Bitcoin Forum
November 11, 2024, 12:11:25 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Anyone else concerned about global hashrate?  (Read 3817 times)
etotheipi (OP)
Legendary
*
expert
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
August 22, 2011, 04:18:47 AM
 #1

I was doing some back-of-the-envelope math and realized that the current global hashrate makes me uneasy.  Current hashrate is about 13 THash/s.  Consider an "average" computer can do 5 MHash/s without a GPU.  A simple calculation reveals that it would take 2.6 million "average" computers to start rewriting the blockchain, double-spending and overall complete loss of confidence in BTC.   Now take into account that many of these computers have GPUs so that number is probably more like 1 million computers.    I'm concerned because, not only is this within scope of government agencies, but...

     'Indestructible' botnet snares 4.5 million computers
     'Gang of Six' Controls Botnet of 1.9 Million Computers   (actually, I believe this botnet was deactivated by the US government)
     Data-stealing botnet infects 2.3 million computers

All of these botnets could probably crush the BTC network.  There was already reports of botnets being used to mine BTC, but I'm not sure about any plans to attack it.  Obviously, I'd simply feel a lot more comfortable if it just wasn't feasible.   Three things we have going for us is: 
  • (1) The security of Bitcoin should definitely receive credit for the fact that the botnet operators are mining coins like the rest of us, even if it's stolen hardware.  Obviously these botnets have a $#!+load of computing power, yet they can't/aren't using it to try to break the security of the network.
  • (2) Bitcoin actually represents a possible benefit to the criminals running them, and they may not want to risk killing the network.  It may be more profitable to mine millions of dollars (and stealing wallets) and then use the same BTC network to move the millions of dollars around without trace.
  • (3) The botnets that are mining to make BTC are actually increasing the difficulty.  When botnets compete, everyone else wins.

I'm concerned that, without any significant increases in BTC value, and thus incentives for miners to expand their mining hardware, the global hashrate is going to continue to wane at this vulnerable level.  It's great that only a very select few people/organizations in the world have this capability... but it only takes one to end it for all of us.  And it's only going to get worse over time:  once the rewards are halved, we'll probably see the exit of tons of miners from the network.   The only thing I can see truly making a difference here would be transaction fees.  But at the current tx/day quantities, there is no transaction fee scheme that could incentivise miners that would also be acceptable to the users. 

The more I think about it, the more it makes sense to have designed the network to have a constant generation rate at the beginning, and then switch to constant inflation rate.  This would guarantee that miners will have "economically constant" reward, forever.  Not to mention that many economists (whom I agree with) consider small, consistent inflation to be good for a currency/economy. 

Is there a reason to be more optimistic about this?

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Rassah
Legendary
*
Offline Offline

Activity: 1680
Merit: 1035



View Profile WWW
August 22, 2011, 04:36:53 AM
 #2

I think whoever uses that botnet will make a lot more money mining bitcoins and selling them on the market than using it to try to take down Bitcoin.
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 22, 2011, 04:43:23 AM
 #3

Just want to clear a few things up with botnets.

Most of the bigger botnets (anything more than 50k) probably don't use IRC.

In-fact, they probably are just compiled infections that run a miner pointing to a specific worker.
In which the pool owner can simply just delete that worker.

The best shot of a botnet owner (with more than 10k zombies) would be to create a private pool for all their infections to mine at.

etotheipi (OP)
Legendary
*
expert
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
August 22, 2011, 04:59:09 AM
 #4

I agree that it's quite profitable for botnet owners to use the BTC network as it was designed to mine coins.  But it's feasible that someone, some time, might find it appealing execute a massive double-spend attack and make off with the cash/goods/whatever before the network crashes.  We are all familiar with how motivated some people are by short-term rewards... It only takes one time for this to crush the network, and I think we should all be concerned if there is any one person/organization that is capable of it.  That's a lot of power they're wielding, even if they have no ill-intentions towards the network.

But let's not focus on botnets, and focus on entities with a ton of resources:  perhaps governments that would feel more comfortable without the BTC network.  It's probably feasible for an existing US government agency to pull the trigger on this primarily with existing resources, they'd only need a little bit of preparation to distribute the software to all their computers.   

My point is, I think a one-million-computer threshold for breaking the network is too low.  If you consider the number of GPUs and/or FPGAs needed, it starts to look even easier.  And without a massive spike in BTC value, I only see this getting worse over time.




Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 22, 2011, 05:03:13 AM
 #5

If I had control of a million zombies (which with a million zombies, you're probably just data-mining) it would be WAY more secure[*] to sell data (CC, Logins...etc) than to mine for Bitcoins.

[*] - I can't think of a better word. :\


[Edit]:
Think of it like this.

If you watch mobster movies about the group trying to buy a massive load of drugs/guns, they already know exactly where to buy from.
Now, think of it in the eyes of the seller (zombie controller)...they know who to sell to.

Groups in control of ~million zombies data-mining aren't looking to sell 1-2 $1.5 USA CC's, they are selling to others who are reselling them.
I've seen a stack 10k-50k /gumbled (USA, CAN, EUR...etc) go for $5k.

sje397
Newbie
*
Offline Offline

Activity: 23
Merit: 0


View Profile
August 22, 2011, 05:08:31 AM
 #6

I personally think that the fact that a majority of hashing power can overwhelm the network is a good thing. The unequal distribution of wealth, which makes this undemocratic, is a separate social issue in my mind. The alternative is a system that allows those who amass wealth to protect it indefinitely, which I think is dangerous. True, it means that those who have legitimately worked to earn their wealth loose protection, but it also means that the majority can reclaim wealth from malevolent dictators etc. This is political though and just my point of view.

My point is, I don't know if you can have a network that relies on the decision of the majority and still prevent governments and powerful people from being able to obtain that majority.
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13407


View Profile
August 22, 2011, 05:39:26 AM
 #7

If someone tries that, an alert will be issued and payments will stop for as long as the botnet owner is willing to waste money. Once the botnet gives up, any damage they've caused will be reversed by hardcoding correct values into the client. Only a few people will end up losing money, and the botnet owner will be worse off than if they had stuck with normal botnet activities or legitimate mining.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
etotheipi (OP)
Legendary
*
expert
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
August 22, 2011, 06:06:46 AM
 #8

First, have you seen how freakin' difficult it is to get users to upgrade their clients?  0.3.24 has been out forever, yet countless users are still using earlier versions, probably because they don't even know a new client is there, or don't feel like being inconvenienced by it when their current client already works.  It would take days to get everyone upgraded, and until then different users will be operating on different branches of the block chain. 

Second, if it happens once, what's to stop the same person from doing it again?  They still have 50%+ computing power, and wasting money may not be the primary concern of the attacker.  Perhaps they just want to disrupt the network...

Third, you can't possibly believe that such an event would not make headlines and cause catastrophic damage to the BTC network...?  The entire value of Bitcoin is based on people's confidence in the system, which is not well-correlated with the technical/security merit of the system.  MtGox and MyBitcoin had nothing to do with the merit of BTC, yet both did quite a bit of damage.  Let's see what happens when we throw a real security "breach" into the ring.




Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
NothinG
Hero Member
*****
Offline Offline

Activity: 560
Merit: 500



View Profile
August 22, 2011, 06:17:51 AM
 #9

First, have you seen how freakin' difficult it is to get users to upgrade their clients?  0.3.24 has been out forever, yet countless users are still using earlier versions, probably because they don't even know a new client is there, or don't feel like being inconvenienced by it when their current client already works.  It would take days to get everyone upgraded, and until then different users will be operating on different branches of the block chain. 
Maybe someone should start up a release mailing list?

theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13407


View Profile
August 22, 2011, 08:44:17 AM
 #10

First, have you seen how freakin' difficult it is to get users to upgrade their clients?

It won't be difficult when an alert is issued and everyone's clients are saying "EMERGENCY: DO NOT ACCEPT TRANSACTIONS UNTIL YOU HAVE UPGRADED".

Quote
Second, if it happens once, what's to stop the same person from doing it again?

There are various techniques that can force the attacker to get larger percentages of computational power before getting control. These would be developed if necessary. We'd also get better at handling alerts (probably alert-enabled safe mode would be re-introduced) and detecting attacks automatically.

Legitimate miners would have an excuse to charge higher fees, which would allow them to get more hardware.

The attacker will run out of money eventually. It'll never be profitable.

Quote
Third, you can't possibly believe that such an event would not make headlines and cause catastrophic damage to the BTC network...?

I don't really care about the price. The network will survive, which is what counts.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
makomk
Hero Member
*****
Offline Offline

Activity: 686
Merit: 564


View Profile
August 22, 2011, 12:39:52 PM
 #11

If someone tries that, an alert will be issued and payments will stop for as long as the botnet owner is willing to waste money. Once the botnet gives up, any damage they've caused will be reversed by hardcoding correct values into the client. Only a few people will end up losing money, and the botnet owner will be worse off than if they had stuck with normal botnet activities or legitimate mining.
You're talking about the developers intentionally revoking previously-valid transactions by central fiat - and they can't just revoke the ones involved in the double-spend, they have to revoke all of them. If any exchange or e-wallet site remains running after the double-spend attack - and not all of them can afford to watch the news 24/7 - they risk having their wallets drained by double-spends assisted by the Bitcoin developers themselves! This could well end up doing more damage than the original attack. From the point of view of those affected byt this second attack the developers' version of the chain is in fact the malicious one and they'd be entirely justified in hard-coding their clients to reject it instead; imagine if Mt Gox did this.

Edit: Oh, and it's kind of hard to tell for sure when the botnet has "given up", because they don't have to tell the rest of the Bitcoin network about their malicious chain until it's time to replace the existing one with it.

Quad XC6SLX150 Board: 860 MHash/s or so.
SIGS ABOUT BUTTERFLY LABS ARE PAID ADS
etotheipi (OP)
Legendary
*
expert
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
August 23, 2011, 12:42:51 AM
 #12

Theymos, I think you are being way too optimistic about the consequences of such an attack.  Sure, the network may survive, but the value will drop dramatically, and a significant proportion of participants will flee.  You may not need high value for Bitcoin to work, but you do need users...

But I don't want to debate what the fallout would be of such an attack, I want to figure out if my calculations and concerns are justified, and brainstorm how this might be mitigated.  We can debate all day about why no one would/should want to attack the network like this, but people don't always have good reasons to do what they do, and we'd all be better off if it just weren't possible for anyone to do it.  How can we possibly incentivise people to contribute more compute power?  And do we need to? 

P.S. -- One very good reason for the attack could be that someone gets the opportunity to short-sell a couple million dollars worth of BTC.  By killing the network, he gets to keep the money.

Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Gavin Andresen
Legendary
*
qt
Offline Offline

Activity: 1652
Merit: 2301


Chief Scientist


View Profile WWW
August 23, 2011, 01:02:11 AM
 #13

You're talking about the developers intentionally revoking previously-valid transactions by central fiat - and they can't just revoke the ones involved in the double-spend, they have to revoke all of them.

Why couldn't the-collective-we only revoke the double-spends (and subsequent txns that depended on them) ?

A hard-coded list of invalid txids wouldn't be hard to insert into the is-valid-transaction checks, and that along with a blockchain checkpoint would work just fine.  Valid transactions on the bad chain would move to the new chain (actually, they'd already be on the non-attacker chain, since the miners on both sides of the block split would have included them).

How often do you get the chance to work on a potentially world-changing project?
theymos
Administrator
Legendary
*
Offline Offline

Activity: 5376
Merit: 13407


View Profile
August 23, 2011, 06:33:45 AM
 #14

You're talking about the developers intentionally revoking previously-valid transactions by central fiat - and they can't just revoke the ones involved in the double-spend, they have to revoke all of them.

It's not fiat because, as you mentioned, people can choose to accept or reject the changes.

It will be easy to see which transactions came first, since the blocks containing those transactions were broadcast and then later "replaced". There may be problems with innocent people losing confirmed transactions that were based on double-spent coins, but hopefully the problem can be dealt with before this happens much.

The client should probably require 120+ confirmations for transactions that seem to be double-spends, since these transactions could be reversed later on. Maybe if this kind of attack becomes an issue, a peer warning system for double-spent transactions could be developed to trigger this protection.

Bitcoin could also enter safe mode automatically whenever a reorg longer than 6 blocks is observed, or when smaller reorgs happen too many times within some time period.

Quote
If any exchange or e-wallet site remains running after the double-spend attack - and not all of them can afford to watch the news 24/7 - they risk having their wallets drained by double-spends assisted by the Bitcoin developers themselves!

Their wallets will be drained in any case. The hardcoded changes might return some of the coins.

1NXYoJ5xU91Jp83XfVMHwwTUyZFK64BoAD
etotheipi (OP)
Legendary
*
expert
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
August 23, 2011, 03:24:43 PM
 #15

Guys, if someone has 55%+ of the network on their own and they have malicious intent, we're screwed.  Once a week they could do a huge double-spend or just start rewriting the blockchain for fun.   The value of BTC, and thus quantities of miners, would probably dissipate after the first or second week, making it even easier on subsequent weeks to throw in the KO punch.  The entire security of BTC is based on the assumption that no one has that much power.  I agree that there should be a plan in place for how to deal with such events, but I'm trying to focus on whether there's a way to avoid it to start. 

Right now, there's only a few entities in the world who can match the global hashrate, but I don't see how this is going to get any better.  I am looking for optimism about the future of BTC in this light.  There is not enough financial incentive for miners to invest in new hardware, and CPUs mine for net loss.  So, is the BTC network always going to be vulnerable to a botnet/gov't attack?  Or is there a reason to believe that things will pick up?  I know we'd like to believe value will jump up above $100/BTC which would certainly provide incentive, but if it doesn't happen before the generation rewards are cut in half, that could be the start of a downward spiral.


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
joulesbeef
Sr. Member
****
Offline Offline

Activity: 476
Merit: 250


moOo


View Profile
August 23, 2011, 05:22:33 PM
 #16

here are the bitcoin weaknesses.. a bit of misinformation on the 51% fear

mooo for rent
dayfall
Sr. Member
****
Offline Offline

Activity: 312
Merit: 250



View Profile
August 23, 2011, 05:48:52 PM
 #17

I would think the "longest block chain is the valid one" be rethought.  Obviously people think that a human can detect an invalid chain.    There must be some programmatic method to recognize such an attack. 

One easy way, would be that if I saw a new block chain with >4 blocks that overwrite the old ones and that chain includes a transaction that is older than one that is in the old chain, then it is likely a double spend attack.  Couldn't my client simply require that the new chain have several more blocks than the old chain before it is considered valid. For example, for every block the old chain got, the new chain would be required to have 4 more blocks.  Hence, the new chain would only be accepted int the large majority decided it was valid.

I say we try some of these attacks on the new bitcoin clones.
FreeMoney
Legendary
*
Offline Offline

Activity: 1246
Merit: 1016


Strength in numbers


View Profile WWW
August 23, 2011, 05:59:56 PM
 #18

Guys, if someone has 55%+ of the network on their own and they have malicious intent, we're screwed.  Once a week they could do a huge double-spend or just start rewriting the blockchain for fun.   The value of BTC, and thus quantities of miners, would probably dissipate after the first or second week, making it even easier on subsequent weeks to throw in the KO punch.  The entire security of BTC is based on the assumption that no one has that much power.  I agree that there should be a plan in place for how to deal with such events, but I'm trying to focus on whether there's a way to avoid it to start. 
 

I agree, the fix/workaround for dealing with a Malicious Power would just get worse and worse if they kept the power. And if they ever got it I do think legit mining power would drop as you say.


Right now, there's only a few entities in the world who can match the global hashrate, but I don't see how this is going to get any better.  I am looking for optimism about the future of BTC in this light.  There is not enough financial incentive for miners to invest in new hardware, and CPUs mine for net loss.  So, is the BTC network always going to be vulnerable to a botnet/gov't attack?  Or is there a reason to believe that things will pick up?  I know we'd like to believe value will jump up above $100/BTC which would certainly provide incentive, but if it doesn't happen before the generation rewards are cut in half, that could be the start of a downward spiral.


Obviously a price increase adds strength, but it isn't the only way. Profit motivated individuals will innovate and find more and more efficient ways to get the reward getting us more bang for the buck. Some innovations will be copy-able by Malicious Powers, but some will not, like masses of people in cold climates getting nearly free mining electricity because they would pay for the heat anyway and people putting "owned for other reasons" hardware to work mining when idle. That just means there is some extra (probably growing) multiple of cost for the attacker compared to the costs of honest miners.

Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
dust
Hero Member
*****
Offline Offline

Activity: 840
Merit: 1000



View Profile WWW
August 24, 2011, 01:08:40 AM
 #19

I think the 5 Mhash/s figure assumed by the OP is highly optimistic when estimating the power of botnets.  The kinds of computers that become part of a botnet are generally older/unpatched systems.  These computers are likely to have Pentium 3's or 4's and integrated graphics, which would yield only hundreds of khash/s. 

Cryptocoin Mining Info | OTC | PGP | Twitter | freenode: dust-otc | BTC: 1F6fV4U2xnpAuKtmQD6BWpK3EuRosKzF8U
etotheipi (OP)
Legendary
*
expert
Offline Offline

Activity: 1428
Merit: 1093


Core Armory Developer


View Profile WWW
August 24, 2011, 02:01:41 AM
 #20

I don't want to get too sidetracked debating the "average" MHash/s estimate, but I was conflicted about how to come up with a ballpark estimate.  I based it on the fact that present-day Intel chips get 2-8 MHash/s, and the AMDs get like 4-16 MHash/s.  However, most computers are Intel, so I sided with the average value there.  I considered that there would be a significant number of older computers, but also that there were going to be a significant number of AMDs offsetting them.  And even one computer with any decent graphics can add the value of 10 - 30 CPUs.


Founder and CEO of Armory Technologies, Inc.
Armory Bitcoin Wallet: Bringing cold storage to the average user!
Only use Armory software signed by the Armory Offline Signing Key (0x98832223)

Please donate to the Armory project by clicking here!    (or donate directly via 1QBDLYTDFHHZAABYSKGKPWKLSXZWCCJQBX -- yes, it's a real address!)
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!