Hacker News new | past | comments | ask | show | jobs | submit login

Except they don't "control" the blockchain. They just have a bit more leverage about which transactions are included in future blocks. That's not optimal, but still a far cry from complete control.



Aren't most (including bitcoin) cryptocurrencies ledger confirmed by the continued confirmation of current hashing powers?

That's at least what I understood the 51% attack to be.

Basically have >50% quorum and you can just add any transaction to the shared ledger

If this is actually done, the currency's with would be basically done for, so unlikely that anyone would do that


You can't 'just add any transaction', the transaction has to follow the rules of the protocol (such as respecting prior owners of coins, respecting the total number of coins in circulation, etc) otherwise the block will be ignored (no matter how much work it has attached).

The general technical audience tends to greatly overestimate the amount of power that a 51% attack has. A 51% attack can only do two basic things:

1. prevent certain transactions from making it onto the chain (somewhat expensive) 2. re-write history so that previously confirmed transactions are no longer on the chain (quite expensive - increasingly expensive the further back in time you rewind)

You can't change the rules of the system, you can't arbitrarily steal funds from users, you can't change the inflation rate, etc.


It wouldn't necessarily be done for because you can't steal coins with a 51% attack. You can double spend and block transactions, which is not the end of the world.


The distinction between "steal coins" and "double spend" is academic at best, though. In practice, in a double spend you are either lucky to be getting "free coins" stolen from deflation/inflation or the double spend is caught, unwound, and someone is designated the "loser" that lost money in the transaction. Either way meets many practical user definitions of "stolen coins".


You don't have the power to cause inflation. There is a material difference between stealing coins and double spending. Stealing coins implies you can rewrite anyone's balance to be your own balance.

Double spending requires having counterparty, confirming a transaction with that counterparty, and then re-writing history to eliminate the transaction that the counterparty accepted. Coins that aren't in motion during the 51% attack can't be stolen, and coins that are in motion but aren't being sent from the attacker also can't be stolen.


If someone can double spend or block transactions, that's pretty much the end of the network if no-one can do anything to it.


But you can do something against it - wait. Basically a double-spend in 2 concurrent latest blocks is doable. N blocks down significantly harder. So the more valuable the transaction, the longer you want to wait to make sure it's not going to be a double-spend.


Additionally, we can also detect deep double-spends very easily!

When a double-spend occurs, usually it's from a deep chain reorg. This is what people usually refer to as a double-spend attack, not the kind of reorg where it only affects a few of the top blocks (which isn't uncommon). The latter occur relatively frequently due to the nature of Proof-of-Work being essentially a race.

Consensus mechanisms can detect when a sudden "deep" reorg occurs, e.g. a sudden reorg of 200 blocks that we didn't previously expect to be reordered. When this happens, it's relatively safe to say that this is a double-spend attack and we can disregard the attacker's chain. There's variations of this that additionally add things like "checkpointing" wherein reorgs beyond a certain block depth (the "checkpoint") are impossible at the consensus level.

There's a lot to critique about blockchain tech, but miner centralization is a relatively dated concern. Yes, it's a concern for many blockchains, but for the major Proof-of-Work chains (Bitcoin, Ethereum), it's not an issue anymore.


Also on Hacker News right now is Escaping the Dark Web[1], about a coordinated effort to mint & publish some blocks without front-runners stealing all the work & claiming a big contract for themselves.

Leverage, control. There's some play for what term we use to define the imbalance of these systems. But it sure seems like large, amassed forces have enormous sway over many of these systems, to the point where they can act as they want & are incentivized to do so with other large malfeasants.

[1] https://samczsun.com/escaping-the-dark-forest/


> about a coordinated effort to mint & publish some blocks without front-runners stealing all the work & claiming a big contract for themselves.

Wow, I have no idea how you read that really awesome article and concluded with such a response as this.

The article demonstrates how the authors were able to collaborate with miners to safely secure $9M worth of tokens due to a security vulnerability in a smart contract on a public blockchain where anyone could figure out the vulnerability and execute it before they could secure the funds.

Being upset that a miner is able to pick transactions that they want to include in their block demonstrates a clear lack of knowledge in how these distributed databases (blockchains) work and any critique similar to this can be disregarded.


> Being upset that a miner is able to pick transactions that they want to include in their block demonstrates a clear lack of knowledge in how these distributed databases (blockchains) work and any critique similar to this can be disregarded.

I think me & the author both identified exactly how dangerous it is that large powerful forces in these pools can pick & choose which transactions they want to win.

The author had to go peer with others to make their own large coordinated/centralized pool to try to make sure they had some chance of winning.

Agreed that this was a public contract, & they managed to save the bacon via this coordination. But it's amazing how user-hostile it is trying to get anything done in these distributed environments. The power is enormously shifted to the hands of the large players. In many ways, a centrally managed but observable is a higher trust, higher security, more user-supporting system than these distributed systems.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: