This lecture focusing on miner incentives and strategies. When someone decides to mine, there are options that a miner has to how they actually mine. It is not simply get hardware, cheap electricity, run and wish for good luck. Miners can be more choosy to determine which blocks they work on which is discussed in this lecture.
Questions answered in this Post:
- What is the miner default strategy?
- What are some of the deviations and how can you analyze it?
- What is a forking attack?
- And furthemore, what is a Goldfinger Attack?
- What is a forking attack through bribery mean?
- What exists in the blockchain to prevent this?
- What is a block-withholding attack?
- What is punitive forking and how is it different from feature forking?
Default Miner Behavior
I’ll describe below what are some of the considerations miners make when determining their strategy. Just to be clear, the job of a miner is to listen on the network for transactions and blocks as well as get ready to write a transactions into a block. A miner is unable to write and send out a valid block until they actual solve the mining puzzle though.
First, they have to determine which transactions to include in a block. Default behavir is any block above the minimum transaction fee. The second is which block to mine on top of. Usually this is the longest valid chain. The next is how to choose between colliding blocks. The miner picks the first block hear. The last is when to announce new blocks and by default, it should be immediately after finding one. From now, the lecturer jumps into different “attacks” which in my interpretations are deviations in behavior.
One factor that is key is “alpha” which is what percentage of mining power do you control. Depending on your power, this is tied to how well choosing a non-default strategy may be profitable.
Forking Attack: what is it?
This is the first of the non-default strategies. Forking has gotten more notice recently due to it causing large fluctuations in the price as well as the creation of BTCC. Additionally, within Ethereum, a fork is pending as a way to bring in new chagnes which Metropolis to improve scale.
The goal of a forking attack is to perform a double spend. Remember a double spend is when a set of coins is used in more than one transaction. It does not mean new coins are created but that you are using the same coins for two transactions and ultimately reneging on one of the transactions. This would be considered fraudalent behavior. An example is presented in the notes. This same miner will work on an earlier block (ideally about 6 blocks earlier) and transfer than same amount that was going to “Bob”, they will give the bitcoins to themselves. The lecturer brings up a point where this attack depends on the percentage of mining power that you hold.
A miner sends some funds to user (victim) “Bob”. It will likely appear to be in the longest chain. However the forking miner is up to something sneaky. The miner will start to write off another block, one that occurred 6 blocks earlier. The miner will create another transaction where they send bitcoin to another address that they own. If the miner has sufficient hash power (>.5), they will continue writing on this alternate chain making the chain with Bob invalid. Thus history gets rewritten so that the payment to Bob is invalid. The lecturer brings up the point that if you had traded Bob for something in the real world (Bob gives you a teddy bear, you give Bob bitcoin) you have now come out ahead. Also, it means that you keep whatever amount you had given Bob. Double win for yourself and effectively successfully completing a double spend.
Takeaways from the Forking Attack
To do this, you need to have considerable hash power ie greater than .5. He mentions that it may be possible with less due to network overhead and avoiding block collisions, though I have not researched this further. He does mention that 51% is not always sufficient to execute an attack, only that the probabiliy increases because completing an attack becomes easier. This attack is clearly detectable and could be reversed. Being reversed means that that the community decides to reject the newest alternative chain even if it is the longest. That strikes me as requiring quite a bit of coordination. He mentions that this double spend could completely crash the bitcoin exchange rate. This would be due to loss of confidence in bitcoin if a double spend successfully when through and thus through lack of trust or other emotional triggers, there would be a stop to buying bitcoin for fiat ultimtely crashing the coin. Kinda doomsday to me, and really something like this could have to traditional fiat currency as well pulling more people to use bitcoin. The reason is that if the triggers for this collapse are linked to human emotions and fear, really nothing is safe.
Goldfinger Attack
Goldfinger refers to the movie and is used to explain why someone would want to cause bitcoin to crash and burn. In the movie, the villian wanted to devalue the Fort Knox gold so that the villian would have control over the supply. Thus in the case of bitcoin, you would make a profit if you shorted bitcoin or if you had strong holdings in an alt-currency.
Forking through bribery
Forking through bribery is fairly straightforward to understand. Instead of requiring alpha or hash power be greater than 0.5, he mentions tat it may be easier just to temporarily buy someone off. I suppose you can just have some single serve friends meaning that this attack can be undertaken not by just billionaires. The lecturer then goes on to describe some payment methods such as phsyically handing someone fiat currency, run a mining pool at a loss to attract attention and “friends”, or by just leaving large tips in the blockchain. The core idea stays the same and they work just temporarily for you. These miners are not incentivized in the long run however perhaps individual miners may just want a temporary gain. Tragedy of the commons” is how he described it. According to wikipedia, with situatios of shared resources, it is a situation where individual actors can behavior opposite or maliciously to a common good due to their own shared interest. In this case, it would be short versus long term gain on which would be greater. If the miner truly did not care about bitcoin or the power of blockchain and did not want to miner for a long period of time, they would be better rewarded to align with malicious parties.
Prevention Mechanism: Checkpointing
Each version of the bitcoin client always releases with this checkpoint mechanism. The security safeguard locks-in the blockchain up to that point in history and rejects other chains. This does mean there is a central party who are deciding what is the valid blockchain but at the same time it’s the central party of bitcoin developers.
Block-withholding attack
Again, this was is self explanatory as well. As a miner, you do not announce the block right away. Instead, you “get ahead”, by finding two more in a row and thus the next time someone announce a block, you can just annoucne yours and create the longest block. At this point, it means all the work everyone else is doing is invalid/orphaned and you would be able to profit. It has the term “selfish mining” but that’s a misnomer according to the lecturer.
In the scenario, if you’re only ahead by 1 instead of 2, then you need to immediately push your hidden block and hope that people decide to choose yours. This creates a race condition since now there are two versions of the history and only the majority will prevail. The suprising characteristic to me was that this mechanism would work if you knew that you would always/in majority win that race condition race. The lecturer mentions that you need to have alpha over 25% to do this. Also, you could couple the other attacks like bribery to get ahead.
Punitive Forking
This mechanism is just vengeful. If someone just wants to blacklist transactions from a specific address, a miner can just refuse to mine on any chain with a transaction from X. This strategy realistically only works if you have alpha great than .5. However, I could see this as a strategy for future uses if government regulation came into play. Governments could easily just blacklist certain addresses that they knew were doing money laundering. This would be an extremely temporary solution since people could just keep changing addresses or not. If the ban was strong enough, the money could be stop gapped to a certain account for a longer period of time.
Feather-forking
This is similar to punitive is that it’s directed toward a certain address hwoever it is more practicaly. Instead of banning a address outright, you can refuse to mine directly on any block with a transaction from X however, you’ll remine after n confirming blocks. If you hold a alpha greater than some amount, you may be able to get others to join the blacklist because it induces an a^2 chance of losing a block. Since you’re transparent with this ban, it’s no secret if you’re doing this feather forking. Success depends on convincing others how likely you’ll actually fork the network.
Again, regulation and extortion could be used.
There was another case that miners can truly blacklist on any characteristic present in a block. THe lecturer brings up one where they may try to enforce a minimum transaction fee. That’s interesting and could work. According to what I’ve read, it’s on average $7.00. This already exists in that priority has to be greater than 0.576 as of May 2015 mentioned in the lecture.
I remember reading in Bloomberg where someone lost $70K due to gas fees in Ethereum. Clearly a miner was greatly compensated for their work.
Wrap up
In summary, just want to say this was quite a bit of information. Miners have incentives coming from everywhere yet most seem to follow a simple herd mentality whether due to laziness or lack of technical skills. There are game-theortic alternative strategies that perhaps have not been seen in the real world but would be interesting if they got out.