Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.214.175 as permitted sender)
	client-ip=209.85.214.175; envelope-from=mh.in.england@gmail.com;
	helo=mail-ob0-f175.google.com; 
MIME-Version: 1.0
Sender: mh.in.england@gmail.com
In-Reply-To: <CAKaEYhLqnzrhdJNTSBccDA68Mb-hUnaZaCa9Gn43FuVpa410sg@mail.gmail.com>
References: <CAKaEYhLqnzrhdJNTSBccDA68Mb-hUnaZaCa9Gn43FuVpa410sg@mail.gmail.com>
Date: Fri, 5 Apr 2013 11:48:51 +0200
Message-ID: <CANEZrP3S7b+uh2LW4vH=53opopLJRmmJ-_Uad6yEQxZ3kHW47A@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Melvin Carvalho <melvincarvalho@gmail.com>
Content-Type: multipart/alternative; boundary=089e015369be94d9e504d999fe0b
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] A mining pool at 46%
Precedence: list

--089e015369be94d9e504d999fe0b
Content-Type: text/plain; charset=UTF-8

51% isn't a magic number - it's possible to do double spends against
confirmed transactions before that. If Michael wanted to do so, with the
current setup he could, and that's obviously rather different to how
Satoshi envisioned mining working.

However, you're somewhat right in the sense that it's a self-defeating
attack. If the pool owner went bad, he could pull it off once, but the act
of doing so would leave a permanent record and many of the people mining on
his pool would leave. As he doesn't own the actual mining hardware, he then
wouldn't be able to do it again.

There are also other mining protocols that allow people to pool together,
without p2pool and without the pool operator being able to centrally pick
which transactions go into the block. However I'm not sure they're widely
deployed at the moment. It'd be better if people didn't cluster around big
mining pools, but I think p2pool still has a lot of problems dealing with
FPGA/ASIC hardware and it hasn't been growing for a long time.


On Fri, Apr 5, 2013 at 11:30 AM, Melvin Carvalho
<melvincarvalho@gmail.com>wrote:

> There was some chat on IRC about a mining pool reaching 46%
>
> http://blockchain.info/pools
>
> What's the risk of a 51% attack.
>
> I suggested that the pool itself is decentralized so you could not launch
> one
>
> On IRC people were saying that the pool owner gets to choose what goes in
> the block
>
> Surely with random non colliding nonces, it would be almost impossible to
> coordinate a 51% even by the owner
>
> Someone came back and said that creating random numbers on a GPU is hard.
> But what about just creating ONE random number and incrementing from there
> ...
>
> It would be great to know if this is a threat or a non issue
>
>
> ------------------------------------------------------------------------------
> Minimize network downtime and maximize team effectiveness.
> Reduce network management and security costs.Learn how to hire
> the most talented Cisco Certified professionals. Visit the
> Employer Resources Portal
> http://www.cisco.com/web/learning/employer_resources/index.html
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>

--089e015369be94d9e504d999fe0b
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">51% isn&#39;t a magic number - it&#39;s possible to do dou=
ble spends against confirmed transactions before that. If Michael wanted to=
 do so, with the current setup he could, and that&#39;s obviously rather di=
fferent to how Satoshi envisioned mining working.<div>
<br></div><div style>However, you&#39;re somewhat right in the sense that i=
t&#39;s a self-defeating attack. If the pool owner went bad, he could pull =
it off once, but the act of doing so would leave a permanent record and man=
y of the people mining on his pool would leave. As he doesn&#39;t own the a=
ctual mining hardware, he then wouldn&#39;t be able to do it again.</div>
<div style><br></div><div style>There are also other mining protocols that =
allow people to pool together, without p2pool and without the pool operator=
 being able to centrally pick which transactions go into the block. However=
 I&#39;m not sure they&#39;re widely deployed at the moment. It&#39;d be be=
tter if people didn&#39;t cluster around big mining pools, but I think p2po=
ol still has a lot of problems dealing with FPGA/ASIC hardware and it hasn&=
#39;t been growing for a long time.</div>
</div><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Fri,=
 Apr 5, 2013 at 11:30 AM, Melvin Carvalho <span dir=3D"ltr">&lt;<a href=3D"=
mailto:melvincarvalho@gmail.com" target=3D"_blank">melvincarvalho@gmail.com=
</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div><div><div><div><div>Th=
ere was some chat on IRC about a mining pool reaching 46%<br><br><a href=3D=
"http://blockchain.info/pools" target=3D"_blank">http://blockchain.info/poo=
ls</a><br>
<br></div>What&#39;s the risk of a 51% attack.<br>
<br></div>I suggested that the pool itself is decentralized so you could no=
t launch one<br><br>On IRC people were saying that the pool owner gets to c=
hoose what goes in the block<br><br></div>Surely with random non colliding =
nonces, it would be almost impossible to coordinate a 51% even by the owner=
<br>

<br></div>Someone came back and said that creating random numbers on a GPU =
is hard.=C2=A0 But what about just creating ONE random number and increment=
ing from there ...<br><br></div><div>It would be great to know if this is a=
 threat or a non issue<br>

</div></div>
<br>-----------------------------------------------------------------------=
-------<br>
Minimize network downtime and maximize team effectiveness.<br>
Reduce network management and security costs.Learn how to hire<br>
the most talented Cisco Certified professionals. Visit the<br>
Employer Resources Portal<br>
<a href=3D"http://www.cisco.com/web/learning/employer_resources/index.html"=
 target=3D"_blank">http://www.cisco.com/web/learning/employer_resources/ind=
ex.html</a><br>_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br></div>

--089e015369be94d9e504d999fe0b--