if deepbit.net gets anymore hashing speed it could compromise the system

[Tyran]

And now that deepbit is slightly over 50% of the global bitcoin hashing power he's going to take his honestly earned wages and try something like this? *sarcasm in case it wasn't clear* He does not own 50% of the hashing power outright, it is given by the users of the pool. If I were in his position and wanted to be evil I would push the fee up from 3% to 5-6%, much more profitable, easier to accomplish and right out in the open, and doesn't have the possibility of messing up the block chain and impeding future earnings.

I agree. I just answered your question, I'm not accusing Tycho of anything

[1714931423]

1714931423

[grndzero]

I agree. I just answered your question, I'm not accusing Tycho of anything

The question was dramatic for a reason, to disarm all the illogical statements and topic.

I have been around long enough to read and understand the concept of double spending. The document (even though it's not clear in the wording) is talking about someone owning >= 50% of the network hashing power directly under their control vs just controlling a pool with >= 50% of the hashing power of the network. It also relies on being anonymous. If the block chain gets screwed up and the majority controller is anonymous then it's hard to pin on someone. If someone detects a problem in the block chain in a situation like this, guess where they're going first?

Is it possible? Yes.
Is it a imminent threat? No!

[[Tycho]]

Possible way to help with this situation:

http://bitcointalk.org/index.php?topic=7622.0

[Veldy]

Correct me if I am wrong but isn't the heart of the matter that if somebody controls 50% of the hashing power they can take over the system.

There is no way to "take over the system" with just a high hashrate pool/miner. Please read: https://en.bitcoin.it/wiki/Attacks#Attacker_has_a_lot_of_computing_power

The attacker can't:

• Reverse other people's transactions
• Prevent transactions from being sent at all (they'll show as 0/unconfirmed)
• Change the number of coins generated per block
• Create coins out of thin air
• Send coins that never belonged to him

The issue is double spending.  The ability to spend the coins that the pool receives and then use the computational power of the pool to rebuild the chain faster than the original and spend that money again [i.e. thus issuing the pool members bitcoins that turn up invalid].  If you have more than 50% of the hashing power at your disposal, it is possible to spend a LOT of coins and then rebuild the chain [even longer] and spend it again.  It is very unlikely in a pool that anybody would know that it has happened until received payments showed up as invalid.  Nobody is suggesting that Tycho would do such a thing, but it is always advisable when talking about money that anybody may do anything.  After all the only way to be effective is to appear "Good" until the trigger is pulled (using Tycho as an example, however, Tycho in the Deepbit scenario would be the first investigated and thus, I think the least likely to do such a thing).  In reality though, I think the fear is that a hacker/cracker may break the system (pool), learn how it works, build the attack and launch it when the time suites them and in a manner to collect the rewards [i.e. cash out a large amount of bitcoins at high prices, attack the system, wait for the coin value to drop as trust in the bitcoin fails from all those who find their payouts invalid] and either keep the money or buy back into the market at a low price .. shorting the coin].  Clearly, work would have to be done to do this without detection, but due to the nature of the bitcoin and the route taken from coin to fiat currency, the trail may be hard to follow, especially if distributed.

The point is that pools are the OBVIOUS tool to rob the bitcoin.  One large pool is a very alluring target from outside, but, a couple of colluding pools [or a couple of simultaneous attacks against those pools to commit this crime].

So, does Deepbit (or Slush for that fact) have industry leading security analysts constantly making sure the pool is secure and not being prodded, poked, altered, prepared, etc?  I VERY HIGHLY DOUBT IT since Deepbit hasn't been in existence for very long [no pool has].  Thus, the vulnerability is very real.  Will it happen?  I hope not.  Could it happen?  Absolutely.  Will somebody be tempted to look into it?  Absolutely.  Hackers break into the highly secure military and government computers all the time and they have been powerless to completely stop it.  I don't think Deepbit even remotely has the ability to see it coming little enough stop it should a dedicated attack happen.  Market cap is nearly $24 million USD now, so what will it be like in 6 months?  How much money could an attack yield at that time?  Yes, somebody will eventually find the motivation to at least consider the idea and start down the path (right now, I doubt somebody could get away with more than $20K (US) under the assumption that Deepbit has a day worth of BTC rewards on hand).  The market cap has quadrupled in a matter of weeks.  What happens in months?  The ability to transfer money in and out is going to become easier.  Security for these pools will become VERY important; in particular for the LARGE pools (especially if there are only one or two large pools). 

So, has anybody identified who is responsible for all the DOS attacks against so many pools?  Suddenly Slush is down and Deepbit hits 50% (essentially consumes Slush's miners).  A test attack?  A real attack?  For the purpose of testing this scenario?  Probably nothing so nefarious, but it certainly could be.  The one benefit of this I think is that some of the smaller pools are growing now and I HOPE that those that went to Deepbit to weather the storm will go back to Slush when things are working and secure [or go to another pool] since Tycho changed his mind about allowing allowing his pool to exceed 50% (and just said it couldn't happen for a long time only days ago .. clearly not thinking to far ahead about security in my opinion).

As long as there is an extremely large pool, I would be careful about how much hard currency is put into the market in an attempt to inflate it.  There may be some group out there waiting for the bubble to grow large enough to pop the bubble using the Deepbit pin (using the last 24 hours as an analogy).  With two major pools out there, everybody knows that knocking out Slush will inflate Deepbit ... so don't be a pawn if this happens again.

In summary, the bitcoin market is not ready for a large, relatively unsecured pool and the miners are simply worker ants following the sugar and the large pool a potential weapon if not secured TIGHTLY.  As the market cap grows, the risk becomes greater as the profit motive increases.  This is very unfortunate that this had to come up, but it did.  If Deepbit had gone down, this could just as easily be about Slush's pool.   We now know that taking down one large pool in a market with two large pools making up more than 50% of the hashing power is enough to drive the other pool up in size to the point of being the victim of a separate attack used to execute this scenario. 

When dealing with money and markets, a sharp dose of cynicism is very healthy.

Assume the worst ... any problem with this analysis?

[Bit_Happy]

How does decentralized get centralized so quickly?

[grndzero]

How does decentralized get centralized so quickly?

The biggest pool had some technical troubles and stopped working. The majority of people flocked to the second biggest pool and it became the biggest pool.

[rezin777]

The biggest pool had some technical troubles and stopped working. The majority of people flocked to the second biggest pool and it became the biggest pool.

Deepbit was bigger than slush before slush's recent problems. It was right around the time of the infamous OCN thread that deepbit became the biggest. So people from the second biggest flocked to the biggest.

[bill86]

Hi,

I had no time to read all entries of this thread. Sry, if I double post this idea.

How about strengthen the single mining?

Especially in my case I would like to mine only with my own miners without any use of pools.
But I have the problem that I can't run my hardware 24/7. So if I would start now I must stop it in a few days for several private reasons and start hashing from scratch again.
So I have no chance to get ever a block computed under these circumstances.

Is there any chance to build up a local pool (maybe with dynamically starting and stopping hardware components) which preferably saves the last working state to start from again at a later time?
Unfortunately I have not seen any papers or any source code on this topic yet and I don't know how I could get a running pool daemon. I don't understand the "poold" sources because I'm pinched for time and I haven't found any documentation about it.

Since I'm new to bitcoin and I own no actual hardware I have only 0.25BTC left for a possible bounty.

[Hawkix]

By nature, the search for block DOES NOT USE ANY STATE. Once you finish one share, you start from scratch on another.

Simply the difficulty controls how its needed to be lucky to find a block. After found block, the chances are the same.

[bill86]

Hey Hawkix,

By nature, the search for block DOES NOT USE ANY STATE. Once you finish one share, you start from scratch on another.

Simply the difficulty controls how its needed to be lucky to find a block. After found block, the chances are the same.

You didn't understand me. The solved block is not the problem.

As far as I know a miner starts with a nonce. Then it hashes until it reaches a break condition. After that it checks the computed hash:
If it is a possible solution it sends the block to the network and starts a new computation with a new nonce.
Otherwise it drops the last nonce and starts again with a new one.

Only if the sent block is accepted by the network then it sends 50 BTC back to the address where the block came from.

If I did not make a mistake these computations don't need to start from scratch every time a miner is started if there could be saved the last state before quitting (maybe used nonce plus iterations plus last computed hash).

EDIT:
I forgot the most exciting point of my request. If I could split the big computation into smaller problems it would be possible to start and stop at will with my hardware. I would only need a completely headless microcomputer as small server for sending packets and collecting the results (like deepbit, slush and co. already do with their mining pools).

[Raoul Duke]

Hey Hawkix,

By nature, the search for block DOES NOT USE ANY STATE. Once you finish one share, you start from scratch on another.

Simply the difficulty controls how its needed to be lucky to find a block. After found block, the chances are the same.

You didn't understand me. The solved block is not the problem.

As far as I know a miner starts with a nonce. Then it hashes until it reaches a break condition. After that it checks the computed hash:
If it is a possible solution it sends the block to the network and starts a new computation with a new nonce.
Otherwise it drops the last nonce and starts again with a new one.

Only if the sent block is accepted by the network then it sends 50 BTC back to the address where the block came from.

If I did not make a mistake these computations don't need to start from scratch every time a miner is started if there could be saved the last state before quitting (maybe used nonce plus iterations plus last computed hash).

EDIT:
I forgot the most exciting point of my request. If I could split the big computation into smaller problems it would be possible to start and stop at will with my hardware. I would only need a completely headless microcomputer as small server for sending packets and collecting the results (like deepbit, slush and co. already do with their mining pools).

Why is it that the more you talk, the more i think you want to use that in a botnet?

PS: In case someone wonders what triggered my comment: it was the part where he says he doesn't own hardware in his first post...  

PS2: If that's not the case, sorry! Maybe i was just doing a little too much outside of the box thinking! lol

[bill86]

Hey psy,

Why is it that the more you talk, the more i think you want to use that in a botnet?

PS: In case someone wonders what triggered my comment: it was the part where he says he doesn't own hardware in his first post...  

PS2: If that's not the case, sorry! Maybe i was just doing a little too much outside of the box thinking! lol

First of all please read carefully since I wrote:

...
Since I'm new to bitcoin and I own no actual hardware I have only 0.25BTC left for a possible bounty.

The main message lies on 'no actual'. To be concrete I own a Club3D Radeon HD 5550 with 512MB GDDR 3 and loud noises of the whole terminal in my point of view. On Linux I run at average 43 MHash/s and an efficiency of 0.5 MHash per watts in second.
Sorry if I had expressed my situation wrong (I'm not a native english speaker).

I would be thankful if there would be a way that I don't have to mine 24/7 or joining a mining pool. For this job I could get a headless microcomputer (ARM-CPU) which could be a small server which coordinates the whole computation process. That's what I was guessing of.

How could saving the mentioned state help a botnet?

[eMansipater]

What I don't think you understand, bill86, is that working on blocks is more like playing the lottery than building a tower.  You don't ever get any closer or further away to solving a block--you just play more or less lottery tickets that give you a chance of solving the block.  With really fast hardware, you can play lots of lottery tickets really fast and decrease the average time of finding a block.  But when you actually find the block is random, so starting and stopping doesn't set you back.  You can play the lottery tickets any time without what you have or haven't done so far affecting your chances of winning.  Make sense?

[dvigatel]

True enough, searching for blocks is a practically stateless process. You only need an up-to-date block chain to start trying. Getting your block chain up-to-date if you've been offline for a day or so, only takes a few minutes (downloading and verifying the blocks).

There's also one more thing in bill's post which I'd like to clarify:

Only if the sent block is accepted by the network then it sends 50 BTC back to the address where the block came from.

Strictly speaking, the network does not immediately "send" back anything like a reply. The rules of the Bitcoin protocol specify that the creator of the block *is* the owner of X bitcoins, and currently X equals 50.

The generator of the block claims ownership of 50 BTC, and the network confirms this in future blocks, which become available when generated, very likely by someone else. Future blocks will only confirm this *if* the generated block does verify as mathematically valid.

Those future blocks will however, eventually be downloaded by the generator of the block in question, and do serve the purpose of confirming that the network is accepting the generator's ownership of the coins.

P.S.

Getting back on topic, a single pool exceeding 50% of network capacity is a reason for concern. Good luck to alternative pool operators, I'll try to keep working as a solo miner. I can wait... I can wait very long... and I can run without interruption. Sadly not everyone can.

It furthermore appears that human nature is at work against decentralization here. Since people set out to generate blocks for a reward, they want certainty of getting *some* reward. This can only lead to pooling up, whether in smaller or bigger pools.

If people got accustomed to mining as a mostly-no-reward activity which *may* result in sudden, unplanned luck, perhaps they would be more inclined to mine alone.

Some day, it will need to start happening, and the everyday way of acquiring bitcoins will be buying them. (What happens when the block generation awards become so small that transaction fees start dominating, I won't try to predict.)

[Veldy]

All ... it is time to take public action to convince miners that it is not in their interest to allow Tycho to break his promise [again] and allow Deepbit to take > 50% of the hashing power of the network.  Tweet, post on Facebook, whatever you do, get the word out to move to other pools keeping all pools under 50% and ideally, most pools of significance at somewhat equitable size.  We can't have the threat of Deepbit being used as an attack against bitcoin.  With the price going up and people buying hardware like crazy, he is making money quickly and doesn't seem to care about the risk to the network or his previous promise which he already broke once and rationalized it away.  At some point sooner than later if the price keeps going up, an attack will be worth enough money that it will likely happen if there is a tool to do it.  We already know that when Slush went down, Deepbit flew over the 50% mark.  That means now, that he would potentially exceed 60-65% should a similar situation [say a intentional attempt to take down Slush to drive people to Deepbit and then use Deepbit for the attack] happen again!  If a determined group crackers deepbit and uses it for the double spending attack, bitcoin is done; in my opinion, not diminished ... DONE.

[Killer Pie]

Someone, who is 10x faster than me, has 10x higher chance to score during fast found block. When we both hit the fast block, he gots about 10x more than me.

However, when I miss the block completely, my profit is not 10x lower than his. Its exactly *ZERO*.

Its like rounding to cents error, but you can earn only fractions of cent.

Sorry to say this, but have you ever tried to do maths before?
I'll make it simple.
You said "However, when I miss the block completely, my profit is not 10x lower than his. Its exactly *ZERO*. "
So, he has 10*your shares.
Your shares = 0
10*0=0.
Do we understand?
I think you may need to have another maths lesson with my year 1 teacher.

[Hawkix]

An analogy for those who claim to have no math problems, but still have:

Imagine shooting from a rifle to a train fast passing by. My rifle is 10x slower than yours. So, while a train passes, on average, you will get 10x more hits on it than me. However, if my rifle can shoot only once a minute and there is fast (or short) train, you can hit it .. once or twice, while I may happen than I completely miss it.

Understand now?

[Killer Pie]

An analogy for those who claim to have no math problems, but still have:

Imagine shooting from a rifle to a train fast passing by. My rifle is 10x slower than yours. So, while a train passes, on average, you will get 10x more hits on it than me. However, if my rifle can shoot only once a minute and there is fast (or short) train, you can hit it .. once or twice, while I may happen than I completely miss it.

Understand now?

That isn't maths. That is so crap example that has almost nothing to do with maths.