From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id A8E271180 for ; Mon, 28 Dec 2015 19:12:37 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from outmail148095.authsmtp.com (outmail148095.authsmtp.com [62.13.148.95]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 96C8914D for ; Mon, 28 Dec 2015 19:12:36 +0000 (UTC) Received: from mail-c247.authsmtp.com (mail-c247.authsmtp.com [62.13.128.247]) by punt23.authsmtp.com (8.14.2/8.14.2/) with ESMTP id tBSJCZKk087538; Mon, 28 Dec 2015 19:12:35 GMT Received: from muck (S0106e091f5827ad2.ok.shawcable.net [24.71.232.17]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id tBSJCSIk053435 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Mon, 28 Dec 2015 19:12:31 GMT Date: Mon, 28 Dec 2015 11:12:28 -0800 From: Peter Todd To: Multipool Admin Message-ID: <20151228191228.GC12298@muck> References: <20151219184240.GB12893@muck> <4882BD35-D890-4860-9222-5C23AEB6AE89@mattcorallo.com> <20151220044450.GA23942@muck> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="hHWLQfXTYDoKhP50" Content-Disposition: inline In-Reply-To: X-Server-Quench: f2285c3b-ad96-11e5-bcde-0015176ca198 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdAoUHFAXAgsB AmMbWl1eUV97WmE7 aQ5PagRDYElMQQRt T01BRU1TWkEaYmZy ZWdFUhxxcwZDNn9z Zk5hECZZXkx/JkUv Xx8AHGsbZGY1bX1N AxQNagNUcQZLeRkW O1F2XD1vNG8XDSg5 AwQ0PjZ0MThBHWxq T0kLIF8eCVoMVjA9 V1geHThnF0kCTCZ7 MB06Kl4bGEoQNEp6 OEc9UFkbWwA8 X-Authentic-SMTP: 61633532353630.1038:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 24.71.232.17/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] We need to fix the block withholding attack X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 28 Dec 2015 19:12:37 -0000 --hHWLQfXTYDoKhP50 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sat, Dec 26, 2015 at 12:12:13AM -0800, Multipool Admin wrote: > Any attempt to 'fix' this problem, would most likely require changes to a= ll > mining software, why not just make mining more decentralized in general? >=20 > For example, allow anyone to submit proofs of work to Bitcoind that are > some fraction of the network difficulty and receive payment for them if > they're valid. This would also encourage the proliferation of full nodes > since anyone could solo mine again. Then, the next coinbase transaction > could be split among, say, the top 100 proofs of work. That's certainly be a good place to be, but the design of Bitcoin currently makes achieving that goal fundementally difficult.=20 > Eligius already does their miner payouts like this. >=20 > If you want to fix an issue with mining, fix the selfish mining issue fir= st > as it's a much larger and more dangerous potential issue. Do you specifically mean selfish mining as defined in Emin G=FCn Sirer/Ittay Eyal's paper? Keep in mind that attack is only a significant issue in a scenario - one malicious miner with >30% hashing power - where you're already very close to the margins anyway; the difference between a 50% attack threshold and a 30% attack threshold isn't very significant. Far more concerning is network propagation effects between large and small miners. For that class of issues, if you are in an environemnt where selfish mining is possible - a fairly flat, easily DoS/sybil attacked network topology - the profitability difference between small and large miners even *without* attacks going on is a hugely worrying problem. OTOH, if you're blocksize is small enough that propagation time is negligable to profitability, then selfish mining attacks with <30% hashing power aren't much of a concern - they'll be naturally defeated by anti-DoS/anti-sybil measures. > I don't believe it was ever clearly established whether Eligius suffered a > block withholding attack or was just the victim of a miner with (what was, > at the time) a large amount of faulty hardware, however, from the > Bitcointalk threads at the time I believe it was assumed to be the latter. I think the latter was assumed as well, although ruling out of the former is impossible. Note though that Eligius is *not* the only pool to have had problems with block withholding, though AFAIK Eligius is the only one who has gone on record so far. (as I said in my original post, I'm relaying information given to me under condition of confidentiality) --=20 'peter'[:-1]@petertodd.org 000000000000000004a36565fb282c4bd06dda61329fda2465b0bfeaf7241dab --hHWLQfXTYDoKhP50 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- iQGrBAEBCACVBQJWgYmZXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw MDAwMDAwMDAwMDAwMDAwMWQzYzRhY2I3NDQ2ZjY2NDgyZmI2YWNlYjA4N2Q3NjAx YzllMDY0NGNmNjBlOWEvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0 ZUBwZXRlcnRvZC5vcmcACgkQwIXyHOf0udxHyAgAhowC+V+zhY9Rfnfdjfe2IDZk T4r7saRP2BX2LVGn1AiKiNEPfN/rw2WjWlVp43OxRFn+xnUKUTYQ3bxlKdiyKdG8 e2kXcV2V4cgzrk+f2uUbw4dNWPu2mo5eK9WTcj/fp6HmEnDf3rBT2OyO0OB6QKrc tnjZcHZaFFRnNNKE+zQlyt5/hPrkqh1dx69wNsP+J2kp7rXyQPhV2H0daxToTgz7 uuUBinIMU3wikQ42qXcwHTFCUGDdiO4NGrxwkExfLeUtLZ0a0gEoXOfYvbC0ghGc MloQPeXf+OBQfZg2zVjqdcnNUDbqR+TMGRrYu2SrlYM162+BPMeoRmbeQeHxTA== =hS3a -----END PGP SIGNATURE----- --hHWLQfXTYDoKhP50--