Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 78E92D63 for ; Mon, 18 Jun 2018 20:40:44 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f67.google.com (mail-wm0-f67.google.com [74.125.82.67]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id BE3F4326 for ; Mon, 18 Jun 2018 20:40:43 +0000 (UTC) Received: by mail-wm0-f67.google.com with SMTP id v16-v6so16265113wmh.5 for ; Mon, 18 Jun 2018 13:40:43 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chia-net.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=SYziJtVX+QrP4HhjUjyM0geZVmkmMI0W3GYBwA2/BtA=; b=gDPjYVJcrBfg2hwSSu9DfL+yIu4m1JWERlUkMzudr53778rQBvPSWYcMZXmXBwO5jU 9FKIkKuA7U8nFSK+oVJwOUh8ioaI2LtP1FAksFWGH99wdAZEB5qxf8+ZcGQlYaXTZXBF 7xpgsW0H6ybF4WgRCW9sO3lqhBVqCnd8EqHHWUgiqjGup9KHWN0ZeMzwsbve+XMW5Nt6 jDoeBn6huU+YNQ8ZX2j/nJIarORVbGDroyXT2OoUwTfs5bAW6eLFg2PsaAbgEYhB/rzM otqhjKCmCJBr3C5tE9zfd8Uvz1ul0DHAFe8gcy+/j4RwB2yo/+VylClG5Fnrjqgp7nN5 hmAQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=SYziJtVX+QrP4HhjUjyM0geZVmkmMI0W3GYBwA2/BtA=; b=SPTCUy6x0RmBkZwLkjiIIy1koMR58srN711lU0Pf+10/LjuUT5C/UfDXr+cXzrAm06 B8lvj/Ll8KbePifscD0i4NPPMbXyT3xg0Wee1CLk1k43/TYQG5dzGVVR+OOqBrQANhS3 fCOOUHV4qqMoAx4o7YOa7KShnxaEf63LQCEf40jRO1pzTmMKvNHJmW8OkqVHW+yiopSO xS1m9rdYGNT8IMImAad1L4j4330a6Oha/p3nUuUFXZ5dQtX8pxZTtaesGtZPqhAcjuLT 0Fk59HEPX41546Z2b61ftBzvOuu9Wham10god1ExwG/Yw+7reMZZXKpdqVpo2CFqO1WJ IEMQ== X-Gm-Message-State: APt69E3q1Xdpk9Gayih3LtzOH9WSu8H2DcLkip7YS3ouDXCWlNTqaeY9 qIJ///rx5+MyJFF+71ydo5b22q/0JAyh4sqtkZh6Ag== X-Google-Smtp-Source: ADUXVKJINYdpZMe2FxliUO19czQvBgecI44m929c14YoVlAA/dv7t7vmQ0wrjgRistasxbHsp8x7TTWi8ckADQUnmUI= X-Received: by 2002:a1c:ae8b:: with SMTP id x133-v6mr10407152wme.125.1529354442180; Mon, 18 Jun 2018 13:40:42 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Bram Cohen Date: Mon, 18 Jun 2018 13:40:26 -0700 Message-ID: To: theartlav@gmail.com, Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000431fc5056ef094f2" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Mon, 18 Jun 2018 20:43:27 +0000 Subject: Re: [bitcoin-dev] Miner dilution attack on Bitcoin - is that something plausible? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 18 Jun 2018 20:40:44 -0000 --000000000000431fc5056ef094f2 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Not sure what you're saying here. The block rate can't be particularly increased or decreased in the long run due to the work difficulty adjustment getting you roughly back where you started no matter what. Someone could DOS the system by producing empty blocks, sure, that's a central attack of what can happen when someone does a 51% attack with no special countermeasures other than everything that Bitcoin does at its core. An attacker or group of attackers could conspire to reduce block sizes in order to increase transaction fees, in fact they could do that with a miner activated soft fork. That appears both doable and given past things which have happened with transaction fees in the past potentially lucrative, particularly as block rewards fall in the future. Please don't tell the big mining pools about it. On Mon, Jun 18, 2018 at 11:39 AM =D0=90=D1=80=D1=82=D1=91=D0=BC =D0=9B=D0= =B8=D1=82=D0=B2=D0=B8=D0=BD=D0=BE=D0=B2=D0=B8=D1=87 via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Dilution is a potential attack i randomly came up with in a Twitter > arguement and couldn't find any references to or convincing arguments of = it > being implausible. > > Suppose a malicious actor were to acquire a majority of hash power, and > proceed to use that hash power to produce valid, but empty blocks. > > As far as i understand it, this would effectively reduce the block rate b= y > half or more and since nodes can't differentiate block relay and block > production there would be nothing they can do to adjust difficulty or bla= ck > list the attacker. > > At a rough estimate of $52 per TH equipment cost (Antminer pricing) and > 12.5 BTC per 10 minutes power cost we are looking at an order of $2 billi= on > of equipment and $0.4 billion a month of power costs (ignoring block > reward) to maintain an attack - easily within means of even a minor > government-scale actor. > > Is that a plausible scenario, or am i chasing a mirage? If it is > plausible, what could be done to mitigate it? > > > -Artem > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --000000000000431fc5056ef094f2 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Not sure what you're saying here. The block rate can&#= 39;t be particularly increased or decreased in the long run due to the work= difficulty adjustment getting you roughly back where you started no matter= what. Someone could DOS the system by producing empty blocks, sure, that&#= 39;s a central attack of what can happen when someone does a 51% attack wit= h no special countermeasures other than everything that Bitcoin does at its= core. An attacker or group of attackers could conspire to reduce block siz= es in order to increase transaction fees, in fact they could do that with a= miner activated soft fork. That appears both doable and given past things = which have happened with transaction fees in the past potentially lucrative= , particularly as block rewards fall in the future. Please don't tell t= he big mining pools about it.

On Mon, Jun 18, 2018 at 11:39 AM =D0=90=D1=80=D1=82=D1=91=D0=BC = =D0=9B=D0=B8=D1=82=D0=B2=D0=B8=D0=BD=D0=BE=D0=B2=D0=B8=D1=87 via bitcoin-de= v <bitcoin-dev@= lists.linuxfoundation.org> wrote:
Dilution is a potential att= ack i randomly came up with in a Twitter arguement and couldn't find an= y references to or convincing arguments of it being implausible.

Suppose a malicious actor were to acquire a majority of hash power, and = proceed to use that hash power to produce valid, but empty blocks.

<= /div>As far as i understand it, this would effectively reduce the block rat= e by half or more and since nodes can't differentiate block relay and b= lock production there would be nothing they can do to adjust difficulty or = black list the attacker.

At a rough estimate of $52 per TH equ= ipment cost (Antminer pricing) and 12.5 BTC per 10 minutes power cost we ar= e looking at an order of $2 billion of equipment and $0.4 billion a month o= f power costs (ignoring block reward) to maintain an attack - easily within= means of even a minor government-scale actor.

Is that a plaus= ible scenario, or am i chasing a mirage? If it is plausible, what could be = done to mitigate it?


-Artem
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--000000000000431fc5056ef094f2--