XBTC Blog
  • XBTC Bitcoin Blog

The 51% Attack Isn't Bitcoin's Biggest Concern

6/27/2014

0 Comments

 
Much has been made in the past of the progression of bitcoin mining from home computers, to GPU based dedicated mining setups, though to FPGAs and now finally to rest at ASICs.  ASICs are a final resting place for mining since ASIC stands for Application Specific Integrated Circuit - a specialist chip purely dedicated to hashing bitcoin as fast as possible.  The technology for creating chips in geberal may get better and ASICs for SHA256 hashing may get better but we won't see the huge leaps we've seen going from home computers or GPUs to ASICs and progression of chip technology will be much slower than miners switching from one known technology to another.  From hereon in its a (relatively) slow ultimately non-exponential climb, adding more and somewhat faster ASICs to the existing huge pile.  The hash rate will sustain exponential growth from now on only in so far as investment grows exponentially.

Many have criticised ASICs as centralising mining and therefore taking away an important theoretical benefit of bitcoin - that anyone could mine them with their computer at home and therefore provide a very distributed, decentralised supply of coins.  In reality though ASICs are widely available and although it may not appear to make sense to mine at the moment on a relatively small scale this is only given the current bitcoin price.  If your assumption is that a bitcoin will be worth $100,000 in five or ten years time then it may well make sense to raise your electricity bill for the next 6 months to mine even a small fraction of a bitcoin.

Regardless of the motivations of smaller scale miners we will likely see more centralisation of mining with larger amounts of hashing power being provided by larger better funded actors.  Too much centralisation would likely be a bad thing but it may be that the market opportunity for miners will always leave enough decentralisation for it not to be a major issue.

However, despite the criticism of ASICs they do bring a benefit which hasn't been covered much but which has been a major issue for smaller alt-coins - protection from botnets.

Who are Bitcoins Attackers?

Recently the mining pool GHash.io approached and even reached 51% of bitcoin mining power.  Much uncertainty and press coverage ensued but it didn't come to much and tomorrow turned out much like yesterday.  Though GHash.io had more than 50% of mining power, they didn't attempt a 51% attack.

There may be various groups that would like to see an end to Bitcoin but there is one (possibly only one) clearly defined group in particular that would actually go about trying to execute a 51% attack - criminals.

Almost by definition if you are going to execute a 51% attack to double spend (fraud) or some other form of stealing money from others you are a criminal.

The only other reason for this type of attack would be an attempt to bring down bitcoin.  Going down this route the largest threats to bitcoin would be those themselves threatened by bitcoin - various actors in the financial industry and possibly governments with seigniorage concerns.  

For a government to even have seigniorage concerns would require them to be forward looking, technologically adept and possibly paranoid.  For them to actually perpetrate an attack against bitcoin would likely require them to be forward looking, technologically adept, quite paranoid, probably corrupt, very cohesive, well funded and well connected which likely narrows the probability into the realms of fantasy.  

Similarly financial institutions would have to first identify bitcoin as a major threat to their existence which seems unlikely partly due to a lack of technical expertise but also due to simple normalcy bias.  For them to actually perpetrate an attack to 'kill bitcoin' would require them to judge this threat to be so great as to be worth a very well orchestrated and hidden criminal act with required hidden funding (read: direct money laundering) running into the millions or more.  Again highly unlikely.

Back to our criminals though, a criminal organisation large enough to consider a 51% attack against bitcoin would likely have both large amounts of money and a large botnet available.  Using large amounts of money to purchase mining capacity to perpetrate a 51% attack doesn't add up.  To recoup the millions spent on mining capacity the double spends at this level would have to be enormous.  Double spends might be a nice earner in theory but millions of dollars worth of double spends would be first highly damaging to the bitcoin price and would very quickly provoke a reaction amongst anyone accepting bitcoin to not accept it until the 51% attack was over and from bitcoin developers to introduce greater defenses against this type of attack.

Mining Power vs DDoS

Instead the criminals best (and cheapest) tool in the box is one that has already been demonstrated to be highly effective without anyone really noticing - the botnet.

When GHash.io reached above 50% mining power they were slow to react and slow to respond with their intentions.  This was frustrating for most but for some it was too much.  Soon after they reached above 50% GHash.io was hit with a distribute denial of service attack and their mining power dropped to around 35%.

Whether anyone agreed with this (illegal) DDoS wasn't of so much interest - the 51% issue on everyone's mind was over and everybody went about their business.  However what is interesting is that a simple (and free) DDoS, perhaps not even a very large scale one, stripped GHash.io of a massive amount of hashing power in a very small amount of time.

This means that while ASICs protect bitcoin from botnet mining they don't necessarily protect its miners from botnets.

As a criminal looking for the best payoff possible using a botnet to mine bitcoin is futile.  The botnet may be free but the reward would be tiny and just searching your botnet for credit card details will likely provide orders of magnitude more cash.

However, a fairly well funded criminal with the cash to buy some serious hashing power could use a botnet to hobble other miners, either to reduce the total pool of hashing power (and therefore increase their own share) or to allow them to more cheaply attempt a 51% attack.  While the 51% attack payoff would still likely be very dubious the ability and willingness to commit illegal DDoS against other miners could give them an advantage which might lead to this becoming a staple of mining.  Miners might end up having to DDoS other miners in order to make mining profitable.

Another cheaper, more simple but possibly less effective method of utilising their botnets would be simply to hobble miners for extortion.  Large scale miners are known to have copious amounts of easily laundered non-refundable bitcoins available and as GHash.io has shown may be highly susceptible to DDoS.  Given this they may be a prime target for extortion through DDoS.

DDoS Could Affect Hashing Distribution and Centralisation

If larger scale pools and miners were commonly attacked either for competition or extortion then this may change the dynamic of hashing distribution.  Larger pools would attract more DDoS and this would make them less attractive to pool members since they would either suffer availability problems or their costs would be raised by the 'tax' of DDoS.  This could then lead to a prevalence of smaller pools which would, ironically, be preferable to much of the bitcoin community.

It may also be possible that the same pressure could occur on larger scale miners alone.  The larger a mining operation the larger the target and the more they have to lose.  If they are susceptible to DDoS then this could change the economics of mining on a large scale which could lead back to not just a breakup of hashing power but a breakup of the centralisation back to a more decentralised mining community.
0 Comments



Leave a Reply.

    X-BTC

    X-BTC.com is the musings of a computer scientist and bitcoin early adopter.

    There is no financial advice to be had here.

    Follow

    RSS Feed

    Share

    If you liked this article then X-BTC feel free to share it:
    submit to reddit
    Tweet

    Archives

    May 2019
    September 2014
    August 2014
    July 2014
    June 2014
    April 2014
    February 2014
    January 2014
    December 2013
    November 2013
    October 2013

Thanks for reading...

Thanks for reading this article.  X-BTC.com isn't a big or well known site so if you liked the article and you think others might like this too why not share it on Twitter, Facebook, LinkedIn or post it to Reddit, Slashdot or anywhere else you think might help people find it.