How BTC network avoid Man in the Middle in a local network ?

[lseo]

Could someone clarify me how BTC avoid the hypothetic scenario below ?

1. An IT technician run a miner in a simple computer in a shopping mall local network.
2. This miner obviously can't compete with the hash power of the other miners of all BTC network
3. Suppose that, in this mall, all stores accept BTC as payment
4. The technician disconnected the network from the internet, keeping just the local network
5. So, the BTC network continues working, but now there's just one miner and the rest are just full nodes (but not miner)

I imagine that the nodes wouldn't be aware of new configuration and the miner, with 100% of hashpower, could double spend.
I think the thing is much more complex and the scenario above should be silly, but I would like to know what would really happen in that situation.

Regards,

[1714805605]

1714805605

[1714805605]

1714805605

[1714805605]

1714805605

[1714805605]

1714805605

[ranochigo]

It doesn't work like this. When you suddenly disconnect the merchant from the rest of the network, they would probably discover that they would lose connections to their peers and you have to connect to them manually. At that point, the network difficulty wouldn't change. Unless the technician has access to a large array of miners, he cannot mine any blocks realistically.

Of course, most merchants uses third party POS and this would make it impossible to execute.

[lseo]

Thanks. I thought that the nodes would auto connect themselves through local network.
And, as there's just one miner, this one could reduce difficulty manually or even run a modified software.

And yes, if we consider the use of SPV wallet (far most common and realistic), this attack would be impractical. But many bitcoiners consider everyone running full nodes promote decentralisation.

[ranochigo]

And, as there's just one miner, this one could reduce difficulty manually or even run a modified software.

It doesn't work that way. If you change the rules, the others don't have to follow you. If they encounter an unexpectedly low difficulty for a block, they wouldn't even accept it. They don't trust each other.

And yes, if we consider the use of SPV wallet (far most common and realistic), this attack would be impractical. But many bitcoiners consider everyone running full nodes promote decentralisation.

On the contrary, SPV clients are more vulnerable to this sort of attacks since they do not validate the whole block. Realistically, people are using Bitpay as a POS and you can't really do anything with this attack.

[Panthers52]

The malicious actor would need to have sufficient mining capacity to find a block after he disconnected the local network from the rest of the Bitcoin network, which would be reasonably worth $200,000 if he simply broadcast this block to the rest of the network. The malicious actor would be giving up this much just to attempt this attack.

In your scenario, the fact that the internet is not working, but bitcoin transactions are confirming would probably set off some red flags. To get around this issue, the malicious actor could filter connections to port 8333, however anyone who uses a VPN and/or a VPS would get around this firewall.

If the merchants are willing to accept 0/unconfirmed transactions as payment, the malicious actor could spend inputs that were spent in a transaction included in a block found after the network is disconnected, and the malicious actor could broadcast said double spend transactions to the various stores.

In any case, if a malicious actor was able to pull off this kind of theft, he would have stolen money from likely multiple merchants, and was likely on camera doing so. I would expect the various merchants to be able to catch the thief fairly quickly.