public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: Ittay <ittay.eyal@cornell.edu>
Cc: "Bitcoin Dev" <bitcoin-development@lists.sourceforge.net>,
	"Gavin Andresen" <gavin@bitcoinfoundation.org>,
	"Emin Gün Sirer" <egs@systems.cs.cornell.edu>
Subject: Re: [Bitcoin-development] BIP proposal - patch to raise selfish mining threshold.
Date: Tue, 5 Nov 2013 12:05:41 -0500	[thread overview]
Message-ID: <20131105170541.GA13660@petertodd.org> (raw)
In-Reply-To: <CABT1wWkOukEzxK5fLbnA4ZgJGN1hb_DMteCJOfA13FE_QZCi=Q@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 1443 bytes --]

On Tue, Nov 05, 2013 at 11:56:53AM -0500, Ittay wrote:
> Hello,
> 
> Please see below our BIP for raising the selfish mining threshold.
> Looking forward to your comments.

<snip>

> 2. No new vulnerabilities introduced:
> Currently the choice among equal-length chains is done arbitrarily,
> depending on network topology. This arbitrariness is a source of
> vulnerability. We replace it with explicit randomness, which is at the
> control of the protocol. The change does not introduce executions that were
> not possible with the old protocol.

Credit goes to Gregory Maxwell for pointing this out, but the random
choice solution does in fact introduce a vulnerability in that it
creates incentives for pools over a certain size to withhold blocks
rather than immediately broadcasting all blocks found.

The problem is that when the pool eventually choses to reveal the block
they mined, 50% of the hashing power switches, thus splitting the
network. Like the original attack this can be to their benefit. For
pools over a certain size this strategy is profitable even without
investing in a low-latency network; Maxwell or someone else can chime in
with the details for deriving that threshold.

I won't get a chance to for a few hours, but someone should do the
analysis on a deterministic switching scheme.

-- 
'peter'[:-1]@petertodd.org
0000000000000005e25ca9b9fe62bdd6e8a2b4527ad61753dd2113c268bec707

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

  reply	other threads:[~2013-11-05 17:07 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-11-05 16:56 [Bitcoin-development] BIP proposal - patch to raise selfish mining threshold Ittay
2013-11-05 17:05 ` Peter Todd [this message]
2013-11-05 17:14   ` Peter Todd
2013-11-05 17:43     ` Ittay
2013-11-05 17:54       ` Mike Hearn
2013-11-05 18:07         ` Alessandro Parisi
2013-11-05 18:37           ` Jeff Garzik
2013-11-05 18:55             ` Alessandro Parisi
2013-11-05 18:58               ` Jeff Garzik
2013-11-05 19:33                 ` Jameson Lopp
2013-11-05 19:56       ` Peter Todd
2013-11-05 17:26   ` Ittay
2013-11-05 17:37     ` Patrick
2013-11-05 18:18       ` Alessandro Parisi
2013-11-05 18:57     ` Jeremy Spilman
2013-11-05 22:49       ` Ittay
2013-11-07 20:05 ` [Bitcoin-development] comments on selfish-mining model (Re: BIP proposal - patch to raise selfish mining threshold.) Adam Back

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20131105170541.GA13660@petertodd.org \
    --to=pete@petertodd.org \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=egs@systems.cs.cornell.edu \
    --cc=gavin@bitcoinfoundation.org \
    --cc=ittay.eyal@cornell.edu \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox