Best miners for Bitcoin
Paramount Pictures / Aurich Lawson
Researchers at Cornell University have published a paper detailing what they see as a vulnerability in Bitcoin's protocol. Ittay Eyal and Emin Gün Sirer of Cornell's Department of Computer Science say Bitcoin is vulnerable to "selfish mining"—an attack by one or more members of the Bitcoin network who try to computationally corner the supply of bitcoins and control their flow.
"This attack can have significant consequences for Bitcoin, " Eyal and Sirer wrote. "Rational miners will prefer to join the selfish miners, and the colluding group will increase in size until it becomes a majority. At this point, the Bitcoin system ceases to be a decentralized currency."
The Bitcoin community has been discussing the possibility of this sort of attack, sometimes known as a "cartel" attack, for over three years. But the risk in the past has been largely downplayed for one simple reason: it would require an attacker to have more computing power at his or her disposal than the rest of the Bitcoin network combined. The Cornell researchers' paper outlines a new strategy to the attack that still would require control of a significant number of the "nodes" in Bitcoin's transaction processing network, but it takes a different route to control—exploiting the rational behavior (and greed) of other miners.
Hi ho, hi ho, it’s off to mine we go
Bitcoins are created, or "mined, " by computers as they perform the cryptographic process of handling others' Bitcoin transactions and adding them to Bitcoin's "block chain"—a public record of previous Bitcoin transfers. The mining ensures that individuals can't re-use the same bitcoins they've previously spent, and those performing the mining are rewarded with bitcoins of their own. Transactions are normally doled out for processing randomly among the available mining "nodes."
Many of the attacks on traders in the Bitcoin currency have been your usual type of Internet skullduggery—malware, phishing, and hacking into Bitcoin "banks" to purloin others' bitcoins. Last year, hackers made off with $228, 000 worth of bitcoins after knocking over the trading site Bitcoinica, gaining access to its Web host, and grabbing traders' whole "digital wallets" from the server.
But those who want the really big money—or just want to throw the entire Bitcoin economy into disarray—might want to find a way to break into the virtual treasury of the system by taking control of how bitcoins are minted. There have been many ways that would-be Bitcoin millionaires have tried to influence the flow of those transactions, including going as far as launching distributed denial of service attacks against other miners to keep them from advertising their availability to mine transactions.
"Selfish mining" takes the goal of redirecting Bitcoin traffic to a higher level by attempting to essentially take control of the entire network. In a selfish or cartel mining attack, a group of colluding miners keeps their own transactions within the nodes they control. When the group detects a transaction from outside the colluding pool, it publishes a previous version of the "block" the transaction is tied to all at the same time—essentially making its version the trusted one, rolling back the transaction, and keeping the person responsible for originally mining the transaction from claiming a Bitcoin reward.
This is possible because the current Bitcoin mining protocol calls for miners to only broadcast the first version of a transaction "block chain" it receives of a certain length. If the selfish pool manages to push out enough of its own versions of transactions to other nodes in the network, it will eventually overwhelm other miners' versions. That would give the colluding miners control of the network and deliver all Bitcoin rewards for mining to themselves.