What is for-profit attack?

[Accardo]

I know it's common amongst some mining pool operators, which is centralized and they can decide what transaction gets to the block and some other sort of manipulations. But, I can't in details understand how this attack works, for or against the consensus rules. How can they take advantage of the consensus rules or how vulnerable is the consensus to such attack? is there any technique or means whereby the bitcoin community tries to stop such attack, lastly can they perform double spending too?

I'm new to this term, pls help. Cheers!

[1714551276]

1714551276

[1714551276]

1714551276

[1714551276]

1714551276

[1714551276]

1714551276

[Accardo]

I also haven't heard this term before. But i did quick search and found out term "for profit attack" was mentioned on first edition of Mastering Bitcoin. Specifically it's located at chapter 8, page 217.

The massive increase of total hashing power has arguably made bitcoin impervious to attacks by a single miner. There is no possible way for a solo miner to control even 1% of the total mining power. However, the centralization of control caused by mining pools has introduced the risk of for-profit attack by a mining pool operator. The pool operator in a managed pool controls the construction of candidate blocks and also controls which transactions are included. This gives the pool operator the power to exclude transactions or introduce double-spend transactions. If such abuse of power is done in a limited and subtle way, a pool operator could conceivably profit from a consensus attack without being noticed

Since Bitcoin consensus doesn't force miner to include all or certain transaction, there's nothing Bitcoin community could do aside from asking miner switch to pool which doesn't perform such attack.

Yeah, I've read through this, but didn't know how to share a clickable link that'll lead to the exact place where I saw the term, however, regarding the double spending, a mining pool (not saying their operators are into such practice) control about 28-31% of the total mining hashrate according to mempool stats, and I just figured that it doesn't really have to be 51% of the hashrate to perform a double spend, that 30% can also execute such an attack. Hence, if that's possible I think I'm clear about the double spending capability of for-profit attack. As you can see the term wasn't explained in details, that's why I asked here to know more about it, the techniques and what can be done about it. Your answer is good, moving people away from a suspected mining pool controlled by tricky operators can help reduce such threat by diminishing the hashrate of the pool, yet it's written that if it's been done carefully they'll go unnoticed. So, I'm wondering if no method exist that can bench or stop for-profit attackers even though a mining pool does that secretly. Or its centralized nature keeps the for-profit attack operators immune from sanction or restriction?

[FP91G]

I also haven't heard this term before. But i did quick search and found out term "for profit attack" was mentioned on first edition of Mastering Bitcoin. Specifically it's located at chapter 8, page 217.

The massive increase of total hashing power has arguably made bitcoin impervious to attacks by a single miner. There is no possible way for a solo miner to control even 1% of the total mining power. However, the centralization of control caused by mining pools has introduced the risk of for-profit attack by a mining pool operator. The pool operator in a managed pool controls the construction of candidate blocks and also controls which transactions are included. This gives the pool operator the power to exclude transactions or introduce double-spend transactions. If such abuse of power is done in a limited and subtle way, a pool operator could conceivably profit from a consensus attack without being noticed

Since Bitcoin consensus doesn't force miner to include all or certain transaction, there's nothing Bitcoin community could do aside from asking miner switch to pool which doesn't perform such attack.

The pool can add any transaction to the block, but I don't understand how the mining pool can include double-spend transactions if it's not a 51% attack. There were commercial attacks in Ethereum, because the order of transactions was important there and Maximal extractable value (MEV) appeared.

[kano]

The 'double spend' comment is wrong.

The consensus rules disallow it.
If a pool or miner starts double spending, they will be off on their own fork and not mining Bitcoin any more.

The only option with 'double spending' is to effectively roll back the block chain and cancel the spend with a new spend to a different address.

However, this would also be blatantly obvious that the pool did it, so they would be crucifying themselves.

[philipma1957]

I explained a method of for profit attack which a large pool that keeps fees can do it is in a sticky thread.

https://bitcointalk.org/index.php?topic=2634505.0


The only way to prevent this attack is for miners to not use pools that keep fees.