Bitcoin's kryptonite: The 51% attack.

[JoelKatz]

If a lot of "dishonest" entities with great processing power try to control the network, they would make the 51% attack less probable themselves.

That assumes that the dishonest entities hash even when they're not up to something. It is also possible that they would let their processing power sit idle until they were ready to do something awful. Thus there could be a dozen such dishonest entities each capable of a 51% attack at the current hash level each waiting for the ideal instant to do something nefarious. (Though I think that's unlikely in the extreme.)

[1714960186]

1714960186

[1714960186]

1714960186

[Stevie1024]

Tens of millions of dollars for hardware, and millions more for manpower is expensive for most groups in the world.

You couldn't even start on something like this with less than $2,000,000.

Several orders of magnitude more computing power than the rest of the world combined to manipulate the chain? Hmmm. One thing is clear, you only need 50% or less of the total mining capacity (supposedly currently worth 50 million dollar or less) [...]

You guys forget one thing: Currently bitcoin is rewarding 50 extra coins per block (worth roughly 650$), that's what pays for the quite large current total hashrate of about 11,000 Ghash per second.

These 50 blocks are rewarded only temporarily, bitcoin is designed to run on transaction fees only, currently roughly 0.13$ per block.

Please redo your calculations based upon a hashrate that is about 500 times lower.

[kjj]

So, you want them to assume that neither the transaction fees nor the exchange rates increase in the future?  Huge coincidence that both of those assumptions favor your side in the debate?

[Stevie1024]

So, you want them to assume that neither the transaction fees nor the exchange rates increase in the future?  Huge coincidence that both of those assumptions favor your side in the debate?

"To assume is to be deceived." (Yiddish proverb)

I wouldn't want anyone to assume anything. Just saying that 99.8% of current total hashing power is payed for by the temporal generation of 50 bitcoins per block. And that it would be reasonable not to take these into account if (normal) bitcoin operation is discussed.

[terroh8er]

With all the DDoS's to the major pools, this got me thinking...

If a dishonest entity or pool owner wanted to attack Bitcoin and they had a pretty large amount of resources, could they just DDoS the top 5-10 pools to make it a lot easier? The Bitcoinwatch "other" category consists of about 15% of the network's hashing power, so it would probably take down quite a bit of . I ask this because I don't see the point to people DDoS'ing pools unless I'm missing something. Are they just bitter kids who are mad that they have an nVidia card?

Complicating this would be the mass migration of miners to this dishonest pool (if it were not known that they were actually dishonest) as it would still be up. How long would they need to be at >51% to cause major damage?

[naturallaw]

I think the only people we have to worry about are angry governments. They could set up an undercover pool and offer some incentive to miners who join it, whether it is lower fees or whatever. This would divert hashing power away from honest pools and create a starting point so it wouldn't be as costly. I'd imagine that with good marketing, one could get at least 25-30% hashing power like this. After that, they could buy the rest of the hardware for a few million and cause the market to crash. The Wall Street types would say "I told you so" and most people would lose interest in this type of currency. The reason I don't think greedy individuals would be interested in this is because Bitcoins would be worth next to nothing after the attack (assuming it would be detectable).

If it is ever revealed that militant groups are holding large amounts of Bitcoins, Mossad and the CIA would easily justify whatever costs are necessary to diminish it's value. Because it is inevitable that some powerful person's enemy will use Bitcoin, I think this is something to be concerned about.

My thoughts exactly, more likely it would be the NSA, which I don't think all of our CPU power combined right now could compete with.

[andes]

Andes, to have control of 50% of the network you need to deploy 101% processing power (you´ll end up having 50,5%)

But, why thinking there will only be 1 dishonest entity?  If there is one, there could be more, each one of them would have their own self-interest on controlling the network.   If a lot of "dishonest" entities with great processing power try to control the network, they would make the 51% attack less probable themselves.

Manuel, lets address the scenario where several powerful groups want to destroy bitcoin (not simply manipulate it one way or another).

Under this scenario, the goal of all groups is the same, so the "the enemy of my enemy is my friend" principle would apply. Why compete if we can cooperate? It does not matter if there is one or many powerful groups that want to destroy bitcoin, the result would be the same, as long as they have enough combined power.

...Which takes us to the obvious conclusion: bitcoin cannot survive in its current configuration without the support (implicit or explicit) from a decent percentage of the worlds economic powers (establishment).

Why? Because a successful attack on bitcoin cannot be prevented if the attacker (or attackers) have enough economic resources.

Why? Because the whole paradigm of the integrity of the system is based on brute force hashing. I.e. mine is bigger than yours paradigm. As long as successful attacks can be carried out simply by the means of brute force, Bitcoins will never deliver the promise to subvert the current economic powers.

So for one; to all anarcho capitalists out there, bitcoin is not the answer to your prayers. Bitcoin is not a resilient decentralized system per-se, and probably never will in its current incarnation, until the brute force paradigm is replaced for something else, that is really resilient to attacks by the means of force.

This is the greatest misconception in bitcoin right now, as I see it. It is sold as being the solution for the corruption of the banks and governments, which it is not. Banks and governments can render bitcoin unusable at their whim any time, if they ever perceive bitcoin as a real threat.

Better wake up.

[BitcoinBug]

Nobody is saying attack like this is not possible. However, that would not mean destruction of Bitcoin per se. Trust would be diminished, sure, but we would still have Bitcoin. Attack only prevents/modifies transactions or in worst case, rewrites some history. Pre-attack blockchain would still exist, software could be modified to bootstrap from it. I think something like that happened in august 2010, when somebody generated billions of bitcoins due to a software bug. In case attack would be long running, we could establish reputation based supernode network or something like that. It would be pain-in-the-ass, but as long as idea of Bitcoin is alive, anything is possible.

Another remark: let's not forget an attack like this is illegal. If entity like government or a bank would openly attack, it could mean the end of government (bank) and stronger Bitcoin. In case attack would be secret operation, they still gamble... Bitcoin hacker (the good kind  ) could connect the dots and expose them, or somebody could leak their plan. WikiLeaks is still very much alive and kicking.