Bitcoin Forum
September 21, 2018, 02:50:29 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Mining reward "stealing" attack  (Read 251 times)
tublo
Member
**
Offline Offline

Activity: 82
Merit: 11


View Profile
September 05, 2018, 12:23:23 AM
 #1

As there are more than 1.8 million bitcoins that have not been moved since they were mined, isn't it possible that someone rebuilds the entire blockchain in order to claim those bitcoins? This attacker could even keep all transactions made till today, so people would not lose their balance.
It would take 200 days with the present hashrate to rebuild the entire blockchain. So, for instance, if someone invest in mining facilities equivalent to double the present hashrate (a lot of money, but not impossible), it would take 200 days to create a new blockchain with more work than the original one (100 days to have the same work as it has today and other 100 days as the blockchain would be bigger by then).
Comparing the alternatives, with that amount of hash rate:
1) If the attacker mined in the original blockchain, he would obtain 240,000 bitcoins in 200 days (1,800 btc/day * 200 days * 2/3 of total hash rate), probably at a loss.
2) If he performs the attack, he would obtain 1,800,000 bitcoins.
So, the incentives are pro-attack. Also, those incentives are expected to be greater in the future, as the block reward gets smaller.

What do you think about this? Is there something I am missing here? 
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1537541429
Hero Member
*
Offline Offline

Posts: 1537541429

View Profile Personal Message (Offline)

Ignore
1537541429
Reply with quote  #2

1537541429
Report to moderator
1537541429
Hero Member
*
Offline Offline

Posts: 1537541429

View Profile Personal Message (Offline)

Ignore
1537541429
Reply with quote  #2

1537541429
Report to moderator
1537541429
Hero Member
*
Offline Offline

Posts: 1537541429

View Profile Personal Message (Offline)

Ignore
1537541429
Reply with quote  #2

1537541429
Report to moderator
odolvlobo
Legendary
*
Offline Offline

Activity: 2240
Merit: 1135



View Profile
September 05, 2018, 02:49:49 AM
 #2

Double the current hash rate is a lot of hash rate.

Buy bitcoins with cash from somebody near you: LocalBitcoins
Buy stuff on Amazon at a discount with bitcoins: Purse.io
Join an anti-signature campaign: DannyHamilton's ignore list
achow101
Moderator
Legendary
*
expert
Offline Offline

Activity: 1526
Merit: 1638


3F1Y9yquzvY6RWvKbw2n2zeo9V5mvBhADU


View Profile WWW
September 05, 2018, 03:11:09 AM
Merited by mocacinno (1)
 #3

First of all, double the current hashrate would be nearly impossible for someone to get. They would have to acquire ALL of the mining equipment in the world, and then do it again, all without taking away the existing equipment. This would be exorbitantly expensive, both in resources and in time. Manufacturers can't just magically produce machines that they don't have. It takes time, money, and raw materials. Such an operation would be very obvious.

Second, people running nodes, and nodes themselves, are not stupid. They would definitely notice a 500,000+ block blockchain reorganization. That is extremely obvious and there would be warnings put up all over place. Such an attack would likely result in some form of human intervention which prevents people's nodes from switching to using the attacker's blockchain.

philipma1957
Legendary
*
Offline Offline

Activity: 2226
Merit: 1338


Avalon 841 rocks


View Profile
September 05, 2018, 03:30:47 AM
Merited by Welsh (2), mocacinno (1)
 #4

well thanks to the op  bitmain will have something to do.

Realistically they are the only company that could stand a shot to do it.

but they would need a lot of s-9's

46,740,917,366 GH/s/14,000ghs = 3,338,636  s9's

so say 4 million s-9's  power wise 5600 megawatts  which would be all of Niagara Falls x 2



https://en.wikipedia.org/wiki/List_of_largest_hydroelectric_power_stations

at 5 cents a kwatt  a mega watt is 50 bucks an hour x 5600 = 280,000 an hour or  6,720,000  a day x 730 = 4,905,600,000

so at least 5 billion in power

and 4,000,000 x 300 = 1,200,000,000  in gear  so more then 6 billion  more likely 7 or 8 billion to get 1,800,000  worth 7500 each or

13,500,000,000

a lot to risk  8 billion for 13.5 billion

I mine alt coins with https://simplemining.net...
I see BTC as the super highway and alt coins as taxis and trucks needed to move transactions.
ETFbitcoin
Legendary
*
Online Online

Activity: 1442
Merit: 1097


Use SegWit and enjoy lower fees


View Profile
September 05, 2018, 03:55:14 AM
Merited by suchmoon (4)
 #5

Aside from reason above member mentioned, it's impossible since :
1. Some Bitcoin client/nodes have feature called Checkpoint (basically stored hash of block at certain height) which is used to prevent someone re-write Bitcoin history by re-mine/re-doing PoW all block with low hashrate and manipulate each timestamp.
2. You still need to find way to make existing nodes to accept your block with far lower block height or older timestamp. Even SPV/light nodes will reject (or confused) your block since block header they store and your block header is different.

Additionally, even if you could overcome the problem somehow, people surely will notice and panic which lead to Bitcoin price crashing and you just wasting your time, money and energy Roll Eyes


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
RGBKey
Hero Member
*****
Offline Offline

Activity: 826
Merit: 616


rgbkey.github.io/pgp.txt


View Profile WWW
September 05, 2018, 04:00:48 AM
 #6

At this point when you have half the hashrate of the current network you might as well launch a 51% attack and go for everything, not just the untouched coins. It's equally as covert and you'd get more money. Which to be fair, is not covert at all.

Zin-Zang
Jr. Member
*
Offline Offline

Activity: 238
Merit: 1


View Profile
September 05, 2018, 07:23:29 AM
 #7

As there are more than 1.8 million bitcoins that have not been moved since they were mined, isn't it possible that someone rebuilds the entire blockchain in order to claim those bitcoins? This attacker could even keep all transactions made till today, so people would not lose their balance.
It would take 200 days with the present hashrate to rebuild the entire blockchain. So, for instance, if someone invest in mining facilities equivalent to double the present hashrate (a lot of money, but not impossible), it would take 200 days to create a new blockchain with more work than the original one (100 days to have the same work as it has today and other 100 days as the blockchain would be bigger by then).
Comparing the alternatives, with that amount of hash rate:
1) If the attacker mined in the original blockchain, he would obtain 240,000 bitcoins in 200 days (1,800 btc/day * 200 days * 2/3 of total hash rate), probably at a loss.
2) If he performs the attack, he would obtain 1,800,000 bitcoins.
So, the incentives are pro-attack. Also, those incentives are expected to be greater in the future, as the block reward gets smaller.

What do you think about this? Is there something I am missing here?  



Won't work, you can't reorg before the last checkpoint.
https://bitcointalk.org/index.php?topic=194078.0

Most coins contain checkpoints in their source code to prevent tampering with historical data.

If you purchase double the modern day mining capacity, you could 51% attack the chain at will and kill it.
Or profit by selling all of the mined bitcoins until you crash the price.


ZEITCOIN is the Future! (http://www.zeit-coin.net)
Energy Efficient / Decentralized / Ultra Low Inflation  / More Cost Effective than LN
Thirdspace
Hero Member
*****
Offline Offline

Activity: 742
Merit: 580


Mixing reinvented for your privacy | chipmixer.com


View Profile
September 05, 2018, 08:21:21 AM
 #8

instead of "rebuild the entire blockchain", why not just brute force the private keys? Grin
do sequential just like LBC group, but start in the middle, they're doing ~25 tn keys/day
with that much hashrate I think brute forcing keys is somewhat doable (maybe??) but costly nonetheless
aim for those "unmoved mining rewards" and pick up others as well in the process Tongue

morantis2015
Newbie
*
Offline Offline

Activity: 9
Merit: 0


View Profile
September 06, 2018, 06:04:06 AM
 #9

Yeah, a lot better ways to invest the computational power, if you have it.  Best case scenario, besides taking a 51% hold, would be that the coins would appear in your wallet/wallets, but you're pretty much riding your own fork. All in all, it doesn't matter if you can fool some nodes or wallets out there, the key to dying or living is whether you and the exchanges are on the same ledger, because that's where the BTC becomes either fiat(for most people to spend) or becomes a tool for any real use, no one is going to just hand you cash for BTC, not many, and they will want the network to confirm first.
S00rabh
Jr. Member
*
Offline Offline

Activity: 42
Merit: 1


View Profile
September 06, 2018, 06:52:29 AM
 #10

Instead of investing so much in Hash power, just quarter of that $$$ to buy actual BTC and then you can control the market in much better way.
Thirdspace
Hero Member
*****
Offline Offline

Activity: 742
Merit: 580


Mixing reinvented for your privacy | chipmixer.com


View Profile
September 06, 2018, 09:40:50 AM
 #11

Instead of investing so much in Hash power, just quarter of that $$$ to buy actual BTC and then you can control the market in much better way.
"quarter of that" = 1/4 * $8 bn = $2 bn @ $6,500/BTC = 300,000+ BTC
control the market?  Undecided maybe...
but wouldn't his buying frenzy willl pump the price? (eating up all sell orders)
then shortly afterwards price crash/correction/dump happens and gets him in a big loss Sad

ETFbitcoin
Legendary
*
Online Online

Activity: 1442
Merit: 1097


Use SegWit and enjoy lower fees


View Profile
September 06, 2018, 12:23:10 PM
 #12

Instead of investing so much in Hash power, just quarter of that $$$ to buy actual BTC and then you can control the market in much better way.
"quarter of that" = 1/4 * $8 bn = $2 bn @ $6,500/BTC = 300,000+ BTC
control the market?  Undecided maybe...
but wouldn't his buying frenzy willl pump the price? (eating up all sell orders)
then shortly afterwards price crash/correction/dump happens and gets him in a big loss Sad

It's certainly more viable attack, especially if the manipulator don't care about profit/losses or part of government which could create money out of thin air.
Also, if their main goal is to suppress bitcoin adoption/trend, the manipulator could dump the coins anytime when Bitcoin price is increased to kill spirit/motivation of Bitcoiner.


       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██

       █
      ██
     ██
   ██ ██
 █ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
██ ██ ██
  B

          ▄▄▄▄▄▄
     ▄▄████████████▄▄
   ▄█████▀▀    ▀▀█████▄
  ████▀            ▀████
 ████                ████
▐███                  ███▌
███▌                  ▐███
▐███           ▄▄     ███▌
 ████         ▀███▄  ▐███
  ████▄         ▀███▄███
   ▀█████▄▄     ▄█████▀
     ▀▀████████████▀▀
          ▀▀▀▀▀▀
T 
.Better. Quick..

.Transparent....






             ▄████▄▄   ▄
█▄          ██████████▀▄
███        ███████████▀
▐████▄     ██████████▌
▄▄██████▄▄▄▄█████████▌
▀████████████████████
  ▀█████████████████
  ▄▄███████████████
   ▀█████████████▀
    ▄▄█████████▀
▀▀██████████▀
    ▀▀▀▀▀






▄█████████████████████████▄
███████████████████████████
███████████████▀       ████
██████████████      ▄▄▄████
██████████████    ▐████████
██████████████    ▐████████
██████████            ▐████
██████████            █████
██████████████    ▐████████
██████████████    ▐████████
██████████████    ▐████████
▀█████████████    ▐███████▀






                   ▄▄████
              ▄▄████████▌
         ▄▄█████████▀███
    ▄▄██████████▀▀ ▄███▌
▄████████████▀▀  ▄█████
▀▀▀███████▀   ▄███████▌
      ██    ▄█████████
       █  ▄██████████▌
       █  ███████████
       █ ██▀ ▀██████▌
       ██▀     ▀████
                 ▀█▌
tublo
Member
**
Offline Offline

Activity: 82
Merit: 11


View Profile
September 06, 2018, 10:11:07 PM
 #13

well thanks to the op  bitmain will have something to do.

Realistically they are the only company that could stand a shot to do it.

but they would need a lot of s-9's

46,740,917,366 GH/s/14,000ghs = 3,338,636  s9's

so say 4 million s-9's  power wise 5600 megawatts  which would be all of Niagara Falls x 2



https://en.wikipedia.org/wiki/List_of_largest_hydroelectric_power_stations

at 5 cents a kwatt  a mega watt is 50 bucks an hour x 5600 = 280,000 an hour or  6,720,000  a day x 730 = 4,905,600,000

so at least 5 billion in power

and 4,000,000 x 300 = 1,200,000,000  in gear  so more then 6 billion  more likely 7 or 8 billion to get 1,800,000  worth 7500 each or

13,500,000,000

a lot to risk  8 billion for 13.5 billion


Yes, it is a lot of risk now. But what I am trying to say is that, in general, 51% attacks are not incentivized because the eventual attacker earns more if he mines the original chain. But, in this case it is different. In 15 years, the yearly reward will be less than 100,000 bitcoins. The attack would be more profitable.
odolvlobo
Legendary
*
Offline Offline

Activity: 2240
Merit: 1135



View Profile
September 07, 2018, 03:36:06 AM
 #14

Yes, it is a lot of risk now. But what I am trying to say is that, in general, 51% attacks are not incentivized because the eventual attacker earns more if he mines the original chain. But, in this case it is different. In 15 years, the yearly reward will be less than 100,000 bitcoins. The attack would be more profitable.

You have come up with an interesting scenario. Another aspect is that I don't think many people would care if only unspent coinbase transactions are stolen.

Buy bitcoins with cash from somebody near you: LocalBitcoins
Buy stuff on Amazon at a discount with bitcoins: Purse.io
Join an anti-signature campaign: DannyHamilton's ignore list
onelineproof
Member
**
Offline Offline

Activity: 98
Merit: 13


View Profile WWW
September 07, 2018, 04:46:22 PM
 #15

The problem is

if

a) The attack is unsuccessful, the attacker loses a lot of resources

b) The attack is successful, the value of Bitcoin plummets (perhaps people switch to an altcoin or hard fork Bitcoin with a PoW change), and the attacker still loses a lot of resources.

It's more worth it for them to just mine honestly and get honest rewards, unless their only goal is to harm Bitcoin, in which case people will just switch to a more robust PoW system (like multi algo, merge mining), so don't see what they will gain.

The uncorrupted Bitmark protocol: https://github.com/bitmark-protocol/bitmark
Email <my username>@gmail.com 0xB6AC822C451D63046A2849E97DB7011CD53B564
tublo
Member
**
Offline Offline

Activity: 82
Merit: 11


View Profile
September 07, 2018, 05:37:04 PM
 #16

How a PoW system change would solve that?
onelineproof
Member
**
Offline Offline

Activity: 98
Merit: 13


View Profile WWW
September 08, 2018, 07:20:44 PM
Merited by DarkStar_ (2)
 #17

How a PoW system change would solve that?

Currently, the most proof-of-work chain for Bitcoin is the one that most SHA256 work. If a hard fork is done that allows for continuation with some other algo, then the most proof-of-work chain would be defined differently. Maybe the definition would consider SHA256, but not exculsively. Even if the attacker gets more proof of work for SHA256, they would have a hard time getting more than Bitcoin for some other algo I assume. It depends on how it's done, so not sure, but either way it would be an ugly situation, and something we want to avoid.

The uncorrupted Bitmark protocol: https://github.com/bitmark-protocol/bitmark
Email <my username>@gmail.com 0xB6AC822C451D63046A2849E97DB7011CD53B564
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!