how secure is the Bitcoin-network against a 51% attack at a point in time?

[BNO]

Isn't there a way to put a number on it. As much as i appreciate the effort of Danny this is not how one can calculate it. If no one knows of a place to rent asics it would be O.K. to make the calculation for buying those. Is here no genius who can calculate what buying the right amount of ASIC's would cost? If yes your input would be much appreciated...

[spazzdla]

IMO it is not possible to put a cost on it because one you start to buy or rent such a large number the cost to buy or rent will SKYROCKET.  Furthermore if people find out what your plans are with the machine they are renting be prepared to watch those machines disapear.

IMO the second those rented machines attempted a 51% attack they'd be shutdown. Wouldn't even be suprised if that was a clause one agrees to when renting.


It's kind of like buyin 1 million bitcoins, at the current price it would cost 230 mill however after you started attempting this the price would start skyrocketing.  The actual cost of getting 1 million BTC is unknown.



Sorry to be a doucher I didn't get your question at first.

[BNO]

Spazzdle and 21coin: Please shut up with this crap. Sorry for you 21coin that you have ADD. But there was some bold text. That contains The answer of Danny.
I think one can NOT calculate it this way but to some it up for you: roughly 420.000 USD /day for renting 50% of the EXISTING network (miners rent him the power) or twice the amount if you buy new gear (the 100%+ odd you buy become than the 50%+ of the new network). So very intelligently he made the distinction of buying half of existing network or buying/renting new gear.  

[BNO]

IMO it is not possible to put a cost on it because one you start to buy or rent such a large number the cost to buy or rent will SKYROCKET.  Furthermore if people find out what your plans are with the machine they are renting be prepared to watch those machines disapear.

For the purpose of this answer just assume:
- It does NOT matter that price will rise - please TOTALLY ignore this
- you buy/rent your hardware outside the netwok
- Absolutely no further speculation/estimation on how the network would respond, what core devs would do or not do or whatever, just a calculation

[spazzdla]

IMO it is not possible to put a cost on it because one you start to buy or rent such a large number the cost to buy or rent will SKYROCKET.  Furthermore if people find out what your plans are with the machine they are renting be prepared to watch those machines disapear.

For the purpose of this answer just assume:
- It does NOT matter that price will rise - please TOTALLY ignore this
- you buy/rent your hardware outside the netwok
- Absolutely no further speculation/estimation on how the network would respond, what core devs would do or not do or whatever, just a calculation

The you really don't want to know the chances of a 51%..

[DannyHamilton]

- snip -
That contains The answer of Danny. I think one can NOT calculate it this way
- snip -

You are mistaken.  If you are going to pay someone to give you control of their hash power, that is exactly how to calculate it.

- snip -
this number is much to low. This is because after a miner invests in mining equipment the assumption is this: he can not use it for anything than mining, so he can leave that costblock out of the equation and he will continue as long the mined bitcoins are worth more than the electricity he needs to create them. You can believe me on this one. In economics this is called sunk cost and the problem of average cost (which do not apply here) and marginal cost (here you say the money for the hardware is already lost fuck it, i keep mining as long 1BTC is worth more than the electricity needed to create one).
- snip -

You are mistaken.  If a miner can get "more than the electricity he needs to create them" by mining with his hash power, and he can get slightly more than that by renting out his hash power, then the profitable thing to do is to rent out the hash power.  Therefore, (since you want to ignore the effect that the increase on demand will have) the attacker should be able to rent the hash power for approximately the same amount as the revenue that is generated.

I can prove this statement, and will do so later in this response.

- snip -
I was just throwing in AWS is there maybe a service for renting ASICs.

There are many "cloudmining" services.  In my opinion, the vast majority of them are ponzi schemes. The few that are not ponzi schemes are probably scams.

Are asics used for something else than bitcoin mining?

ASIC stands for "Application Specific Integrated Circuit". It is a circuit that is custom designed for a specific application.  In the case of bitcoin mining, that specific application is performing the exact proof-of-work that bitcoin requires.  The only other thing that it would be useful for would be other systems that use the exact same proof-of-work that bitcoin uses.  There are a handful of altcoins that use the same proof-of-work, but that's about it.

For the purpose of this answer just assume:
- It does NOT matter that price will rise - please TOTALLY ignore this

Fine.  I think it is a silly thing to ignore, because the number you get will be ludicrously low, but if that's what you want then that's what we'll do.

- you buy/rent your hardware outside the network

This doesn't really exist.  All bitcoin mining equipment that exists is available to be used on the network.  I assume you are suggesting buying newly manufactured equipment that hasn't yet been used to mine bitcoins until the attacker starts using it.  That equipment currently gets bought and connected to the network about as fast as it becomes available, but for your imaginary world we'll go ahead and pretend that an infinite amount of new hardware is available to be rented at whatever the current rent cost would be.

- Absolutely no further speculation/estimation on how the network would respond, what core devs would do or not do or whatever, just a calculation

So, an imaginary number that is entirely meaningless.  Got it.  In that case, the number would be very close to the estimate that I provided earlier: "about $837375 per day"

Now that we got that out of the way, lets look at how I can prove that "the attacker should be able to rent the hash power for approximately the same amount as the revenue that is generated", which means that a minor 51% attack could occur at almost no cost at all (since the revenue generated would offset the costs involved).

If you think about it a bit, you'll realize that every miner that is not solo mining is effectively renting their hash power to the pool operator.  The miner has no control over what is being done with his hash power.  He simply receives a proof-of-work request from the pool operator, and then reports back to the pool operator if/when he completes that proof-of-work.  In return, the pool operator pays the miner for the use of the equipment while it was attempting to complete the proof-of-work.

How much does the pool operator pay for all that hash power that he is "renting"?  Interestingly, he is paying with the bitcoins that he is mining, and generally is not needing to toss in any more of his own money beyond that.  Clearly, the cost that he is paying per hash is "approximately the same amount as the revenue that is generated".

If someone wanted to acquire control of 51% (or more) of the hash power, all they would need to do is set up some pools that pay out a little bit more than any other pool.  Miners will switch their hashing over to the attacker's new pools since they'll get a better profit.  The cost to the attacker will be only slightly more than the revenue generated (since no "honest" pools will be able to pay more than they are generating). As long as the attacker is careful about what they do with their 51%, the miners won't have any reason to switch to any other pool.  Among other things, this will allow the attacker to occasionally orphan blocks from competing pools, and will allow them to occasionally create a double spend transaction.

Ah, but you might say "When/if the miners see what the pool is doing, they can/will switch to some other pool that pays them a bit less, but which is not attacking the network".  But remember you said you wanted to include "Absolutely no further speculation/estimation on how the network would respond".  Furthermore, if you are willing to make an allowance for the possibility that "miners could switch pools", then to be intellectually honest, you need to make an allowance that the services "renting hashpower to the attacker" can stop renting to him if they see what he is doing with that hash power.

[BNO]

I enjoyed reading your post, but thats not what i'm looking for.

Ah, but you might say "When/if the miners see what the pool is doing, they can/will switch to some other pool that pays them a bit less, but which is not attacking the network".  But remember you said you wanted to include "Absolutely no further speculation/estimation on how the network would respond".  Furthermore, if you are willing to make an allowance for the possibility that "miners could switch pools", then to be intellectually honest, you need to make an allowance that the services "renting hashpower to the attacker" can stop renting to him if they see what he is doing with that hash power.

I see where you are coming from here. But i really want hardware outside the network. The reason for this is, that i have some trust in the existing network but zero in the outside. This is an assumption on my side, but not a strong one i think. To say that Bitcoiners in general would not care about politics is absolutely not true. Any bet they are more liberal and less trusting in government than the average citizen. So i really want to keep that assumption.

For the rest: yes the assumptions are not really realistic, that doesn't matter. First i just want the "raw meat", cooking the meal out of it is then the second step. Don't want to mix it all together...

[DannyHamilton]

I've given you numbers that you are asking for and you've rejected them.

I've given you the math behind the numbers, and you've disregarded it.

I've given you real world examples that support the numbers and the math, and you continue to say that you want a different number.

I give up.

If you don't like the number, and you want a bigger imaginary number, please tell us what your imaginary number is, and how you intend to get to that number?

[BNO]

Look Danny when someone asks for a calculation under those assumptions:

For the purpose of this answer just assume:
- It does NOT matter that price will rise - please TOTALLY ignore this
- you buy/rent your hardware outside the netwok
- Absolutely no further speculation/estimation on how the network would respond, what core devs would do or not do or whatever, just a calculation

Than that's what he wants. Presenting a calculation that changes the assumption to: rent the hardware from the inside of the network just violates rule number 2 is simply not an answer. Just see it as an question in university, you would not get any points for calculating this with "your own" assumptions when the question states different assumptions.

But it was still interesting to read your very well laid out explanation about that you could rent a lot from the inside and how to do it. Just not what was asked..

O.K. maybe i'm explaining a bit the reason behind assumption n. 2. The bitcoin network represents a "mix" of different efficient hardware, combined with different electricity cost. The variance within this "group" is so high that makes a calculation basically meaningless if want to look for an outside attacker. Because the outside attacker would start with most efficient hardware, would make an "Factory order" custom desing (that's why assumption with rising prices is not wanted, it would be built up on scratch). And as i wrote if one does believe in the network as a whole it does not make sense to assume people would rent out the nsa their gear... At least that's what i'm interested in..

[GetClams.com]

It would take a unique set of extreme circumstances -


an extreme increase in the price or availability of electricity due to geo-politcal events could potential reduce the hashing power making it possible.

interruption to the internet - http://www.cnn.com/2012/07/10/tech/web/internet-down-eagleman/


So possible but highly unlikely.

[BNO]

@spazzdla: WTF!!! don't know what you are talking about

O.k. i found this page: https://en.bitcoin.it/wiki/Mining_hardware_comparison

and i think the amount needed to buy just the hardware (assuming the next batch has same efficiency) is roughly 145 Million $

[DannyHamilton]

Look Danny when someone asks for a calculation under those assumptions:

For the purpose of this answer just assume:
- It does NOT matter that price will rise - please TOTALLY ignore this
- you buy/rent your hardware outside the network
- Absolutely no further speculation/estimation on how the network would respond, what core devs would do or not do or whatever, just a calculation

Than that's what he wants.

And it's what I gave you.  Multiple times.

See here:

2. They could add to the network the same amount of new hash power that already exists.  In this case the amount of hash power on the network would double, and the attacker would have half of it.  Since the current network is spending $837375 per day, it would cost the attacker about $837375 per day.

Unfortunately, these calculations are based on an attacker instantly having half of the global hash power and being able to very quickly acquire that immense amount of hash power at the same cost as purchasing a very small amount of hash power.

That's what you asked for, right?  That number TOTALLY ignores the fact that the price will rise. It assumes that the hardware will be new hash power that is added to the network, so it meets your "rent your hardware outside the network" requirement. It makes "Absolutely no further speculation/estimation on how the network would respond, what core devs would do or not do or whatever".  It's just a calculation.

Then I state it again here:

I assume you are suggesting buying newly manufactured equipment that hasn't yet been used to mine bitcoins until the attacker starts using it.  That equipment currently gets bought and connected to the network about as fast as it becomes available, but for your imaginary world we'll go ahead and pretend that an infinite amount of new hardware is available to be rented at whatever the current rent cost would be.

- Absolutely no further speculation/estimation on how the network would respond, what core devs would do or not do or whatever, just a calculation

So, an imaginary number that is entirely meaningless.  Got it.  In that case, the number would be very close to the estimate that I provided earlier: "about $837375 per day"

Presenting a calculation that changes the assumption to: rent the hardware from the inside of the network just violates rule number 2 is simply not an answer.

Which is why I added that example at the end, after I first answered your question and used the transition phrase:

Now that we got that out of the way

Just not what was asked..

I'm not sure you even know what you want.  You seem to want someone to just make up a "per hash rental cost" that is big enough to satisfy your desire for a really big number, and then to multiply that by the current hashes per day.  I did that for you and even used a very realistic per hash rental cost, but apparently you want someone to make up a bigger number that doesn't have any justification behind it.  Please let us know how big of a "per hash rental cost" you want it to be, and I'll do the multiplication for you.

[NorrisK]

Besides the enormous cost, they also need to stand to gain something from it right? That would probably mean spending about a couple of million in bitcoin on something to later nullify the transaction. Where can you spend those amounts of bitcoin at the moment?

[BNO]

so in case somebody is interested here is the answer i would come up with.

If the attacker came from inside the US According this site:
http://www.eia.gov/electricity/monthly/epm_table_grapher.cfm?t=epmt_5_6_a

cheapest industrial rate for electricity would be in Washington with 4.5cents/KW/h

then cost would be:

cost for buying 63.000 Antminer : approx 145 Mill $
additional hardware cost for each unit (Powersupply etc.) estimated 200$ then additional hardware cost: ~12.5 Mill $
cost of electricity for 24h (assuming 50% overhead for cooling and operation, 4,5cents/KW/h): 233 000 USD
so if the attacker wants to run 30 days of attack: ~ 7 Mill $ for electricity.

So far ~ 165 Mill USD for Hardware and 1 Month of electricity:

+ Shipping and handling those 63.000 machines
+ Workers for unboxing and setting up machines
+ Rent for industrial warehouse in area with good enough Internetconnection
+ IT Technician overviewing process

[knowhow]

Makes no sense someone invest such ammount to attack bitcoin,they hack emails and try to hack some pc to get acess to bitcoins...why would someone do that if they can get bitcoin sending virus or by other stuffs.

[notiely]

Hi folks,

i would like to find a measure for how the secure network is at a certain point of time. My dream would be that there is a blockchain.info like site that calculates once a day or so how much it would cost in $/btc to rent the needed hashing power from lets say amazon aws to perform the attack. Of course it should assume that the attacker is smart and chooses the least costly option to achieve 51%.

If there isn't something like i think it would be really cool for the bitcoin-community to have a comprehensive one number measure of security. It would help in discussions about blocksize and future discussions about network security, number of nodes, the whole Fee-market debate a LOT if one would have this chart.

Because besides talk about new cool services and the ever question of who satoshi is and the price of bitcoin the rest of the discussion are a very high percentage: network security, blocksize, number of nodes, mining profitability etc. And all those would be easiert to talk about if there was such a measure...

If there isn't such a site, i would still be interested in how the number is for todays network.

I guess it's more secured than we can imagine.