Bitcoin Forum
March 28, 2024, 01:37:25 PM *
News: Latest Bitcoin Core release: 26.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 [2] 3 »  All
  Print  
Author Topic: In case of a 51% attack, can the damage be reverted?  (Read 843 times)
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
November 21, 2018, 10:49:50 AM
 #21

2- Limited  user vulnerability: The main targets of 50%+1 attack with its short-range chain rewrite consequences are merchants and exchanges that do not take proper security measures by waiting for enough confirmations (blockchain growth) for high stake transactions. This vulnerability could be mitigated if users closely observe the network overall 50%+1 attack cost and wait for more confirmations up to safe thresholds.

I think this piece of code in JavaScript could help merchants to understand how much confirmations would be enough for their trades - so mitigate the vulnerability. Wallets could generate such information for end users:

https://people.xiph.org/~greg/attack_success.html

Development of "Azim Blockchain" is in progress..
1711633045
Hero Member
*
Offline Offline

Posts: 1711633045

View Profile Personal Message (Offline)

Ignore
1711633045
Reply with quote  #2

1711633045
Report to moderator
1711633045
Hero Member
*
Offline Offline

Posts: 1711633045

View Profile Personal Message (Offline)

Ignore
1711633045
Reply with quote  #2

1711633045
Report to moderator
Be very wary of relying on JavaScript for security on crypto sites. The site can change the JavaScript at any time unless you take unusual precautions, and browsers are not generally known for their airtight security.
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
HeRetiK
Legendary
*
Offline Offline

Activity: 2884
Merit: 2061



View Profile
November 21, 2018, 12:13:34 PM
 #22

2- Limited  user vulnerability: The main targets of 50%+1 attack with its short-range chain rewrite consequences are merchants and exchanges that do not take proper security measures by waiting for enough confirmations (blockchain growth) for high stake transactions. This vulnerability could be mitigated if users closely observe the network overall 50%+1 attack cost and wait for more confirmations up to safe thresholds.

I think this piece of code in JavaScript could help merchants to understand how much confirmations would be enough for their trades - so mitigate the vulnerability. Wallets could generate such information for end users:

https://people.xiph.org/~greg/attack_success.html

That's the thing about 51% attacks though, there is no safe confirmation count for as long as a 51% attack is going on.

To illustrate:

Code:
AttackerSuccessProbability(0.51,1)=1
AttackerSuccessProbability(0.51,6)=1
AttackerSuccessProbability(0.51,100)=1

The question is then not how many confirmations suffice, but how long an adversary can hold 51% of the network's hashrate.
aliashraf
Legendary
*
Offline Offline

Activity: 1456
Merit: 1174

Always remember the cause!


View Profile WWW
November 21, 2018, 04:55:02 PM
Merited by bones261 (1)
 #23

2- Limited  user vulnerability: The main targets of 50%+1 attack with its short-range chain rewrite consequences are merchants and exchanges that do not take proper security measures by waiting for enough confirmations (blockchain growth) for high stake transactions. This vulnerability could be mitigated if users closely observe the network overall 50%+1 attack cost and wait for more confirmations up to safe thresholds.

I think this piece of code in JavaScript could help merchants to understand how much confirmations would be enough for their trades - so mitigate the vulnerability. Wallets could generate such information for end users:

https://people.xiph.org/~greg/attack_success.html

That's the thing about 51% attacks though, there is no safe confirmation count for as long as a 51% attack is going on.
As much as I appreciate your good knowledge in the field, I strongly denounce above argument. It contradicts with the most fundamental idea behind security of bitcoin and other PoW cryptocurrencies. I think you are underestimating the importance of such a claim.

Of course there is no absolute safety for any form of valuable assets in the world. When I put my 20K$ car in a garage locked and secured by surveillance camera and a sophisticated anti-theft system under the watch of a 24*7 security service provider  nobody accuses me of being reckless about its security, yet anybody could spend like 200K$ to steal it and prove himself totally stupid.

The basic security assumption for bitcoin is that it is absolutely irrational for an adversary to commit a 50%+1 attack against the network because one could always find a sufficient number of confirmations to be sure about irreversibility of a transaction, relative to the incentives involved: the most high stake scam that is ever possible for the adversary to run against the hypothetical targeted receivers of specific transactions and the total block rewards involved.

With btc at like 5K$ nowadays and a hashrate of 45 exahashes, there exists a really high security wall in front of any delusional attacker with any agenda to be dreaming of a profitable 100 chain reorg attack to bitcoin, but I think it has been always the same for bitcoin.

Price and stakes in bitcoin are essentially based on the costs miners pay to keep it secure, it is more than fundamental, it is just the whole story of PoW and Satoshi's invention. Lower mining costs --> lower value --> lower prices --> lower stakes involved --> less need to be worried about attacks. The same 100-200 range attack barrier for any possible scenario. That's it! It is what bitcoin and PoW is.

People with little knowledge and journalists talk too much about coins with low hashrate and their vulnerability to 50%+1 attacks. it is not true. There exists and will exist no PoW coin vulnerable to this attack, users could always calculate the stakes involved and the costs of running an attack and spot the right length for their security.

Quote
The question is then not how many confirmations suffice, but how long an adversary can hold 51% of the network's hashrate.
And how much does it cost? To be more specific. And how much is ever possible for him to earn? To be conclusive.
HeRetiK
Legendary
*
Offline Offline

Activity: 2884
Merit: 2061



View Profile
November 21, 2018, 06:09:18 PM
Merited by DarkStar_ (5)
 #24

2- Limited  user vulnerability: The main targets of 50%+1 attack with its short-range chain rewrite consequences are merchants and exchanges that do not take proper security measures by waiting for enough confirmations (blockchain growth) for high stake transactions. This vulnerability could be mitigated if users closely observe the network overall 50%+1 attack cost and wait for more confirmations up to safe thresholds.

I think this piece of code in JavaScript could help merchants to understand how much confirmations would be enough for their trades - so mitigate the vulnerability. Wallets could generate such information for end users:

https://people.xiph.org/~greg/attack_success.html

That's the thing about 51% attacks though, there is no safe confirmation count for as long as a 51% attack is going on.
As much as I appreciate your good knowledge in the field, I strongly denounce above argument. It contradicts with the most fundamental idea behind security of bitcoin and other PoW cryptocurrencies. I think you are underestimating the importance of such a claim.

[...]

Let me clarify:

I don't think a 51% attack on Bitcoin is even remotely viable for a variety of reason that I probably don't need to enumerate -- you summed it up pretty well in your post above.

I do think it's important to point out that a 51% attack (however unlikely) is not a mere double-spend attack which can be averted by awaiting an appropiate confirmation count. Any adversary holding 51% of the hashrate will always outmine their competitors, for as long as they are able to uphold the majority hashrate. (again, completely ignoring the economics of such an attack)


People with little knowledge and journalists talk too much about coins with low hashrate and their vulnerability to 50%+1 attacks. it is not true. There exists and will exist no PoW coin vulnerable to this attack, users could always calculate the stakes involved and the costs of running an attack and spot the right length for their security.

Here I (partially) disagree with you.

I fully agree with your assessment that users can always calculate the stakes involved and adjust their expected confirmation count accordingly. That's pretty much what happened with Bitcoin Cash, for example, when exchanges upped the required confirmation count to 10-20 confirmations IIRC.

I disagree that alts with low hashrates are just as safe from 51% attacks as the larger coins in which shadow they stand (assuming that's what you're saying).

Problem being: If you attack the largest coin within your mining space (be it Sha256 or Scrypt ASIC, be it GPU) you kill your cashcow and are highly disincentivized to do so. If you attack one of the smaller coins, the stakes are not quite as high, since you can always point your miners back to the larger coin (ie. you don't turn your miner into an expensive paperweight by such an attack). Obviously the benefit of such an attack would still be questionable -- as you rightfully pointed out above the more worthy of an attack a coin is, the better it is secured and vice versa -- but the incentive is not quite as beneficial.
aliashraf
Legendary
*
Offline Offline

Activity: 1456
Merit: 1174

Always remember the cause!


View Profile WWW
November 21, 2018, 07:40:09 PM
Merited by DarkStar_ (5)
 #25

I do think it's important to point out that a 51% attack (however unlikely) is not a mere double-spend attack which can be averted by awaiting an appropiate confirmation count. Any adversary holding 51% of the hashrate will always outmine their competitors, for as long as they are able to uphold the majority hashrate. (again, completely ignoring the economics of such an attack)

Sure they will but why ignoring economics? It is all about economics isn't it? Bitcoin is not a mere technical system, it is a monetary system based on the most promising mathematical model for economics: game theory.

People with little knowledge and journalists talk too much about coins with low hashrate and their vulnerability to 50%+1 attacks. it is not true. There exists and will exist no PoW coin vulnerable to this attack, users could always calculate the stakes involved and the costs of running an attack and spot the right length for their security.
...
Problem being: If you attack the largest coin within your mining space (be it Sha256 or Scrypt ASIC, be it GPU) you kill your cashcow and are highly disincentivized to do so. If you attack one of the smaller coins, the stakes are not quite as high, since you can always point your miners back to the larger coin (ie. you don't turn your miner into an expensive paperweight by such an attack). Obviously the benefit of such an attack would still be questionable -- as you rightfully pointed out above the more worthy of an attack a coin is, the better it is secured and vice versa -- but the incentive is not quite as beneficial.
Obviously, you don't want to give such a credit to so-called "shitcoins" to be counted as secure cryptosystems. I do agree there me be wholes/glitches in some of them in terms of code or design principles and this makes them suspicious to be considered comparably secure but it is not about network hash rate and 50%+1 attack.

Your arguments about the attacker switching back to another coin after ruining the one under attack is correct, but does not lead to anything new, once he leaves everything is restored and he has been rewarded by a bunch of now worthless coins, given he has not managed to fool some reckless merchant or exchange to buy a reverted transaction.

And please note, bitcoin started with a few desktop computers and took almost a decade to reach the current state in which like 200k$ a day (at least) worth of electricity is  being spent for its security and yet it has been always secure against 50%+1 attack from the first day because of the beauty of PoW and the equilibrium state between incentives and costs involved in such an attack.
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
November 21, 2018, 09:06:15 PM
Merited by bones261 (1)
 #26

The question is then not how many confirmations suffice, but how long an adversary can hold 51% of the network's hashrate.

Well, there is one thing that we should consider: "genesis block mined by CPU". This obviously influences the early consensus estimations of PoW. Just like the effect of center of mass in Pisa Tower, the granted tolerance of forces is important to the final stability. Even adding equal huge amounts of forces in different direction of Pisa Tower may still preserve its stability, but this time they are far above the granted tolerance and absence of one force in one moment will break down that beautiful tower..

The PoW has passed from the GPU and ASIC - and I think ASIC is out of granted tolerance of genesis block in many ways - (and who knows when we will access the quantum computing in market). Miners invest in their farms to earn PROFIT, and PROFIT could mislead by many kinds of motivations. The way we talk about economy around PoW is like we write a code that pulls two digits inside a function and divide digit 1 on digit 2 while we insist on: "lets do not check digit 2 for division by zero! because there is no motivation for end user to do so.."

look at this scenario: "bitcoin price goes down and main farms turn off their machines. then hash rate goes down too and DIFFICULTY follows them down. now bad guys RENT those farms for 1 month and do what they want to do to crash the TRUST to one coin/all coins". this could be a kind of supply chain Bullwhip Effect in crypto ecosystem:

https://en.wikipedia.org/wiki/Bullwhip_effect

to RENT and not to INVEST in farms to access huge amounts of process will be a real threat. we need to find out how to adjust the tolerance in forces (hash power), and not in the way Monero tries to do..

bitcoin is safe now, and will be. what we are talking about may bring extra strength to the network.

Development of "Azim Blockchain" is in progress..
aliashraf
Legendary
*
Offline Offline

Activity: 1456
Merit: 1174

Always remember the cause!


View Profile WWW
November 21, 2018, 09:46:53 PM
Last edit: November 21, 2018, 10:19:07 PM by aliashraf
 #27

The question is then not how many confirmations suffice, but how long an adversary can hold 51% of the network's hashrate.
look at this scenario: "bitcoin price goes down and main farms turn off their machines. then hash rate goes down too and DIFFICULTY follows them down. now bad guys RENT those farms for 1 month and do what they want to do to crash the TRUST to one coin/all coins". this could be a kind of supply chain Bullwhip Effect in crypto ecosystem:

https://en.wikipedia.org/wiki/Bullwhip_effect

to RENT and not to INVEST in farms to access huge amounts of process will be a real threat. we need to find out how to adjust the tolerance in forces (hash power), and not in the way Monero tries to do..

bitcoin is safe now, and will be. what we are talking about may bring extra strength to the network.

Security in PoW is not guaranteed by hash power. It is about resource consumption and costs involved in mining. Although opportunity costs (depreciation of investment and interest rates) are important and should be considered too, they are not the most important cost factor, electricity is , while human resources and other costs are involved too.

A drop in bitcoin price eventually causes an oversupply of hash power in the market but its rental price won't fall significantly because the operational costs remain the same. Let's put it to be like 20 percents for bitcoin plunging to its darkest price thresholds. Now let's look at the other side of the story: A drop in bitcoin price decreases the stakes involved (and the incentives to attack the network) proportionally. Now do the math: bitcoin drops to 1K$ and as a result incentives to attack it decrease almost five times (proportional to its value) while costs to carry out such attacks are corrected just like 20%. Bingo! we got a network almost four times more secure than now!

Unlike what you propose, in terms of security measures, I'm more concerned about the situations when price skyrockets and we are short of hashrate, in such cases, I'm hopefully counting on short supply of rental hashrates and the increase in their prices.

Edit:
I just realized that I've overlooked the drop in hashrate and its consequence on decreasing the amount of power needed to attack the network, and it is not a small issue. Though, I think it won't change the situation in opposite direction, hashrate never drops in a complete linear and proportionally equal rate with price.
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
November 21, 2018, 10:09:34 PM
Last edit: November 21, 2018, 10:24:06 PM by mixoftix
 #28

A drop in bitcoin price decreases the stakes involved (and the incentives to attack the network) proportionally.

unfortunately, coin price is not always the VALUE that attackers look for.

Unlike what you propose, in terms of security measures, I'm more concerned about the situations when price skyrockets and we are short of hashrate, in such cases, I'm hopefully counting on short supply of rental hashrates and the increase in their prices.

I do so. the Bullwhip Effect exactly addresses this situation too.
granted ranges of tolerance around a miner hash power should be considered - of course not by software tricks.

Development of "Azim Blockchain" is in progress..
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
November 21, 2018, 10:59:02 PM
 #29

Edit:
I just realized that I've overlooked the drop in hashrate and its consequence on decreasing the amount of power needed to attack the network, and it is not a small issue. Though, I think it won't change the situation in opposite direction, hashrate never drops in a complete linear and proportionally equal rate with price.


and let me add another note here.. the incentives are different among FARMERS (huge facilities of mining) and MINERS (rigs at home). miners do mine for fun, opinion, curiosity, learning or investment. miners also 100% own their tools (paid in cash) and usually have no employees and are loyal to some coins. but farmers are a group of stakeholders who invest in setting up huge mining facilities (paid by loans) just for PROFIT and have employees for physical security, accounting, operation, etc. farmers also are not loyal to a specific coin - even if they equip their farms by ASIC devices.

therefore these two group of miners show different reactions in pricing crisis. it seems we always could count on MINERS group.

Development of "Azim Blockchain" is in progress..
HeRetiK
Legendary
*
Offline Offline

Activity: 2884
Merit: 2061



View Profile
November 22, 2018, 12:41:07 AM
 #30

I do think it's important to point out that a 51% attack (however unlikely) is not a mere double-spend attack which can be averted by awaiting an appropiate confirmation count. Any adversary holding 51% of the hashrate will always outmine their competitors, for as long as they are able to uphold the majority hashrate. (again, completely ignoring the economics of such an attack)

Sure they will but why ignoring economics? It is all about economics isn't it? [...]

Because we're talking about the hypothetical! Smiley

Do you look at a drawing of a Pegasus and are like "Wait a minute, those wings are way too small for a creature of this size, why would someone even draw this it makes no sense!"? Wink


Your arguments about the attacker switching back to another coin after ruining the one under attack is correct, but does not lead to anything new, once he leaves everything is restored and he has been rewarded by a bunch of now worthless coins, given he has not managed to fool some reckless merchant or exchange to buy a reverted transaction.

Assuming they are after the coins. Considering all the drama going on I wouldn't dismiss mining attacks out of political reasons (*cough* Bitcoin ABC vs Bitcoin SV *cough*)

The cost of attacking your cash cow is: Electricity + Deprecation of the mined coins + Making your mining equipment useless

The cost of attacking a minority coin is "only": Electricity + Deprecation of the mined coins


And please note, bitcoin started with a few desktop computers and took almost a decade to reach the current state in which like 200k$ a day (at least) worth of electricity is  being spent for its security and yet it has been always secure against 50%+1 attack from the first day because of the beauty of PoW and the equilibrium state between incentives and costs involved in such an attack.

Excellent point, but back then all computational power that went into mining simply went into Bitcoin. Nowadays there's massive computational power floating between whatever coins are most profitable to mine at the time.


Well, there is one thing that we should consider: "genesis block mined by CPU". This obviously influences the early consensus estimations of PoW. Just like the effect of center of mass in Pisa Tower, the granted tolerance of forces is important to the final stability. Even adding equal huge amounts of forces in different direction of Pisa Tower may still preserve its stability, but this time they are far above the granted tolerance and absence of one force in one moment will break down that beautiful tower..

[...]

How does this analogy apply to Bitcoin and PoW? A blockchain is not less stable merely because early blocks were mined at a lower difficulty.


and let me add another note here.. the incentives are different among FARMERS (huge facilities of mining) and MINERS (rigs at home). miners do mine for fun, opinion, curiosity, learning or investment. miners also 100% own their tools (paid in cash) and usually have no employees and are loyal to some coins. but farmers are a group of stakeholders who invest in setting up huge mining facilities (paid by loans) just for PROFIT and have employees for physical security, accounting, operation, etc. farmers also are not loyal to a specific coin - even if they equip their farms by ASIC devices.

therefore these two group of miners show different reactions in pricing crisis. it seems we always could count on MINERS group.

Commercial miners will usually be able to mine much cheaper than hobby miners, due to economics of scales. So while a hobby miner may be willing to mine less profitably, commercial miners are able to stick around longer due to larger profit margins. Therefore I don't think hobby miners are necessarily more likely to keep mining during a bear market than commercial miners. I do think that hobby miners are more likely to hold onto their mined coins than commercial miners though, due to the latter's requirement to keep a consistent (fiat) cashflow.
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
November 23, 2018, 11:08:41 PM
Last edit: November 24, 2018, 10:45:39 AM by mixoftix
Merited by DarkStar_ (5)
 #31

How does this analogy apply to Bitcoin and PoW? A blockchain is not less stable merely because early blocks were mined at a lower difficulty.

let me explain it in another way. look, I have a very good archive from the first days that I have begun coding till now - which means a text file/pdf file that I have in my backup-chain (in DVDs) under e.g. Windows NT in my old 386-XT processor desktop computer is as secure and trusted as a text file that I have written yesterday in my Windows 10 notebook. I have this level of security just because I have upgraded my operating systems regularly. and operating systems sometimes patched/upgraded and sometimes they also changed generation to work with a new hardware.

if my Windows 10 doesn't work properly with a new hardware or malware, I could simply restore (FORK) my data back from my backup-chain (BLOCK-CHAIN) for a while, but this can't long too much -  new operating system (blockchain core) should be available in market very soon. ASIC is the station that makes crypto-currencies to migrate into a new generation.


Commercial miners will usually be able to mine much cheaper than hobby miners, due to economics of scales. So while a hobby miner may be willing to mine less profitably, commercial miners are able to stick around longer due to larger profit margins. Therefore I don't think hobby miners are necessarily more likely to keep mining during a bear market than commercial miners. I do think that hobby miners are more likely to hold onto their mined coins than commercial miners though, due to the latter's requirement to keep a consistent (fiat) cashflow.

I'm working on this. I hope you guys do so, then we could share our observations. during these days of drop in prices, I could see a huge downgrade in hash rates of bitcoin and ethereum, but it seems monero (asic-free crypto) hash rate remains unchanged. I think the opinion factor is working in this case.

----------------------

UPDATED:
I found this website with amazing collection of coins and the theoretical cost of a 51% attack on each network:

https://www.crypto51.app/

Development of "Azim Blockchain" is in progress..
suzanne5223
Hero Member
*****
Offline Offline

Activity: 2576
Merit: 650


Want top-notch marketing for your project, Hire me


View Profile WWW
November 25, 2018, 07:25:03 PM
 #32

I will make another question, as the one that starts the topic was already answered. In case of a 51% attack, the damage should be reverted?

Should it not be an even bigger problem to be able to roll back an action already done on the blockchain?

Bitcoin's political consensus is quite subjective. I mean, the voice of the community is something that depends on time. We do not have a voting system in Bitcoin where a result is clear. BTC is Bitcoin for being clear the choice of the majority. But in an event like such an attack, if it was of great proportions. One group could choose to revert and another group could choose not to. In the same way as with ETH and ETC.

So the question is not whether this is possible. But if this will be the majority choice in the long run.
I believe you have already answer the question you asked like you said BTC is bitcoin and there some majority or group of people which may choose to revert the process while there are some which may choose to play along and this is what happened during the time of SegWit if you could remember that the crypto community were divided into two.

btc-room101
Member
**
Offline Offline

Activity: 182
Merit: 30


View Profile WWW
November 28, 2018, 02:13:29 AM
 #33

2- Limited  user vulnerability: The main targets of 50%+1 attack with its short-range chain rewrite consequences are merchants and exchanges that do not take proper security measures by waiting for enough confirmations (blockchain growth) for high stake transactions. This vulnerability could be mitigated if users closely observe the network overall 50%+1 attack cost and wait for more confirmations up to safe thresholds.

I think this piece of code in JavaScript could help merchants to understand how much confirmations would be enough for their trades - so mitigate the vulnerability. Wallets could generate such information for end users:

https://people.xiph.org/~greg/attack_success.html

That's the thing about 51% attacks though, there is no safe confirmation count for as long as a 51% attack is going on.

To illustrate:

Code:
AttackerSuccessProbability(0.51,1)=1
AttackerSuccessProbability(0.51,6)=1
AttackerSuccessProbability(0.51,100)=1

The question is then not how many confirmations suffice, but how long an adversary can hold 51% of the network's hashrate.

At what date did 'ANTMINER' go live? That's when BITCOIN entered the 'matrix', you can take the red pill or blue pill, the blue pill you ignore the 500LB gorilla ( china, alibaba, antminer,amazon), red-pill you deal with reality.

since antminer went live, they control 90% of the bitcoin mining, that means that whatever they have been doing since then, they have been in control, as they decide the consensus, and nobody else,

funny thing about these red/blue pills is that this site right here is hosted by amazon-services, who is tied to alibaba, who is tied to jack-ma, who own majority interest in antminer, and jack-ma just got entered into the communist party of china, this is a big-deal

continue on folks, live in the matrix, and this time its brought to you by amazon/alibaba

Another way to use the MATH is apply the 'Kelley Criterion', as the differential eqn, optimized solution for max wealth is all the same, 2P=F, once you hit 50% ( 0.5 ) then your in 1.0, say china ( alibaba/amazon ) control 90% of bitcoin mining ( consensus ), then they're 1.8, ownership/control and some more

More interesting thing about the Matrix, and china's social-score ( facebook ), is why would amazon/alibaba want to control all the digital-money on earth, when they already control all the shopping? Why even ship a product, when you own the printing press? Me thinks this is largely a supplier problem, as suppliers to the GORILLA can be PAID in 'crypto fiat', and of course the sheep who work in the factory's too can be paid in crypto-fiat

The Matrix is Real.
20kevin20 (OP)
Legendary
*
Offline Offline

Activity: 1134
Merit: 1597


View Profile
November 28, 2018, 08:53:04 PM
 #34

UPDATED:
I found this website with amazing collection of coins and the theoretical cost of a 51% attack on each network:

https://www.crypto51.app/


Thanks for the provided link.

Upon checking it out, I found out that the cost needed to successfully launch a 51% BTC attack is just    $285,785 at the current hash rate of 42,023 PH/s (an one hour attack). Does this mean the attack would work for one hour as soon as someone pays around $300k for rented equipment?

It seems quite cheap in my opinion. For us it might be extremely expensive and unimaginable to spend this much just for a 1hr attack, but what if a millionaire - or billionaire - decides to do this? It's possible, right?

Could someone explain the NiceHash part? It says BTC is 1% NiceHashable, what does that mean?
HeRetiK
Legendary
*
Offline Offline

Activity: 2884
Merit: 2061



View Profile
November 28, 2018, 10:22:42 PM
 #35

UPDATED:
I found this website with amazing collection of coins and the theoretical cost of a 51% attack on each network:

https://www.crypto51.app/


Thanks for the provided link.

Upon checking it out, I found out that the cost needed to successfully launch a 51% BTC attack is just    $285,785 at the current hash rate of 42,023 PH/s (an one hour attack). Does this mean the attack would work for one hour as soon as someone pays around $300k for rented equipment?

It seems quite cheap in my opinion. For us it might be extremely expensive and unimaginable to spend this much just for a 1hr attack, but what if a millionaire - or billionaire - decides to do this? It's possible, right?

Could someone explain the NiceHash part? It says BTC is 1% NiceHashable, what does that mean?


That attack cost is calculated using NiceHash's pricing which sounds like a nice metric in theory, but given a sufficiently strong network is completely useless in practice:

Using the prices NiceHash lists for different algorithms we are able to calculate how much it would cost to rent enough hashing power to match the current network hashing power for an hour. Nicehash does not have enough hashing power for most larger coins, so we also calculated what percentage of the needed hashing power is available from Nicehash.

BTC being 1% NiceHashable means that purchasing all available hashing power of NiceHash would only yield you 1% of Bitcoin's network making this a rather losing proposition. So no, you can't simply waltz in and buy Bitcoin's majority hashrate.
aliashraf
Legendary
*
Offline Offline

Activity: 1456
Merit: 1174

Always remember the cause!


View Profile WWW
November 29, 2018, 09:11:30 AM
 #36

BTC being 1% NiceHashable means that purchasing all available hashing power of NiceHash would only yield you 1% of Bitcoin's network making this a rather losing proposition. So no, you can't simply waltz in and buy Bitcoin's majority hashrate.
Plus, pumping that 1% increases the price too.
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
November 29, 2018, 10:23:34 AM
Merited by DarkStar_ (5), aliashraf (1)
 #37

Upon checking it out, I found out that the cost needed to successfully launch a 51% BTC attack is just $285,785 at the current hash rate of 42,023 PH/s (an one hour attack). Does this mean the attack would work for one hour as soon as someone pays around $300k for rented equipment?

Hello Kevin,

these days, there are several videos out there showing you could buy some editions of farm's ASIC devices for 5 Chinese-Yuan (0.72 USD) per pound! but as HeRetiK said above, you can't directly include these parameters in a lets_do_51_attack() function. this need a huge planning for attack - BUT:

I could imagine a consortia of farmers who decide to have their own coin as a new rival to bitcoin. they should be insane to break down the bitcoin and then advertise their new coin, this is not how the market work -  a continuous pumping/dumping in prices of all coins do. do a little math, assume that you have 2000 BTC in your pocket and you also have a farm with 1 PH/s processing power. you are also a member of consortia which enrolls 20 PH/s of the bitcoin.

now when BTC is in 7000 USD, you could sell 1000 of your coins and divert your hash power into a fork that you could buy 10'000 of them at 5 USD. you tell me, what happens if the price of BTC dumps down to 4000 USD and the price of new forked coin pumps up to 15 USD (downgraded hash-power and electricity usage)?

just in the BTC part, you can save 3000 USD x 1000 BTC = 3'000'000 USD for investment in a new fork just by diverting your hash power and by (buying those 1000 BTC back) diverting you hash-power back to BTC when the price is 7000 USD again you could earn another 3'000'000 USD, why you should attack it?! I call it a shadowed social attack to BTC users.

======================

there is also an interesting note in paper of the byzantine generals problem that includes the number of traitor generals, the paper also is talking about the paths that connect generals to each other. in PoW scheme, I could interpret the path parameter as the distribution of hash power among miner entities. if we have 10 miners in our network, and if 2 of them hold 80% of the hash power of the network (40% for each of them) this is more likely to have double spend transactions in our network than when each of our 10 miners holds 10% of hash power - equally. The distribution of hash power is important and ASIC is against it.

P.S.

sometimes I think about 10 miners that 8 of them have 10% of hash power and the ninth with 9% and the tenth with 11% and while they all are in parallel processing, why the tenth miner won't be able to hide himself and solve the nonce quicker than the other miners?


Development of "Azim Blockchain" is in progress..
HeRetiK
Legendary
*
Offline Offline

Activity: 2884
Merit: 2061



View Profile
November 29, 2018, 11:10:05 AM
 #38

[...]

I could imagine a consortia of farmers who decide to have their own coin as a new rival to bitcoin. they should be insane to break down the bitcoin and then advertise their new coin, this is not how the market work -  a continuous pumping/dumping in prices of all coins do. do a little math, assume that you have 2000 BTC in your pocket and you also have a farm with 1 PH/s processing power. you are also a member of consortia which enrolls 20 PH/s of the bitcoin.

now when BTC is in 7000 USD, you could sell 1000 of your coins and divert your hash power into a fork that you could buy 10'000 of them at 5 USD. you tell me, what happens if the price of BTC dumps down to 4000 USD and the price of new forked coin pumps up to 15 USD (downgraded hash-power and electricity usage)?

just in the BTC part, you can save 3000 USD x 1000 BTC = 3'000'000 USD for investment in a new fork just by diverting your hash power and by (buying those 1000 BTC back) diverting you hash-power back to BTC when the price is 7000 USD again you could earn another 3'000'000 USD, why you should attack it?! I call it a shadowed social attack to BTC users.

Are the parallels to Bitcoin Cash intentional? :3

Currently it definitely seems like social attacks would be the most effective way to damage Bitcoin in the long term.


sometimes I think about 10 miners that 8 of them have 10% of hash power and the ninth with 9% and the tenth with 11% and while they all are in parallel processing, why the tenth miner won't be able to hide himself and solve the nonce quicker than the other miners?

The miner with 11% of the hashrate is able to check more nonces within the same timeframe, therefore they will find on average more blocks than their competition causing their hashrate superiority to be visible to the public (within a margin of error). That all miners are working in parallel doesn't change that.
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
November 29, 2018, 01:18:10 PM
Merited by aliashraf (2)
 #39

Are the parallels to Bitcoin Cash intentional? :3
Currently it definitely seems like social attacks would be the most effective way to damage Bitcoin in the long term.

and centralized mining-pools here (because of providing the information about the overall hash-power of the network, that the network protocol is blind about it) are responsible for such damages to the crypto community. you know very well that blockchains set up their block difficulty by timing that they need -  not the hash power of decentralized miners around it. hash power is the sort of information that comes from pools. if someone really wants to perform an attack, needs to monitor the activity of pools and the distribution of processing power among them. the paper bellow (which discusses the selfish miners behavior and their effects on a crypto-currency. based on the paper selfish miners could attack a network by 25% processing power) has some good notes in this area too:

http://www.mixoftix.net/knowledge_base/blockchain/Bitcoin_Mining_is_Vulnerable.pdf

and this is where we could understand the importance of ideas in post entitled "Getting rid of pools: Proof of Collaborative Work":

https://bitcointalk.org/index.php?topic=4438334.0

Development of "Azim Blockchain" is in progress..
mixoftix
Full Member
***
Offline Offline

Activity: 124
Merit: 178

..


View Profile WWW
December 01, 2018, 11:36:08 PM
Last edit: December 02, 2018, 01:01:00 PM by mixoftix
 #40

sometimes I think about 10 miners that 8 of them have 10% of hash power and the ninth with 9% and the tenth with 11% and while they all are in parallel processing, why the tenth miner won't be able to hide himself and solve the nonce quicker than the other miners?


I just visit this web site and found it very useful for some risk analysis and possible attacks to PoW. these sort of information are necessary for planning an attack. if you look for amazing stats, just compare bitcoin, bitcoin cash and bitcoin sv:

https://miningpoolstats.stream/bitcoin

UPDATED:
the link above shows many of pools in several coins are (or could simply become) the majority of their network!!
very interesting to see a power outage, a maintenance in major pools could be harmful..

Development of "Azim Blockchain" is in progress..
Pages: « 1 [2] 3 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!