Do pools make Bitcoin insecure?

[timeofmind]

This "limited number" is about 80% or even more of all Ripple nodes. This number is already RIGHT NOW higher than the number of servers you need to take over to severely mess with Bitcoin (which is about 2-3 pool servers).

Debate away!

[1714750512]

1714750512

[1714750512]

1714750512

[1714750512]

1714750512

[1714750512]

1714750512

[superduh]

This "limited number" is about 80% or even more of all Ripple nodes. This number is already RIGHT NOW higher than the number of servers you need to take over to severely mess with Bitcoin (which is about 2-3 pool servers).

Debate away!

none of the pools are at 51% even. to do this "attack" at the moment not only will you have to take out 2 or more pools with estimated 15% of network you would also have to take over btcguild at the same time. can it be done? yes is it likely to be done? no. the chances of it being done are very improbable. i would also assume that this would get noticed fast and miners would just point to other pools for time being

[timeofmind]

This "limited number" is about 80% or even more of all Ripple nodes. This number is already RIGHT NOW higher than the number of servers you need to take over to severely mess with Bitcoin (which is about 2-3 pool servers).

Debate away!

none of the pools are at 51% even. to do this "attack" at the moment not only will you have to take out 2 or more pools with estimated 15% of network you would also have to take over btcguild at the same time. can it be done? yes is it likely to be done? no. the chances of it being done are very improbable. i would also assume that this would get noticed fast and miners would just point to other pools for time being

Of course, DOS attacks on these pools have already been a problem.

What if NSA (or another government agency in a country where BTCGuild resides) forces BTCGuild to comply with authority orders, which they are legally forced to keep undisclosed and lie to their users about, just as in Yahoo, Google, Facebook, etc. ? Does this pose a risk?

If the pools are in fact not a risk, then was the initial Bitcoin pitch about decentralization an exaggeration? We don't really care if Bitcoin is mostly centralized now?

Lets say the biggest pools are knocked out completely. Would users still want to run their miners solo, or in smaller pools?

[timeofmind]

This "limited number" is about 80% or even more of all Ripple nodes. This number is already RIGHT NOW higher than the number of servers you need to take over to severely mess with Bitcoin (which is about 2-3 pool servers).

Debate away!

none of the pools are at 51% even. to do this "attack" at the moment not only will you have to take out 2 or more pools with estimated 15% of network you would also have to take over btcguild at the same time. can it be done? yes is it likely to be done? no. the chances of it being done are very improbable. i would also assume that this would get noticed fast and miners would just point to other pools for time being

Of course, there is also the issue of whether bitcoiners should simply trust the entire security of Bitcoin to just a few operators.

Lets say BTCGuild knocks out 2 of its biggest competitors, then 51% attacks the network... all in collusion with or under pressure from the government. Sure maybe we could recover from this, but it would be a major hit to public confidence in bitcoin.

[superduh]

This "limited number" is about 80% or even more of all Ripple nodes. This number is already RIGHT NOW higher than the number of servers you need to take over to severely mess with Bitcoin (which is about 2-3 pool servers).

Debate away!

none of the pools are at 51% even. to do this "attack" at the moment not only will you have to take out 2 or more pools with estimated 15% of network you would also have to take over btcguild at the same time. can it be done? yes is it likely to be done? no. the chances of it being done are very improbable. i would also assume that this would get noticed fast and miners would just point to other pools for time being

Of course, there is also the issue of whether bitcoiners should simply trust the entire security of Bitcoin to just a few operators.

Lets say BTCGuild knocks out 2 of its biggest competitors, then 51% attacks the network... all in collusion with or under pressure from the government. Sure maybe we could recover from this, but it would be a major hit to

public confidence in bitcoin.

All valid points.  I think community has no interest in any one pool /company having 51% as time goes on this should be less likely

[Buffer Overflow]

Everyone should be using p2pool.

[jeppe]

as none of the pools have 51 % of the bitcoin mining power there is no threat to the network at all

[gmaxwell]

As they are usually implemented today pools create a substantial amount of centralization which violates Bitcoin's security assumptions. Today the unequivocal answer to your question is yes.

Even when a pool does not have "$pick_your_threshold" the problem still exists— E.g. a pool with 40% hashpower would still have a quite high success rate reversing two-confirm transactions (and will still be successful reversing 6-confirms half the time), or two 30% pools being compromised gives you a majority.  "Our security assumption is that _two_ computers won't get hacked, or _two_ operators won't be coerced" doesn't sound all that good (Also works for any small integer instead of "two").

It's possible to construct pools that don't create this problem in a number of ways— P2Pool is one example, though it's not the only way to do it— there are other ways that are compatible with doing PPS pooling, for example.  Though any way of fully removing the centralization pools bring requires miners to participate in and validate the Bitcoin network... and we've gone pretty far down the path of people with $100k in mining asics powering them from a rasberry pi, so turning that back might be hard even if people did suddenly start paying attention to the centralization pooling is creating.

There are also ways to go about pooling which may reduce the harm of the centralization somewhat without the full cost of having miners participate in the Bitcoin network. E.g. miner software that is skeptical about they work its issued and won't participate in certain kinds of bad behavior that can be detected without full validation.

[knight22]

Though any way of fully removing the centralization pools bring requires miners to participate in and validate the Bitcoin network... and we've gone pretty far down the path of people with $100k in mining asics powering them from a rasberry pi, so turning that back might be hard even if people did suddenly start paying attention to the centralization pooling is creating.

Don't worry. When there is a significant attack on Bitcoin and the exchange rate plummets, miners will wise up and start taking decentralization seriously, or risk their paycheck.

Humans need to get burned before they learn any lessons.

Exact.
The poeple running the pools cherish bitcoin like their baby. Bitcoin is in good hand ATM.

[JessicaSe]

This "limited number" is about 80% or even more of all Ripple nodes. This number is already RIGHT NOW higher than the number of servers you need to take over to severely mess with Bitcoin (which is about 2-3 pool servers).

Debate away!

Nah, why should it be insecure , the biggest pool is only 30%....

[b!z]

Everyone should be using p2pool.

I agree. It brings decentralization, even to pooled mining.

[Buffer Overflow]

The poeple running the pools cherish bitcoin like their baby. Bitcoin is in good hand ATM.

Until the pool is compromised by an attacker with malicious intent. A large percentage of hashrate is then in the wrong hands.

p2pool is the way to go.

[BitcoinHeroes]

The pools only want their fees, no body cares about 51% attack..

[mprep]

The pools only want their fees, no body cares about 51% attack..

Yeah. Crashing the coin they're sitting on, profiting on and sometimes even living on would be pretty stupid. They get more from mining rather than cracking down the system. If they did, people would just go to another pool or even better - the before mentioned p2pool.

[gmaxwell]

If you want to encourage P2Pool use you can make it in more people's interest by making bursty donations to the recent p2pool miners: https://en.bitcoin.it/wiki/P2Pool#Donating_to_P2Pool_miners  (Of course if you do this, you should publicize it in order to have an effect.)  Many miners don't fully understand the issues, prize money is one way to get their attention. Switching to P2Pool also has a cost, and some tips can help bridge that gap.

(Disclosure: I mine on p2pool, but I'm under 1% of its hashrate now. Regardless, any funds I get via these sorts of payments to my p2pool addresses I'll just recycle back into other pro-decentralization uses)

[Rarrikins]

as none of the pools have 51 % of the bitcoin mining power there is no threat to the network at all

That's all great as long as one person doesn't run multiple pools.

[wtogami]

https://bitcointalk.org/index.php?topic=329860

[numismatist]

The pools only want their fees, no body cares about 51% attack..

Yeah. Crashing the coin they're sitting on, profiting on and sometimes even living on would be pretty stupid. They get more from mining rather than cracking down the system. If they did, people would just go to another pool or even better - the before mentioned p2pool.

In our local (national) forum we had a guy whining about loosing 105 BTC when his used pool went down, 50BTC be gone
https://bitcointalk.org/index.php?topic=313455.msg3363297#msg3363297

If you have let's say 1000 customers storing 1~2 BTC each temporary, it's your 1st Million Dollars to make by closing everything down. So yes, there are two inventives for running, and folding down a pool. Fees, and stored BTCs.

Hell, even that single guy loosed like 105 * 250 = enuf cash to be veeeery upset!

EDIT: Toppic started about "making Bitcoin insecure" and I think loosing a lot of hashrate cycles, a lot of temporary stored BTC counts as beeing "unsecure". The focus merely on "51%" feels like looking away from the real danger

[Barek]

I think the days of keeping 1-2 BTC pool balance are over, let alone 105.

 

[birkomester]

 Nope