From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 3EFDDCE7 for ; Mon, 18 Jun 2018 18:47:54 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f41.google.com (mail-wm0-f41.google.com [74.125.82.41]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id A615C1A0 for ; Mon, 18 Jun 2018 18:47:53 +0000 (UTC) Received: by mail-wm0-f41.google.com with SMTP id j15-v6so17563430wme.0 for ; Mon, 18 Jun 2018 11:47:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=nlGCev4ugz86/A3O5y6/KiTdNmd0LzezOmq0ee/eFH0=; b=cmqDa74efh9sSrrbAy3LMqMCy+DiNKcs04zxgHq67gdSxmRbcEeHAF9le3HSQ1m1ld X2ioo+PgOPQYWrKKfs5xWCSGTEMphoqzLbwpIZvxggVRvyUhoeFmxDxJ5KhPg2PtkLsh cQbhRsKerI/p00FWlKPu3O6MVAu640N0QjLnnIbQzCaAo5ajjHo2uWdk8tyoiG0KdPOr Kcqa3/I6YKv6jnJqqqTmaJd3kBulX0nDr2TYdAbAD9b5/Qnvs0Jxgb3wUCNznHO+xW8I QyZyeY9myziKvxNFD30CP3jRWdN4ipNSAo3ak607oBFcbB0XSlF7e2qi9AlhLruqKZQs DlNA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=nlGCev4ugz86/A3O5y6/KiTdNmd0LzezOmq0ee/eFH0=; b=axQrJkCHipARHP+NPuuKzDciY5VPgW8W6mW5nIQXwxi/o6IzvWGGSJsJFT83aI0RWJ SqHuqqzxMKEyozNyTgfMVVqb9VQhaw6sfbWYEfm5oTJEdmxVYdOPDnf1vVk8SW+pY5Bu mLzrjMDOmmjmUNVS8jAkhNHUsduPiTQMOMdZrvuMcdWvYlvAhaj4JZktyDs3ogYbJ3Uy /gGyEhUHEng1ni6hH8ZSJwJNoOpb0Vhs1oownSHrILnjynjyBEd24C9UUtthHL36Lfno XCtzobyNVpSrg71v2XXnLJuo5BkVoo4hP3uxSGuP3EnISeScOFLB4Y/S+PrFWj1yjvPq ErkA== X-Gm-Message-State: APt69E3uC2r5Dq9d5IMgl6D+ZsmXyraH6m7mfPFkXveGcivx3tScuHBA Tl0zO2VVDyEHOEMjblzN0aj/1uoMfFu/lIcx/1g= X-Google-Smtp-Source: ADUXVKLWJpAZEsf21pjPxbdF7fCIDJeygw4szCIRsOCi4OGaAz99p3mbqh+eJMUg5mN/Qa7ele7ozGNB1pgQviCwBP4= X-Received: by 2002:a50:f0ce:: with SMTP id a14-v6mr12248189edm.90.1529347672206; Mon, 18 Jun 2018 11:47:52 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Alexander Leishman Date: Mon, 18 Jun 2018 11:47:40 -0700 Message-ID: To: =?UTF-8?B?0JDRgNGC0ZHQvCDQm9C40YLQstC40L3QvtCy0LjRhw==?= , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000bd716e056eef0091" X-Spam-Status: No, score=-1.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, HTML_MESSAGE,RCVD_IN_DNSWL_NONE autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Tue, 19 Jun 2018 13:13:11 +0000 Subject: Re: [bitcoin-dev] Miner dilution attack on Bitcoin - is that something plausible? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2018 18:47:54 -0000 --000000000000bd716e056eef0091 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Well miners already regularly mine empty blocks. However, it is usually in the economic interest of the miners to collect transaction fees. This incentive should hopefully be enough to prevent miners from choosing to produce many empty blocks. If a nation state attacker decides to allocate billions in resources to attack Bitcoin, then that is a bigger discussion. The risk there is double-spends, not empty blocks. -Alex On Mon, Jun 18, 2018 at 11:39 AM =D0=90=D1=80=D1=82=D1=91=D0=BC =D0=9B=D0= =B8=D1=82=D0=B2=D0=B8=D0=BD=D0=BE=D0=B2=D0=B8=D1=87 via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Dilution is a potential attack i randomly came up with in a Twitter > arguement and couldn't find any references to or convincing arguments of = it > being implausible. > > Suppose a malicious actor were to acquire a majority of hash power, and > proceed to use that hash power to produce valid, but empty blocks. > > As far as i understand it, this would effectively reduce the block rate b= y > half or more and since nodes can't differentiate block relay and block > production there would be nothing they can do to adjust difficulty or bla= ck > list the attacker. > > At a rough estimate of $52 per TH equipment cost (Antminer pricing) and > 12.5 BTC per 10 minutes power cost we are looking at an order of $2 billi= on > of equipment and $0.4 billion a month of power costs (ignoring block > reward) to maintain an attack - easily within means of even a minor > government-scale actor. > > Is that a plausible scenario, or am i chasing a mirage? If it is > plausible, what could be done to mitigate it? > > > -Artem > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --000000000000bd716e056eef0091 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Well miners already regularly mine empty blocks. However, = it is usually in the economic interest of the miners to collect transaction= fees. This incentive should hopefully be enough to prevent miners from cho= osing to produce many empty blocks.

If a nation state at= tacker decides to allocate billions in resources to attack Bitcoin, then th= at is a bigger discussion. The risk there is double-spends, not empty block= s.

-Alex



On Mon, Jun = 18, 2018 at 11:39 AM =D0=90=D1=80=D1=82=D1=91=D0=BC =D0=9B=D0=B8=D1=82=D0= =B2=D0=B8=D0=BD=D0=BE=D0=B2=D0=B8=D1=87 via bitcoin-dev <bitcoin-dev@lists.linuxfoundation= .org> wrote:
Dilution is a potential attack i randomly came u= p with in a Twitter arguement and couldn't find any references to or co= nvincing arguments of it being implausible.

Suppose a maliciou= s actor were to acquire a majority of hash power, and proceed to use that h= ash power to produce valid, but empty blocks.

As far as i unde= rstand it, this would effectively reduce the block rate by half or more and= since nodes can't differentiate block relay and block production there= would be nothing they can do to adjust difficulty or black list the attack= er.

At a rough estimate of $52 per TH equipment cost (Antminer= pricing) and 12.5 BTC per 10 minutes power cost we are looking at an order= of $2 billion of equipment and $0.4 billion a month of power costs (ignori= ng block reward) to maintain an attack - easily within means of even a mino= r government-scale actor.

Is that a plausible scenario, or am = i chasing a mirage? If it is plausible, what could be done to mitigate it?<= br>

-Artem
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--000000000000bd716e056eef0091--