Is 51% attack a double-spending threat to bitcoin?

[aliashraf]

Is 51% attack a double-spending threat to bitcoin?

My answer: No!

My argument: By definition, bitcoin is a solution to the double-spending problem:

Abstract.  A purely peer-to-peer version of electronic cash would allow online payments to be sent directly from one party to another without going through a financial institution.  Digital signatures provide part of the solution, but the main benefits are lost if a trusted third party is still required to prevent double-spending. We propose a solution to the double-spending problem using a peer-to-peer network. The network timestamps transactions by hashing them into an ongoing chain of hash-based proof-of-work, forming a record that cannot be changed without redoing the proof-of-work.

The way Satoshi puts it in the very first line of the white paper, as a solution, bitcoin is immune against, rather than resistant to, double-spending. Double-spending makes digital cash absolutely worthless because of its potential to suffer from unregulated inflation. Bitcoin is safe against such inflation inherently and it is not because of PoW on top of or game theory behind bitcoin. In its most vicious (and ignorant) way of malfunctioning, a majority of hash power could defraud single users and won't be able to create bitcoins out of nowhere.

Misinterpretation: A majority of hash power collided is claimed to be a double-spending threat to bitcoin because of the sole power of chain-reorgs that let them defraud users. Yet it is not a proper classification of this threat as such practices are bound by cost/incentive tradeoffs according to the game theory employed by bitcoin.

My take (which is a surprise somehow):
Unlike what is said ever and ever, one could put trust in miners as long as there is proof that:

• Miners are not inflating the supply illegally,
• The costs involved in defrauding him/her (personally) by re-org attacking the bllockchain are orders of magnitude higher than the assets he/she has put in stake.
  

This is the fundamental principle behind a hierarchical sharding scheme which I'll propose later.

[1714662772]

1714662772

[1714662772]

1714662772

[1714662772]

1714662772

[odolvlobo]

Bitcoin is not a perfect solution to the double-spending problem, so there is always a threat.

The security of Bitcoin depends on financial incentives, specifically the assumption that the participating parties try to maximize their financial gain and that they act rationally to achieve that goal. The security can fail in cases where that assumption does not apply. A double-spend via a 51% attack can never be dismissed as impossible.

Two plausible examples:

Bitcoin could be doomed if a country decides that Bitcoin is a threat to national security and is willing to spend whatever it takes to dominate the hash rate and destroy Bitcoin via double-spends and DOS.

In 2014, ghash.io achieved more than 50% of the hash rate and could have performed a double-spend. Normally, a pool would not do that because it would mean the end of the pool as miners would desert them. But suppose ghash.io decided that they wanted to become famous for being the only pool to successfully execute a double-spend via a 51% attack regardless of the consequences. In the end, it turns out they really had nothing to lose because they lost all of their miners anyway. They didn't do a 51% attack, but they could have and they might have been motivated.

[ABCbits]

The security of Bitcoin depends on financial incentives, specifically the assumption that the participating parties try to maximize their financial gain and that they act rationally to achieve that goal. The security can fail in cases where that assumption does not apply. A double-spend via a 51% attack can never be dismissed as impossible.

Specifically financial stability or long term financial plan. Double-spend via 51% attack could have good short term financial incentives if :
1. Network hashrate is relative low
2. Attacker have access to 51% or more hashrate (compared with network hashrate), either by own or rent mining hardware.
3. There's vulnerable exchange/service with relative low minimum confirmation and fast time to process withdraw request/send digital goods.

51% attack on BTG is the prime example.

[aliashraf]

Bitcoin is not a perfect solution to the double-spending problem, so there is always a threat.

There is absolutely no double-spending threat, bitcoin is an ultimate solution to this problem. let's elaborate more:


What is the double-spending problem?
For a digital token to be used as peer-to-peer electronic cash, a medium of exchange, it is absolutely necessary to have an inflation regulatory mechanism because digital streams are reproducible trivially bu consuming almost zero resources. Owners of digital assets have full incentives and sole power to send multiple copies to different users. Electronic signatures are of negligible relevance to help with mitigating this issue and trusted third parties gain too much power. A decentralized, trustless, permissionless, open solution is the only acceptable solution to this problem.

How bitcoin solves the double-spending problem?
The most critical game-changing innovation of Satoshi and bitcoin is the core idea of using a distributed ledger, synchronized by consensus. PoW and game theory are used in bitcoin as instruments to prevent spamming and adversary behavior by establishing a fair voting mechanism. As long as the distributed ledger is balanced and there is no inflation we have the solution and whether the instruments used are perfect or not is irrelevant. They are secondary problems.


Is bitcoin perfect?
Hell no! Bitcoin is just a first attempt to implement the solution, besides there is no such system in the universe, a perfect system! The most important flaw in bitcoin, which I've been investigating/trying_to_address for a long time is the infamous pooling pressure flaw and its 51% consequential threats.


Is the 51% problem a cloned form of the double-spending problem?
No! The 51% problem is secondary and has nothing to do with double-spending because it has no irregular inflation consequence. The main concerns with 51% are fraud and censorship/DoS vulnerabilities.

Is there any built-in countermeasure to mitigate 51% problem?
Yes, there is, PoW plus game theory, the former is flawed (pooling pressure)but working now and the later is not flawed.  

Is the "rational behavior assumption" in the way game theory is employed in bitcoin is a flaw?
No, it is not. There is no version of game theory without such assumption and it has been used in economics and politics exactly the same way as bitcoin is using it.

What's the point?
The point is about the infamous "Don't trust, verify" and how it is exaggerating the situation with miners in bitcoin. Putting trust in miners is discouraged too much and in a vague and confusing way. It is a major obstacle in the development scene of bitcoin IMO.

[aliashraf]

The security of Bitcoin depends on financial incentives, specifically the assumption that the participating parties try to maximize their financial gain and that they act rationally to achieve that goal. The security can fail in cases where that assumption does not apply. A double-spend via a 51% attack can never be dismissed as impossible.

Specifically financial stability or long term financial plan. Double-spend via 51% attack could have good short term financial incentives if :
1. Network hashrate is relative low
2. Attacker have access to 51% or more hashrate (compared with network hashrate), either by own or rent mining hardware.
3. There's vulnerable exchange/service with relative low minimum confirmation and fast time to process withdraw request/send digital goods.

51% attack on BTG is the prime example.

To be even more clear:
Defrauding people by re-org attacks on blockchains is not double-spending because it doesn't inflate the coins in circulation, it is just a fraud!

- Collided miners/pools could be spotted and being put behind bars!

- Smart people should wait for enough (weeks maybe) confirmations before releasing large amounts of assets in exchange for digital tokens as long as they are concerned about such a threat.

[BrewMaster]

one could put trust in miners

what exactly do you mean by "put trust in miners" here?

Bitcoin could be doomed if a country decides that Bitcoin is a threat to national security and is willing to spend whatever it takes to dominate the hash rate and destroy Bitcoin via double-spends and DOS.

it may be possible to cause some short term drama and maybe some small damage to bitcoin but it is extremely hard for a 51% attack to destroy bitcoin.
such attacks must be accompanied by scamming of a large number of bitcoin users out of a very large sum of money to be able to damage bitcoin. the scenario you describe requires that  country to start trading with other bitcoin users and then scams them by reversing the transaction! the cost of such scam is too huge which includes legal problems for that government.
otherwise just finding the same blocks that were mined and ending up with a longer chain could not "destroy" bitcoin.

[aliashraf]

what exactly do you mean by "put trust in miners" here?

There are many proposals and ideas being abandoned or lack support in the community because of slogans like "Don't trust, verify" and wrong narrow assumptions about the criteria in which one can count on PoW and miners. For instance:

- We have UTXO commitment proposals that could help with the insane "sync form Genesis" policy but are not getting support because of a general hesitation of relying too much on PoW.

-  We have Drivechain and sidechains scaling solutions being left in darkness and confusion because people are arguing about how miners can steal all funds deposited there overnight.

- Most importantly, sharding schemes are being criticized for their too much reliance on PoW and mining.

The problem with this paranoia about mining is its lack of theoretic transparency. The advocates representing such paranoia have never established a reasonable framework to specify in what aspects and by what extent one can rely on PoW and where it is not a reliable source of trust.

In this topic, instead of vague and political ideas about how reliable are miners in bitcoin, I'm establishing a criteria-based measure:

Miners are reliable as far as:
1- Provably, they are not inflating the supply of bitcoins by breaching the regulations built into the protocol.
2- There is proof that any incoming fund to a wallet approved by miners, comes with an equal deduction from the ledger maintained by them.
3- There is a safe threshold for the number of confirmations where the costs of rewriting the blockchain outperform any criminal incentive for defrauding users by orders of magnitude.

[odolvlobo]

To be even more clear:
Defrauding people by re-org attacks on blockchains is not double-spending because it doesn't inflate the coins in circulation, it is just a fraud!

I see what you mean. When you restrict the meaning of double-spending in that way, then can I agree with you.

But what you call a "misinterpretation" is really a different understanding of the word's meaning. If you modify your approach, you could reduce the confusion about your point.

Miners are reliable as far as:
1- Provably, they are not inflating the supply of bitcoins by breaching the regulations built into the protocol.
2- There is proof that any incoming fund to a wallet approved by miners, comes with an equal deduction from the ledger maintained by them.
3- There is a safe threshold for the number of confirmations where the costs of rewriting the blockchain outperform any criminal incentive for defrauding users by orders of magnitude.

I agree that those are major challenges  to sharding. I look forward to your solution.

[aliashraf]

... what you call a "misinterpretation" is really a different understanding of the word's meaning.

Ambiguity and loosely defined terms circulating around in the community have bad consequences. In my previous post, I've presented some examples.

Accusing proposed schemes and improvements to bitcoin of being vulnerable to double-spending (because PoW is kinda suspicious to be 51% attacked by colliding pools/miners) is nothing less than cutting them out forever.

I'm not much of a conspiracy theory believer but I see a lot of bad incentives and I wouldn't be surprised if it found to be a deliberately implanted confusion. Anyway, it is time to get rid of this ambiguity and move forward, imo.

[Wind_FURY]

Miners are reliable as far as:

1- Provably, they are not inflating the supply of bitcoins by breaching the regulations built into the protocol.

2- There is proof that any incoming fund to a wallet approved by miners, comes with an equal deduction from the ledger maintained by them.

3- There is a safe threshold for the number of confirmations where the costs of rewriting the blockchain outperform any criminal incentive for defrauding users by orders of magnitude.

It's actually because of the full nodes. They secure the network, to make sure the miners are following the rules, and make sure to mine the type of blocks that the full nodes demand.

Plus, https://twitter.com/bitcoinmagazine/status/1197161029832265729

[aliashraf]

Miners are reliable as far as:

1- Provably, they are not inflating the supply of bitcoins by breaching the regulations built into the protocol.

2- There is proof that any incoming fund to a wallet approved by miners, comes with an equal deduction from the ledger maintained by them.

3- There is a safe threshold for the number of confirmations where the costs of rewriting the blockchain outperform any criminal incentive for defrauding users by orders of magnitude.

It's actually because of the full nodes. They secure the network, to make sure the miners are following the rules, and make sure to mine the type of blocks that the full nodes demand.

Plus, https://twitter.com/bitcoinmagazine/status/1197161029832265729

You are rehashing the same argument the old "Don't trust, verify" thing which has fed the community up. It'd be a good occasion to make a re-assessment, I suppose and will do my best to help.

look, God is dead, and with him the absolute, eternal, big picture view of the universe. There is no highly privileged point of view, nobody is in charge of everything, Satoshi is gone and there are only millions of users, individual users and they should take care of their security, one by one, there is no community, we are not members of a sect.

Your notion about full nodes and how they are securing the network is misleading, full nodes are not securing anybody other than themselves, their own wallets and their own mining resources (for solo miners), this is it!

Now, please read my 3 above conditions and tell me from YOUR very own personal point of view: IF a hypothetical system could be able to fulfill all three of them do YOU or do YOU not feel absolutely secure?

[aliashraf]

To be even more clear:
Defrauding people by re-org attacks on blockchains is not double-spending because it doesn't inflate the coins in circulation, it is just a fraud!

Usually when people talking about double-spending, they mean using their coin/money twice (ignoring whether first transaction become invalid or both transaction are valid which causes inflation).
IMO you should specify your specific definition of double-spending on your thread.

Well, you are right and I did it above thread and by striking through the wrong perception and bolding the correct one in your comment.

As I've mentioned in my latest reply to @odolvobo, it is very critical to distinguish between the two nowadays because the ambiguity leads to unjust assessment of most improvement proposals.

[AbernathyFray]

Interesting read.  I see it as a term which has become adulterated.  I can't speak of a specific double-spend, but there have been plenty of 51% attacks, especially with alt coins, having low hash rates on their networks. Bad guys were successful in controlling the network and adding a longer chain with fraudulent transactions.  Exchanges were victimized with this as BTC-alt transactions cleared, the BTC was withdrawn and when the breach was discovered, the exchanges lost BOTH coins!

[aliashraf]

@AbernathyFray, welcome to bitcointalk the original bitcoin forum founded by Satoshi Nakamoto,

Defrauding people is always a threat in any financial transaction and cryptocurrency is no exception. For short-range 51% re-org attacks it is always users' responsibility to stay safe by waiting for enough confirmations depending on the volume of the transaction at stake.

[Theb]

We have proposed a system for electronic transactions without relying on trust. We started with the usual framework of coins made from digital signatures, which provides strong control of ownership, but is incomplete without a way to prevent double-spending. To solve this, we proposed a peer-to-peer network using proof-of-work to record a public history of transactions that quickly becomes computationally impractical for an attacker to change if honest nodes control a majority of CPU power.

You forgot the "Conclusion" part of Bitcoin's whitepaper, Bitcoin only has a "proposed solution" for double-spending but was never guaranteed by Saotoshi himself aside from that Satoshi is also aware that a 51% attack is possible that is why he is talking about PoW on transactions on how should it be "computationally impractical" so that it would be "impractical" for an attacker to infiltrate the network. But Satoshi didn't even dived in to the possibility of a 51% attack from happening in Bitcoin's network, I know it would require a lot of resources for an individual or a group to pull through and control 51% of the hash rate but if we are only talking about the chances of this happening I know we all know that a 51% attack has a chance to happen.

[aliashraf]

We have proposed a system for electronic transactions without relying on trust. We started with the usual framework of coins made from digital signatures, which provides strong control of ownership, but is incomplete without a way to prevent double-spending. To solve this, we proposed a peer-to-peer network using proof-of-work to record a public history of transactions that quickly becomes computationally impractical for an attacker to change if honest nodes control a majority of CPU power.

You forgot the "Conclusion" part of Bitcoin's whitepaper, Bitcoin only has a "proposed solution" for double-spending but was never guaranteed by Saotoshi himself aside from that Satoshi is also aware that a 51% attack is possible that is why he is talking about PoW on transactions on how should it be "computationally impractical" so that it would be "impractical" for an attacker to infiltrate the network. But Satoshi didn't even dived in to the possibility of a 51% attack from happening in Bitcoin's network, I know it would require a lot of resources for an individual or a group to pull through and control 51% of the hash rate but if we are only talking about the chances of this happening I know we all know that a 51% attack has a chance to happen.

One doesn't need to scroll down to the conclusion part of the white paper to understand how confused was Satoshi about his work, he made the same mistake in the first paragraph of the abstract section I quoted above thread, as well . Satoshi was a terrible technical writer, brilliant software designer but not much of a writer. I mean look at the white paper as a whole for the starter.

It looks to be my fault starting this thread by quoting from Satoshi and the white paper but it was the right decision because it doesn't matter how Satoshi presented his work, it matters how he had to present it: as a solution to the double-spending problem!

If bitcoin was not such a solution it wouldn't get any attention, leave alone surviving for more than a decade and surpassing a whopping 120+ billion dollars market cap now in its worst days. We have pooling pressure flaw in bitcoin PoW since the first few months after the Genesis and we have pools and all this 51% threat around since late 2010. Bitcoin didn't survive because polls didn't practically do anything bad as the result of some fragile game theoric analysis. People don't trust a system that is half an inch away from a total failure.

The way Satoshi implemented PoW for bitcoin is flawed inherently it is based on a naive winner-take-all approach deemed as being vulnerable to pooling presuure, still we are fine, bitcoin is working, why? Because bitcoin is not about making 51% collision hard to achieve and irrational to carry on, it is about keeping the pace of inflation regulated.
As far as there is no way to print bitcoins out of thin air for miners (collided or not) the double-spending problem is solved, once forever by a genius named Satoshi Nakamoto who was not able to present his brilliant work thoroughly.

Now, and please stay focused, if the double-spend is solved in the first place regardless of what is happening in the mining scene, what's actually driving the anti-PoW/anti-miner propaganda/instincts in this community? I'm asking about the rationale behind this phobia and the way it is blocking so many scaling ideas and proposals? If double-spending is not going to happen and bitcoin supply won't ever exceed the cap, what else is at stake that makes people nervous about trusting in PoW?  

Are people concerned about pools to collide and defraud few Satoshis from reckless users who release their assets with one or two confirmations? Please! Just give me a break.

[Theb]

~snip~

It looks to be my fault starting this thread by quoting from Satoshi and the white paper but it was the right decision because it doesn't matter how Satoshi presented his work, it matters how he had to present it: as a solution to the double-spending problem!

If bitcoin was not such a solution it wouldn't get any attention, leave alone surviving for more than a decade and surpassing a whopping 120+ billion dollars market cap now in its worst days. We have pooling pressure flaw in bitcoin PoW since the first few months after the Genesis and we have pools and all this 51% threat around since late 2010. Bitcoin didn't survive because polls didn't practically do anything bad as the result of some fragile game theoric analysis. People don't trust a system that is half an inch away from a total failure.

Actually I didn't focused on what Satoshi said of Bitcoin's whitepaper, I merely just touched your argument about it which is clearly stated before you quoted Bitcoin's whitepaper. My answer/post basically was just touching all the arguments you have laid on how Bitcoin is the "solution" for double-spending just because Bitcoin's whitepaper has said it so. So I'm sorry if I got off-topic with your new topic, I was basing it in your OP.

Now, and please stay focused, if the double-spend is solved in the first place regardless of what is happening in the mining scene, what's actually driving the anti-PoW/anti-miner propaganda/instincts in this community? I'm asking about the rationale behind this phobia and the way it is blocking so many scaling ideas and proposals? If double-spending is not going to happen and bitcoin supply won't ever exceed the cap, what else is at stake that makes people nervous about trusting in PoW? 

One having fear/worry on something they believe in won't really go away. The presence of just a possibility of a 51% attack happening alone just put some fear in a lot of people, seeing that there is a possible flaw on how Bitcoin transactions work and how they can be erased, reversed, and be double-spended is something that can cause fear in both the consumer and the producer side of things. Not until we reach a certain level of miners really dominating the network I guess this fear from a 51% attack won't just disappear instantly. 

[aliashraf]

:
you have laid on how Bitcoin is the "solution" for double-spending just because Bitcoin's whitepaper has said it so.

I quoted the white paper to highlight what Satoshi has opened his paper with: A solution to the double-spending problem. Nobody would ever bother reading his paper if he was starting by saying: "hey, I got an idea about how to resist against double-spending!"
Money, digital or conventional, is not about just resisting such a huge problem:  being potentially re-producible by spending ever and ever! Satoshi needed to show-up with a solution and it was what he did. The fact that he was somehow confused about the role of PoW, doesn't change anything.

One having fear/worry on something they believe in won't really go away. The presence of just a possibility of a 51% attack happening alone just put some fear in a lot of people, seeing that there is a possible flaw on how Bitcoin transactions work and how they can be erased, reversed, and be double-spended is something that can cause fear in both the consumer and the producer side of things. Not until we reach a certain level of miners really dominating the network I guess this fear from a 51% attack won't just disappear instantly.  

It is not a fear of doubles-pending, take care of the terminology, the sole presence of any kind of fear about double-spending would make bitcoin void. It is just about how a short fraudulent re-org attack can disturb people and this fear has a mitigation measure: wait for more confirmations for more valuable transactions. That simple.

[Hannu]

Yea, but that double-spending problem can solve with bitcoin supporting payment cards or applications on phone.
 

[amishmanish]

Now, and please stay focused, if the double-spend is solved in the first place regardless of what is happening in the mining scene, what's actually driving the anti-PoW/anti-miner propaganda/instincts in this community? I'm asking about the rationale behind this phobia and the way it is blocking so many scaling ideas and proposals? If double-spending is not going to happen and bitcoin supply won't ever exceed the cap, what else is at stake that makes people nervous about trusting in PoW?  

Are people concerned about pools to collide and defraud few Satoshis from reckless users who release their assets with one or two confirmations? Please! Just give me a break.

Hello aliashraf. I have seen you be a long time proponent of scaling ideas on bitcoin. I read a lot of your posts about proposing a rigorous solution and the code for some of your ideas but I don't know if you are actively pursuing them in terms of code. Point me in a direction if you are. I don't think there is any anti-PoW/ anti-miner propaganda in this community. Everyone loves PoW. The concern about miner centralization is only related to the fact that you cannot let a specialized group of people be the sole controlling-stakeholders in a decentralized system that we all hope will continue and flourish long after we have gone. Don't you feel it is a genuine and valid concern considering the vision and magnitude of such a system.

That is why Bitcoin community insist on the throughput constraints for full nodes when business interests are going wild with their 128 MB and 1 GB blocks. The concept that base layer with billions of dollar of value should continue in its robust, widely-accessible form is a worthy goal. What is wrong if real scaling solutions that can enable day-to-day payments come as Layer-2 solutions like LN? Bitcoin has a robust roadmap, in as much as a decentralized roadmap can be. The insistence on scaling the base network by crowding out full nodes and using the "Nodes don't matter" argument does not hold much water. There are more than one way to do a thing right.

What exact scaling solutions do you think the community is not thinking of? We had segwit. Then there is Schnorr and Taproot which bring more functionality and a bit of scaling. I think the community is doing great. Your thoughts and comments on the thread i linked would be welcome.