Bitcoin Forum
June 03, 2023, 10:44:58 PM
 News: Latest Bitcoin Core release: 25.0 [Torrent]
 Home Help Search Login Register More
 Pages: [1]
 Author Topic: What if 50%+ attack starts at a disadvantage and has to succeed qucikly ?  (Read 621 times)
grau (OP)
Hero Member

Offline

Activity: 836
Merit: 1017

bits of proof

 January 12, 2015, 09:18:24 AM

I was thinking about the scenario where an attacker bundles 50%+ computing power, to revise some transaction already confirmed several times.

This would mean that the attacker has to fork from an earlier block and catch up with the tip of the chain. The probability that he manages to catch up is 1, but the time needed to carry out the attack depends on his margin of majority and the disadvantage he starts from.

Add to the scenario that the attacker has to complete the attack within a limited period of time, then it becames apparent, that 50%+ power is still not a guarantee for success.

Assuming the probabilty that the honest minority finds the next block is p (and the attacker has (1-p) > 0.5) then the expected time to catch up is proportional to

showing that expected catch up time goes to inifite while margin over 50% is approaching 0. Constraining the expected catch up time raises the required margin exponentially.

While evaluating feasibility of a practical attack, not only its expected value but the variance of the outcome is of importance. The variance of success will be also huge if margin over 50% is small.

Am I right?
1685832298
Hero Member

Offline

Posts: 1685832298

Ignore
 1685832298

1685832298
 Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
bcearl
Full Member

Offline

Activity: 168
Merit: 101

 January 12, 2015, 10:38:59 AM

The past can be considered more secure, but the attacker could fork at the current block, spend coins on the public block and save them in his own.

Misspelling protects against dictionary attacks NOT
grau (OP)
Hero Member

Offline

Activity: 836
Merit: 1017

bits of proof

 January 12, 2015, 10:56:54 AMLast edit: January 12, 2015, 11:31:16 AM by grau

The past can be considered more secure, but the attacker could fork at the current block, spend coins on the public block and save them in his own.

I wrote about security of transactions in a scenario where the attack starts after the transactions were confirmed and attacker has limited time on hand.

I think that the scenario is of practical relevance:

Assume that the checksum of a company's book is regularly committed to the Bitcoin block chain. The CFO learns that an error was made with a time lag.
The question is if he can camouflage it by buying 50%+ mining capacity for a short period of time, that he can afford.
DannyHamilton
Legendary

Offline

Activity: 3122
Merit: 3915

 January 12, 2015, 12:50:37 PM

Am I right?

Yes.

There is only a "guarantee of success" if the attacker can maintain better than 50% of the global hash power indefinitely (or if the attacker has 100% of the global hash power).  If there is a time limit on their ability to maintain the attack, then the probability of success drops.  The shorter the time available for the attack, and the smaller the margin over 50% the less likely that the attack will succeed.
 Pages: [1]