
How to Destroy Bitcoin with 51% - tonyztan
https://medium.com/@homakov/how-to-destroy-bitcoin-with-51-pocked-guide-for-governments-83d9bdf2ef6b
======
tristanj
It's worth mentioning there's no need for 51+% control of hashrate to execute
this double spend attack. It's very possible to execute one with minority
control however success is not guaranteed. With 20% control of hashrate an
attacker would have a 2.33% chance of executing a double spend attack. Even at
10% control, the attack is still possible (0.059% success rate). At 40%
control, the attacker has a near coinflip for success (49.30%).

Probabilities come from this paper which has a table about double spending on
page 10.
[https://bitcoil.co.il/Doublespend.pdf](https://bitcoil.co.il/Doublespend.pdf)

------
amluto
Wow, what an uncreative attack. Let's say you control decently over 51% of
mining power and want to destroy bitcoin. What do you do?

Keep in mind that this gives you two significant powers. First, you can more
or less unilaterally dictate the new consensus blockchain, subject to the
usual constraints that you can't create transactions that weren't
appropriately signed. That is, you can't spend other people's money or
directly destroy it. Second, you have a limited ability to _replace_ the
consensus with something else.

The first power, by itself, allows you to block certain transactions from ever
occurring. You could pick some subset of coins and prevent them from being
spent. This could be targetted against exchanges, random users, or maybe even
be based on geography. The goal (according to the article) is presumably to
undermine confidence.

The second power can be used a lot more insidiously than just double-spending
your own coins. How about tracking all inbound transfers to some exchange over
some period of time and then undoing them? Now that exchange is out a lot of
coins. For extra fun, could use your consensus-choosing power to effectively
lock down the coins that you just stole from the exchange so their original
owners don't have them either.

There are probably even more interesting things you could do, too.

~~~
w-ll
Anyone can track Bitcoin transactions; That IS the blockchain. Undoing them
will just result in a chain that they are still in the original wallets keys,
you STILL cant steal them. And the window for doing this is likely an hour or
2 at tops, but still very unlikely.

An exchange might credit you on a few confirmed blocks, but after 6 (an hour)
its pretty much confirmed, and any withdraws on the same chain will fail once
the 51% attack is over.

~~~
gpm
You didn't steal them for you, you stole them for the original owner who tried
to transfer them to the exchange.

In theory with 51% hashing power you could undo exchanges going back as long
as you want, as long as you dedicated your entire hashing power to doing so
from the point you are trying to revert to. You will get the longer chain so
once you publish it it will take over. In practice I'm not sure if there are
controls against very old forks from coming in and becoming the 'right one'.

~~~
w-ll
No, it is the exchanges who's coins are "stolen", but still not really.

51% hashing doesn't allow you to `undo exchanges going back as long as you
want`. There is a small time frame with exchanges/merches that accept <6 block
confirmations that a transaction could be reversed. And if a fork in the chain
is happens (it does more often than not that 2 blocks get made and 1 is
orphaned,) all other miners switch to the longer chain as soon as a fork is
detected.

~~~
amluto
You seem to be assuming that, once 6 confirmations have happened, a
transaction is set in stone. This isn't true at all. It's true that, once 6
confirmations have happened, a transaction is highly unlikely to disappear in
the absence of the 51% attack, but the whole point here is that we're assuming
that a 51% attack is occurring.

------
tlrobinson
The Bitcoin community seems to be doing a pretty good job of destroying itself
right now, and I say that as a long time (cautiously optimistic) believer in
Bitcoin.

The division, infighting, toxic and dogmatic rhetoric, etc make me wonder if
there’s an external force attempting to disrupt Bitcoin.

Or perhaps it’s just the inevitable outcome of a leaderless/decentralized
project with billions of dollars on the line.

~~~
matt_wulfeck
> _The division, infighting, toxic and dogmatic rhetoric, etc make me wonder
> if there’s an external force attempting to disrupt Bitcoin._

I would say the force has a name, and it’s “Pride”.

~~~
deevolution
Actually, I think the force is called natural selection. The blockchain is
kind of like DNA and these branches represent evolutions.

------
gpm
Messing with exchange accounts and buying BTC seems unnecessary. Just take
your 51% and mine a dozen blocks privately with no transactions repeatedly and
replace the head of the blockchain with them. Suddenly _everyone else_ does
the double spending for you, which apart from making it less work, will do a
lot more damage to trust.

To ruin trust even more effectively sell double spending as a service. Let
people pay you to not include transactions in your split chain.

------
juskrey
China can just firewall all its bitcoin nodes for a day or two and return them
back. Do this several times and Western nodes will be very very tired rolling
back everything..

~~~
banku_brougham
i think this is the prize winning strategy. elegantly simple, almost amusing
like a child turning a light switch on and off, with deadly purpose however.

Well actually, a lot depends on what the miners do when they are locked out.

------
stale2002
Uhhhhh, so this guys "brilliant" attack vector that he came up with was a 51%
attack?

The same attack that is literally spelled out in the bitcoin whitepaper and
has been known about from day one?

He didn't even add anything interesting on top of it. He just said "get 51% of
miners, and then double spend".

Nor did he even discuss the ways of mitigating a 51% attack. If the network
was being attacked, what I would do is wait for more than 6 Transactions to go
on the network, before considering them "final".

In a worse case scenario of a sustained 51% attack, the users could simply
change the Proof Of Work algorithm (which is a hard fork).

It wouldn't be 'great' but it allows the currency to survive. Now the
government has to spend more and more money going on the attack.

Bitcoin works because of this economic game theory. Yes, it is possible to
attack the network. This is well known. The reason why it doesn't happen is
because attacking the network is EXPENSIVE, and can't last forever.

~~~
viraptor
> the users could simply change the Proof Of Work algorithm

"Simply"? You're saying that an attacker having >51% hashing power on current
system wouldn't benefit further from: a) user base splitting between forks (if
block structure was changed), or b) all current ASICs dropping off the network
(if the using method was changed).

> Now the government has to spend more and more money going on the attack.

They would have direct access to chip fabs and money to throw at it. Or just
laws available to stop production (mining is illegal now).

~~~
stale2002
> They would have direct access to chip fabs and money to throw at it.

And every time they make chips and attack the network, the users change the
POW or move to a different altcoin.

There are even crytocurrencies that don't use A Proof Of Work algorithm, and
use something called proof of stake (which means that the current holders of
the coin get to vote on what happens.). Hows the government going to stop
THAT? Buy up all the votes? And THEN buy up all the new Proof of Stake coins
that ever get created?

> Or just laws available to stop production (mining is illegal now).

What people need to understand that it is no enough to 'just' destroy the
current version of bitcoin. The government would need to destroy EVERY version
of bitcoin, and EVERY altcoin, all at once, now and forever. And then ever
single other NEW crytocurrency that people create.

And not only that, but the government would have to do it EVERYWHERE. It is
not enough for 'just' china to ban mining. Every country in the world would
have to ban it, because if there is a single country that doesn't ban it, or
is ineffective, then everyone would just trust THAT altcoin.

The government can't even stop online piracy. Hows it going to convince every
government, all around the world, to stop something that most people believe
is perfectly OK?

Like, fine, if the world governments somehow convince 90% of the population
that Crytocurrencies are somehow as bad as child porn, then MAYBE they have a
slim hope of stopping them. But I Think that this goal is extremely unlikely
to be successful.

~~~
viraptor
You don't need to stop it everywhere and every time. If Bitcoin stops being
the main cryptocurrency, the exodus will drop the value drastically. That
means people will lose _a lot_ of real money. Maybe the second major currency
will be still popular. The later ones will be "why bother". Proof of stake
will be more interesting, but there's nothing major popular yet.

That's the huge difference from things like piracy. Govs can't decrease the
value of movies already out there, or make new ones less desirable. They can
do that to ideas like Bitcoin though.

------
matt4077
The bitcoinbros really have to get over their fixation on "the government".

Here's the real pocket guide for governments: "If they get annoying, make it
illegal"

"Bitcoin enthusiasts" are completely delusional, holding both an inferiority
complex (constant fear) as well as a superiority complex vis-a-vis
"governments".

In reality, governments mostly just don't care. Then, of far lesser
importance, they're mildly intrigued by the concept. Meanwhile, some interns
are doing a few things to handle some stuff that came up. Like pensioners
giving their savings to ICOs.

------
matt_wulfeck
IIRC, there was a time when just a few large pools were crossing over into the
51% threshold, thus control of the network if they got wise to it. Does anyone
know what happened to that? What are the largest pool control stakes now?

------
AlexCoventry
Perhaps you could inflict more mayhem by shutting down the miners under your
control for two weeks, waiting for the difficulty to drop, and then undoing
all transactions from the prior month.

~~~
w-ll
1728 Bitcoin are minted a day right now (next halving in 2020 ), lets say you
have 50% mining so ~900 btc a day. Thats ~4.5M at a 5k BTC. Sure you double
the transaction confirmation time but the transactions won't be undone. You
might have a chance to mine blocks twice as quick after the difficulty
adjusts, but still no long term effects.

------
ploggingdev
There's an easier way to destroy the value of Bitcoin (temporarily) if China
wanted to : pass a law banning mining.

I don't think China would risk trying to carry out a 51% attack though, what
would the economic fallout of that be long term? Would any country or
individual trust China after such a public attack? Worth noting that a lot of
US based companies are built around Bitcoin (exchanges, payment processors
etc) and the US government won't sit around watching billions of dollars being
destroyed. Compared to the US, China is not known for being an aggressor in
matters beyond it's borders so this behaviour would be pretty shocking to the
rest of the world and will affect the perception of the country. The cons
outweigh whatever little benefit destroying Bitcoin would bring, so that's not
going to happen.

