|
Serith (OP)
|
 |
July 19, 2011, 06:08:35 AM
Last edit: July 19, 2011, 06:27:34 AM by Serith |
|
Problem Description With mining pools getting bigger share of total network hashing power, threats such as single point of failure and >50% attack become more and more possible. Short Term solution Regulate maximum pool size. Make "official" request from pool operator to stop accepting new connections followed by DDoS attack on pool server if needed. Long Term solution http://forum.bitcoin.org/index.php?topic=9137.0 , but as far as i understood that would require a lot of careful thinking and coding to reduce network overhead involved. P.S. DDoS software could be added to mining application for convenience. |
|
|
|
|
|
|
|
|
|
|
|
|
|
There are several different types of Bitcoin clients. The most secure are full nodes like Bitcoin Core, but full nodes are more resource-heavy, and they must do a lengthy initial syncing process. As a result, lightweight clients with somewhat less security are commonly used.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
|
Vod
Legendary
 Offline
Activity: 3696
Merit: 3070
Licking my boob since 1970
|
|
July 19, 2011, 06:43:43 AM |
|
Problem Description
With mining pools getting bigger share of total network hashing power, threats such as single point of failure and >50% attack become more and more possible.
Right now the danger exists because pools are a relatively new idea and all the early adopters have chosen their favorite. As the number of pools grow, I think the chances of one pool getting >50% goes down... Pools are not like Walmart where they can just throw money and "sell at a loss" until their competition dies out. New pools form daily with different features. If one pool becomes very popular and starts attracting lots of members, there is nothing to stop other pools from using the same features and improving on them. New people are starting to mine every day, and they are not all going to flock to one pool like they did in the days where there were only a couple. In other terms, to get over 50%, a pool would have to attract more than one out of every two new users, which won't happen anymore with the current selection. |
https://nastyscam.com - landing page up https://vod.fan - advanced image hosting - coming soon! OGNasty has early onset dementia; keep this in mind when discussing his past actions.
|
|
|
|
Vladimir
|
|
July 19, 2011, 07:33:59 AM
Last edit: July 19, 2011, 08:32:13 AM by Vladimir |
|
ostracism of any >40% pool operator is the best regulating mechanism IMO
Also not being a stupid fool naive and thinking that just by mining with the biggest pool you somehow increasing your long term mining income, helps too.
Also support smaller pools, I do.
|
-
|
|
|
|
Jaime Frontero
|
|
July 19, 2011, 07:46:17 AM |
|
ostracism of any >40% pool operator is the best regulating mechanism IMO
Also not being a stupid fool and thinking that being with the biggest pool somehow increasing your mining income helps too.
Also support smaller pools, I do.
mmmph. you are a smaller pool...  but seriously, the previous post has some truth: Right now the danger exists because pools are a relatively new idea and all the early adopters have chosen their favorite. As the number of pools grow, I think the chances of one pool getting >50% goes down... although in fairness i think that whole +50% thing is way overblown. i can't really imagine anyone motivated by money trying to double-spend, rather than using all that hashing power to just mine. someone motivated by something other than money may give it a shot, i suppose - but the blockchain is likely to shrug it off. we have the most powerful network on the planet at this point. and we don't look likely to lose that. |
|
|
|
|
Maged
Legendary
Offline
Activity: 1204
Merit: 1015
|
|
July 19, 2011, 07:46:38 AM |
|
Pools are not like Walmart where they can just throw money and "sell at a loss" until their competition dies out.
A malicious pool could charge negative fees. I'd like to see how a legitimate pool could match that. |
|
|
|
Vod
Legendary
Offline
Activity: 3696
Merit: 3070
Licking my boob since 1970
|
|
July 19, 2011, 07:52:45 AM |
|
Pools are not like Walmart where they can just throw money and "sell at a loss" until their competition dies out.
A malicious pool could charge negative fees. I'd like to see how a legitimate pool could match that. Very true! I sit corrected! |
https://nastyscam.com - landing page up https://vod.fan - advanced image hosting - coming soon! OGNasty has early onset dementia; keep this in mind when discussing his past actions.
|
|
|
nakowa
Member
Offline
Activity: 83
Merit: 10
|
|
July 19, 2011, 08:02:04 AM |
|
Interesting discussion.
I personally will setup my own pool in next few days.
|
|
|
|
|
|
|
|
Serith (OP)
|
|
July 19, 2011, 03:54:37 PM |
|
Problem Description
With mining pools getting bigger share of total network hashing power, threats such as single point of failure and >50% attack become more and more possible.
Right now the danger exists because pools are a relatively new idea and all the early adopters have chosen their favorite. As the number of pools grow, I think the chances of one pool getting >50% goes down... I think people tend to choose between three largest pools http://forum.bitcoin.org/index.php?topic=29949.0 , and the problem would not go away. |
|
|
|
|
|
Serith (OP)
|
|
August 06, 2011, 10:09:21 PM
Last edit: August 06, 2011, 11:47:47 PM by Serith |
|
Slide #16 from Dan Kaminsky's presentation at Blackhat http://www.slideshare.net/dakami/bitcoin-8776098 , seems like he took those ideas from this thread, or maybe it was already around for a while BitCoin’s security model is base on the idea that nobody can control more than 50% of the network
Exact PetaFlop count unclear, but >40 and <200
Weird metric, given that crypto uses integer operations when FLOPS are floating point
Several times more than largest supercomputer
Pools are breaking this
#1 pool has 41%
#2 pool has 30%
“Security through ostracism” to Pitchfork Security
DDoS against #1 pool |
|
|
|
|
|
