
Ghash.io very close to 51% of bitcoin pool - randartie
https://bitcointalk.org/index.php?topic=406152.0
======
pron
I don't know much about the particulars of BitCoin mechanics, but the general
spirit of this story seems like a natural evolvement of any unregulated
organization. People who favor unregulated markets/societies dislike the
concentration of power in the hands of a central authority, but the reality is
that in any social system _there will always be concentration of power_ in the
hands of the few. I've read a hypothesis[1] that it was this dynamics that
propelled the neolithic revolution (the transformation of humans from nomadic
hunters-gatherers to settled farmers): most people suffered as consequence
(hunger, disease, less leisure), but a few benefitted greatly.

The same thing happened in the American Gilded Age. In that period of
unprecedented (and largely unregulated) growth, much of the US population
became quickly enslaved by a few members of an elite group, later called the
robber barons (Rockefeller, Frick, JP Morgan, Vanderbilt, Carnegie, Mellon et
al.), and it took tremendous efforts by the American press and then by
President Roosevelt (the first) to partially dismantle that semi-feudal
structure and strengthen the central government, to free the populace from the
stranglehold of the robber barons.

While a central power can be abusive, it is almost always better than feudal
oligarchy, at least if it is governed more-or-less democratically.

So while BitCoin is an algorithm intended to avoid a single organizing entity,
it is no replacement for a social pact, enforced politically by some fair
means. Perhaps a better algorithm could somehow prevent any sort of
concentrated power, but I doubt it. The desire for power (even with the best
of intentions) is so essential to humans, that it probably cannot be
circumvented by technology alone.

[1]:
[http://www.newyorker.com/reporting/2011/12/19/111219fa_fact_...](http://www.newyorker.com/reporting/2011/12/19/111219fa_fact_batuman?currentPage=all)

~~~
simbyotic
"In that period of unprecedented (and largely unregulated) growth, much of the
US population became quickly enslaved by a few members of an elite group,
later called the robber barons (Rockefeller, Frick, JP Morgan, Vanderbilt,
Carnegie, Mellon et al.)"

You ought to rethink what you define as "enslavement". As far as I am aware,
neither Rockefeller, nor JP Morgan, nor Carnegie "enslaved" the US population
when they helped transform the by then agrarian nation into the industrial and
economic powerhouse it later became. They didn't use force, as far as I am
aware, in their dealings and the wealth of their achievements certainly wasn't
created at the expense of those who didn't.

~~~
cwp
Did the robber barons kidnap people from Africa, ship them across the sea in
chains and force them to work by whipping them if they didn't? No.

Still, have you ever heard the song "Sixteen Tons?"[1] You might recognize the
lines "another day older and deeper in debt" and "I owe my soul to the company
store." It's about the life of a coal miner in Kentucky. Those lines refer to
a system where the company paid its workers in vouchers that they could use to
buy food and clothing from the company store. Prices at the company store were
higher than the workers could afford on the wages they received, but since
they didn't get cash they didn't have the option to buy elsewhere. So they'd
buy on credit and gradually build up a debt to the company that they had no
way to pay off.

Is that slavery? Perhaps not technically, since the workers weren't owned by
the company and couldn't be sold. But they didn't have many choices, either.
They were basically stuck doing a fixed amount of work each day in exchange
for food and lodging. Sounds an awful lot like slavery in practice.

[1] Obligator wikipedia link -
[https://en.wikipedia.org/wiki/Sixteen_Tons](https://en.wikipedia.org/wiki/Sixteen_Tons)

~~~
simbyotic
Having to work to each day for food and lodging is like slavery in practice?
That a preposterous notion.

Whether you live in a desert island, a small village with no water or
electricty, or New York, you will still have to face the practical demands of
your survival, of which food and lodging are the primary - in the sense that
they are the most immediate,- but not your only, concerns. Whether by hunting
and killing your own food, or buy buying it from the supermarket, the facts
are the same: you have to work for your survival, it is not guaranteed by
nature. And for myself,if I may, I take having to work so I can buy my
favorite food and drink at the supermarket every day over having to savagely
hunt and kill the food I eat.

------
philrapo
In 2011, Jed McCaleb pointed out that bitcoin mining pools can collude. So in
fact, Bitcoin _is based on trust_... it is based on trust that mining pools
are not colluding against you.

His idea was to make this trust explicit. And that's the birth of Ripple.
Ripple's consensus process is predicated on trust that other entities are not
colluding against you.

The Ripple protocol is not subject to the 51% attack that Bitcoin is subject
to. Making entries in the ledger has nothing to do with computational power.

\-----

Link to the 2011 discussion that spawned Ripple:
[https://bitcointalk.org/index.php?topic=10193.msg146250#msg1...](https://bitcointalk.org/index.php?topic=10193.msg146250#msg146250)

EDIT: Adding a link explaining Ripple's consensus process for making changes
to a shared ledger:
[https://ripple.com/wiki/Consensus](https://ripple.com/wiki/Consensus)

~~~
goldenkey
Nice try Phil. Please get your Ripple propaganda off of HN. Ripple currency,
XRP, is magicked up by Ripple Corp which owns nearly all of it and is the
purest form of a pyramid scheme.

~~~
knowaveragejoe
Just to play devil's advocate here, is there any proof to that claim?

~~~
jplewicke
I don't have a dog in this fight, but Ripple Labs did set things up so they
would start off with all the network currency, and still own the majority of
it:
[http://en.wikipedia.org/wiki/Ripple_(payment_protocol)#XRP](http://en.wikipedia.org/wiki/Ripple_\(payment_protocol\)#XRP)
.

~~~
philrapo
That's correct. From Ripplelabs.com:

"Because Ripple’s new architecture does not require mining [to reach
consensus], the creators of Ripple faced a choice: exclusively distribute XRP
via mining or diversify distribution methods to include useful mining,
business development, funding third-party developers, and hiring talent at
Ripple Labs, the company responsible for improving upon and promoting the
Ripple protocol."

XRP is currently distributed via the "Computing for Good" program:

"We’re giving away XRP in exchange for donating computing power to scientific
research via World Community Grid. Anyone with an Internet-connected computer
or Android device can participate."

link: [https://www.computingforgood.org/](https://www.computingforgood.org/)

------
TomGullen
If a pool has control of >50% of the hashing power, it means that they _could_
do damaging things to the Bitcoin network as far as I understand.

People will explain that it's not in the pools interest to do this, but it's
missing the point. The pool is now a potential weapon, with a very small
number of people in control. This means they are now a potential weapon
against Bitcoin, and if someone external wanted to hurt Bitcoin GHash.io might
be a good starting point to do this of which there are many ways to
potentially realise this goal (blackmail, hacking, bribery, covert seizing of
control etc)

The more pools there are, and the more evenly the hashing power is ditributed
amongst these pools the safer it is for everyone who has interests in Bitcoin.

Peer-to-peer decentralised pools to me sound like an excellent way to mitigate
this sort of risk, and I think it's important. Consolodation of pool hashing
power I beleive is a natural inevitable market force. One pool has to be
objectively the best and will attract the most miners. From what I gather, p2p
pools are a fairly large technical challenge and the question still remains as
if they can still compete with centralised pools with regards to efficiency
and reliability (profitability).

~~~
btown
With Bitcoin as popular as it is, it would be an increasingly lucrative
strategy to short BTC, damage the network, re-buy low, and undo the damage.
Sure, this is sort of a one-time use weapon, but there's no reason to believe
that GHash.io's operators are in this for the long haul - perhaps, in the
words of that amazingly catchy television commercial, they "need cash now."

~~~
josu
It is currently pretty much impossible to short large quantities of bitcoins.
Besides, such an attack would probably crash the whole system which could
render the potential shorts useless. Too much uncertainty for anything that
big.

I really can't see the way for anybody to benefit from a 51 attack. However, a
potential attack will probably be a black swan, which will make it
"impossible" to foresee for 99% of us, so the fact that there isn't any clear
way to benefit from it, doesn't actually mean that there isn't a way.

------
jobeirne
Folks are missing an important point here about the incentives of a pool
majority (that I recall Satoshi mentions in the original whitepaper[0]): even
if a particular agent has a majority in the mining network, it isn't in their
interest to upset trust in a system that they have such a large investment in.

Where would the sense be in taking the risk to undermine public trust in BTC
for a short-term gain like modifying a few transactions when you have such a
large stake in the system?

[0]: [http://bitcoin.org/bitcoin.pdf](http://bitcoin.org/bitcoin.pdf)

~~~
dragontamer
[https://bitcointalk.org/index.php?topic=327767.0](https://bitcointalk.org/index.php?topic=327767.0)

I dunno, maybe to double-spend their coins? GHash.IO has been accused of
double-spending in the past. Reaching 51% will enable them to double-spend
their coins.

If GHash.IO really cared about BTC, they would stop before they reached
majority stake in the Hashrate. All other pools in the past have purposefully
gimped their hashrate in these situations.

A pool reaching 51% _is_ undermining the trust of the BTC system. Period.
GHash.IO apparently doesn't care however.

\---------------

Furthermore, as the thread I linked to suggests, GHash.IO attempted to double-
spend against BetCoin back when they only had 24%. This isn't a theoretical
problem, these guys actually are trying to double-spend bitcoins.

~~~
oakwhiz
>All other pools in the past have purposefully gimped their hashrate in these
situations.

This has even occurred with altcoins (which are often widely believed to be
pump-and-dump schemes) where a pool gets too close to 51% and voluntarily
makes an effort to reduce their hashrate (either by blocking new signups,
issuing fewer work units, etc.)

------
joosters
There's no safety even if GHash.io is below 50%. How can we tell that GHash.io
and BTCGuild aren't already colluding? They have 61% between them.

~~~
legutierr
Even without that collusion, if you control 40% you still have a high
probability of pulling off a double-spend attack. My recollection (sorry, I
don't have a link, so I might be wrong) is that someone somehow associated
with GHash.io already pulled something like this off when they were still
below 30%

~~~
patio11
c.f.
[https://bitcointalk.org/index.php?topic=327767.0](https://bitcointalk.org/index.php?topic=327767.0)

------
casca
For a very good (if long) explanation about Bitcoin in general and why this
information is potentially relevant to the progress of Bitcoin -
[http://www.michaelnielsen.org/ddi/how-the-bitcoin-
protocol-a...](http://www.michaelnielsen.org/ddi/how-the-bitcoin-protocol-
actually-works/)

------
andyjohnson0
Could someone with knowledge of Bitcoin explain what happens when a share of
the pool hits 51%? Is this dangerous in some way?

Edit: Thanks to those who took the time to explain. Very interesting.

~~~
darkFunction
The pool operators could launch 'double spend' attacks. Essentially with > 50%
of the hashing power, a bad operator is able to generate a chain faster than
the rest of the network. They can hold back this longer chain in secret,
execute some transactions on the _honest_ chain, then broadcast their chain
(which doesn't have those transactions included) to the network. The network
will use the evil chain since it is the longest, and since those transactions
are not included, whoever accepted them beforehand has been ripped off.

It worries me that it's this hard to convince miners to leave a pool. If I
wanted to kill Bitcoin and had a few million to spare, I'd open a pool with no
fees PLUS a bonus of 1 or 2% from my own pocket. Good luck getting people to
leave that pool.

~~~
jackgavigan
There are rumours that that double-spend attacks have already been tried or
experimented with by someone linked to the Ghash.io pool:
[https://bitcointalk.org/index.php?topic=327767.0](https://bitcointalk.org/index.php?topic=327767.0)

------
chaosmatic
If you check [https://blockchain.info/pools](https://blockchain.info/pools)
Ghash.io is back down to 39% of blocks created, which is still big, but not as
scary.

A good explanation is due to the random variation in the who the block is a
awarded to.

~~~
NickSharp
The chart you link is over the past 4 days.

In the past 24 hours, they are still at 41%.

Although I agree there's bound to be a bit of random fluctuation.

~~~
TomGullen
It's dropping nicely, down to 39% over last 24 hours.

------
X4
Can someone please explain what Ghash.io and BTCGuild are? I have checked both
homepages and subpages, but still don't understand what it is. Ghash.io wants
me to download a binary, the other one talks about a "mining pool". Can't
figure what that even means..

 _Disclaimer: Bitcoin noob here_

~~~
TomGullen
You can mine Bitcoin on your computer. The chance of discovering a 'block' and
receiving the 25 BTC reward are however very low as it's very competitive.
Mining solo, you're playing an 'all or nothing' game and you could run for
months, even years without earning any reward.

Pools are collections of people who mine Bitcoin. When a block is discovered
by someone in the pool, the reward is shared amongst everyone who is in the
pool relative to their contributed hashing power (often minus a small fee for
the pool operator).

Ghash.io is the largest pool, and the member of the pool control a good 35-45%
of total hashing power on the Bitcoin network. A pool with >50% the total
hashing power is bad, because the operators in charge of the pool could carry
out malicious acts on the Bitcoin network without any members of the pool
being aware they are contributing to these acts.

~~~
X4
Oh that's completely new to me. I thought that mining means that I need to let
the PC run for hours to get some BTC someone send to me. Is the mining you're
mentioning unrelated to another one sending your BTC?

Can anyone _" lucky"_ enough receive 25 BTC from nowhere, is that what you
mean by `25 BTC reward`?

How can people share a "computer cluster"/minin pool (that is what you mean
right?). Do you mean that one person or company owns such a huge cluster and
let's all members share 'virtually' a single 'Bitcoin wallet'?

 _I 'm not really that familiar with it, sorry for the nooby questions._

~~~
masklinn
"Mining" is basically brute-forcing a value (the proof of work). Whoever
stumbles on that value gets a previously agreed-upon bounty awarded, currently
25 BTC.

A lone miner has a very low chance of finding the value, but will get the full
25 BTC. In a pool, a number of miners combine their computational power, and
if the pool finds the value they get awarded a fraction of the bounty
corresponding to the amount of work they did (the number of possible values
they checked). E.g. if A, B and C are in a pool, A verified 140 values, B
verified 100, C verified 10 and one of them (who it was isn't supposed to
matter) they'll get respectively 14, 10 and 1 BTC. If they had not been in a
pool, one of them would have gotten 25 and the others 0. So being in a pool
reduces your payout, but increases the chances that you get a regular payout.

------
jpalomaki
Why ghash.io is so popular? Is their some specific reason for mining in GHash
pool instead of some other?

~~~
aestra
EDIT: I'm talking in general. I mine litecoins (and sometimes other alt
coins), not bitcoins, so that's what I'm most familiar with.

Big pools are popular for a number of reasons:

1) Lots of hashing power means lots of blocks found means more payment more
often, even if it is less coins. People get impatient and leave smaller pools
if they aren't getting paid right away.

2) Network effect. It's the first Google search result. This might be the
biggest factor.

3) Probably more reputable, so I'll probably get paid too, most pools have
honest operators but some can shut down shop and take coins people haven't
cashed out yet and run or do other shady things.

4) Probably less downtime, beefier hardware.

I don't know the specifics of GHash in particular if there's anything that
makes it more appealing.

------
mseebach
Ghash.io is "just" a pool. For them to do anything scary, all the members
would need to collude, right? Or can the pool "direct" the mining in such a
way that eg. double-spending can happen without the consent of individual
miners?

Obviously, the second there's evidence of double spending or similar, any
value of Bitcoin will disappear as dew on a summer morning and the value of
all the ASIC gear with it - so there is a very strong incentive for each
individual miner to refuse to participate.

~~~
haakon
None of their miners have to collude in any way; scary stuff is entirely up to
the pool operator to execute and the miners won't even know that they're
helping until it has happened.

At this point it's tempting to consider just mining for this pool as
collusion, however. GHash.io have been known to abuse their mining power to
double-spend already. Miners are not showing much will to leave for other
pools, however. It's a dire situation.

~~~
belluchan
> It's a dire situation.

Hoards of people dump insane amounts of money into a new, unproven and
unstable currency technology. What could go wrong?

~~~
VMG
Mining power can centralize -- there are some solutions to this. One of them
is [https://en.bitcoin.it/wiki/P2Pool](https://en.bitcoin.it/wiki/P2Pool)

------
VMG
It might already be considering that there is a substantial proportion that is
"unknown" mining power:
[https://blockchain.info/pools](https://blockchain.info/pools)

On the other hand, the heuristics of blockchain.info do determine block
ownership are not perfect either:
[https://bitcointalk.org/index.php?topic=123726.0;all](https://bitcointalk.org/index.php?topic=123726.0;all)

~~~
drcongo
Can you explain what the threat is please?

~~~
smtddr
[http://www.cryptocoinsnews.com/2014/01/09/warning-ghash-
io-n...](http://www.cryptocoinsnews.com/2014/01/09/warning-ghash-io-
nearing-51-leave-pool/)

\---The attacker can----:

Reverse transactions that he sends while he’s in control

Prevent some or all transactions from gaining any confirmations

Prevent some or all other generators from getting any generations

Double spend Bitcoins

\---The attacker cannot---:

Reverse other people’s transactions

Prevent transactions from being sent at all (they’ll show as 0/unconfirmed)

Change the number of coins generated per block

Create coins out of thin air

Send coins that never belonged to him

~~~
michaelmior
Is there really a practical difference between double spending and generating
coins out of thin air? I can just duplicate coins by sending to two wallets I
control. Or is there something that would prevent me from later spending some
of those coins?

~~~
nano_o
I think that they would not be able to do that: only one of the two
transactions could be in the longest correct block-chain. That's because it is
easy for the clients to detect and reject a block-chain that contains double
spending. What they can do is pay for goods or services and revert the
transaction after the goods or services have been delivered.

------
mrfusion
With all the concern over double spending, I'm wondering doesn't double
spending happen frequently?

It seems like all you'd have to do is make two transactions within a short
time period like < 1 second. Doesn't this happen from time to time?

~~~
nwh
That's why nobody should be accepting transactions with no confirmations.

~~~
mrfusion
Right, but surely it happens, no?

~~~
nwh
Yes, but it's really at the parties risk.

------
philliescurt
[https://bitcointalk.org/index.php?topic=26656.msg334463#msg3...](https://bitcointalk.org/index.php?topic=26656.msg334463#msg334463)

------
blazespin
1\. Buy millions of alt crypto coins (e.g., PPC which is less vulnerable to 51
attack), 2\. destroy BTC by getting 51% control of hash pool, 3\. profit.

~~~
darkFunction
What?

~~~
bigdubs
i think what is implied there is a potential plan to make tons of money by
destroying bitcoin in favor of an alternative coin you've heavily invested in.

------
oakwhiz
I'm doing my part by moving my altcoin mining capacity over to Bitcoin pools.
Not much, but every little bit reduces ghash.io's share.

------
alecsmart1
I don't understand the forum thread. Can someone please explain it in layman
terms?

------
morphar
OMG it is NSA trying to eradicate Bitcoin!!! :-P

------
Nux
Wish I could filter out the bitcoin news.

~~~
lmb
You can: [http://hn-filter.appspot.com/#preset=bitcoin](http://hn-
filter.appspot.com/#preset=bitcoin)

------
Kiro
I don't understand anything. What's going on?

