Raize
Donator
Legendary
Offline
Activity: 1419
Merit: 1015
|
|
August 26, 2011, 07:42:10 PM |
|
There's a number of huge problems with this.
First, the estimates of millions of PC infected by botnets have always perplexed me. They are estimates, but by who and on what basis? I don't doubt there may have been a few botnets that have come pretty close to or surpassed a million computers, but I think it is far more likely that these kind of botnets would have to be operating in a very loosely-connected fashion, and probably get cleaned on average at a rate of 1% or more per week, meaning the owners have to continually infect new PCs to maintain their numbers. Worse still for the bot herder, I would imagine ISPs block communications from bot to C&C servers at a rate of 10% per week, meaning that they really have to stay on top of things in order to maintain control. I don't get the impression that one single executable with the same instructions and controls runs on 1 million PCs at exactly the same time.
Second, the cleanup rate of these PCs is going to significantly increase once they are being used to mine Bitcoin. Users tend to turn off or disconnect their computers when they run slowly, and then have someone take a look at them. Even in the case of computers with a decent video card that could pump out 25 megahash or more, if the user has issues, they are going to get it checked out.
I really feel there is no feasible way a botnet network would be able to maintain double-spends for any reasonable period of time, especially considering variance means that you need more than just 51% of the network, you aren't going to be able to keep your double-spend forever with only 51%. This is kind of like the zero-variance knowledge proof, every subsequent "right" answer is just more and more confirmation that your transaction went through.
People vastly misunderstand what a double spend means and how the attacker has to keep the double-spend going into perpetuity in order to pull off any sort of legitimate attack.
|
|
|
|
|
|
|
|
Even in the event that an attacker gains more than 50% of the network's
computational power, only transactions sent by the attacker could be
reversed or double-spent. The network would not be destroyed.
|
|
|
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
|
|
|
|
etotheipi (OP)
Legendary
Offline
Activity: 1428
Merit: 1093
Core Armory Developer
|
|
August 26, 2011, 08:36:41 PM |
|
Raize, I completely agree with everything you just said. I recognize that there's more to the calculation than the order-of-magnitude estimate I provided in my first post. But it doesn't change the fact that: - (1) For the same reason someone with more than 50% can get unlucky and fail to execute a large double-spend, someone with less than 50% can get lucky and pull it off.
- (2) There is potentially irreparable harm done to the network by anyone executing this kind of attack for any reason. We can argue about the unlikelihood of it happening all we want, but the folks designing the Japanese nuclear plants probably would've said the same thing about the liklihood of a 9.0 earthquake+tsunami hitting them (I believe that plant was designed to withstnad 7.0)
- (3) Some might argue that the value of Bitcoin as it stands is completely irrational. It's based entirely on speculation and imagination. It doesn't take a rational reason for people to start jumping ship and for the program to come crashing down, even from just one legit attack. Everyone could see the huge blockchain re-organization, and it would make news headlines.
- (4) I don't want to focus on the degree of feasibility so much as the fact that it is possible for someone, whether botnet or government or Warren Buffet, to collect the resources to execute the attack. It wouldn't be easy, but Bitcoin is a high-profile network with almost $100 million of value, so the possibility that someone would want to do it can't be ruled out.
If it's feasible now, it's only going to become more feasible in the future if nothing changes. At current rates, the best we can hope for is that BTC will more than 100% ROI when the reward gets halved, and the current mining community sticks around then. I just don't want to get lost arguing about whether any botnet has precise enough computers to execute the attack, I'm just operating on the assumption that there are people/organizations out there with the same order-of-magnitude of resources needed and that it can't be ruled out.
|
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1014
Strength in numbers
|
|
August 26, 2011, 08:56:44 PM |
|
Buffet begins buying GPUs Network doubles Buffet can't double spend Buffet mines legitimately to cut losses? Profit?
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
Furyan
|
|
August 27, 2011, 07:37:39 AM |
|
Buffet begins buying GPUs Network doubles Buffet can't double spend Buffet mines legitimately to cut losses? Profit?
Profit! Honestly I think this is the more realistic scenario. Bitcoin will never challenge a fiat currency for dominance, at least not anytime soon. When and if it does, the global hashrate would, by definition, be high enough to *almost* preclude this scenario. The only solution - honestly - is to get as many people as possible onto the network (the valid network ) That's one of the things my partners and I are trying to do. Bitcoin CANNOT just be for tech geeks if it is going to survive without being compromised as described in this thread; and it will only succeed economically if it begins to gain mass acceptance.
|
|
|
|
FreeMoney
Legendary
Offline
Activity: 1246
Merit: 1014
Strength in numbers
|
|
August 28, 2011, 06:05:11 AM |
|
Buffet begins buying GPUs Network doubles Buffet can't double spend Buffet mines legitimately to cut losses? Profit?
Profit! Honestly I think this is the more realistic scenario. Bitcoin will never challenge a fiat currency for dominance, at least not anytime soon. When and if it does, the global hashrate would, by definition, be high enough to *almost* preclude this scenario. The only solution - honestly - is to get as many people as possible onto the network (the valid network ) That's one of the things my partners and I are trying to do. Bitcoin CANNOT just be for tech geeks if it is going to survive without being compromised as described in this thread; and it will only succeed economically if it begins to gain mass acceptance. (Nearly) all or nothing imo. My bets are down.
|
Play Bitcoin Poker at sealswithclubs.eu. We're active and open to everyone.
|
|
|
makomk
|
|
August 29, 2011, 03:04:13 PM |
|
Why couldn't the-collective-we only revoke the double-spends (and subsequent txns that depended on them) ?
A hard-coded list of invalid txids wouldn't be hard to insert into the is-valid-transaction checks, and that along with a blockchain checkpoint would work just fine. Valid transactions on the bad chain would move to the new chain (actually, they'd already be on the non-attacker chain, since the miners on both sides of the block split would have included them). Valid transactions on the bad chain would move to the new chain so long as no-one made a deliberate, malicious attempt to replace them. If they did all bets are off as far as I can tell. Newer transactions wouldn't be on both sides of the block split because all the miners would transition to mining the attackers' blockchain once they heard about it. It's not fiat because, as you mentioned, people can choose to accept or reject the changes. Rationally speaking, they can only reasonably go along with what the majority of big players choose. In particular if the exchanges or the pools choose one side, any Bitcoins on the other side are illiquid and essentially worthless. Worse still, any uncertainty as to which side will win is likely to cause a drop-off in mining power that would make additional double spends a lot easier. It's not fiat because, Their wallets will be drained in any case. The hardcoded changes might return some of the coins.
The hardcoded changes would return coins to one side of the double-spend by taking them away from the other side. There's no guarantee that either set of coins would be in the hands of the attacker. (Technically the developers could confiscate arbitrary coins and hand them to whoever they want, but that opens up a whole bunch of cans of worms...) Automatically disabling transactions when a node detects a big rearrange would help reduce this risk though.
|
Quad XC6SLX150 Board: 860 MHash/s or so. SIGS ABOUT BUTTERFLY LABS ARE PAID ADS
|
|
|
skubeedooo
Newbie
Offline
Activity: 22
Merit: 0
|
|
September 02, 2011, 04:15:32 PM |
|
I'm curious as to the long-term economics of mining. I'm interested at what happens when bitcoin gains price stability, the majority of bitcoins have already been mined and (presumably) miners mine to win transaction fees rather than new bitcoins.
Suppose all miners are rational economic players, in that they mine if and only if the rewards outweigh the costs. This means that it is in effect free to buy hardware and electricity to mine with - every GPU and kWh funds itself by winning transaction fees. This in turn means that (with access to large amounts of initial capital) you can actually build an arbitrarily large self-funding mining rig. You just keep adding extra nodes/GPUs because each node is self-funding. Eventually, by accumulating more nodes you end up owning half the network at which point you can (it seems) do many devastating attacks on the network. Given the time you've invested you may not want to destroy it completely, but you may wish to make some huge double spends that live for long enough for you to cash out into USD.
It seems to me that the only way of stopping people taking control of the network for free, is by making mining being a loss-making activity...but then why would people want to mine for free? But even then, you would still have to make it significantly loss-making to stop black-hats from 'investing' some short term capital with the reward that they can do some monster double spends. So you can see the general argument here - it costs the same amount for a good-guy to mine as it does a bad-guy, except that the bad-guy has the added incentive of double-spend upon seizure of the network. Economically speaking, this means that in the steady-state era it is rational to mine only if you're a bad-guy looking to seize control of the network.
Hopefully I'm wrong about all this and I've missed some key argument...but what is it?
|
|
|
|
CJYP
Member
Offline
Activity: 112
Merit: 10
|
|
September 02, 2011, 06:53:06 PM |
|
This in turn means that (with access to large amounts of initial capital) you can actually build an arbitrarily large self-funding mining rig. You just keep adding extra nodes/GPUs because each node is self-funding. Eventually, by accumulating more nodes you end up owning half the network at which point you can (it seems) do many devastating attacks on the network. There are two problems with that. First, although each individual might be able to build a large mining rig, no individual would be the only one doing it. You may accumulate more nodes, but other people will also accumulate more nodes and you won't reach 50%. Second, as everyone adds more nodes that pay for themselves, the difficulty compensates and the nodes can no longer pay for themselves. At that point, it will be profitable to keep the nodes you have on, but not to buy and add more nodes. That would happen long before anyone has the chance to even come close to equaling the global hashrate. That doesn't mean that it would be impossible to equal the global hashrate, just that it would not be possible to profit from mining by equaling the global hashrate.
|
|
|
|
|