
On Mining - jc123
https://blog.ethereum.org/2014/06/19/mining
======
sirdogealot
Satoshi planned for this 51% mining attack problem, and so far we're ok.

His premise was that if a miner ever grew so large as to be capable of
performing a 51% attack, that they would have so much wealth invested in the
Bitcoin network that they would never dare try anything.

The Bitcoin network is GHash's golden egg laying goose.

The Bitcoin network is entirely safe in GHash's hands imho.

The only real worry comes in when the 51% miner is a bad actor.

>at 35% hashpower and 3 confirmations, this means that GHash can currently
steal altcoins from an altcoin exchange with 15.6% success probability – once
in every six tries.

Yes, but come on. They never would. Would Bill Gates jump into an active
volcano to pick up a penny? Even if he had a 15.6% of picking up that penny
without dying a fiery death?

>So what if, for the sake of example, GHash gets over 51% again and starts
launching 51% attacks (or, perhaps, even starts launching attacks against
altcoin exchanges at 40%)? What happens then?

I'll bite. The ~75% of GHash's mining power that is being pointed at GHash by
regular Bitcoin ASIC miners who are enjoying their 0% fees and merged mining
drops off overnight. Their domain names are DDOSd at a record breaking level
for weeks on end, and every other pool adopts a modified bitcoind that hard-
forks (erases) any damange GHash might have caused.

GHash is left with a few thousand nearly worthless Bitcoin (because the
USD/BTC value would tank on their 51% attack news) and they are also left
without the possibility to basically print themselves free money until the end
of time.

~~~
euank
I find your claims that "worry comes in when a 51% minor is a bad actor" and
"safe in GHash's hands" to be conflicting.

All it takes is one bad actor at GHash, as supposedly happened with the
gambling incident, and suddenly you've got a problem again.

Just because GHash is successful now does not mean they won't change. Let's
imagine a future where CEX.io decides to ditch GHash. GHash no longer has any
form of profit (0-fee pool) and thus has no incentive to remain honest.

Satoshi's logic, that a large minor would have a selfish interest to be
honest, actually completely falls down when it comes to mining pools. Mining
pools have massive power, and yet (in this case) get 0 profit. GHash could
easily have nothing invested in bitcoin while still having control of a large
gashing power.

Now on to the other things you said. "Would Bill Gates ... for a penny?" is a
terrible analogy. For one, this isn't a penny. 51% attacks could allow GHash
to steal millions and extort further. They would also allow someone with a
vendetta against bitcoin do do real damage... And the risk isn't nearly as
severe as jumping in a volcano. A more relevant analogy might be "Would a
company commit tax fraud on the order of a million dollars and risk being
caught" (yes many have) or "would an executive steal from the company he works
at and, when they notice, cut and run."

Your theoretical for what happens on a 51% attack is also silly. There would
be signs of some attacks (like consistent double spending on high-confirmation
things), but other attacks like extortion-for-inclusion could be silent for as
long as the victims don't speak up. Furthermore, people wouldn't leave
overnight.. not that many did when GHash performed attacks the last time. In
addition, people are highly unlikely to change. Things won't drop off over
night. They weren't DDOSed last time. Your entire speculation is
optimistically assuming there won't be significant doubt and inertia... and
betting against human lazyness is rarely a good idea.

Finally, you assume GHash is left with nearly worthless bitcoins. Well, sort
of. The extortion could lead to them being paid in anything. If the entire
company decided to do an attack they'd obviously sell all bitcoins first so
any new bitcoins gained through any attack would be pure profit (and wouldn't
be worthless for at least several hours until someone notices and news
spreads). Furthermore, each employee of GHash that is capable of causing such
an attack to occur might not have any bitcoins, even if GHash does.

I think that your defense of GHash is flawed, especially considering they've
behaved badly in the past. and your arguments in general aren't strong.

I see it as fully plausible that if they maintain 51% hashing power for an
extended period of time, a bad employee might modify their code for their own
profit and then GHash will plead ignorance when it's discovered and carry on.
I also see it as fully plausible that if GHash decides to close shop at over
51% they'll choose to go out with a bang and do what thievery and damage they
can on the way out.

I fully agree with the article that this is a problem.

------
yoha
> Decentralization, n. The security assumption that a nineteen year old in
> Hangzhou and someone who is maybe in the UK and maybe not have not yet
> decided to collude with each other.

With parentheses:

> Decentralization, n. The security assumption that (a nineteen year old in
> Hangzhou and (someone who is maybe in the UK and maybe not)) have not yet
> decided to collude with each other.

~~~
14113
I think it should be more like: > Decentralization, n. The security assumption
that a nineteen year old in Hangzhou and someone who is maybe in the UK (and
maybe not) have not yet decided to collude with each other.

If you read your version using the rule that a parenthesised section
represents an individual thought _that can be removed_ , yours reads as: >
Decentralization, n. The security assumption that have not yet decided to
collude with each other.

Which makes no sense.

~~~
lvh
GP was using parentheses as a grouping construct, as in a programming
language, in which case it makes total sense.

------
kator
That was a great write-up. I've avoided BTC from the start because I always
figured someone would commit the algos to silicon and crush everyone else.
That said I'm doubtful there is such thing as a ASIC resistance system in
anything that has a direct economic value to highly-repeated calculation
ratio. Many years ago people would say of graphics systems "You'll never get X
poly's/second" etc. But then gaming came along and all those hungry 3d gamers
kept buying more and more powerful GPU's. Then data sciences came along and
said "wow we can use these GPU's" and onward marches the power of the GPU. I
have lived to see so many things over the years go from "impossible" to
"common place" in technology.

Another thought that came to mind several times over the years is that China
or USA could spool up enough hardware to swamp the BTC networks and crash
them. If you think about advancements in these ASIC's and how cheap power can
be to large governmental organizations all that is missing is the incentive to
attack BTC. I take the recent slow but steady recognition of BTC by various
governments with a certain cynical grain of salt. I think others see these
things as proof that BTC is getting more generally accepted, but I see them as
very large and powerful entities thinking, "If you can't beat them join 'em".
It's entirely possible that these steps are more about staying closer to the
enemy then being friends with BTC.

When I read this article making claims about heat and electricity being major
blockers to centralization I started to think about how google and facebook
have been solving these problems with amazing success in the last couple of
years. Imagine an "BTC Factory" in a nice cold climate where power is cheap
and labor to maintain the facility is cheap. If BTC continues to grow and
become predictably tradable for other currencies then these farms could be
built with great ease. All we're lacking here is a VC who sees 15% as a
reasonable return and a handful of nerds who don't mind building the worlds
most powerful mining environment in a 505,000 sq ft facility in North
Carolina. Of course this would be a massive investment and could signal an
amazing time for BTC or it could signify the centralization of a decentralized
process that destroys the original dreams of BTC and yet again puts the people
with the most power (literally) in control.

The only thing that stands between today and that potential future are forward
thinking people trying to keep the BTC concept alive and continuing to improve
what is today's state of art to stay ahead of tomorrow's state of art. I'm
still on the sidelines watching but am enjoying the show!

~~~
mrb
Such a farm has already been built:
[http://imgur.com/a/CcIhX](http://imgur.com/a/CcIhX) and
[https://www.datacenterdynamics.com/focus/archive/2014/02/bit...](https://www.datacenterdynamics.com/focus/archive/2014/02/bitcoin-
mining-firm-building-10mw-sweden-data-center)

10 megawatt. In Sweden. Datacenter should be at full capacity by now, so ~10
petahash/sec (= 10% of the global Bitcoin network) assuming ~1 watt per
Ghash/sec. My numbers are all +/-30% depending on how much hw is 28nm (KnC's
Jupiter systems) vs 20nm (Neptune).

~~~
kator
Who was it that said "If you can imagine it most likely someone else has
already built it"...

~~~
GigabyteCoin
I do not know, but they're surely not a true HNer with that attitude!

What a boring website this would be if we all thought like that.

------
freework
One thing people keep forgetting: GHash.io is not a single entity. GHash is
made up of miners who choose to be there. It is very easy for a miner to
switch to another pool.

~~~
norswap
This is stated quite prominently in the article.

------
fryguy
The thing I don't understand about the "50% attacks" is that they should be
detectable. There's legitimately going to be a transaction on the bitcoin
network, and then a ghash.io block is going to show up that invalidates it by
spending the input. For the lower percentage ones, there's going to be an
orphaned chain with a different set of transactions.

~~~
gojomo
Absolutely, if pursued with intent, they'll be very evident. That doesn't
_necessarily_ mean you can do anything (inside the protocol) against them. The
orphaned chain could be the victim of a 51% attack – or a failed attempt at a
51% attack, or an inadvertent side-effect of network lags. But by design, to
converge on a shared serialized history, nodes eventually trust the longest
chain as the winner-as-chosen-by-hashpower.

To have nodes consensually adopt some other chain, you'd need some other nice
converging criteria for preferring a shorter chain. Those are hard without
adopting some other centralizable or monopolizable authority role (like
trusted timestamping).

------
gglon
One missing factor in the article is the source of energy. Free energy can be
easily obtained from renewable sources like wind farms since as a result of
wind variance only some fraction of generated power can be practically
utilized. Variance is very different around the world making it difficult to
centralize.

Though miners would then work only for 20% of their time making it feasible
once electricity will be about 5 times more expensive than equipment.

Therefore the sooner we will reach state of the art equipment, the better. And
for simple SHA it is much easier to reach the limits imposed by physics than
for CPU.

~~~
pauletienney
__Free __energy can be easily obtained from renewable sources = it seems you
solved one of biggest problem in history. How come renewable = free ?

~~~
gglon
I mean it is free for farm owners, since as of today they have nothing better
to do with extra energy that is produced in good conditions. So it is
basically wasted.

------
martiuk
As P2P mining pools are becoming more prominent, these situations should
eventually stop happening, since P2P pools are themselves decentralised.

~~~
drcode
As vbuterin states in the post, it's unlikely P2P will ever get a significant
market share, given the current incentives.

------
danbmil99
This sounds like news from an alien planet.

