Bitcoin Forum
December 15, 2024, 12:48:00 PM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Impact of ASICs on Bitcoin security  (Read 3011 times)
shaunb (OP)
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
July 02, 2013, 08:03:38 PM
 #1

Although the network hash rate has skyrocketed since ASICs have come online, the security of the Bitcoin network has declined substantially when considering the comparatively low cost of gaining 51% hashing power.  

In February, just prior to Avalon making their first shipment, the network hash rate was about 25-30 TH/s.  The network was being secured primarily by inefficient and expensive GPUs and it would have been very unlikely for someone to build the infrastructure to attack the network.  Perhaps not due to the cost of the hardware, but more likely the energy demands would make it next to impossible.

Cost of attacking the network at 30 TH/s prior to ASICs:

GPUs:  50,000 x 7950 @ $300 each = $15 million (add to this cost of power supplies, motherboards, memory...)
Energy consumption: 10,000,000+ watts

Cost of attacking the network today at 150 TH/s:

ASICs:  300 x BFL 500 GH/s @ $25,000 each = $7.5 million
Energy consumption: ~1,500,000 watts

So today it costs far less than half of what is did in February '13 to 51% the network while consuming only 15% of the energy.  

We used to think it was prohibitively expensive for any entity to destroy the network, but nowadays it's very feasible.  I'm quite concerned about this.


jaywaka2713
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


aka 7Strykes


View Profile
July 02, 2013, 08:13:46 PM
 #2

Time it takes for BFL to produce and ship 300 500GH/s rigs = 10 months to indefinite
Time it takes for BFL to finish current order chain = 10 months to indefinite
Hashpower increase once order chain is finished = Way more than 300 TH/s
Also, BFL has said that they won't sell enough hardware to 51% attack
So money required to create roughly 50 identities to purchase the 300 500Gh/s rigs? Millions of dollars.

shaunb (OP)
Newbie
*
Offline Offline

Activity: 42
Merit: 0


View Profile
July 02, 2013, 08:18:28 PM
 #3

Time it takes for BFL to produce and ship 300 500GH/s rigs = 10 months to indefinite
Time it takes for BFL to finish current order chain = 10 months to indefinite
Hashpower increase once order chain is finished = Way more than 300 TH/s
Also, BFL has said that they won't sell enough hardware to 51% attack
So money required to create roughly 50 identities to purchase the 300 500Gh/s rigs? Millions of dollars.


Was just using the pricing from BFL as an example.  Obviously you wouldn't be ordering from them.  You could very quickly build custom hardware here in China for far less money.
jaywaka2713
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


aka 7Strykes


View Profile
July 02, 2013, 08:20:04 PM
 #4

Time it takes for BFL to produce and ship 300 500GH/s rigs = 10 months to indefinite
Time it takes for BFL to finish current order chain = 10 months to indefinite
Hashpower increase once order chain is finished = Way more than 300 TH/s
Also, BFL has said that they won't sell enough hardware to 51% attack
So money required to create roughly 50 identities to purchase the 300 500Gh/s rigs? Millions of dollars.


Was just using the pricing from BFL as an example.  Obviously you wouldn't be ordering from them.  You could very quickly build custom hardware here in China for far less money.

True, but the cost of also doing the research for manufacture of ASIC chips is very expensive. It would cost you about 3 million to just get that done, then another 5 or 6 million to manufacture the chips and hardware. Making ASICs isnt easy.

tuheeden
Newbie
*
Offline Offline

Activity: 41
Merit: 0



View Profile
July 02, 2013, 08:20:28 PM
 #5

I will agree that every change to the hardware does open the door for the potential of a brute force attack.

However I think the "Could" has to be tempered by the "Would". Simply, ASIC's are shipping right now to legitimate miners and the hash rates are reflecting that. If you have followed Butterfly labs, I can tell you that the chance of ordering and receiving 300 units of that magnitude would require far more resources than just the 7.5M of cash (physically the ASIC's just are not available), so by the time someone could get that much hash power, they would need twice as much again.

But for the sake of argument, someone COULD get their hands on enough equipment and COULD overpower the network. Then they would not only have to outpace the blockchain building, but they would have to introduce something malicious to double spend or otherwise compromise the network. OK, lets say a government has all of this hardware, software and development power and has the will do to it, the end user community would only be "fooled" for a VERY short period of time (as soon as someone noticed a doublespend or other malice). At that point bitcoins would be worth nothing because everyone would know that they were hacked, so the entire effort probably could not have even repaid the cost of the hardware alone. To rectify the whole situation (and this has been done already), the blockchain could be forked by the "legitimate" development team, back to the point in time before the corruption began and let legitimate nodes and pools begin again with patched software and all of the previous bitcoins would be in tact.

It is a very real thing to consider, but I would be more afraid of Google Play being hacked and pushing out a corrupt wallet or other software that could easily constitute an economic majority in a matter of hours, and it would cost zero.

I dont think that the cost/risk/reward is there, since there are many other digital currencies and users could potentially just migrate (Mt Gox would be a perfect example)

Always good to keep doing the math though.
jaywaka2713
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


aka 7Strykes


View Profile
July 02, 2013, 08:24:36 PM
 #6

I will agree that every change to the hardware does open the door for the potential of a brute force attack.

However I think the "Could" has to be tempered by the "Would". Simply, ASIC's are shipping right now to legitimate miners and the hash rates are reflecting that. If you have followed Butterfly labs, I can tell you that the chance of ordering and receiving 300 units of that magnitude would require far more resources than just the 7.5M of cash (physically the ASIC's just are not available), so by the time someone could get that much hash power, they would need twice as much again.

But for the sake of argument, someone COULD get their hands on enough equipment and COULD overpower the network. Then they would not only have to outpace the blockchain building, but they would have to introduce something malicious to double spend or otherwise compromise the network. OK, lets say a government has all of this hardware, software and development power and has the will do to it, the end user community would only be "fooled" for a VERY short period of time (as soon as someone noticed a doublespend or other malice). At that point bitcoins would be worth nothing because everyone would know that they were hacked, so the entire effort probably could not have even repaid the cost of the hardware alone. To rectify the whole situation (and this has been done already), the blockchain could be forked by the "legitimate" development team, back to the point in time before the corruption began and let legitimate nodes and pools begin again with patched software and all of the previous bitcoins would be in tact.

It is a very real thing to consider, but I would be more afraid of Google Play being hacked and pushing out a corrupt wallet or other software that could easily constitute an economic majority in a matter of hours, and it would cost zero.

I dont think that the cost/risk/reward is there, since there are many other digital currencies and users could potentially just migrate (Mt Gox would be a perfect example)

Always good to keep doing the math though.

People do not tl;dr this. THIS right here is worth reading.

You bring up an excellent point. The one advantage Bitcoin has is that its history CAN be rewritten when 51% of the network agrees with you. Go back to before the attack happened and start from there again. If the attacker fixed his software as well, we could attempt to literally block his IP(s) but I don't know if that is possible from my understanding of p2p networking.

crumbs
Full Member
***
Offline Offline

Activity: 210
Merit: 100



View Profile
July 02, 2013, 08:25:40 PM
 #7

[...]
I dont think that the cost/risk/reward is there, since there are many other digital currencies and users could potentially just migrate (Mt Gox would be a perfect example)

Always good to keep doing the math though.

This is all based on the assumption that BFL are incompetent.  They're not Shocked  thousands of 500Gh/s rigs are filling the racks of air conditioned data centers, waiting for that fateful flip of the switch.  Bwahaaaa Angry
btcrich
Sr. Member
****
Offline Offline

Activity: 302
Merit: 250


View Profile
July 02, 2013, 08:33:22 PM
 #8

While the market cap of Bitcoin might be around $1 billion, it would be difficult to create a double spend and "cash-out" $7.5 million to recoup costs. 

Anyone attacking the network in this manner is probably only looking to destroy the network at this point.

Yes, ASICs have unfortunately ruined Bitcoin.  If you're looking for security, use Litecoin.
jaywaka2713
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


aka 7Strykes


View Profile
July 02, 2013, 08:36:34 PM
 #9

While the market cap of Bitcoin might be around $1 billion, it would be difficult to create a double spend and "cash-out" $7.5 million to recoup costs. 

Anyone attacking the network in this manner is probably only looking to destroy the network at this point.

Yes, ASICs have unfortunately ruined Bitcoin.  If you're looking for security, use Litecoin.

Explain why you think ASICs have ruined Bitcoin. I think its actually good for it.

btcrich
Sr. Member
****
Offline Offline

Activity: 302
Merit: 250


View Profile
July 02, 2013, 08:40:13 PM
 #10

While the market cap of Bitcoin might be around $1 billion, it would be difficult to create a double spend and "cash-out" $7.5 million to recoup costs. 

Anyone attacking the network in this manner is probably only looking to destroy the network at this point.

Yes, ASICs have unfortunately ruined Bitcoin.  If you're looking for security, use Litecoin.

Explain why you think ASICs have ruined Bitcoin. I think its actually good for it.

The network is being secured by fewer entities.  The whole principle of Bitcoin's security is that the hashing power be massively distributed.
aceking
Full Member
***
Offline Offline

Activity: 229
Merit: 100


View Profile
July 02, 2013, 08:51:28 PM
 #11

in the next months hashing power will skyrocket
jaywaka2713
Sr. Member
****
Offline Offline

Activity: 266
Merit: 250


aka 7Strykes


View Profile
July 02, 2013, 08:53:51 PM
 #12

The network is being secured by fewer entities.  The whole principle of Bitcoin's security is that the hashing power be massively distributed.

That is also true. BTCGuild and 50 BTC are really way to big. Lets go to ozco.in and Eligius

Buffer Overflow
Legendary
*
Offline Offline

Activity: 1652
Merit: 1016



View Profile
July 02, 2013, 08:54:24 PM
 #13

Yes, ASICs have unfortunately ruined Bitcoin.  If you're looking for security, use Litecoin.
Litecoin is not ASIC proof.

Buffer Overflow
Legendary
*
Offline Offline

Activity: 1652
Merit: 1016



View Profile
July 02, 2013, 09:01:36 PM
 #14

While the market cap of Bitcoin might be around $1 billion, it would be difficult to create a double spend and "cash-out" $7.5 million to recoup costs. 

Anyone attacking the network in this manner is probably only looking to destroy the network at this point.

Yes, ASICs have unfortunately ruined Bitcoin.  If you're looking for security, use Litecoin.

Explain why you think ASICs have ruined Bitcoin. I think its actually good for it.

The network is being secured by fewer entities.  The whole principle of Bitcoin's security is that the hashing power be massively distributed.
I bet most people mine on a small handful of centralized pools in Litecoin. The hashing power is in the hands a few also.

They should be using decentralized pools like p2pool to migrate this risk.

btcrich
Sr. Member
****
Offline Offline

Activity: 302
Merit: 250


View Profile
July 03, 2013, 03:41:50 AM
 #15

Sure, Litecoin may not be ASIC proof.  However, there is debate as to whether a scrypt ASIC can actually perform any better than a GPU.  Of course if an ASIC for scrypt is developed at some point in the future and proves to be radically superior in efficiency as we saw with Bitcoin, we will see the security of the Litecoin network diminish and folks will look to the next technology that can offer security.

As for Litecoin's hash rate distribution, you can find those stats at www.litecoinpool.org/pools if you're interested. 
Littleshop
Legendary
*
Offline Offline

Activity: 1386
Merit: 1004



View Profile WWW
July 03, 2013, 03:48:55 AM
 #16

Yes, ASICs have unfortunately ruined Bitcoin.  If you're looking for security, use Litecoin.
Litecoin is not ASIC proof.

In technicality is is not.  In reality it is.  ASICs would be a poor way to attack any scrypt coin as they would be more expensive then just buying off the shelf GPU's to carry out the same attack and useless after. 

As I see it, until the ASICs are more evenly held in the market, it is harder to do a 51% on LTC then on BTC.  My hope is that ASICs will become more evenly distributed to the mining community.  Right now they are in too few hands. 

AliceWonder
Full Member
***
Offline Offline

Activity: 168
Merit: 100



View Profile
July 03, 2013, 03:59:37 AM
 #17

I think if anyone made the kind of order needed to 51% attack bitcoin, news would get out fast because supplies would dry up for all legitimate players before it could be accomplished.

QuarkCoin - what I believe bitcoin was intended to be. On reddit: http://www.reddit.com/r/QuarkCoin/
btcrich
Sr. Member
****
Offline Offline

Activity: 302
Merit: 250


View Profile
July 03, 2013, 10:17:22 AM
 #18

I think if anyone made the kind of order needed to 51% attack bitcoin, news would get out fast because supplies would dry up for all legitimate players before it could be accomplished.

Not when you are in control of the manufacturing process yourself.  I know several pcb assemblers here in China that could start mass producing ASICs tomorrow and you'd never hear a thing about it.
Gabi
Legendary
*
Offline Offline

Activity: 1148
Merit: 1008


If you want to walk on water, get out of the boat


View Profile
July 03, 2013, 11:52:22 AM
 #19

Quote
ASICs would be a poor way to attack any scrypt coin
Quote
However, there is debate as to whether a scrypt ASIC can actually perform any better than a GPU
Do you really believe this bullshit or you just keep copy-pasting it trying to attract more people to LTC and make your coin moar expensive?  Roll Eyes

Shermo
Sr. Member
****
Offline Offline

Activity: 272
Merit: 250



View Profile
July 03, 2013, 12:05:00 PM
 #20


Not when you are in control of the manufacturing process yourself.  I know several pcb assemblers here in China that could start mass producing ASICs tomorrow and you'd never hear a thing about it.

If such entities existed they would already be selling ASICs and raking in tons of cash, no?
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!