Isnt it a fatal flaw that bitcoin can be manipulated by someone with 51% of MHs

[joulesbeef]

It is said with someone with close to 50% of the total hash rate, can simply make up their own blocks and call it the official block chain, and with 50.1% of the mining power we really cant say they are wrong.

Couldnt a government upset with the rise of bitcoin cause it to fall nearly immediately by jumping on the network with a hash rate slightly higher than our global rate and start making coins?

It doesnt seem to be that easy to kill the dollar. I cant just print new dollars and say since I am printing half the worlds dollars that mine are the real ones and the US ones are the fakes.

Would the community be able to react to this? perhaps ban the government machines that are proving over half the MHs?


SCrew rogue pool operators, what protection do we have from rogue governments WHO do have the hash power sitting their doing other things? Couldnt they just sneak on in middle of the night (american time) and start a new block chain and then disconnect again?

[1714035889]

1714035889

[1714035889]

1714035889

[1714035889]

1714035889

[wolftaur]

It makes it possible but still extremely unlikely and it's still extremely difficult. With 51% of the capacity you're more likely, statistically, to push out blocks faster than a valid competitor, but there is a huge amount of variance in block-finding at any given hash rate -- this is why people join pools to start with. If you find blocks once per seven days ON AVERAGE, you might find two one day, then not find one for a week.

To actually really push out six blocks in a row faster than the competition and have a GOOD chance of doing it, you'd probably need closer to 85% than 51%. The 51% figure everyone keeps harping about assumes that the time to generate a block is a CONSTANT based ONLY on your hash rate. The fact that luck is also involved makes things a lot trickier.

[elggawf]

It's about probabilities - 51% is just the probabilistic place where the shift of power takes place, it's not like you're at 50% and you can't do shit and a legitimate miner goes offline then BAM 51%, you own everything. There's no dramatic shift in ease of attacks at any point - more hashing power means more chance for it to work.

I get the impression Satoshi only really mentioned it in his paper so that it couldn't be pointed out as a "flaw" in the system, and that people's concern about it really is overblown. Maintaining a double-spend attack long enough to actually rip any money off is going to take a lot of doing, and even just screwing things up enough to shatter the brittle community faith in Bitcoin is going to take a substantial effort.

There are other, less expensive ways to cause problems for Bitcoiners - the exchanges being the soft spot with the gooey center. You could trash community faith and make a tidy profit at the same time with substantially less effort, investment and brainpower. So much so that it doesn't really make much sense to fret over the 51% thing.

[bittersweet]

1. Bitcoin is not perfect. Nothing is.

2. It's still better than fiat currency, because at least everyone can compete with someone who tries to gain 51% hash rate. You can't compete with government printing machines.

[YoYa]

RTFMWP

Read the fucking white paper!

www.bitcoin.org/bitcoin.pdf

51% Attacks are not easily done, getting to 51% is only have the battle by which time you enter a race condition to add your double spends, the odd's of your blockchain being accepted are only depending on your miners being able to get lucky ahead of the other 49%. Then, when you do fail to do so, the entire network is aware of what you are attempting, at which point you'll more then likely get your ass DDOS'd out of the web.

Can we please sticky this like the deflation argument....Please!

[bcforum]

Actually, double spending bitcoins is pointless if you want to destroy the currency. A better way to take down the system is to scramble the transactions you include into the block chain. I haven't spent a lot of time thinking about it, but one of the foundations is traceability of every transaction back to the generation of the bitcoins being spent.

If you include 90% of the transactions, and silently discard the other 10% you could destroy any credibility and the currency would go away.

Alternately, you could ignore all transactions with less than a certain fee (10%?, blackmailing everyone into paying your price or be faced with transactions that could take years to execute.

Finally, if you really controlled a significant percentage of the hashing power, why would you be stupid enough to centralize it? If I could afford that kind of compute power I would put it behind a sufficient number of proxies (and separate wallets) to make it invulnerable to a DDOS attack.

[JoelKatz]

It is said with someone with close to 50% of the total hash rate, can simply make up their own blocks and call it the official block chain, and with 50.1% of the mining power we really cant say they are wrong.

Unless the blocks are valid, we can and would say they are wrong.

Couldnt a government upset with the rise of bitcoin cause it to fall nearly immediately by jumping on the network with a hash rate slightly higher than our global rate and start making coins?

No, not at all. What would they do with the coins exactly? Sell them? Hoard them? Either way, the value of a bitcoin would change but the utility would not.

SCrew rogue pool operators, what protection do we have from rogue governments WHO do have the hash power sitting their doing other things? Couldnt they just sneak on in middle of the night (american time) and start a new block chain and then disconnect again?

It would make the network less resistant to double-spending attacks resulting in people having to allow far more confirmation to accrue before considering a high-value transactions secure. That's about it.

[macharborguy]

Couldnt a government upset with the rise of bitcoin cause it to fall nearly immediately by jumping on the network with a hash rate slightly higher than our global rate and start making coins?

No, not at all. What would they do with the coins exactly? Sell them? Hoard them? Either way, the value of a bitcoin would change but the utility would not.

Besides, don't you think the government has better things to spend their time, money and electricity on than mining or buying BitCoins off the markets?

[elggawf]

JMHO, but if (and this is a huge, tin-foil-hat if) a government worked it's way up to controlling 50+% of the hashing power, the absolute most catastrophic thing they could do?

Take it offline all at once, preferably right after a big difficulty jump. It'd be a great one-two attack on the network: 1) "oh my god, my transactions are taking forever!" 2) "oh my god, miners are leaving the network in droves!". It might even reach critical mass, where miners get sick of the more rare blocks (and think it's a death knell) and the pain-in-the-arse of moving coins around and they pack it in too, further compounding the problem (ideally, from an attacker's perspective, selling out their coins when they leave).

I think that's the most likely and realistic attack someone who wanted to spend a fuckton of money to sabotage a small project that does a fine job of sabotaging itself could perform.

[JoelKatz]

Take it offline all at once, preferably right after a big difficulty jump. It'd be a great one-two attack on the network: 1) "oh my god, my transactions are taking forever!" 2) "oh my god, miners are leaving the network in droves!". It might even reach critical mass, where miners get sick of the more rare blocks (and think it's a death knell) and the pain-in-the-arse of moving coins around and they pack it in too, further compounding the problem (ideally, from an attacker's perspective, selling out their coins when they leave).

It would be at least partially balanced out by the people who think "sweet, mining is profitable again". But it's true that someone who could command a large amount of hashing power to enter and leave the network at will could make the transaction commit time swing wildly.

[macharborguy]

we know what happens when the global hash rate increases dramatically, it's already happened in BitCoin's history, it went from CPU mining in the kilohashes, to GPU mining in the Mega and Gigahashes.

But we haven't really seen (as far as I know), a dramatic decrease in global hash rate, have we?  I understand the difficulty would then go down, but would that happen only after a block was found, or is there a timeout for when the Difficulty automatically decreases in the event that the difficulty is so high compared to the hash rate?

[elggawf]

But we haven't really seen (as far as I know), a dramatic decrease in global hash rate, have we?  I understand the difficulty would then go down, but would that happen only after a block was found, or is there a timeout for when the Difficulty automatically decreases in the event that the difficulty is so high compared to the hash rate?

It's worse than that, it would only happen after enough blocks have gone through to recalculate difficult - under normal circumstances that's every ~10 days. If you could command 2/3rds of the hashing power to leave the network immediately, that could stretch out to 30 days of really really painful mining, and waiting a long time for transactions to confirm.

Joel: Sure, but if I were in charge of a government program (haha) to kill Bitcoin, I'd put a bunch of my hashing power in the different pools and whatnot too. Make it look like the pools are all collapsing as well and I bet the number of people who think "fuck it, I'm back in" would be vastly outweighed by the number of people finding something better to do.

[joulesbeef]

yeah mostly i was imply just screw with the system to make it unpalatable.

like the music companies seeding limewire with screwed up mp3s to give people a bad experience.


and what about at 75% of the hash power, couldnt they interfere with the price simply by making it a bad experience. Longer transaction times, no mining profitability and having to weed out the faked transactions or by them discarding transactions?

I know I dont quite understand the issue as well as i should, what about just messing with the network traffic where and when they can?

and I guess they could do worse to other markets and commodities if they wanted to attack them.

[elggawf]

yeah mostly i was imply just screw with the system to make it unpalatable.

like the music companies seeding limewire with screwed up mp3s to give people a bad experience.


and what about at 75% of the hash power, couldnt they interfere with the price simply by making it a bad experience. Longer transaction times, no mining profitability and having to weed out the faked transactions or by them discarding transactions?

I know I dont quite understand the issue as well as i should, what about just messing with the network traffic where and when they can?

and I guess they could do worse to other markets and commodities if they wanted to attack them.

Every block has to abide by the rules or it's rejected as invalid, so they can't just make shit up. If they controlled a large amount of hashing power they could roll back transactions (and double spend) but that would take a pretty serious amount of computing power at present. Look at it this way - if they want to achieve 66% of the network, they have to build out twice the hashing power the whole network has right now (and keep in mind that's a moving target). Controlling 75% would mean they'd have to build a network of miners three times the size of the legitimate network.

Now granted, Tycho of Deepbit has a huge sign on his back just by virtue of his pool controlling so much of the hashing power... but again though, the minimal amount of damage an attacker would be able to do before being detected isn't so great.

Unless either a) something comes about that weaks the crypto substantially or b) the network shrinks in a big way, I really don't think we have all that much to worry about on the core network. Outlawing it's use in legitimate business, going after the exchanges, and other soft-targets are all much easier ways of accomplishing the same feat than spending a ton of money on a huge cluster.

[TeraPool]

But we haven't really seen (as far as I know), a dramatic decrease in global hash rate, have we?  I understand the difficulty would then go down, but would that happen only after a block was found, or is there a timeout for when the Difficulty automatically decreases in the event that the difficulty is so high compared to the hash rate?

It's worse than that, it would only happen after enough blocks have gone through to recalculate difficult - under normal circumstances that's every ~10 days. If you could command 2/3rds of the hashing power to leave the network immediately, that could stretch out to 30 days of really really painful mining, and waiting a long time for transactions to confirm.

Joel: Sure, but if I were in charge of a government program (haha) to kill Bitcoin, I'd put a bunch of my hashing power in the different pools and whatnot too. Make it look like the pools are all collapsing as well and I bet the number of people who think "fuck it, I'm back in" would be vastly outweighed by the number of people finding something better to do.

Correction. Under normal circumstances that is exactly 14 days.

(2016  * 10)/60/24 = 14

[makomk]

It's about probabilities - 51% is just the probabilistic place where the shift of power takes place, it's not like you're at 50% and you can't do shit and a legitimate miner goes offline then BAM 51%, you own everything. There's no dramatic shift in ease of attacks at any point - more hashing power means more chance for it to work.

Actually, that's not quite true. If an attacker manages to achieve over 50% of the hash power of the network indefinitely, they will eventually manage to get the longest blockchain and rewrite the transactions they want to with probability one. Anything less and they're very unlikely to succeed. Rewriting transactions within a finite timespan is harder and requires a larger proportion of hashing power, of course.

(Also, double spending isn't the only issue. If you control a large enough proportion >50% of hashing power you can stop anyone else from mining blocks and control which transactions actually get through.)

[geek-trader]

the 51% thing is actually pretty good.

It's the solution to the Byzantine General's problem.  http://en.wikipedia.org/wiki/Byzantine_fault_tolerance

For those who won't read it, it's what to do when 2 nodes say "A paid B 1.0 BTC" and 1 node says something different.  According to the wiki page, the best anyone has done before bitcoin was be safe as long as an attacker didn't have 34%. 

"Many classic agreement problems, such as the Byzantine Generals' Problem, have no solution unless n > 3t, where n is the number of processes in the system. In other words, the algorithm can ensure correct operation only if fewer than one third of the processes are faulty."

Bitcoin has upped that to 51%.

That seems pretty good to me.

[cunicula]

If iwas the malicious attacker i think i would rent rather than buy the attacking power. Wicked scheme follows:
1) start 15 pools with zero or negative fees (pretend these negative fees are temporary joining incentives for credibility). Accumulate the neccesary majority of hasing power.
2) purchase options to sell bitcoin in the future en masse.
3) purchase a bitcoin reserve to pay off pool members during the attack.
4) use my 15 pools to generate double spends - > profit
5) use my options contracts to profit off ensuing panic as double spends are discovered
6) retire to the Maldives

[bcforum]

If iwas the malicious attacker i think i would rent rather than buy the attacking power. Wicked scheme follows:
1) start 15 pools with zero or negative fees (pretend these negative fees are temporary joining incentives for credibility). Accumulate the neccesary majority of hasing power.
2) purchase options to sell bitcoin in the future en masse.
3) purchase a bitcoin reserve to pay off pool members during the attack.
4) use my 15 pools to generate double spends - > profit
5) use my options contracts to profit off ensuing panic as double spends are discovered
6) retire to the Maldives

You are assuming the options contracts would be honored. A better solution would be to short-sell the bitcoins, then buy them up at after panic ensues.

[cunicula]

If iwas the malicious attacker i think i would rent rather than buy the attacking power. Wicked scheme follows:
1) start 15 pools with zero or negative fees (pretend these negative fees are temporary joining incentives for credibility). Accumulate the neccesary majority of hasing power.
2) purchase options to sell bitcoin in the future en masse.
3) purchase a bitcoin reserve to pay off pool members during the attack.
4) use my 15 pools to generate double spends - > profit
5) use my options contracts to profit off ensuing panic as double spends are discovered
6) retire to the Maldives

You are assuming the options contracts would be honored. A better solution would be to short-sell the bitcoins, then buy them up at after panic ensues.

yes you are right. Much better to borrow the bitcoin first and sell them. That way you cant get reneged on.

[makomk]

You are assuming the options contracts would be honored. A better solution would be to short-sell the bitcoins, then buy them up at after panic ensues.

The trouble here is: how can the person lending you the bitcoins to short-sell trust that you'll be able to repay them? The usual solution is to do your short selling via a trading account at a trustworthy institution, but Bitcoin is very much lacking in those. It's one of the reasons you're unlikely to see any Bitcoin naysayers putting their money where their mouth is; if you think that Bitcoin is going to end in disaster letting your money anywhere near it is a bad idea.