From: Peter Todd <pete@petertodd.org>
To: Ittay <ittay.eyal@cornell.edu>
Cc: "Bitcoin Dev" <bitcoin-development@lists.sourceforge.net>,
"Gavin Andresen" <gavin@bitcoinfoundation.org>,
"Emin Gün Sirer" <egs@systems.cs.cornell.edu>
Subject: Re: [Bitcoin-development] BIP proposal - patch to raise selfish mining threshold.
Date: Tue, 5 Nov 2013 12:05:41 -0500 [thread overview]
Message-ID: <20131105170541.GA13660@petertodd.org> (raw)
In-Reply-To: <CABT1wWkOukEzxK5fLbnA4ZgJGN1hb_DMteCJOfA13FE_QZCi=Q@mail.gmail.com>
[-- Attachment #1: Type: text/plain, Size: 1443 bytes --]
On Tue, Nov 05, 2013 at 11:56:53AM -0500, Ittay wrote:
> Hello,
>
> Please see below our BIP for raising the selfish mining threshold.
> Looking forward to your comments.
<snip>
> 2. No new vulnerabilities introduced:
> Currently the choice among equal-length chains is done arbitrarily,
> depending on network topology. This arbitrariness is a source of
> vulnerability. We replace it with explicit randomness, which is at the
> control of the protocol. The change does not introduce executions that were
> not possible with the old protocol.
Credit goes to Gregory Maxwell for pointing this out, but the random
choice solution does in fact introduce a vulnerability in that it
creates incentives for pools over a certain size to withhold blocks
rather than immediately broadcasting all blocks found.
The problem is that when the pool eventually choses to reveal the block
they mined, 50% of the hashing power switches, thus splitting the
network. Like the original attack this can be to their benefit. For
pools over a certain size this strategy is profitable even without
investing in a low-latency network; Maxwell or someone else can chime in
with the details for deriving that threshold.
I won't get a chance to for a few hours, but someone should do the
analysis on a deterministic switching scheme.
--
'peter'[:-1]@petertodd.org
0000000000000005e25ca9b9fe62bdd6e8a2b4527ad61753dd2113c268bec707
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]
next prev parent reply other threads:[~2013-11-05 17:07 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-11-05 16:56 [Bitcoin-development] BIP proposal - patch to raise selfish mining threshold Ittay
2013-11-05 17:05 ` Peter Todd [this message]
2013-11-05 17:14 ` Peter Todd
2013-11-05 17:43 ` Ittay
2013-11-05 17:54 ` Mike Hearn
2013-11-05 18:07 ` Alessandro Parisi
2013-11-05 18:37 ` Jeff Garzik
2013-11-05 18:55 ` Alessandro Parisi
2013-11-05 18:58 ` Jeff Garzik
2013-11-05 19:33 ` Jameson Lopp
2013-11-05 19:56 ` Peter Todd
2013-11-05 17:26 ` Ittay
2013-11-05 17:37 ` Patrick
2013-11-05 18:18 ` Alessandro Parisi
2013-11-05 18:57 ` Jeremy Spilman
2013-11-05 22:49 ` Ittay
2013-11-07 20:05 ` [Bitcoin-development] comments on selfish-mining model (Re: BIP proposal - patch to raise selfish mining threshold.) Adam Back
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20131105170541.GA13660@petertodd.org \
--to=pete@petertodd.org \
--cc=bitcoin-development@lists.sourceforge.net \
--cc=egs@systems.cs.cornell.edu \
--cc=gavin@bitcoinfoundation.org \
--cc=ittay.eyal@cornell.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox