Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
Content-Type: multipart/signed;
	boundary="Apple-Mail=_EAA8C5C6-89A8-462E-9728-F8DFF91CB830";
	protocol="application/pgp-signature"; micalg=pgp-sha512
From: Jonathan Toomim <j@toom.im>
In-Reply-To: <CABT1wW=r5DPG1e6XFe7NMHrquo1FzygPCdjEJ2QQnmGbqVMH2Q@mail.gmail.com>
Date: Fri, 25 Dec 2015 04:00:11 -0800
Message-Id: <8BA2CF44-4237-460E-8339-F22A29504AE5@toom.im>
References: <20151219184240.GB12893@muck>
	<CAAcC9yvh2ma2dFhNDEKs7vfXyQF9L+T0YtRvOsJ15AbfVti=cw@mail.gmail.com>
	<219f125cee6ca68fd27016642e38fdf1@xbt.hk>
	<CAAcC9ys_t7X0WpQ8W3577M8GLiA5sPV2F1BJ9qZbnMkE-1j3+Q@mail.gmail.com>
	<aff8da46a69bdd7ef92ca87725866a5c@xbt.hk>
	<CAPkFh0vNECi1OmBwki+8NNAQbe6EG2FEE4RR5z=kYVLLDFHUXg@mail.gmail.com>
	<20151220132842.GA25481@muck>
	<CAPkFh0t-+WhZYVLyT_auLa87zAATNOH=CpU4S5H=n6S1wmZ-oQ@mail.gmail.com>
	<CABeL=0jgv3G8qx6wM+ZfwN154qhQY-GJdXnABc-iWL=YDNmhag@mail.gmail.com>
	<CABT1wW=r5DPG1e6XFe7NMHrquo1FzygPCdjEJ2QQnmGbqVMH2Q@mail.gmail.com>
To: Ittay <ittay.eyal@cornell.edu>
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] We need to fix the block withholding attack
Precedence: list


--Apple-Mail=_EAA8C5C6-89A8-462E-9728-F8DFF91CB830
Content-Type: multipart/alternative;
	boundary="Apple-Mail=_7EFA8C1F-F68C-47DB-B550-2A2711E0E268"


--Apple-Mail=_7EFA8C1F-F68C-47DB-B550-2A2711E0E268
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
	charset=us-ascii

On Dec 25, 2015, at 3:15 AM, Ittay via bitcoin-dev =
<bitcoin-dev@lists.linuxfoundation.org> wrote:

> Treating the pool block withholding attack as a weapon has bad =
connotations, and I don't think anyone directly condones such an attack.

I directly condone the use of block withholding attacks whenever pools =
get large enough to perform selfish mining attacks. Selfish mining and =
large, centralized pools also have bad connotations.

It's an attack against pools, not just large pools. Solo miners are =
immune. As such, the presence or use of block withholding attacks makes =
Bitcoin more similar to Satoshi's original vision. One of the issues =
with mining centralization via pools is that miners have a direct =
financial incentive to stay relatively small, but pools do not. =
Investing in mining is a zero-sum game, where each miner gains revenue =
by making investments at the expense of existing miners. This also means =
that miners take revenue from themselves when they upgrade their =
hashrate. If a miner already has 1/5 of the network hashrate, then the =
marginal revenue for that miner of adding 1 TH/s is only 4/5 of the =
marginal revenue for a miner with 0% of the network and who adds 1 TH/s. =
The bigger you get, the smaller your incentive to get bigger.

This incentive applies to miners, but it does not apply to pools. Pools =
have an incentive to get as big as possible (except for social backlash =
and altruistic punishment issues). Pools are the problem. I think we =
should be looking for ways of making pooled mining less profitable than =
solo mining or p2pool-style mining. Block withholding attacks are one =
such tool, and maybe the only usable tool we'll get. If we have to =
choose between making bitcoin viable long-term and avoiding things with =
bad connotations, it might be better to let our hands get a little bit =
dirty.

I don't intend to perform any such attacks myself. I like to keep my hat =
a nice shiny white. However, if anyone else were to perform such an =
attack, I would condone it.

P.S.: Sorry, pool operators. I have nothing against you personally. I =
just think pools are dangerous, and I wish they didn't exist.

--Apple-Mail=_7EFA8C1F-F68C-47DB-B550-2A2711E0E268
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=us-ascii

<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: =
after-white-space;"><div>On Dec 25, 2015, at 3:15 AM, Ittay via =
bitcoin-dev &lt;<a =
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.li=
nuxfoundation.org</a>&gt; wrote:</div><div><br =
class=3D"Apple-interchange-newline"><blockquote type=3D"cite"><span =
style=3D"font-family: Helvetica; font-size: 12px; font-style: normal; =
font-variant: normal; font-weight: normal; letter-spacing: normal; =
line-height: normal; orphans: auto; text-align: start; text-indent: 0px; =
text-transform: none; white-space: normal; widows: auto; word-spacing: =
0px; -webkit-text-stroke-width: 0px; float: none; display: inline =
!important;">Treating the pool block withholding attack as a weapon has =
bad connotations, and I don't think anyone directly condones such an =
attack. </span></blockquote><div><br></div><div>I directly condone the =
use of block withholding attacks whenever pools get large enough to =
perform selfish mining attacks. Selfish mining and large, centralized =
pools also have bad connotations.</div><div><br></div><div>It's an =
attack against pools, not just large pools. Solo miners are immune. As =
such, the presence or use of block withholding attacks makes Bitcoin =
more similar to Satoshi's original vision. One of the issues with mining =
centralization via pools is that miners have a direct financial =
incentive to stay relatively small, but pools do not. Investing in =
mining is a zero-sum game, where each miner gains revenue by making =
investments at the expense of existing miners. This also means that =
miners take revenue from themselves when they upgrade their hashrate. If =
a miner already has 1/5 of the network hashrate, then the marginal =
revenue for that miner of adding 1 TH/s is only 4/5 of the marginal =
revenue for a miner with 0% of the network and who adds 1 TH/s. The =
bigger you get, the smaller your incentive to get =
bigger.&nbsp;</div><div><br></div><div>This incentive applies to miners, =
but it does not apply to pools. Pools have an incentive to get as big as =
possible (except for social backlash and altruistic punishment issues). =
Pools are the problem. I think we should be looking for ways of making =
pooled mining less profitable than solo mining or p2pool-style mining. =
Block withholding attacks are one such tool, and maybe the only usable =
tool we'll get. If we have to choose between making bitcoin viable =
long-term and avoiding things with bad connotations, it might be better =
to let our hands get a little bit dirty.</div><div><br></div><div>I =
don't intend to perform any such attacks myself. I like to keep my hat a =
nice shiny white. However, if anyone else were to perform such an =
attack, I would condone it.</div><div><br></div><div>P.S.: Sorry, pool =
operators. I have nothing against you personally. I just think pools are =
dangerous, and I wish they didn't exist.</div></div></body></html>=

--Apple-Mail=_7EFA8C1F-F68C-47DB-B550-2A2711E0E268--

--Apple-Mail=_EAA8C5C6-89A8-462E-9728-F8DFF91CB830
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
	filename=signature.asc
Content-Type: application/pgp-signature;
	name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org

iQEcBAEBCgAGBQJWfS/NAAoJEIEuMk4MG0P1cxQH/A+15Yp/NU6bcRVj4lQUtuxk
AqBbp6klno3nMs1KO2ffsqShhQ/9stN6OdrzwKOhDybOxDXQ3TMMud68FG1kKQMu
OqUUgHIXXcb4SnW04sxJ+QMZBSFSQsKlrdDt0adHNoJzCRWozu5MOll2t0OML6/L
Wdjao8pR9DWjbwu3QqeY9OOIuCwSRl+NJ6GSiBCVqDLC+byK2SjOg6MYsW5Mr/Bl
1oEYIypFhhCnU8G7C5YdQuK/GYaTSScAY1qcZpuuthcSiYSs997GOFsm0C/xOnqv
RevfcE1thxh+WvLmjoRYWTfnRRrq0JZmOmdGjWivHIcOUj0jYGlYxlI02ya2jzs=
=xysR
-----END PGP SIGNATURE-----

--Apple-Mail=_EAA8C5C6-89A8-462E-9728-F8DFF91CB830--