backtop


Print

Risk of double-spending at 51 percent continues to threaten three years after Deepbit nearly pulled it off

The media has been in a frenzy (see: The GuardianTechCrunch and Ars Technica) the last few weeks about "GHash.IO".  Associated with the digital cryptocurrency "Bitcoin" (BTC), the collective is among those responsible for seeding the market with bitcoins via proof of effort on cryptographic hashes.

I. The 51 Percent Attack -- Difficult, But Dangerous

What almost no one reported on or realized is the entire panic was identical to one almost three years ago when Deepbit, an early mining poll, gained a 49 percent market share back in July 2011.  The concern then was identical to now: that the most powerful miner would get access to 51 percent of the mining traffic (in terms of hash rate) and be able to abuse fundamental flaws in the Bitcoin's mathematical basis.

The concern is founded, in part, in reality.  As The Bitcoin Foundation (bitcoin.org) writes:

The block chain is a shared public ledger on which the entire Bitcoin network relies. All confirmed transactions are included in the block chain. This way, Bitcoin wallets can calculate their spendable balance and new transactions can be verified to be spending bitcoins that are actually owned by the spender. The integrity and the chronological order of the block chain are enforced with cryptography.

A transaction is a transfer of value between Bitcoin wallets that gets included in the block chain. Bitcoin wallets keep a secret piece of data called a private key or seed, which is used to sign transactions, providing a mathematical proof that they have come from the owner of the wallet. The signature also prevents the transaction from being altered by anybody once it has been issued. All transactions are broadcast between users and usually begin to be confirmed by the network in the following 10 minutes, through a process called mining.

Mining is a distributed consensus system that is used to confirm waiting transactions by including them in the block chain. It enforces a chronological order in the block chain, protects the neutrality of the network, and allows different computers to agree on the state of the system. To be confirmed, transactions must be packed in a block that fits very strict cryptographic rules that will be verified by the network. These rules prevent previous blocks from being modified because doing so would invalidate all following blocks. Mining also creates the equivalent of a competitive lottery that prevents any individual from easily adding new blocks consecutively in the block chain. This way, no individuals can control what is included in the block chain or replace parts of the block chain to roll back their own spends.

In other words, after the first bitcoins -- the so-called "Genesis block" mined by the possibly pseudonymous Satoshi Nakamoto back in 2009 -- mining since has been key to verify all transactions.

Bitcoin block chain
[Image Source: Bitcoin.org]

The problem is hinted at in the above text.  Miners pack logs of transactions into blocks on the chain.  During the process, they must also pack in the information about the previous blocks.  For any given block there's a random award of Bitcoins based on an inherent weighted lottery aspect based on your hash rate.  But what if they spent their own money and then posted it to the block chain?  This could be a problem if even someone controlled 10 percent of the market.

That's where the hash comes in.  After you pack the block you create a hash which describes its contents, along with previous transactions.  This provides a quick check to make sure your transaction is real, providing a scaling difficulty for mining, and continually logging Bitcoin's historic record so that if fraud occurs, it can be tracked down with great effort in extreme cases. If you packed a bad block in a fraud attempt, it would be detected by the consensus.

Bitcoin nodes
[Image Source: iunewind]

The problem is if one party controls even 50.1 percent of the mining market, they control the consensus.  Bitcoin fraud checking in the block chain is majority rule.  If someone or some group is the majority mining-wise, they can win the lottery roughly half the time, getting the ability to modify the blocks.  And since they control the consensus ("I AM THE LAW!" -- Judge Dredd), whatever they say goes.  And if their transactions are in that block they can remove them, confirm the bad block, and then double spend.  Or you could delete valid transactions to stifle fell miners.

Such efforts wouldn't exactly be invisible.  You could easily check if the minority's hashes were at odds with the majority miner's in a suspicious way and confirm your suspicions via inspecting the publicly broadcast set of transaction over the Bitcoin's global network.

II. GHash.IO Backs Down, Backs Reform

But they could still be highly dangerous and difficult to track down.  That's why it's a good thing that this time around -- as with Deepbit -- GHash.IO has backed off its path to a mining supermajority.

In a statement it writes:

Our investment, participation and highly motivated staff confirm it is our intention to help protect and grow the broad acceptance of bitcoin and categorically in no way harm or damage it. We never have and never will participate in any 51% attack or double spend against bitcoin.

What's interesting is that the media caught wind of this only around when that statement was posted.  Most media outlets missed that the real quasi-crisis occurred way back in Jan. 2014, when GHash.IO's pool hit around 45 percent of the hashing.

To placate its critics, a top GHash.IO miner, BitFury, has agreed to leave the pool, taking his large 1 PH/s stake with him.  And other Bitcoin fans took it upon themselves to self-police the currency, targeting GHash.IO's IPs with distributed denial of service attacks, further sinking its market share.

BlockChain market share

GHash.IO now "only" owns a third of the mining market.

At press time GHash.IO owns 33 percent of the market.

In the long term this somewhat misunderstood event and its 2011 predecessor have led some to suggest it's time to change Bitcoin so that one group can not change the consensus.

GHash.IO is open to the discussion, but warns against "hasty" solutions, such as antitrust rules to break up any pool that gets too big.  It comments:

In any market, competition and innovation drives growth and that is particularly true in an emerging and disruptive environment such as bitcoin. Successful and innovative companies cannot be expected to limit their growth or competitiveness as a direct result of their success.

At the same time, it admits that BitFury's departure is a poor solution at best as it does not provide a workable fix to the underlying issue.  It writes:

It also does not address the core issue only pushing the problem a few weeks or months down the road when another pool or perhaps GHash.IO again grows towards 51%.
 
Bitcoin's biggest miner is toeing the fence on the issue, arguing for a discussion that ensures that large miners and small ones alike are respected.  A roundtable discussion is expected on the issue (which GHash.IO supports) is to be held on the issue later this year, possibly at the July 10-11 CoinSummit Conference in London, UK.

If Bitcoin can survive U.S. government scrutiny and the self-proclaimed "King of Bitcoin" being outed as fraud with a long history of workplace misconduct, the currency can surely find a way to balance various parties' interests and survive.

After the debacle of Mt. Gox -- formerly Bitcoin's largest money trader -- becoming insolvent (which began in Nov.-Dec. 2013), filing for bankruptcy (Feb. 2013), and resorting to increasingly laughable attempts to prove its innocence (e.g. "finding" part of the lost/stolen Bitcoins), Bitcoin certainly suffered.  It fell from a market capitalization of more than $13.9B USD to around $5.1B USD after Mt. Gox's fraud.  That massive devaluation led more than one deeply invested fan, sadly, to take their own life.  Since then market has climbed back to between $7.5B and $8B USD, an impressive recovery, though.

Bitcoin market cap
Bitcoin's market cap has been on a rollercoaster ride since late last year.

While far from a stable or wise investment, it's not in as dire straits as misinformed commentaries might lead you to believe.

Sources: CoinDesk [1], [2], Bitcointalk.org [Deepfish discussion]





"Well, there may be a reason why they call them 'Mac' trucks! Windows machines will not be trucks." -- Microsoft CEO Steve Ballmer



Latest Headlines










botimage
Copyright 2017 DailyTech LLC. - RSS Feed | Advertise | About Us | Ethics | FAQ | Terms, Conditions & Privacy Information | Kristopher Kubicki