1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
|
Return-Path: <theartlav@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id C2ACF2D
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 18 Jun 2018 18:34:40 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-lf0-f51.google.com (mail-lf0-f51.google.com
[209.85.215.51])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3AAB1E6
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 18 Jun 2018 18:34:40 +0000 (UTC)
Received: by mail-lf0-f51.google.com with SMTP id u5-v6so4944938lff.13
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 18 Jun 2018 11:34:40 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:from:date:message-id:subject:to;
bh=PqTNL4QQhFLtcvZaE1okvmLHSgR9F5nAVRwPxs8p4GE=;
b=FMctRfk/BBiC5Wqqqib980lxbadWNh2H53ZkzIG8QEpjHMJ68CTFtLrff6Kw/VeA6/
VHxstBGkpVvrIm/sRJsjJcEUij1TmYl3NdJipbmY8X5FCntaEujuTU4isbFFPM3+tuKJ
Z/8uqSK0rwKCqwj64b1f8DHMmehG5Q3/hUfxZX4Q7ti4h62xQTGnLxlq5aQ/EiCGKmC2
vhSs1yK0ITub/O4jCrQkwGK9C3+Ny48UerhwjaQq2xvjuyFKNfx3k8aE4+WyUinrTzG9
tEbSwt2DuKDjkqhuvU/SGRqvIeMyLVOBCLs+PtL50Ijt6UkHCMp7Lwm+zBL9Buago0z9
uf2g==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
bh=PqTNL4QQhFLtcvZaE1okvmLHSgR9F5nAVRwPxs8p4GE=;
b=O/2wbCSyP0UCQ0N1o0f0aSNNsqLYpvtPa0quHtw4fdSK8B12YkPkbCFUsooPvajm7p
UH9UNKPkMI36zSogPajh3X6Jyl8iiKaNi9aDXkqsjHwNWzdvUYds5431fVqFiWqZkD/G
/9f2MjNImogOpgZ9Y/GzeUrIQBSph33IzgJzbj6kA23e2EexqJODyCYTunCrZCnM2YZd
akUs1DslL5Su/NAPVDSvLBXDke+pHwjXXAFB+rMuhv+jUdn/LJiECq1cWFVIUU8H6brv
xbeAdn5dxMH3epiY/c/pBvR3gwbb88SYRMFX93+k9N9zbuEQffND0L2JH1ZlLRk8amXB
5c9A==
X-Gm-Message-State: APt69E0VLsBQBU+2DuZoukXfhrM0nGrcTiIpZ0GdnoNljXZEKkIpO6ht
Y6hN3SNAkE/qZQx/ucUUoCiqg3AF7zwCmPGcddU=
X-Google-Smtp-Source: ADUXVKIK0an3DQDd1E3F8wPWIkXSpYfXfZcnmRAVom9Okuje54ZDzChhO3rckykeGZ2s/xbEt3BvPSb1o0iTg20OVUw=
X-Received: by 2002:a19:f819:: with SMTP id a25-v6mr263649lff.33.1529346878259;
Mon, 18 Jun 2018 11:34:38 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a2e:8716:0:0:0:0:0 with HTTP; Mon, 18 Jun 2018 11:34:37
-0700 (PDT)
From: =?UTF-8?B?0JDRgNGC0ZHQvCDQm9C40YLQstC40L3QvtCy0LjRhw==?=
<theartlav@gmail.com>
Date: Mon, 18 Jun 2018 21:34:37 +0300
Message-ID: <CAJRVQkDM390Y4sVzA8WwM93PY4UqUa8gvPKkT-iA2UcYL6FQ+g@mail.gmail.com>
To: bitcoin-dev@lists.linuxfoundation.org
Content-Type: multipart/alternative; boundary="0000000000006ac6e7056eeed1c4"
X-Spam-Status: No, score=-1.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, FROM_EXCESS_BASE64,
HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Mon, 18 Jun 2018 18:39:05 +0000
Subject: [bitcoin-dev] Miner dilution attack on Bitcoin - is that something
plausible?
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2018 18:34:40 -0000
--0000000000006ac6e7056eeed1c4
Content-Type: text/plain; charset="UTF-8"
Dilution is a potential attack i randomly came up with in a Twitter
arguement and couldn't find any references to or convincing arguments of it
being implausible.
Suppose a malicious actor were to acquire a majority of hash power, and
proceed to use that hash power to produce valid, but empty blocks.
As far as i understand it, this would effectively reduce the block rate by
half or more and since nodes can't differentiate block relay and block
production there would be nothing they can do to adjust difficulty or black
list the attacker.
At a rough estimate of $52 per TH equipment cost (Antminer pricing) and
12.5 BTC per 10 minutes power cost we are looking at an order of $2 billion
of equipment and $0.4 billion a month of power costs (ignoring block
reward) to maintain an attack - easily within means of even a minor
government-scale actor.
Is that a plausible scenario, or am i chasing a mirage? If it is plausible,
what could be done to mitigate it?
-Artem
--0000000000006ac6e7056eeed1c4
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div><div><div><div><div>Dilution is a potential attack i =
randomly came up with in a Twitter arguement and couldn't find any refe=
rences to or convincing arguments of it being implausible.<br><br></div>Sup=
pose a malicious actor were to acquire a majority of hash power, and procee=
d to use that hash power to produce valid, but empty blocks.<br><br></div>A=
s far as i understand it, this would effectively reduce the block rate by h=
alf or more and since nodes can't differentiate block relay and block p=
roduction there would be nothing they can do to adjust difficulty or black =
list the attacker.<br><br></div>At a rough estimate of $52 per TH equipment=
cost (Antminer pricing) and 12.5 BTC per 10 minutes power cost we are look=
ing at an order of $2 billion of equipment and $0.4 billion a month of powe=
r costs (ignoring block reward) to maintain an attack - easily within means=
of even a minor government-scale actor.<br><br></div>Is that a plausible s=
cenario, or am i chasing a mirage? If it is plausible, what could be done t=
o mitigate it?<br><br><br></div>-Artem<br></div>
--0000000000006ac6e7056eeed1c4--
|