mining in the world is approximately 3625 BTC. The current (at the time I am writing this post) exchange rate with USD is approximately $231. This means that the global revenue expressed in USD is approximately:
3625 BTC/day * 231 USD/BTC = $837375 USD/day
Since we are assuming that the vast majority of miners are "just barely earning more than they are spending", we are assuming that there is just a bit less than $837375 USD/day being spent on hash power.
There are 2 ways that an attacker could instantly control more than 50% of the global hash power:
1. They could buy up half of the currently operating hash power (if they could find enough existing miners willing to rent or sell that hash power for the exact same amount of money as they are already earning). This would reduce the global hash power that they attacker doesn't control to half of the $837375 USD/day, and would cost the attacker half of $837375 USD/day. Therefore, it would cost the attacker about $418688 per day.
2. They could add to the network the same amount of new hash power that already exists. In this case the amount of hash power on the network would double, and the attacker would have half of it. Since the current network is spending $837375 per day, it would cost the attacker about $837375 per day.
Unfortunately, these calculations are based on an attacker instantly having half of the global hash power and being able to very quickly acquire that immense amount of hash power at the same cost as purchasing a very small amount of hash power. In the real world, there are several other factors in play.
Trying to buy up such a large amount of existing hash power that is already mining for a profit would create a very large demand in an environment where there isn't enough supply. Basic economics makes it pretty clear that this huge demand against a relatively slow growing supply would result in skyrocketing costs for the attacker to buy incrementally more hash power. They may be able to buy the first 2% or 3% at current costs, but the next 5% might cost 10X as much, and the next 5% after that might cost 100X as much. As they found less and less hash power for sale, they might have to offer a lot of money to convince any of the remaining controllers of hash power to give up that control.
Trying to buy up such a large amount of new hash power would run into the same supply&demand problem. There just isn't enough new hash power manufactured for the attacker to be able to quickly buy or rent as much hash power as the network is currently using. Buying up what little is available would encourage the manufacturers to increase their prices.
Meanwhile, if the attacker was willing to wait for some time to gain control rather than having it all happen in an instant, then they could just add enough hash power to the network to make it unprofitable for others to mine. The attacker would be taking a loss in their mining, just like everyone else, but this attacker isn't motivated by mining for profit. They are motivated by gaining control of more than 50% of the hash power. Therefore, they would run enough extra hash power to make it unprofitable and then wait for the most unprofitable miners to quit mining. As the network stabilized, they would again add more new hash power, and wait for more miners to quit mining. Initially it might just cost them 5% or 10% of the current global revenue (somewhere around $62800 per day), but they would be gaining revenue from the blocks they mine which would offset the costs. It might take them months (or even years) of mining at a slight loss before they could drive out enough competition to be controlling 50% of the network hash power. Since it is difficult to predict exactly how much of a loss per day they would need to take to drive out other miners, and it is difficult to predict exactly how long it would take for enough miners to quit, it is extremely difficult to predict with any accuracy the total amount it would end up costing them.
On top of all of this there is an ever changing exchange rate which can encourage or deter new miners and additional hash power that the attacker doesn't control.
Wooh that was quite a post, too ADD to go through it all. Care to tell whats the price(only) for conducting the attack again(without the long statements) |
|
|
|
|
BNO (OP)
|
|
September 17, 2015, 02:37:16 PM |
|
Hi Litecoinguy! Thanks for trying! |
The thinking that has led us to this point will not lead beyond - Albert Einstein
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
September 17, 2015, 02:54:55 PM |
|
Hi folks,
i would like to find a measure for how the secure network is at a certain point of time. My dream would be that there is a blockchain.info like site that calculates once a day or so how much it would cost in $/btc to rent the needed hashing power from lets say amazon aws to perform the attack. Of course it should assume that the attacker is smart and chooses the least costly option to achieve 51%.
If there isn't something like i think it would be really cool for the bitcoin-community to have a comprehensive one number measure of security. It would help in discussions about blocksize and future discussions about network security, number of nodes, the whole Fee-market debate a LOT if one would have this chart.
Because besides talk about new cool services and the ever question of who satoshi is and the price of bitcoin the rest of the discussion are a very high percentage: network security, blocksize, number of nodes, mining profitability etc. And all those would be easiert to talk about if there was such a measure...
If there isn't such a site, i would still be interested in how the number is for todays network.
................ Even if you took all of the computing power of the ENTIRE FUCKING PLANET you wouldn't hit 1% of the hashing rate. ASCI >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>> super computers >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>everything else. One would have to make or buy ASIC's to attack the network. |
|
|
|
|
|
BNO (OP)
|
|
September 17, 2015, 02:55:51 PM |
|
Hi Danny, thx for that long of an answer! But i must say i don't agree. Since we are assuming that the vast majority of miners are "just barely earning more than they are spending", we are assuming that there is just a bit less than $837375 USD/day being spent on hash power. I really want to check what it would cost to rent this. The reason for that is that one can not calculate this as you are doing it, because this number is much to low. This is because after a miner invests in mining equipment the assumption is this: he can not use it for anything than mining, so he can leave that costblock out of the equation and he will continue as long the mined bitcoins are worht more than the electricity he needs to create them. You can believe me on this one. In economics this is called sunk cost and the problem of average cost (which do not apply here) and marginal cost (here you say the money for the hardware is already lost fuck it, i keep mining as long 1BTC is worth more than the electricity needed to create one). To the second half of your post: Yes i know that this number would be theoretical and in practise the cost for the hardware would go up if you quickly wanted to buy rent that amounts. But i would rather have just this number and then one xould say: "theoretical X Dollars" and as a second layer of security but actually doing that would be much more expensive due to demand and supply. But i would like to keep this simple and stupid because speculating about demand and supply of Asics calculating power is in my opinion not usefull here.
I was just throwing in AWS is there maybe a service for renting ASICs. Are asics used for something else than bitcoin mining? |
The thinking that has led us to this point will not lead beyond - Albert Einstein
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
September 17, 2015, 02:56:44 PM |
|
21 if you don't have 5 mintues to read that be ready to get owned at life.
|
|
|
|
|
DannyHamilton
Legendary
Offline
Activity: 3430
Merit: 4681
|
|
September 17, 2015, 03:00:28 PM |
|
- snip -
Care to tell whats the price(only) for conducting the attack again(without the long statements)
Sure. Here's the TL;DR: - snip -
it is extremely difficult to predict with any accuracy the total amount it would end up costing them.
- snip -
If they wanted to instantly control more than 50% of the global hash power it would absolutely cost more than $418688 per day and would quite likely cost millions per day. If they were willing to wait, it might cost much less per day (depending on what the exchange rate does during that time), but it would take months or years of continuous effort to build up to more than 50%. |
|
|
|
|
|
BNO (OP)
|
|
September 17, 2015, 03:04:13 PM |
|
|
The thinking that has led us to this point will not lead beyond - Albert Einstein
|
|
|
|
21coin
|
|
September 17, 2015, 03:13:32 PM |
|
21 if you don't have 5 mintues to read that be ready to get owned at life.
Do I have to if someone can simplify it for me? And I have some ADD to take care of, you'll find out how difficult it is reading when you have it. |
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
September 17, 2015, 03:41:47 PM |
|
LMAO, just no, that's all you get. |
|
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
September 17, 2015, 03:43:14 PM |
|
21 if you don't have 5 mintues to read that be ready to get owned at life.
Do I have to if someone can simplify it for me? And I have some ADD to take care of, you'll find out how difficult it is reading when you have it. Apparently I have add... so did every kid in my class... Anyways, basically the ONLY way to compete with the bitcoin network is with ASIC's. Application specific intergrated circuits. If it isn't built for the purpose of hashing it's hashing ability will be a joke. Even that NSA facility buddy thinks could take down bitcoin, it wouldn't even register on the network if it started hashing. Buying the ASIC's to do this is almost impossible as the price of the ASIC's would skyrocket as they were sold. One threat is some govs team up, make their own ASIC and use them to decimate the bitcoin network. I have large doubts about their ability to pull that off. It's also probably going to piss tax payers off the govs decided to use their money to decimate bitcoin just because. |
|
|
|
|
|
21coin
|
|
September 17, 2015, 03:45:18 PM |
|
21 if you don't have 5 mintues to read that be ready to get owned at life.
Do I have to if someone can simplify it for me? And I have some ADD to take care of, you'll find out how difficult it is reading when you have it. Apparently I have add... so did every kid in my class... LMAO now that are the simplifies text I'm talking about, no offense danny. |
|
|
|
spazzdla
Legendary
Offline
Activity: 1722
Merit: 1000
|
|
September 17, 2015, 03:48:22 PM |
|
21 if you don't have 5 mintues to read that be ready to get owned at life.
Do I have to if someone can simplify it for me? And I have some ADD to take care of, you'll find out how difficult it is reading when you have it. Apparently I have add... so did every kid in my class... LMAO now that are the simplifies text I'm talking about, no offense danny. I don't buy excuses. Give my summery a read. |
|
|
|
|
|
21coin
|
|
September 17, 2015, 03:51:29 PM |
|
21 if you don't have 5 mintues to read that be ready to get owned at life.
Do I have to if someone can simplify it for me? And I have some ADD to take care of, you'll find out how difficult it is reading when you have it. Apparently I have add... so did every kid in my class... LMAO now that are the simplifies text I'm talking about, no offense danny. I don't buy excuses. Give my summery a read. Got that down already, tell me something new, and have a look at my first post, I said nearly the smae thing there. |
|
|
|
|
