Bitcoin Forum
November 02, 2024, 05:16:51 AM *
News: Latest Bitcoin Core release: 28.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: New method of 51% attack?  (Read 3955 times)
StephenMorse (OP)
Member
**
Offline Offline

Activity: 88
Merit: 12


View Profile
February 10, 2015, 05:05:05 AM
Last edit: February 10, 2015, 04:01:32 PM by StephenMorse
 #1


Repeated Chain Replacement Attack

One of the most disruptive 51% attacks would be a DDOS attack where the miner with the majority of the hashing power only mines on its own blocks and doesn't mine any transactions.

Possibly even more disruptive, though, would be a miner who continually keeps 2 chains going at the same time with some double spends on each chain. The miner works on chain A and chain B, and lets the network keep building as well. But whenever everyone else in the network is building on chain A, the malicious miner will mine on chain B to make it catch up (and vice versa). The miner could even purposefully spread double spends between the two chains. Even transaction malleability could be utilized between the two chains, putting essentially the same transaction on the two chains, but with different hashes. This would make the network very unreliable and hard to use.

(I first thought that this might even lead to CPU exhaustion of the nodes, but I realized that nodes don't re-check all the scripts every time the connect a new tip to the head of the chain, so this probably wouldn't lead to any such attacks.)

Has this attack vector been discussed at all? I can't find any mention of it. I'm not saying I think this is likely to happen in the near future or anything, just that it would be fairly devastating if it did.

-------------------------------------------

Explained through ascii block chains:

Suppose the chain is at this state (each * is a block)

-- * -- * -- * -- *

Now the miner with 51% decides he is going to launch this attack. Let's say that the network is the first one to solve a block:

-- * -- * -- * -- *
                         \ -- *

Now the miner solves blocks on a chain opposite to it until the chain takes over. This might take a few blocks because the network is still working on the main chain.

                         / -- * -- * -- * -- *
-- * -- * -- * -- *
                         \ -- * -- * -- *

At which point the network switches to the top chain and the miner switches to mining on the bottom chain. The same thing happens, the miner's chain will eventually overtake the network chain (which is now the top chain), but it might take a few blocks.

                         / -- * -- * -- * -- * -- * -- *
-- * -- * -- * -- *
                         \ -- * -- * -- * -- * -- * -- * -- *

Now everyone else in the network switches back to the bottom chain, and the miner switches to mining the top chain. In each chain overhaul, the miner can include some double spends if they see any, and can alter transactions slightly through their malleable parts to make them have different TXIDs. The miner can keep doing this until the fork becomes ridiculously long and the data between the two chains is completely incompatible.
Sir Bitcoin
Member
**
Offline Offline

Activity: 112
Merit: 10


View Profile
February 10, 2015, 05:09:50 AM
 #2

I don't know if any one entity has the power to do that to be honest.
Interesting thought though!  Cheesy
kjj
Legendary
*
Offline Offline

Activity: 1302
Merit: 1026



View Profile
February 10, 2015, 05:54:46 AM
 #3

No, not ever discussed at all.

17Np17BSrpnHCZ2pgtiMNnhjnsWJ2TMqq8
I routinely ignore posters with paid advertising in their sigs.  You should too.
StephenMorse (OP)
Member
**
Offline Offline

Activity: 88
Merit: 12


View Profile
February 10, 2015, 12:02:01 PM
Last edit: February 10, 2015, 12:58:56 PM by StephenMorse
 #4

No, not ever discussed at all.

Haha, you made me realize the title of this thread sounded way too general. I'm talking about a specific type of 51% attack. 
arallmuus
Legendary
*
Offline Offline

Activity: 2716
Merit: 1426



View Profile WWW
February 10, 2015, 01:11:16 PM
 #5

One of the most disruptive 51% attacks would be a DDOS attack where the miner with the majority of the hashing power only mines on its own blocks and doesn't mine any transactions.

Possibly even more disruptive, though, would be a miner who continually keeps 2 chains going at the same time with some double spends on each chain. The miner works on chain A and chain B, and lets the network keep building as well. But whenever everyone else in the network is building on chain A, the malicious miner will mine on chain B to make it catch up (and vice versa). The miner could even purposefully spread double spends between the two chains. Even transaction malleability could be utilized between the two chains, putting essentially the same transaction on the two chains, but with different hashes. This would make the network very unreliable and hard to use.

(I first thought that this might even lead to CPU exhaustion of the nodes, but I realized that nodes don't re-check all the scripts every time the connect a new tip to the head of the chain, so this probably wouldn't lead to any such attacks.)

Has this attack vector been discussed at all? I can't find any mention of it. I'm not saying I think this is likely to happen in the near future or anything, just that it would be fairly devastating if it did.

i dont know if this has been discussed or not but 1 thing for sure is that a bad guy will always find another way to do bad things as usual, its like coded inside his body

 
█▄
R


▀▀██████▄▄
████████████████
▀█████▀▀▀█████
████████▌███▐████
▄█████▄▄▄█████
████████████████
▄▄██████▀▀
LLBIT▀█ 
  TH#1 SOLANA CASINO  
████████████▄
▀▀██████▀▀███
██▄▄▀▀▄▄████
████████████
██████████
███▀████████
▄▄█████████
████████████
████████████
████████████
████████████
█████████████
████████████▀
████████████▄
▀▀▀▀▀▀▀██████
████████████
███████████
██▄█████████
████▄███████
████████████
█░▀▀████████
▀▀██████████
█████▄█████
████▀▄▀████
▄▄▄▄▄▄▄██████
████████████▀
........5,000+........
GAMES
 
......INSTANT......
WITHDRAWALS
..........HUGE..........
REWARDS
 
............VIP............
PROGRAM
 .
   PLAY NOW    
Arnab biswas
Member
**
Offline Offline

Activity: 84
Merit: 10


View Profile
February 10, 2015, 02:05:32 PM
 #6

can u please explain it little bit more

▲▼▲▼▲▼▲▼ No.1 Bitcoin Binary Options and Double Dice ▲▼▲▼▲▼▲▼ █████████████████ ███████████████ sec◔nds trade █████████████████ ███████████████ ↑↓ Instant Bets ↑↓ Flexible 1~720 minutes Expiry time ↑↓ Highest Reward 190% ↑↓ 16 Assets [btc, forex, gold, 1% edge double dice] ↑↓[/ url]
R2D221
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
February 10, 2015, 02:21:18 PM
 #7

To mine two chains you need double the power, so in this scenario the “51%” would actually be 25.5% and 25.5%.

An economy based on endless growth is unsustainable.
lophie
Hero Member
*****
Offline Offline

Activity: 924
Merit: 1001

Unlimited Free Crypto


View Profile
February 10, 2015, 02:33:18 PM
 #8

To mine two chains you need double the power, so in this scenario the “51%” would actually be 25.5% and 25.5%.

Don't you mean 102%? Also I don't know if you guys remember but this actually was possible for ASICMINER with their first line of products. They, for a short while, actually achieved 51%+ and could have ruined this experiment for us all or at least damaged the functionalities and exchange rate more than what Mt. Gox has done, on many occasions.

Bitcoin is so resilient it actually survived a hard long fork on version "I think" 0.6?0.8?.

Now guys look at another attack vertex. How about not attaining such hash power but highjack just a couple of big pools at the same time. Infiltrate and sleep and pick the worse moment, say when the operators are sleep. And fork this thing real hard or block ALL transactions but just mining empties. Granted the miner will switch but it just needs a little time and a couple of discrediting hate articles and boom. Price down hard!

Will take me a while to climb up again, But where is a will, there is a way...
R2D221
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
February 10, 2015, 02:39:19 PM
 #9

To mine two chains you need double the power, so in this scenario the “51%” would actually be 25.5% and 25.5%.

Don't you mean 102%?

No, you have it backwards. To mine 2 chains you need to split your effort between the two chains, so you got 25.5% for each chain. I said it's “double” the power because the total power is double the power for each chain.

Just think about it. If you have 51% of the total power, how are you planning to get 102%? It's mathematically impossible.

An economy based on endless growth is unsustainable.
R2D221
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
February 10, 2015, 02:40:26 PM
 #10

Now guys look at another attack vertex. How about not attaining such hash power but highjack just a couple of big pools at the same time. Infiltrate and sleep and pick the worse moment, say when the operators are sleep. And fork this thing real hard or block ALL transactions but just mining empties. Granted the miner will switch but it just needs a little time and a couple of discrediting hate articles and boom. Price down hard!

While theoretically possible, I think a massive infiltration wouldn't go unnoticed.

An economy based on endless growth is unsustainable.
StephenMorse (OP)
Member
**
Offline Offline

Activity: 88
Merit: 12


View Profile
February 10, 2015, 02:58:14 PM
 #11

To mine two chains you need double the power, so in this scenario the “51%” would actually be 25.5% and 25.5%.

No, you have it backwards. To mine 2 chains you need to split your effort between the two chains, so you got 25.5% for each chain. I said it's “double” the power because the total power is double the power for each chain.

That's not the way it would work in the attack I'm describing. The malicious miner would still let others mine, it would just alternate which chain they are mining on to help the chain that fell behind catch back up. So instead of splitting 25.5% on two chains, it would be all 51% on chain A half the time and all 51% on chainB half the time. The disruptive part is that there would be switching back and forth all the time, and the two chains could contain very conflicting data.

If the miner were to try to create two 'empty' chains and to try to keep them both longer than the main chain, then you would need 2x as much hash power as the rest of the network, meaning you'd need >66.7% of the hashing power. That's not what I'm talking about, though.
MCHouston
Hero Member
*****
Offline Offline

Activity: 882
Merit: 500


Where am I?


View Profile
February 10, 2015, 03:02:39 PM
 #12

I think at this point with so many multi PH farms.  It would take a huge investment to even try this, and no sane person would risk $10+ million on this to try and do something that may or may not work.  You would be taking about around 160PH or 160,000 Antminer C1's or 29,091 Spondoolies SP35's.  I want to be the salesman on that sale.

It would be a very impressive Data Center, I would love to see someone try actually.

BTC 13WWomzkAoUsXtxANN9f1zRzKusgFWpngJ
LTC LKXYdqRzRC8WciNDtiRwCeb8tZtioZA2Ks
DOGE DMsTJidwkkv2nL7KwwkBbVPfjt3MhS4TZ9
R2D221
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
February 10, 2015, 03:06:05 PM
 #13

That's not the way it would work in the attack I'm describing. The malicious miner would still let others mine, it would just alternate which chain they are mining on to help the chain that fell behind catch back up. So instead of splitting 25.5% on two chains, it would be all 51% on chain A half the time and all 51% on chainB half the time. The disruptive part is that there would be switching back and forth all the time, and the two chains could contain very conflicting data.

You know what happens when you do work for half the time? You do half the work. So, having 51% of the hashpower half the time means you effectively have only 25.5% of the hashpower.

Also, about letting others mine... Well, you can't just stop them from working (unless you seize their equipment). This has nothing to do with it.

An economy based on endless growth is unsustainable.
lophie
Hero Member
*****
Offline Offline

Activity: 924
Merit: 1001

Unlimited Free Crypto


View Profile
February 10, 2015, 03:12:57 PM
 #14

I think at this point with so many multi PH farms.  It would take a huge investment to even try this, and no sane person would risk $10+ million on this to try and do something that may or may not work.  You would be taking about around 160PH or 160,000 Antminer C1's or 29,091 Spondoolies SP35's.  I want to be the salesman on that sale.

It would be a very impressive Data Center, I would love to see someone try actually.

Oh of course spending this amount to break a billion dollars + market that has been a pain the ass for governments since 2009 is very "insane".  Roll Eyes.

Bitcoin worth much much more but OTR transactions don't really move the price much because there weren't made on a "popular" exchange. Do you know that there are people with such reserves that can sell enormous amounts of bitcoins OTR while maliciously doing the above, Crash the market, Buy way cheaper, resell the mining equipments for a loss, PROFIT!

EDIT: Granted this is not feasible at these prices but consider at $1200!

Will take me a while to climb up again, But where is a will, there is a way...
StephenMorse (OP)
Member
**
Offline Offline

Activity: 88
Merit: 12


View Profile
February 10, 2015, 03:40:06 PM
 #15

You know what happens when you do work for half the time? You do half the work. So, having 51% of the hashpower half the time means you effectively have only 25.5% of the hashpower.

Also, about letting others mine... Well, you can't just stop them from working (unless you seize their equipment). This has nothing to do with it.

With this, though, you have 51% of the hash power all of the time, it's just that you use that power (all of it) on different chains at different times.

It's just like a miner with 51% making a longer chain that retakes the whole chain by starting one block back to enable a double spend. They can just use this ability to make another chain that stays the same length as the chain the network is working on.

-------------------------------------------

Suppose the chain is at this state (each * is a block)

-- * -- * -- * -- *

Now the miner with 51% decides he is going to launch this attack. The network solves a block:

-- * -- * -- * -- *
                        \ -- *

Now the miner solves blocks on the chains opposite to it until the chain takes over. This might take a few blocks while the network is still working on the main chain.

                        / -- * -- * -- * -- *
-- * -- * -- * -- *
                        \ -- * -- * -- *

At which point the network switches to the top chain and the miner switches to mining on the bottom chain. The same thing happens, the miners chain will eventually overtake the network chain (which is now the top chain), but it might take a few blocks.

                        / -- * -- * -- * -- * -- * -- *
-- * -- * -- * -- *
                        \ -- * -- * -- * -- * -- * -- * -- *

Now everyone in the network switches back to the bottom chain, and the miner switches to mining the top chain. The miner can keep doing this until the fork becomes ridiculously long and the data between the two chains is completely incompatible.
R2D221
Hero Member
*****
Offline Offline

Activity: 658
Merit: 500



View Profile
February 10, 2015, 03:56:23 PM
 #16

OK, I see where this is going. However, I don't think this would be as easy.

Now everyone in the network switches back to the bottom chain, and the miner switches to mining the top chain. The miner can keep doing this until the fork becomes ridiculously long and the data between the two chains is completely incompatible.

Once the community notice this happening, they will most probably ban the faulty miner (blacklisting their IP or something similar).

An economy based on endless growth is unsustainable.
StephenMorse (OP)
Member
**
Offline Offline

Activity: 88
Merit: 12


View Profile
February 10, 2015, 03:59:16 PM
 #17

Once the community notice this happening, they will most probably ban the faulty miner (blacklisting their IP or something similar).

Yeah, I'm not saying I think this is going to be a big problem any time soon or anything. IP address/bitcoin address blacklisting probably wouldn't work, though, to anyone even partially committed to launching this attack. It would obviously be very easy to recognize that this attack is happening, at least.
MCHouston
Hero Member
*****
Offline Offline

Activity: 882
Merit: 500


Where am I?


View Profile
February 10, 2015, 05:45:42 PM
 #18

I think at this point with so many multi PH farms.  It would take a huge investment to even try this, and no sane person would risk $10+ million on this to try and do something that may or may not work.  You would be taking about around 160PH or 160,000 Antminer C1's or 29,091 Spondoolies SP35's.  I want to be the salesman on that sale.

It would be a very impressive Data Center, I would love to see someone try actually.

Oh of course spending this amount to break a billion dollars + market that has been a pain the ass for governments since 2009 is very "insane".  Roll Eyes.

Bitcoin worth much much more but OTR transactions don't really move the price much because there weren't made on a "popular" exchange. Do you know that there are people with such reserves that can sell enormous amounts of bitcoins OTR while maliciously doing the above, Crash the market, Buy way cheaper, resell the mining equipments for a loss, PROFIT!

EDIT: Granted this is not feasible at these prices but consider at $1200!

I am not saying it is not possible.  I am saying the people with the funds to buy several 10's millions of USD worth of miners, build a few 100MW Datacenter to house it, and employing the staff to get it up and running has better things to spend their money. Even at half price the SP35's alone would be over $32 Million, after power and facilities and staffing your probably talking about a few $100 Million.

Be easier just to flood all the exchanges with $100 million worth of BTC and crash the prices, if a Billionaire got really pissed off at BTC for some reason.

BTC 13WWomzkAoUsXtxANN9f1zRzKusgFWpngJ
LTC LKXYdqRzRC8WciNDtiRwCeb8tZtioZA2Ks
DOGE DMsTJidwkkv2nL7KwwkBbVPfjt3MhS4TZ9
StephenMorse (OP)
Member
**
Offline Offline

Activity: 88
Merit: 12


View Profile
February 11, 2015, 04:33:37 AM
 #19

I am not saying it is not possible.  I am saying the people with the funds to buy several 10's millions of USD worth of miners, build a few 100MW Datacenter to house it, and employing the staff to get it up and running has better things to spend their money. Even at half price the SP35's alone would be over $32 Million, after power and facilities and staffing your probably talking about a few $100 Million.

Be easier just to flood all the exchanges with $100 million worth of BTC and crash the prices, if a Billionaire got really pissed off at BTC for some reason.

Where would they buy the BTC from in the first place to dump it on the exchange? Tongue

I agree, though, there are probably more cost effective ways to dis-incentivize using bitcoin than to launch a 51% attack like this one. Regulation is the obvious way (although who knows how much money would be spent paying the policy makers). Regulation only limits bitcoin use in one country, though, and many would likely still use bitcoin covertly. If a government truly wanted to shut bitcoin down, they would have to launch a 51% attack. I doubt it would ever come to this, though.

If I were a regulator and wanted to throw a wrench in the bitcoin ecosystem, I'd put a mining tax on all the energy that is 'wasted' (no, I don't think securing a global digital currency is actually a waste, but many people call it waste) on mining. It could be framed as an environmentally friendly policy. Then, when all the big miners turn their hardware off, the government could more easily launch a 51% attack and good night. Just the policy alone, though, might make the block chain stall with insufficient hashing power and make the system very hard to use. Hope this doesn't happen, just thinking like an attacker.
najzenmajsen
Hero Member
*****
Offline Offline

Activity: 700
Merit: 500



View Profile
February 11, 2015, 03:25:46 PM
 #20

this would require way to much power to do , and i mean like way to much and the user would just end up getting blacklisted anyways.
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!