Taking Down Bitcoin

[doobadoo]

Lets play the game again.  If some one/organization wanted to destroy bitcoin, how could they do it and how can we protect against it?  I'll kick it off.  Whats *really* protecting Bitcoin from a 51% attacker?  Yes the big hashrate, but according to the stats all this hash is coming from a few miner pools. 

Couldn't someone just DDoS them --> 51% Attack --> ?? --> Profit!

[1713902119]

1713902119

[1713902119]

1713902119

[vuce]

51% Attack --> ?? --> Profit!

Profit from what exactly?

[FreeMoney]

Pool membership is dynamic. A pool that goes down gets smaller because people like money.

[doobadoo]

51% Attack --> ?? --> Profit!

Profit from what exactly?

Accomplish the mission.  At some point there has got to be a "hit" launched against Bitcoin.  Do you think the central bankers will sit on their hands and let BTC erode their powerbase.  I want to know if Bitcoin survives through obscurity or not.   Because if it does, it can't succeed.  As soon as adoption and price take off significantly, that would be the cue to cash out.

[gmaxwell]

Accomplish the mission.

What mission. You need to speak completely and concretely. Give the series of steps that will be performed and what the harms or profits are.

Otherwise you're just waving your arms, spreading FUD, and really just forcing the people trying to correct your FUD to spend the time inventing hypothetical attacks which you might mean but haven't even invested enough time or thought into to come up on your own.

[doobadoo]

Accomplish the mission.

Otherwise you're just waving your arms, spreading FUD, and really just forcing the people trying to correct your FUD to spend the time inventing hypothetical attacks which you might mean but haven't even invested enough time or thought into to come up on your own.

Admittedly this IS exactly what I'm doing.  Its in the OP.  I"m asking for some brainstorming to take down bitcoin.  Thats the point.  

1)  Construct an attack that greatly reduces the hash rate.  I suggested DDoS all the miners simultaneously.
2)  Use opportunity to make changes to the block chain (2x spend, whatever)
3) ?
4) Profit

You see, i am talking about a malicious attacker.  One who wants to destroy Bitcoin and has a budget.

As per FUD, ENOUGH accusing every one of doing something wrong when they question the system.   Its becoming standard practice on message board to declare a post a FUD post as soon as the poster touches a nerve.  No one has answered what happens if this attack were launched yet, we need to think about all this and thats the point of my post.  Stop with the black helicopter stuff, i'm not some double agent.  I'm just doing my due diligence before i commit more of MY money to BTC.  Why is that so hard to get?

What about another attack vector, such as leaning on Gox.  What if they got raided, had their domain seized and their accounts frozen.  What then?  We go back to OTC?  Doesn't sound like a good thing.

[Kettenmonster]

Could be the profit is just to destroy it.

Let me scratch a scenario out of the box:
A large organisation can put some effort in developing fpga miners and thus easily overpower all gpu miners.
But why would they?
Well .. oil traded with btc would drive usd in hyperinflation.

Yes and of cause a bit too much thinking out of the box.

My point is: Yes, it is possible. But why would they?
The solution is to grow slowly but steadily and be always ready to approach the dangers in sight.

[Forp]

As per FUD, ENOUGH accusing every one of doing something wrong when they question the system.    Why is that so hard to get?

I made similar observations and suggest an explanation. Most people here have already decided that Bitcoin is their hobby or investment - wouldn't you be afraid to see your hobby fall apart and much more your investment?

In https://bitcointalk.org/index.php?topic=78374.0 I have been pursuing similar thoughts, though not with the intent of attacking the block chain or modifying the protocol. The discussion there might be of interest for you as well, since I am presenting some possible, though highly unrealistic attacks, which could lead to similar effects than those you are studying here.

[Forp]

Could be the profit is just to destroy it.

Agree completely.

Assume, Amazon or Google would want to disrupt the Bitcoin network...if they joined forces in their cloud and produced some 10 or 20 new blocks Bitcoin could be severely damaged within a few hours...depending on the transactions they would place into the block, of course. 

[gmaxwell]

Admittedly this IS exactly what I'm doing.  Its in the OP.  I"m asking for some brainstorming to take down bitcoin.  Thats the point.  

1)  Construct an attack that greatly reduces the hash rate.  I suggested DDoS all the miners simultaneously.
2)  Use opportunity to make changes to the block chain (2x spend, whatever)
3) ?
4) Profit

You see, i am talking about a malicious attacker.  One who wants to destroy Bitcoin and has a budget.

Thanks for providing (2).  You did not provide that before.  The attack you're suggesting doesn't work.

Difficulty adjustments require 2016 blocks and can only change the difficulty by a factor of 4 per cycle of 2016 blocks.  Your DOS attack, if effective, would slow down block creation while in effect but it would not substantially change the computational power required to rewrite any of the existing chain.

(It's perhaps also worth pointing out that pools are constantly under DOS attack— and many have have been successful DOSed before without much impact, most miners now autoswitch to backup pools... — and the rise of p2pool closes that particular issue ::shrugs:: )

[Forp]

Thanks for providing (2).  You did not provide that before.  The attack you're suggesting doesn't work.

Difficulty adjustments require 2016 blocks and can only change the difficulty by a factor of 4 per cycle of 2016 blocks.  Your DOS attack, if effective, would slow down block creation while in effect but it would not substantially change the computational power required to rewrite any of the existing chain.

Not so sure. People are greedy. I think the attack would work (although I guess we will not see such an attack in the near future).

For example: Upload a modified Bitcoin client which accepts a bounty of 500000 BTC per block starting from a specific block. Rent Amazon and Google hashing power and produce some 20 blocks faster than the Bitcoin community does. During this time, produce 500000 BTC per fresh block and pay a large number of bitcoin addresses some extra Bitcoins (as a kind of bribery...). Then reduce the bounty again to 100 BTC per block (or, different approach, 50 BTC) and distribute the information on what you just have done to many forums.

Now there is this interesting dilemma: If a user/miner adopts your software and the new block chain...he gets a share of the extra coins. If he does not...he will not get a share of the extra coins. Of course you will also get a big share of extra coins. I am not so sure how many users will stick with the old block chain and not be tempted by the extra share they might get ... if they switch. (Of course, getting the modified software to accept the modified blocks is not a trivial engineering task - but it can be done).

[blueadept]

This ignores both economics and network effects.

Economically speaking, as long as your blockchain fork doesn't cause the technical death of Bitcoin, few people will accept your inflationary coins. Sure, free money is nice but would you give someone a silver or gold coin in exchange for currency designed to hyperinflate?

As far as network effects, obviously this has no effect on Bitcoin other than as an attempt to siphon users to your blockchain fork and away from the main chain. That hasn't worked so well for most of the alt currencies and there's no reason to believe it would work for an inflationary fork of Bitcoin based on the paragraph above this one.

[Forp]

Economically speaking, as long as your blockchain fork doesn't cause the technical death of Bitcoin, few people will accept your inflationary coins. Sure, free money is nice but would you give someone a silver or gold coin in exchange for currency designed to hyperinflate?

That's certainly true for one version of the attack (the one which continues with 100BTC). It is not true for the version which continues with the 50BTC. And: I trust more in the greed of the people than in their rationality. No, I am not happy about this. 

As far as network effects, obviously this has no effect on Bitcoin other than as an attempt to siphon users to your blockchain fork and away from the main chain. That hasn't worked so well for most of the alt currencies and there's no reason to believe it would work for an inflationary fork of Bitcoin based on the paragraph above this one.

The alternative chains we saw thus far were based, to the degree I know and IMHO, on changes which did not produce visible benefits to the user and thus were not able to activate the greed reflex.

[gmaxwell]

Not so sure. People are greedy. I think the attack would work (although I guess we will not see such an attack in the near future).

For example: Upload a modified Bitcoin client which accepts a bounty of 500000 BTC per block starting from a specific block. Rent Amazon and Google hashing power and produce some 20 blocks faster than the Bitcoin community does. During this time, produce 500000 BTC per fresh block and pay a large number of bitcoin addresses some extra Bitcoins (as a kind of bribery...). Then reduce the bounty again to 100 BTC per block (or, different approach, 50 BTC) and distribute the information on what you just have done to many forums.

Now there is this interesting dilemma: If a user/miner adopts your software and the new block chain...he gets a share of the extra coins. If he does not...he will not get a share of the extra coins. Of course you will also get a big share of extra coins. I am not so sure how many users will stick with the old block chain and not be tempted by the extra share they might get ... if they switch. (Of course, getting the modified software to accept the modified blocks is not a trivial engineering task - but it can be done).

You are confusing this thread with your thread. Is this confusion intentional?

What you're talking about is getting people to replace their Bitcoin software with software the validates some other rules.  This is totally orthogonal to attacks involving large amounts of hash power.

The alternative chains we saw thus far were based, to the degree I know and IMHO, on changes which did not produce visible benefits to the user and thus were not able to activate the greed reflex.

They have _all_ been 'beneficial' to their users in that by participating in them you're one of a much smaller set of miners, and thus getting a far larger percentage of the total produced coin than in Bitcoin. This is more extreme in some chains than others— for example LQC had block rewards starting at 1000 coins and then  dropping 4% every 1000 blocks or so, while Litecoin has payout's much more similar to Bitcoin but a single person could pretty easily be 1% of litecoin's total hashrate.



I have intentionally not responded to your thread because other clueful people have responded and you just keep continuing the boring debate. Please don't spread it to other threads.

[Skybuck]

1. Study the source code.

2. Find a buffer overrun.

3. Destroy everybodies wallet.

alternatively in case wallet backups were made:

4. Send all bitcoins to non-existing accounts.

for maximum effect do it slowly so the block chain slowly gets corrupted so it cannot be reverted back easily.

[Hawkix]

1. Study the source code.
2. Find a buffer overrun.
3. Destroy everybodies wallet.
alternatively in case wallet backups were made:
4. Send all bitcoins to non-existing accounts.
for maximum effect do it slowly so the block chain slowly gets corrupted so it cannot be reverted back easily.

Its not that easy. Most *sane* people have wallets both backed up and encrypted, so without the passphrase you cannot send any BTC out.

I suggest if Bitcoin will be attacked, it would be this way:

1. Put it out of law in major countries (US, EU, etc.)
2. Actively ban all financial services allowing to supply fiat money into exchanges
3. As result, most exchanges will dry out (no way how to get USD in or out of MtGox)
4. The price of BTC will plumet
5. The miners will slowly stop mining, as they have no guarantee they will be able to cover mining expenses
6. The Bitcoin network gets weak
7. Put large pools out of work (Megaupload style)
8. Do some doublespends to put final nail into the BTC coffin

[Etlase2]

Admittedly this IS exactly what I'm doing.  Its in the OP.  I"m asking for some brainstorming to take down bitcoin.  Thats the point.  

1)  Construct an attack that greatly reduces the hash rate.  I suggested DDoS all the miners simultaneously.
2)  Use opportunity to make changes to the block chain (2x spend, whatever)
3) ?
4) Profit

You see, i am talking about a malicious attacker.  One who wants to destroy Bitcoin and has a budget.

The "brainstorming" is simple: stop adding any transactions to blocks once you have 51% of the hash power, and ignore any other validly mined blocks. If you can't even move BTC, it is effectively toast.

inane arguments as to why this is impossible: lol there aren't enough gpus, lol everyone would know when some government or bank bought lots of gpus, lol early adopters would lead the way and mine unprofitably for the first time in their lives even though they did not invest anything into gpu hardware, and the best one: lol nobody would do this it's more profitable to play nice

As per FUD, ENOUGH accusing every one of doing something wrong when they question the system.   Its becoming standard practice on message board to declare a post a FUD post as soon as the poster touches a nerve.  No one has answered what happens if this attack were launched yet, we need to think about all this and thats the point of my post.  Stop with the black helicopter stuff, i'm not some double agent.  I'm just doing my due diligence before i commit more of MY money to BTC.  Why is that so hard to get?

Well if they don't call you out for spreading FUD and try to marginalize your points, it would make it harder for newbies to throw cash into the bitcoin black hole.

[cuz0882]

The biggest threat would be closing down mtgox. It would not stop bitcoin but cripple trading and the price. We need more exchange sites to open.
The whole 51% attack seems a bit silly to me. It would take a huge investment to even do it. It's never going to be done with regular servers. I would take something like the worlds top 5 servers farms working together to do it.

[Forp]

You are confusing this thread with your thread. Is this confusion intentional?

What you're talking about is getting people to replace their Bitcoin software with software the validates some other rules.  This is totally orthogonal to attacks involving large amounts of hash power.

I do not see a confusion and it is not intentional. The OP asked about how bitcoin could be destroyed and how we could protect it against it; attacks involving large amounts of hash power IMHO are only one of the possibilities; I see others, which is the reason I contribute to this thread.

They have _all_ been 'beneficial' to their users in that by participating in them you're one of a much smaller set of miners, and thus getting a far larger percentage of the total produced coin than in Bitcoin.

This is true when you measure payoff in number of coins. The argument probably does not apply when you measure it in USD or EURO, since the coins of the other chains have much lower exchange rates or smaller acceptance or less trust due to smaller community and so on.

you just keep continuing the boring debate. Please don't spread it to other threads.

Sorry. Is this your thread? Did the OP ask me to leave? Where? Should I be violating some rule of the board, I apologize. Please point out the rule, so I can follow it. Part of my interaction here is exactly the attempt to reach your level of expertise so that my contributions are less boring ;-) Why are you making it more difficult to learn?

[Forp]

The "brainstorming" is simple: stop adding any transactions to blocks once you have 51% of the hash power, and ignore any other validly mined blocks. If you can't even move BTC, it is effectively toast.

This is a very interesting attack and similar to scenarios I had in mind as well. May I brainstorm on a defense?

We open up a second block chain with a fresh genesis block. We build the genesis block with lots of coinbase transactions which restore the account values as they were in the old block chain. Now we have a copy of the block chain. If the good guys have 49% and the attacker has 51% of hash power on ONE chain, the attacker wins. With two chains and hash power switching back and forth between two chains, there probably once in a while will be the chance to be head on at least in one of the chains for the good guys. However, I am not sure whether a disrupting attacker still is in the same situation as with a single block chain.

Now assume we have a large number of parallel chains, competing with each other (if we use chain identification codes, this could even be done as part of the same software and the same data structure). I have some hope that there are scenarios where an attacker cannot stop all chains from progressing.

Let me compare this to PirateBay and email. Stopping filesharing in the PirateBay model is easy, in the email model it cannot be stopped. So: Could a world with a large number of parallel Bitcoin chains be more resilient than a world with a single Bitcoin chain?

Well if they don't call you out for spreading FUD and try to marginalize your points, it would make it harder for newbies to throw cash into the bitcoin black hole.

Never saw it that way. It could be a valid point.