Network Redundancy

[yogi]

Is the bitcoin network dangerously under powered and on the verge of being subjected to a 51% attack?

Or is it overly redundant and could afford to have the hash rate drop to a fraction of it current value and still be secure?

My instincts tell me we are safe, but where are the numbers?

Hash rate alone doesn't help us because we do not know the potential hash rate of an attacker to compare it to. The problem is determining the greatest amount of processing power that is in the hands of one single external entity.

Currently, although I may be wrong, the most powerful computational machine external to bitcoin and controlled by a single entity is the Livermore’s Sequoia supercomputer at Lawrence Livermore National Laboratory which puts out 10.5 petaFLOPS.

According to BitcoinWatch, the equivalent rate of petaFLOPS for the bitcoin network is 307.94. Now I know your going to moan about comparing flops and hashes but we have no choice here.
 
If we stipulate that the computational power wielded by the largest know potential attacker is always equal to a redundancy of 1, then we can say the bitcoin network currently has redundancy of just over 29.

redundancy = bitcoin capacity / max know external capacity
29.32 = 307.94 / 10.5

Or to put it another way, an attacker would require more than 29 times the processing power than that know to be controlled by a single external entity in order to have more than 50% of the network processing power.

Although this gauge is not perfect, as it ignores unknown entity's and pools, it does at lest provide a benchmark.

Thoughts?

[FreeMoney]

It's pretty much impossible to know what the smallest we could be without an attack being attempted is, but bigger does make coins more valuable all else equal since an attack is less likely. Also there is the other purpose of mining which is to get coins distributed initially, total power doesn't really tell you that but I would think that high power correlates with more miners to some extent.

[jgarzik]

The peer-to-peer network is more vulnerable to low level network attack, than the ever-discussed 51% hashing attack.

You can help, by running a full node that accepts incoming connections.

[niko]

No need to speculate about "external capacity" of the attacker. Assuming most of miners are somewhat rational, they have some reasonable expectations for their ROI period. Let's be optimistic and say two years. This amounts to 105,192 blocks mined. With the reward of BTC25 per block, mining investment would not be more than BTC2.6M - currently worth just over USD 31M.

Alternatively, today's typical price of mining power is about 1 USD per Mhash/s. The network total is 25 Thash/s, meaning total investment of at least USD 25M. Add to this the cost of power, and we are even closer to the estimate above. It is safe to say that the total mining investment is somewhere between 10 and 50 million USD. This is the real measure of the security that miners provide, and this is what it takes to stage a >50% disruption.  It is irrelevant if CPUs, GPUs, FPGAs, or ASICs are involved - whatever the best available technology is, it is available to both honest miners and (imaginary) attackers. If bitcoin value goes up, mining investment will increase, and vice versa - it has been shown many times that difficulty follows price (especially when corrected for the technological leaps in terms efficiency). Mining power should be measured in dollars, not hashes per second.

The real question is - what would be the incentive for anyone to spend tens of millions of dollars to temporarily disrupt the network? They could just mine and make money.

[phantomcircuit]

The peer-to-peer network is more vulnerable to low level network attack, than the ever-discussed 51% hashing attack.

You can help, by running a full node that accepts incoming connections.

this * 1000

[cunicula]

Is the bitcoin network dangerously under powered and on the verge of being subjected to a 51% attack?

Or is it overly redundant and could afford to have the hash rate drop to a fraction of it current value and still be secure?

My instincts tell me we are safe, but where are the numbers?

Hash rate alone doesn't help us because we do not know the potential hash rate of an attacker to compare it to. The problem is determining the greatest amount of processing power that is in the hands of one single external entity.

Currently, although I may be wrong, the most powerful computational machine external to bitcoin and controlled by a single entity is the Livermore’s Sequoia supercomputer at Lawrence Livermore National Laboratory which puts out 10.5 petaFLOPS.

According to BitcoinWatch, the equivalent rate of petaFLOPS for the bitcoin network is 307.94. Now I know your going to moan about comparing flops and hashes but we have no choice here.
 
If we stipulate that the computational power wielded by the largest know potential attacker is always equal to a redundancy of 1, then we can say the bitcoin network currently has redundancy of just over 29.

redundancy = bitcoin capacity / max know external capacity
29.32 = 307.94 / 10.5

Or to put it another way, an attacker would require more than 29 times the processing power than that know to be controlled by a single external entity in order to have more than 50% of the network processing power.

Although this gauge is not perfect, as it ignores unknown entity's and pools, it does at lest provide a benchmark.

Thoughts?

You should worry about BFL, not about some supercomputer somewhere. No we are not safe from BFL (unless their claims are complete scams).

[cunicula]

The peer-to-peer network is more vulnerable to low level network attack, than the ever-discussed 51% hashing attack.

You can help, by running a full node that accepts incoming connections.

this * 1000

Oh, why not introduce some incentives to encourage running a full node then? If not, then won't the number of full nodes just continue to decrease as the blockchain grows?

Could you comment on the incentives to maintain full nodes described here: https://en.bitcoin.it/wiki/Proof_of_Stake

I would appreciate more feedback.

[niko]

The peer-to-peer network is more vulnerable to low level network attack, than the ever-discussed 51% hashing attack.

You can help, by running a full node that accepts incoming connections.

this * 1000

Oh, why not introduce some incentives to encourage running a full node then? If not, then won't the number of full nodes just continue to decrease as the blockchain grows?

Could you comment on the incentives to maintain full nodes described here: https://en.bitcoin.it/wiki/Proof_of_Stake

I would appreciate more feedback.

I have been running a full node, and will continue to do so. I don't need any monetary incentive, and obviously I am not alone.

[yogi]

The peer-to-peer network is more vulnerable to low level network attack, than the ever-discussed 51% hashing attack.

You can help, by running a full node that accepts incoming connections.

I am not suggesting a 51% attack is the greatest threat to bitcoin, quite the opposite in fact. A redundancy of 29 is overly redundant a wasteful. I would sleep well at night if it only had a redundancy of 8.

What do you think a good level of redundancy would be?

What redundancy give us is a means of judging relative computational capacity. You could use redundancy to judge the relative growth or contraction of computation strength over time without having to cancel out the effect of Moors Law.

How close are we to a low level network attack, and how are you calculating that?


@hazek. Why have you moved this post to mining? It's about judging bitcoins relative computational strength not mining.

[niko]

The peer-to-peer network is more vulnerable to low level network attack, than the ever-discussed 51% hashing attack.

You can help, by running a full node that accepts incoming connections.

I am not suggesting a 51% attack is the greatest threat to bitcoin, quite the opposite in fact. A redundancy of 29 is overly redundant a wasteful. I would sleep well at night if it only had a redundancy of 8.

What do you think a good level of redundancy would be?

What redundancy give us is a means of judging relative computational capacity. You could use redundancy to judge the relative growth or contraction of computation strength over time without having to cancel out the effect of Moors Law.

How close are we to a low level network attack, and how are you calculating that?


@hazek. Why have you moved this post to mining? It's about judging bitcoins relative computational strength not mining.

As I explained above, your concept of redundancy is based on an arbitrarily chosen value of "external power". Therefore, it is not a a particularly useful measure of anything.

[gmaxwell]

Could you comment on the incentives to maintain full nodes described here: https://en.bitcoin.it/wiki/Proof_of_Stake

That page is pretty embarrassing.   There is absolutely no mention of the fundamental flaw in PoS consensus which none of your proposals have addressed:  As of yet none of the proof of stake proposals are workable because there is nothing at stake!   If someone is PoS mining it is in their best interest to attempt to concurrently build an honest chain as well as all possible attack forks just in case one of them happens to win.  Under most schemes this is the profit maximizing move, in all I've seen so far its at least neutral.  Mining an attack under PoW actually involves _spending_ something and taking the risk other miners will extend it. PoW works because your work is at stake so even a very small amount of honest miners make mercenary rational miners behave honestly too.

Moreover, I don't see why you argue here that it better aligns incentives. Parties can't mine PoW without having a validating node (or face the extreme risk other miners will toss them off on forks).  All it does is redistribute control, which might be useful— if not for the fact that it makes attacking more attractive for selfish participants.   I was hopeful of these techniques but as of yet I don't see how any can be workable.

[yogi]

As I explained above, your concept of redundancy is based on an arbitrarily chosen value of "external power". Therefore, it is not a a particularly useful measure of anything.

The point I am trying to make here is that we can't say anything about the relative computational strength of the bitcoin network unless we have something to compare it to.

If you know a better value to key off, then please tell me.

[Spaceman_Spiff]

I think you ask an important question Yogi, but I agree with Niko's approach.  Looking at it in dollar terms makes more sense and will remain correct in the future.

Thanks for the calculations, Niko, I was looking for something similar.
10-50 million is a lot of money for small-timers, but if paypal or visa or... would feel really threatened by bitcoin, it seems to me that they could quite easily spend this kind of money.
Not sure just how devastating a 51% attack would be to the bitcoin project though.  Would it be lights out, or just a (big) bump in the road?

Also, how easy would it be to perform a 51% attack anonymously?  Would it be possible to pinpoint the origin of the attack, and follow the money to the culprit?  I have absolutely no idea about these things .  

[yogi]

I think you ask an important question Yogi, but I agree with Niko's approach.  Looking at it in dollar terms makes more sense and will remain correct in the future.

Thanks for the calculations, Niko, I was looking for something similar.
10-50 million is a lot of money for small-timers, but if paypal or visa or... would feel really threatened by bitcoin, it seems to me that they could quite easily spend this kind of money.
Not sure just how devastating a 51% attack would be to the bitcoin project though.  Would it be lights out, or just a (big) bump in the road?

Also, how easy would it be to perform a 51% attack anonymously?  Would it be possible to pinpoint the origin of the attack, and follow the money to the culprit?  I have absolutely no idea about these things .  

It doesn't mater if you want to measure it in dollars or terraFLOPS. To get the relative strength you still need to compare it to something. In this case we would have to ask, what is the maximum amount of money a single entity is prepared to spend in order to attack the network. This might be a harder value to determine.

[Spaceman_Spiff]

In this case we would have to ask, what is the maximum amount of money a single entity is prepared to spend in order to attack the network. This might be a harder value to determine.

It might be harder to determine, but it is more informative than comparing to a certain supercomputer I think.  With sufficient funds, a bigger supercomputer can allways be built, so it makes more sense to start from the money. 

The question then becomes, for whom would it be profitable to attack the bitcoin system (so who is hurt by bitcoin, by how much, and how does this compare to the costs for attacking bitcoin, and this for various timepoints as bitcoin grows).

[cunicula]

I think you ask an important question Yogi, but I agree with Niko's approach.  Looking at it in dollar terms makes more sense and will remain correct in the future.

Thanks for the calculations, Niko, I was looking for something similar.
10-50 million is a lot of money for small-timers, but if paypal or visa or... would feel really threatened by bitcoin, it seems to me that they could quite easily spend this kind of money.
Not sure just how devastating a 51% attack would be to the bitcoin project though.  Would it be lights out, or just a (big) bump in the road?

Also, how easy would it be to perform a 51% attack anonymously?  Would it be possible to pinpoint the origin of the attack, and follow the money to the culprit?  I have absolutely no idea about these things .  

If paypal or visa fees threatened by bitcoin, then they can purchase BFL. They can then 1) Sell BFL equipment to recoup the company's purchase price and then 2) Conduct a 51% attack expropriating mining rights from their customers. Realistic attack costs are currently less than US$500,000. These costs will fall over time.

[DoomDumas]

How can I become someone running a full node that accepts incoming connections ?

Any info about the bandwith used (average) for running a full node accepting incoming would also be appreciated

I've the satoshi client running 24/7, I guess it is not enought !

Thanks in advance for help !

[Spaceman_Spiff]

If paypal or visa fees threatened by bitcoin, then they can purchase BFL. They can then 1) Sell BFL equipment to recoup the company's purchase price and then 2) Conduct a 51% attack expropriating mining rights from their customers. Realistic attack costs are currently less than US$500,000. These costs will fall over time.

If those numbers are a good estimate, then that is disturbing....
Why do you think these costs would fall over time?  Because of the block halving?  I would think you have to take exchange rates into account as well. If BTCs go up in value, then difficulty will rise as well.

[DoomDumas]

as per Garvin tought, I think a 51% attack is not that treatening to bitcoin.. Some legislation against BTC could be more damaging IMO !

[cunicula]

If paypal or visa fees threatened by bitcoin, then they can purchase BFL. They can then 1) Sell BFL equipment to recoup the company's purchase price and then 2) Conduct a 51% attack expropriating mining rights from their customers. Realistic attack costs are currently less than US$500,000. These costs will fall over time.

If those numbers are a good estimate, then that is disturbing....
Why do you think these costs would fall over time?  Because of the block halving?  I would think you have to take exchange rates into account as well. If BTCs go up in value, then difficulty will rise as well.

The market's best estimate of expected future price is current price. Exchange rates could go up or down. However, the effects of exchange rate movements on attack probability are ambiguous.
There are two elements: 1) How much does it cost to attack? 2) What is the expected gain from attacking?
The exchange rate would increase both simultaneously.