FandangledGizmo (OP)
Legendary
Offline
Activity: 1138
Merit: 1001
|
|
August 18, 2014, 05:17:31 PM |
|
I'm not that technical. But I've seen this approach being discussed on the BitShares forum as perhaps a weakness of POW. Would this work, is this a threat at all? Step 1) Buy 3% of the hash power (secretly) Step 2) Set up a mining pool that merge mines Namecoin (or other alts) and auto sells for BTC, thus charging a negative fee Step 3) Once your pool has enough hash power (3-4%), point your secret hash power at top mining pool Step 4) Don't submit winning hashes, reducing the REVENUE of competitors by 3% Step 5) Continue to subsidize your pool with BTC earned from competitors pools
Result: Competitors pools become unprofitable and your pool is the only profitable option, your pool gets 51%
Step 6) Randomly Orphan blocks produced by other pools (cutting into their profits more, increasing your hash power further as people are forced to join your pool or eat losses on their hardware investment)
The cost of the attack is an order of magnitude cheaper than buying 51% hash power and assumes only that a large number of miners are in this to earn profits today and not to hold BTC. You appeal to their short-term greed, their thin margins, or their cash flow constraints to force them to join you to avoid losses.
The only way to combat this is to have 51% of the hash power in private pools.
|
|
|
|
BitcoinEXpress
Legendary
Offline
Activity: 1210
Merit: 1024
|
|
August 18, 2014, 05:22:26 PM |
|
I highly suggest you talk to someone with a clue, seriously.
~BCX~
|
|
|
|
Lauda
Legendary
Offline
Activity: 2674
Merit: 2965
Terminated.
|
|
August 18, 2014, 05:41:47 PM |
|
That's something like: how to get rich 1) Use time machine to go back in time 2) Buy BTC 3) sell in 2020. In theory it works, but in reality not really. How about the person who posted it in the forum tries it and see what happens.
|
"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks" 😼 Bitcoin Core ( onion)
|
|
|
bornil267645
|
|
August 18, 2014, 05:50:10 PM |
|
Do you even have the slightest idea about how important Bitcoin Mining!!! and you want to attack it!!! Why!!!
|
|
|
|
scorchingsun
Newbie
Offline
Activity: 6
Merit: 0
|
|
August 18, 2014, 05:57:40 PM |
|
That strategy isn't that bad, actually! No wait, it is! Your whole plan fails due to the fact that you only mine looking for a solution for the pool's address! Withholding the winning shares will hurt the pool, but you can't subsidize anything with that. Oh and withholding shares can be be detected with some smart heuristics.
|
|
|
|
FandangledGizmo (OP)
Legendary
Offline
Activity: 1138
Merit: 1001
|
|
August 18, 2014, 06:00:53 PM |
|
Do you even have the slightest idea about how important Bitcoin Mining!!! and you want to attack it!!! Why!!!
I don't want to attack it! Half my alt-coin investment is in Bitcoin! However if someone says it may be possible to attack Bitcoin with 3/4% of the hashing power, I'd like to understand why it's wrong. To me it seemed like, (To keep the numbers simple)... ---- - If there were a $1 Billion in new coins made a year then a pool with 30% hash power could expect to earn $300 million in revenue. - However Bitcoin margins are tight. How tight? I don't know but I doubt they're making more than $15-30 million profit. - If 3% secret hash power (or 10% of the pool) was not submitting winning hashes, it would take $30 million of revenue from them, making them unprofitable. - As you're part of their pool though you would still receive a 97% payout, $27 million. So you may be at a loss too but only a $1 million or two and for that you get to make the main mining pool unprofitable. - Hashers would leave the main unprofitable pool for the one a bad intentioned person controls, which could then easily accumulate 51% hashing power. ---- Oh and withholding shares can be be detected with some smart heuristics.
That sounds like it may be an answer, why this can't work thanks!
|
|
|
|
Prez
|
|
August 18, 2014, 06:01:53 PM |
|
I highly suggest you talk to someone with a clue, seriously.
~BCX~
You are so nice.
|
|
|
|
FandangledGizmo (OP)
Legendary
Offline
Activity: 1138
Merit: 1001
|
|
August 18, 2014, 06:42:48 PM |
|
Oh and withholding shares can be be detected with some smart heuristics.
That sounds like it may be an answer, why this can't work thanks! I asked about the 'smart heuristics' on the BitShares forum scorchingsun, If you divide your attack hash power among 1000 accounts, then the probability that any one of those accounts would find a block in a given a given year is effectively 0. No way to distinguish "unlucky" from "withholding" without a large enough sample size. Keep the accounts small enough and you will be undetectable. (Sybil Attack)
If someone like BCX, who seems to know his stuff, could give me a simple answer why this attack wouldn't work I would greatly appreciate it. Thanks!
|
|
|
|
amaclin
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
August 18, 2014, 06:54:55 PM |
|
Step 1) Buy 3% of the hash power (secretly) Step 2) Set up a mining pool that merge mines Namecoin (or other alts) and auto sells for BTC, thus charging a negative fee Step 3) Once your pool has enough hash power (3-4%), point your secret hash power at top mining pool Step 4) Don't submit winning hashes, reducing the REVENUE of competitors by 3% Step 5) Continue to subsidize your pool with BTC earned from competitors pools Yes. It is possible. But what it the long-time expected result? Do you want to gain all 21m bitcoins? OK, I suggest another idea: 1) Lets create a fork with 100% premine. 2) Profit! Voila! You have all hash power and all coins without any initial spendings. ---- Update: what country are you from? compare your steps 1...5 with the history of your country
|
|
|
|
FandangledGizmo (OP)
Legendary
Offline
Activity: 1138
Merit: 1001
|
|
August 18, 2014, 07:05:57 PM |
|
Step 1) Buy 3% of the hash power (secretly) Step 2) Set up a mining pool that merge mines Namecoin (or other alts) and auto sells for BTC, thus charging a negative fee Step 3) Once your pool has enough hash power (3-4%), point your secret hash power at top mining pool Step 4) Don't submit winning hashes, reducing the REVENUE of competitors by 3% Step 5) Continue to subsidize your pool with BTC earned from competitors pools Yes. It is possible. But what it the long-time expected result? Do you want to gain all 21m bitcoins? OK, I suggest another idea: 1) Lets create a fork with 100% premine. 2) Profit! Voila! You have all hash power and all coins without any initial spendings. ---- Update: what country are you from? compare your steps 1...5 with the history of your country No, I think the result is either to do a 51% attack on Bitcoin or build a big mining pool like Ghash, for profit, from a small start using this tactic. Previously I'd been lead to believe someone would have to get control of 51% of the hashing power which is very expensive. The above example makes it seem you could achieve the same result with 3/4% of the hashing power in a fairly short period of time. Which is why I'd like to debunk it. (I don't get the country analogy, sounds interesting, but it went over my head I'm afraid.)
|
|
|
|
amaclin
Legendary
Offline
Activity: 1260
Merit: 1019
|
|
August 18, 2014, 07:21:04 PM |
|
do a 51% attack on Bitcoin or build a big mining pool like Ghash 1) and what next? 2) ghash already uses merged mining reducing the REVENUE of competitors by 3% (I don't get the country analogy, sounds interesting, but it went over my head I'm afraid.) To win in a modern competition in economics you should not drop bombs and have the largest military forces. The only thing you should do is reducing the revenue of competitors. This can be done by printing your currency and spread it to a pool miners native citiziens (negative fee, budget deficit) Analogy: bitcoin=gold, namecoin=dollar, community=world, your miners=us citizens, 1492...2014 and so on
|
|
|
|
MegaHustlr
|
|
August 18, 2014, 07:35:31 PM |
|
That's something like: how to get rich 1) Use time machine to go back in time 2) Buy BTC 3) sell in 2020. In theory it works, but in reality not really. How about the person who posted it in the forum tries it and see what happens.
I COULD be done easier than that^ just still not really.
|
|
|
|
JohnFromWIT
Member
Offline
Activity: 112
Merit: 10
|
|
August 18, 2014, 07:42:40 PM |
|
Do you even have the slightest idea about how important Bitcoin Mining!!! and you want to attack it!!! Why!!!
I don't want to attack it! Half my alt-coin investment is in Bitcoin! However if someone says it may be possible to attack Bitcoin with 3/4% of the hashing power, I'd like to understand why it's wrong. To me it seemed like, (To keep the numbers simple)... ---- - If there were a $1 Billion in new coins made a year then a pool with 30% hash power could expect to earn $300 million in revenue. - However Bitcoin margins are tight. How tight? I don't know but I doubt they're making more than $15-30 million profit. - If 3% secret hash power (or 10% of the pool) was not submitting winning hashes, it would take $30 million of revenue from them, making them unprofitable. - As you're part of their pool though you would still receive a 97% payout, $27 million. So you may be at a loss too but only a $1 million or two and for that you get to make the main mining pool unprofitable. - Hashers would leave the main unprofitable pool for the one a bad intentioned person controls, which could then easily accumulate 51% hashing power. ---- Oh and withholding shares can be be detected with some smart heuristics.
That sounds like it may be an answer, why this can't work thanks! First post didn't make sense to me, this post makes way more sense as to what you're saying. Interesting idea, scorchingsun says you could find those withholding finds, but would this be efficient?
|
|
|
|
MineForeman.com
Legendary
Offline
Activity: 896
Merit: 1000
|
|
August 18, 2014, 07:45:30 PM |
|
Step 4) Don't submit winning hashes, reducing the REVENUE of competitors by 3%
When mining you don't know if you have the winning hash until after you submit it (sometimes not even then). Neil
|
|
|
|
|
franky1
Legendary
Offline
Activity: 4340
Merit: 4691
|
|
August 18, 2014, 08:03:31 PM |
|
I'm not that technical. But I've seen this approach being discussed on the BitShares forum as perhaps a weakness of POW. Would this work, is this a threat at all? Step 1) Buy 3% of the hash power (secretly) Step 2) Set up a mining pool that merge mines Namecoin (or other alts) and auto sells for BTC, thus charging a negative fee Step 3) Once your pool has enough hash power (3-4%), point your secret hash power at top mining pool Step 4) Don't submit winning hashes, reducing the REVENUE of competitors by 3% Step 5) Continue to subsidize your pool with BTC earned from competitors pools
Result: Competitors pools become unprofitable and your pool is the only profitable option, your pool gets 51%
Step 6) Randomly Orphan blocks produced by other pools (cutting into their profits more, increasing your hash power further as people are forced to join your pool or eat losses on their hardware investment)
The cost of the attack is an order of magnitude cheaper than buying 51% hash power and assumes only that a large number of miners are in this to earn profits today and not to hold BTC. You appeal to their short-term greed, their thin margins, or their cash flow constraints to force them to join you to avoid losses.
The only way to combat this is to have 51% of the hash power in private pools.
in short no.. 2) if your pools is charging different miners negative fee, then your not making income 3) if your attempts to on the other pool your equipment was on, did actually succeed in preventing them making blocks.. your simply stopping yourself getting paid too... 4) every miner is not submitting winning hashes thousands of times a second.. all hashes are losers until (average tenth minute) one single hash is the winner. thus your not doing any damage, 5) as described in (3)(4) you cant subsidize YOUR pool if you are not making any funds from the other pools.. 6) a 3% hashrate farm wont make a blind bit of difference.. all your doing is wasting your own funds and costing yourself alot of wasted time, for nothing. but goodluck trying it.
|
I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER. Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
|
|
|
FandangledGizmo (OP)
Legendary
Offline
Activity: 1138
Merit: 1001
|
|
August 18, 2014, 08:35:53 PM Last edit: August 18, 2014, 09:11:25 PM by FandangledGizmo |
|
Step 4) Don't submit winning hashes, reducing the REVENUE of competitors by 3%
When mining you don't know if you have the winning hash until after you submit it (sometimes not even then). Neil Hi Neil, thanks for the input. This is the latest response I've got from BM on the forum https://bitsharestalk.org/index.php?topic=7003.msg94085#msg94085You know if your hash might produce a block.
You are not "submitting billions of hashes to the pool" you are only submitting hashes below a certain threshold. Simply don't return any hash below the current block chain difficulty to the pool.
You still end up submitting a lot of "work shares" but no "work shares" that might qualify as a winning hash.
It is impossible for the pools to efficiently distribute the "search process" while keeping the target of the search a "secret". The miner needs to know they found the "secret" before they decided to broadcast it to the pool. Because the miner is the one who knows the hash first and must DECIDE to broadcast then the miner is in control.
Effectively everyone who mines "work shares" but never shares anything that could also claim a block is earning income from the pool without actually helping to secure the network or increasing the Bitcoin difficulty.
An attacker who can mine more efficiently than everyone else can perform this attack on the network.
Suppose the average profitability of miners is 5% and someone is able to mine with 10% margins. They can attack the pool by doing "negative mining". With "negative mining" they will "earn 5%" while their competitors are forced to eat losses or stop mining all together.
With positive mining you end up increasing the bitcoin difficulty and pushing out competition. With negative mining you end up decreasing the bitcoin difficulty while earning the same profit.
Bitcoin difficulty is a function of the profitability of mining. When mining in a pool it is a function of the pool payout. If the attacker can reduce the payout of all public pools, then it will reduce the profitability of all small miners to the point where they stop mining and the network difficulty drops.
The end result is that all pools must go private or have very stringent verification processes for people to join the pool.
|
|
|
|
liondani
Member
Offline
Activity: 97
Merit: 10
Inch by Inch,Play by Play
|
|
August 18, 2014, 08:54:28 PM |
|
interesting stuff, waiting to read more!
|
Inch by Inch, Play by Play Bitrated user: liondani.
|
|
|
scorchingsun
Newbie
Offline
Activity: 6
Merit: 0
|
|
August 18, 2014, 09:01:43 PM |
|
Oh and withholding shares can be be detected with some smart heuristics.
That sounds like it may be an answer, why this can't work thanks! I asked about the 'smart heuristics' on the BitShares forum scorchingsun, If you divide your attack hash power among 1000 accounts, then the probability that any one of those accounts would find a block in a given a given year is effectively 0. No way to distinguish "unlucky" from "withholding" without a large enough sample size. Keep the accounts small enough and you will be undetectable. (Sybil Attack)
If someone like BCX, who seems to know his stuff, could give me a simple answer why this attack wouldn't work I would greatly appreciate it. Thanks! You may be right about that, I'm not that firm in the theory. But in order to mine at other pools or pools at the same time, they'd need you to find a solution for the same Bitcoin address as the coinbase (not the company) address.
|
|
|
|
lnternet
|
|
August 18, 2014, 09:07:45 PM |
|
Maybe it's also possible to mine for two pools at the same time? Would like to have a wiki article on attack vectors on mining operators where these questions are answered. When mining you don't know if you have the winning hash until after you submit it (sometimes not even then).
I thought so, but how does that actually work?
|
1ntemetqbXokPSSkuHH4iuAJRTQMP6uJ9
|
|
|
|