Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 55D7AF16 for ; Sun, 20 Dec 2015 03:36:17 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mail.bluematt.me (mail.bluematt.me [192.241.179.72]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 9581C135 for ; Sun, 20 Dec 2015 03:36:16 +0000 (UTC) Received: from [IPv6:2607:fb90:422:c955:9b7c:bf50:1e8c:7621] (mc20536d0.tmodns.net [208.54.5.194]) by mail.bluematt.me (Postfix) with ESMTPSA id EC9E25AF31; Sun, 20 Dec 2015 03:36:14 +0000 (UTC) In-Reply-To: References: <20151219184240.GB12893@muck> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Content-Type: text/plain; charset=UTF-8 From: Matt Corallo Date: Sun, 20 Dec 2015 03:36:10 +0000 To: Chris Priest Message-ID: <4882BD35-D890-4860-9222-5C23AEB6AE89@mattcorallo.com> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: bitcoin-dev@lists.linuxfoundation.org Subject: Re: [bitcoin-dev] We need to fix the block withholding attack X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 20 Dec 2015 03:36:17 -0000 Peter was referring to pool-block-withholding, not selfish mining. On December 19, 2015 7:34:26 PM PST, Chris Priest via bitcoin-dev wrote: >Block witholding attacks are only possible if you have a majority of >hashpower. If you only have 20% hashpower, you can't do this attack. >Currently, this attack is only a theoretical attack, as the ones with >all the hashpower today are not engaging in this behavior. Even if >someone who had a lot of hashpower decided to pull off this attack, >they wouldn't be able to disrupt much. Once that time comes, then I >think this problem should be solved, until then it should be a low >priority. There are more important things to work on in the meantime. > >On 12/19/15, Peter Todd via bitcoin-dev > wrote: >> At the recent Scaling Bitcoin conference in Hong Kong we had a >chatham >> house rules workshop session attending by representitives of a super >> majority of the Bitcoin hashing power. >> >> One of the issues raised by the pools present was block withholding >> attacks, which they said are a real issue for them. In particular, >pools >> are receiving legitimate threats by bad actors threatening to use >block >> withholding attacks against them. Pools offering their services to >the >> general public without anti-privacy Know-Your-Customer have little >> defense against such attacks, which in turn is a threat to the >> decentralization of hashing power: without pools only fairly large >> hashing power installations are profitable as variance is a very real >> business expense. P2Pool is often brought up as a replacement for >pools, >> but it itself is still relatively vulnerable to block withholding, >and >> in any case has many other vulnerabilities and technical issues that >has >> prevented widespread adoption of P2Pool. >> >> Fixing block withholding is relatively simple, but (so far) requires >a >> SPV-visible hardfork. (Luke-Jr's two-stage target mechanism) We >should >> do this hard-fork in conjunction with any blocksize increase, which >will >> have the desirable side effect of clearly show consent by the entire >> ecosystem, SPV clients included. >> >> >> Note that Ittay Eyal and Emin Gun Sirer have argued(1) that block >> witholding attacks are a good thing, as in their model they can be >used >> by small pools against larger pools, disincentivising large pools. >> However this argument is academic and not applicable to the real >world, >> as a much simpler defense against block withholding attacks is to use >> anti-privacy KYC and the legal system combined with the variety of >> withholding detection mechanisms only practical for large pools. >> Equally, large hashing power installations - a dangerous thing for >> decentralization - have no block withholding attack vulnerabilities. >> >> 1) http://hackingdistributed.com/2014/12/03/the-miners-dilemma/ >> >> -- >> 'peter'[:-1]@petertodd.org >> 00000000000000000188b6321da7feae60d74c7b0becbdab3b1a0bd57f10947d >> >_______________________________________________ >bitcoin-dev mailing list >bitcoin-dev@lists.linuxfoundation.org >https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev