[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to main content

Majority Is Not Enough: Bitcoin Mining Is Vulnerable

  • Conference paper
  • First Online:
Financial Cryptography and Data Security (FC 2014)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8437))

Included in the following conference series:

Abstract

The Bitcoin cryptocurrency records its transactions in a public log called the blockchain. Its security rests critically on the distributed protocol that maintains the blockchain, run by participants called miners. Conventional wisdom asserts that the mining protocol is incentive-compatible and secure against colluding minority groups, that is, it incentivizes miners to follow the protocol as prescribed.

We show that the Bitcoin mining protocol is not incentive-compatible. We present an attack with which colluding miners obtain a revenue larger than their fair share. This attack can have significant consequences for Bitcoin: Rational miners will prefer to join the selfish miners, and the colluding group will increase in size until it becomes a majority. At this point, the Bitcoin system ceases to be a decentralized currency.

Unless certain assumptions are made, selfish mining may be feasible for any group size of colluding miners. We propose a practical modification to the Bitcoin protocol that protects Bitcoin in the general case. It prohibits selfish mining by pools that command less than \(1/4\) of the resources. This threshold is lower than the wrongly assumed \(1/2\) bound, but better than the current reality where a group of any size can compromise the system.

This research was supported by the NSF Trust STC and by DARPA.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Subscribe and save

Springer+ Basic
£29.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
GBP 19.95
Price includes VAT (United Kingdom)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
GBP 35.99
Price includes VAT (United Kingdom)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
GBP 44.99
Price includes VAT (United Kingdom)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

Notes

  1. 1.

    The criterion is actually the most difficult chain in the block tree, i.e., the one that required (in expectancy) the most mining power to create. To simplify presentation, and because it is usually the case, we assume the set difficulty at the different branches is the same, and so the longest chain is also the most difficult one.

  2. 2.

    The rate at which the new Bitcoins are generated is designed to slowly decrease towards zero, and will reach zero when almost 21 million Bitcoins are created. Then, the miners’ revenue will be only from transaction fees.

  3. 3.

    In alphabetical order.

References

  1. andes: Bitcoin’s kryptonite: the 51% attack, June 2011. https://bitcointalk.org/index.php?topic=12435

  2. Andresen, G.: March 2013 chain fork post-mortem. BIP 50. https://en.bitcoin.it/wiki/BIP_50. Accessed September 2013

  3. Araoz, M.: Proof of existence. http://www.proofofexistence.com/. Accessed September 2013

  4. Babaioff, M., Dobzinski, S., Oren, S., Zohar, A.: On Bitcoin and red balloons. In: ACM Conference on Electronic Commerce, pp. 56–73 (2012)

    Google Scholar 

  5. Barber, S., Boyen, X., Shi, E., Uzun, E.: Bitter to better — how to make Bitcoin a better currency. In: Keromytis, A.D. (ed.) FC 2012. LNCS, vol. 7397, pp. 399–414. Springer, Heidelberg (2012)

    Google Scholar 

  6. Bitcoin community: Bitcoin source. https://github.com/bitcoin/bitcoin. Accessed September 2013

  7. Bitcoin community: protocol rules. https://en.bitcoin.it/wiki/Protocol_rules. Accessed September 2013

  8. Bitcoin community: protocol specification. https://en.bitcoin.it/wiki/Protocol_specification. Accessed September 2013

  9. bitcoincharts.com: Bitcoin network. http://bitcoincharts.com/bitcoin/. Accessed November 2013

  10. blockchain.info: Bitcoin market capitalization. http://blockchain.info/charts/market-cap. Accessed January 2014

  11. Chaum, D.: Blind signatures for untraceable payments. In: CRYPTO, vol. 82, pp. 199–203 (1982)

    Google Scholar 

  12. Decker, C., Wattenhofer, R.: Information propagation in the Bitcoin network. In: IEEE P2P (2013)

    Google Scholar 

  13. Eyal, I., Sirer, E.G.: Bitcoin is broken (2013). http://hackingdistributed.com/2013/11/04/bitcoin-is-broken/

  14. Eyal, I., Sirer, E.G.: Majority is not enough: Bitcoin mining is vulnerable (2013). arXiv preprint arXiv:1311.0243

  15. Felten, E.W.: Bitcoin research in Princeton CS, November 2013. https://freedom-to-tinker.com/blog/felten/bitcoin-research-in-princeton-cs/

  16. Kelkar, A., Bernard, J., Joshi, S., Premkumar, S., Sirer, E.G.: Virtual notary. http://virtual-notary.org/. Accessed September 2013

  17. King, S.: Primecoin: cryptocurrency with prime number proof-of-work (2013). http://primecoin.org/static/primecoin-paper.pdf

  18. King, S., Nadal, S.: PPCoin: peer-to-peer crypto-currency with proof-of-stake (2012). https://archive.org/details/PPCoinPaper

  19. Kroll, J.A., Davey, I.C., Felten, E.W.: The economics of Bitcoin mining or, Bitcoin in the presence of adversaries. In: Workshop on the Economics of Information Security (2013)

    Google Scholar 

  20. Lee, T.B.: Four reasons Bitcoin is worth studying, April 2013. http://www.forbes.com/sites/timothylee/2013/04/07/four-reasons-bitcoin-is-worth-studying/2/

  21. Litecoin Project: Litecoin, open source P2P digital currency. https://litecoin.org. Accessed September 2013

  22. Miers, I., Garman, C., Green, M., Rubin, A.D.: Zerocoin: anonymous distributed e-cash from Bitcoin. In: IEEE Symposium on Security and Privacy (2013)

    Google Scholar 

  23. Nakamoto, S.: Bitcoin: a peer-to-peer electronic cash system (2008)

    Google Scholar 

  24. Namecoin Project: Namecoin DNS - DotBIT project. https://dot-bit.org. Accessed September 2013

  25. Narayanan, A., Miller, A.: Why the Cornell paper on Bitcoin mining is important, November 2013. https://freedom-to-tinker.com/blog/randomwalker/why-the-cornell-paper-on-bitcoin-mining-is-important/

  26. Neighborhood Pool Watch: October 27th 2013 weekly pool and network statistics. http://organofcorti.blogspot.com/2013/10/october-27th-2013-weekly-pool-and.html. Accessed October 2013

  27. Pacia, C.: Bitcoin mining explained like you’re five: part 1 - incentives, September 2013. http://chrispacia.wordpress.com/2013/09/02/bitcoin-mining-explained-like-youre-five-part-1-incentives/

  28. RHorning, mtgox, btchris, ByteCoin: mining cartel attack, December 2010. https://bitcointalk.org/index.php?topic=2227

  29. Ron, D., Shamir, A.: Quantitative analysis of the full Bitcoin transaction graph. In: Sadeghi, A.-R. (ed.) FC 2013. LNCS, vol. 7859, pp. 6–24. Springer, Heidelberg (2013)

    Google Scholar 

  30. Rosenfeld, M.: Analysis of Bitcoin pooled mining reward systems (2011). arXiv preprint arXiv:1112.4980

  31. Swanson, E.: Bitcoin mining calculator. http://www.alloscomp.com/bitcoin/calculator. Accessed September 2013

  32. Vishnumurthy, V., Chandrakumar, S., Sirer, E.G.: Karma: a secure economic framework for peer-to-peer resource sharing. In: Workshop on Economics of Peer-to-Peer Systems (2003)

    Google Scholar 

  33. Wikipedia: List of cryptocurrencies. https://en.wikipedia.org/wiki/List_of_cryptocurrencies. Accessed October 2013

  34. Yang, B., Garcia-Molina, H.: PPay: micropayments for peer-to-peer systems. In: Proceedings of the 10th ACM Conference on Computer and Communications Security, pp. 300–310. ACM (2003)

    Google Scholar 

Download references

Acknowledgements

We are grateful to Raphael Rom, Fred B. Schneider, Eva Tardos, and Dror Kronstein for their valuable advice on drafts of this paper, as well as our shepherd Rainer Böhme for his guidance.

Author information

Authors and Affiliations

Authors

Corresponding author

Correspondence to Ittay Eyal .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and permissions

Copyright information

© 2014 International Financial Cryptography Association

About this paper

Cite this paper

Eyal, I., Sirer, E.G. (2014). Majority Is Not Enough: Bitcoin Mining Is Vulnerable. In: Christin, N., Safavi-Naini, R. (eds) Financial Cryptography and Data Security. FC 2014. Lecture Notes in Computer Science(), vol 8437. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-662-45472-5_28

Download citation

  • DOI: https://doi.org/10.1007/978-3-662-45472-5_28

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-662-45471-8

  • Online ISBN: 978-3-662-45472-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics