MIME-Version: 1.0
References: <CAJRVQkDM390Y4sVzA8WwM93PY4UqUa8gvPKkT-iA2UcYL6FQ+g@mail.gmail.com>
In-Reply-To: <CAJRVQkDM390Y4sVzA8WwM93PY4UqUa8gvPKkT-iA2UcYL6FQ+g@mail.gmail.com>
From: Bram Cohen <bram@chia.net>
Date: Mon, 18 Jun 2018 13:40:26 -0700
Message-ID: <CAHUJnBAU2exMFgPTQx_+h_bktL3Z3B3rsh09aciVtRnGrHJBEw@mail.gmail.com>
To: theartlav@gmail.com, 
	Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary="000000000000431fc5056ef094f2"
Subject: Re: [bitcoin-dev] Miner dilution attack on Bitcoin - is that
 something plausible?
Precedence: list

--000000000000431fc5056ef094f2
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Not sure what you're saying here. The block rate can't be particularly
increased or decreased in the long run due to the work difficulty
adjustment getting you roughly back where you started no matter what.
Someone could DOS the system by producing empty blocks, sure, that's a
central attack of what can happen when someone does a 51% attack with no
special countermeasures other than everything that Bitcoin does at its
core. An attacker or group of attackers could conspire to reduce block
sizes in order to increase transaction fees, in fact they could do that
with a miner activated soft fork. That appears both doable and given past
things which have happened with transaction fees in the past potentially
lucrative, particularly as block rewards fall in the future. Please don't
tell the big mining pools about it.

On Mon, Jun 18, 2018 at 11:39 AM =D0=90=D1=80=D1=82=D1=91=D0=BC =D0=9B=D0=
=B8=D1=82=D0=B2=D0=B8=D0=BD=D0=BE=D0=B2=D0=B8=D1=87 via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> Dilution is a potential attack i randomly came up with in a Twitter
> arguement and couldn't find any references to or convincing arguments of =
it
> being implausible.
>
> Suppose a malicious actor were to acquire a majority of hash power, and
> proceed to use that hash power to produce valid, but empty blocks.
>
> As far as i understand it, this would effectively reduce the block rate b=
y
> half or more and since nodes can't differentiate block relay and block
> production there would be nothing they can do to adjust difficulty or bla=
ck
> list the attacker.
>
> At a rough estimate of $52 per TH equipment cost (Antminer pricing) and
> 12.5 BTC per 10 minutes power cost we are looking at an order of $2 billi=
on
> of equipment and $0.4 billion a month of power costs (ignoring block
> reward) to maintain an attack - easily within means of even a minor
> government-scale actor.
>
> Is that a plausible scenario, or am i chasing a mirage? If it is
> plausible, what could be done to mitigate it?
>
>
> -Artem
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>

--000000000000431fc5056ef094f2
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Not sure what you&#39;re saying here. The block rate can&#=
39;t be particularly increased or decreased in the long run due to the work=
 difficulty adjustment getting you roughly back where you started no matter=
 what. Someone could DOS the system by producing empty blocks, sure, that&#=
39;s a central attack of what can happen when someone does a 51% attack wit=
h no special countermeasures other than everything that Bitcoin does at its=
 core. An attacker or group of attackers could conspire to reduce block siz=
es in order to increase transaction fees, in fact they could do that with a=
 miner activated soft fork. That appears both doable and given past things =
which have happened with transaction fees in the past potentially lucrative=
, particularly as block rewards fall in the future. Please don&#39;t tell t=
he big mining pools about it.</div><br><div class=3D"gmail_quote"><div dir=
=3D"ltr">On Mon, Jun 18, 2018 at 11:39 AM =D0=90=D1=80=D1=82=D1=91=D0=BC =
=D0=9B=D0=B8=D1=82=D0=B2=D0=B8=D0=BD=D0=BE=D0=B2=D0=B8=D1=87 via bitcoin-de=
v &lt;<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@=
lists.linuxfoundation.org</a>&gt; wrote:<br></div><blockquote class=3D"gmai=
l_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left=
:1ex"><div dir=3D"ltr"><div><div><div><div><div>Dilution is a potential att=
ack i randomly came up with in a Twitter arguement and couldn&#39;t find an=
y references to or convincing arguments of it being implausible.<br><br></d=
iv>Suppose a malicious actor were to acquire a majority of hash power, and =
proceed to use that hash power to produce valid, but empty blocks.<br><br><=
/div>As far as i understand it, this would effectively reduce the block rat=
e by half or more and since nodes can&#39;t differentiate block relay and b=
lock production there would be nothing they can do to adjust difficulty or =
black list the attacker.<br><br></div>At a rough estimate of $52 per TH equ=
ipment cost (Antminer pricing) and 12.5 BTC per 10 minutes power cost we ar=
e looking at an order of $2 billion of equipment and $0.4 billion a month o=
f power costs (ignoring block reward) to maintain an attack - easily within=
 means of even a minor government-scale actor.<br><br></div>Is that a plaus=
ible scenario, or am i chasing a mirage? If it is plausible, what could be =
done to mitigate it?<br><br><br></div>-Artem<br></div>
_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">=
bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org/mail=
man/listinfo/bitcoin-dev</a><br>
</blockquote></div>

--000000000000431fc5056ef094f2--