News 

A New Approach to Thwarting “Selfish” Bitcoin Miners


Selfish mining is an attack on the Bitcoin network that has been known to be possible for several years. By propagating new blocks slowly (on purpose or by accident), a loophole is opened for miners to unfairly increase their profits in relation to other miners.

However, researchers Cyril Grunspan and Ricardo Pérez-Marco claim that by broadcasting the presence of orphan blocks, selfish mining can become a thing of the past.

Grunspan, a professor at Paris’ ESILV graduate school of engineering, and Pérez-Marco, the director of research at the National Center for Scientific Research (CNRS) in Paris, have authored a report on the costs of selfish mining and its profitability, which they believe have been largely ignored by the Bitcoin community. As former mathematicians, both men were introduced to Bitcoin in 2011 and developed a lasting taste for it. The authors have worked hard to increase awareness and adoption throughout France and recently organized the Paris Cryptofinance Seminar, which took place in October 2018.

Speaking with Bitcoin Magazine, Pérez-Marco describes selfish mining as a “block-withholding strategy,” and says it was first discovered in 2012 in the BitcoinTalk Forum. Rogue (selfish) miners do not publish mined blocks as indicated by the Bitcoin protocol, but instead try to build an advantage with respect to the official blockchain so they can invalidate a maximum number of honest blocks when releasing their secret chain.

Pérez-Marco says the duo has made two main contributions to the analysis of this problem.

“The first one is to build a correct model for the profitability of the strategy that was lacking, based on the iterative games (inspired from other gambling problems) that account for the profit and loss per unit of time.”

Based on this model, Pérez-Marco says that without a difficulty adjustment, the honest mining strategy still ranks as the most profitable one, as selfish mining tends to be a somewhat costly procedure.

Thus, it follows that most selfish miners do not attack the Bitcoin network itself, but rather attack the difficulty adjustment algorithm, making it easier for them to garner equal rewards with honest miners while using less computing power.

“From this, it became clear that a major bug in the Bitcoin protocol resides in the difficulty adjustment formula,” he comments.

The second contribution they’ve made involves using “martingale theory” to compute the exact formulas for the profitability once the difficulty adjustment formula is accounted for. Martingale is an algebraic principle in which the values of all random variables are equal to each other, so the value of X1+X2 would be equal to Y1+Y2 and Z1+Z2.

“We could also derive new closed-form formulas for the profitability of other block-withholding strategies, like stubborn mining or trail mining that were only studied before numerically,” Pérez-Marco says.

He and his counterpart Grunspan believe an improvement to the Bitcoin protocol to make it immune to selfish mining is necessary. In the paper, the authors introduce a method that they claim can divert many of the effects of selfish mining.

“It is all very simple, indeed,” Pérez-Marco asserts. “Since the damage of selfish mining is done by invalidating or orphaning honest blocks to lower the difficulty artificially, it would be enough to examine this wasted hash rate in the formula for the adjustment of difficulty. We propose a way to do that. Then, the selfish miner will not be able to lower the difficulty, and his strategy will remain non-profitable compared to honest mining.”

In the document, the proposed countermeasures involve peers broadcasting headers of new orphan blocks. These are blocks that get validated but are not included on the official blockchain, and thus represent wasted hash power. Miners then incorporate these headers into their blocks, and the difficulty adjustment formula then integrates the overall production of orphan blocks.

“In this way, the difficulty parameter reflects the true and total hash rate of the network as it was intended by Satoshi Nakamoto,” Pérez-Marco states. “The theorem we proved — that without difficulty adjustment, all other non-honest strategies are non-profitable strategies — is a remarkable fact. To prove this theorem, there was a need for a proper analysis of the profitability. It is hard to imagine how Nakamoto could have foreseen this.”

Pérez-Marco believes that, in the long term, the Bitcoin network will steady itself, and no difficulty adjustments will be necessary. He refers to this idea as the “Bitcoin Stability Theorem” and says that, by using the analysis of their paper, developers can propose BIPs that prevent selfish mining and other block-withholding strategies in the future.

To view their full report, click here.



Source link

Related posts